Merge branch 'main' of https://github.com/formbricks/formbricks into feature/mail-from-name

.env.example

@@ -97,9 +97,6 @@ PASSWORD_RESET_DISABLED=1
 # Organization Invite. Disable the ability for invited users to create an account.
 # INVITE_DISABLED=1
 
-# Docker cron jobs. Disable the supercronic cron jobs in the Docker image (useful for cluster setups).
-# DOCKER_CRON_ENABLED=1
-
 ##########
 # Other  #
 ##########
@@ -188,9 +185,7 @@ ENTERPRISE_LICENSE_KEY=
 UNSPLASH_ACCESS_KEY=
 
 # The below is used for Next Caching (uses In-Memory from Next Cache if not provided)
-# You can also add more configuration to Redis using the redis.conf file in the root directory
-REDIS_URL=redis://localhost:6379
-REDIS_DEFAULT_TTL=86400 # 1 day 
+# REDIS_URL=redis://localhost:6379
 
 # The below is used for Rate Limiting (uses In-Memory LRU Cache if not provided) (You can use a service like Webdis for this)
 # REDIS_HTTP_URL:
@@ -207,10 +202,5 @@ UNKEY_ROOT_KEY=
 # AI_AZURE_EMBEDDINGS_DEPLOYMENT_ID=
 # AI_AZURE_LLM_DEPLOYMENT_ID=
 
-# INTERCOM_APP_ID=
+# NEXT_PUBLIC_INTERCOM_APP_ID=
 # INTERCOM_SECRET_KEY=
-
-# Enable Prometheus metrics
-# PROMETHEUS_ENABLED=
-# PROMETHEUS_EXPORTER_PORT=
-

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -1,7 +1,6 @@
 name: Bug report
 description: "Found a bug? Please fill out the sections below. \U0001F44D"
 type: bug
-labels: ["bug"]
 body:
   - type: textarea
     id: issue-summary

.github/workflows/apply-issue-labels-to-pr.yml

@@ -5,9 +5,6 @@ on:
     types:
       - opened
 
-permissions:
-  contents: read
-
 jobs:
   label_on_pr:
     runs-on: ubuntu-latest
@@ -18,13 +15,8 @@ jobs:
       pull-requests: write
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Apply labels from linked issue to PR
-        uses: actions/github-script@211cb3fefb35a799baa5156f9321bb774fe56294 # v5.2.0
+        uses: actions/github-script@v5
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |

.github/workflows/build-web.yml

@@ -12,12 +12,7 @@ jobs:
     timeout-minutes: 30
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/dangerous-git-checkout
 
       - name: Build & Cache Web Binaries

.github/workflows/chromatic.yml

@@ -11,24 +11,19 @@ jobs:
     name: Run Chromatic
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+      - uses: actions/setup-node@v4
         with:
           node-version: 20
       - name: Install pnpm
-        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+        uses: pnpm/action-setup@v4
       - name: Install dependencies
         run: pnpm install --config.platform=linux --config.architecture=x64
       - name: Run Chromatic
-        uses: chromaui/action@c93e0bc3a63aa176e14a75b61a31847cbfdd341c # latest
+        uses: chromaui/action@latest
         with:
           # ⚠️ Make sure to configure a `CHROMATIC_PROJECT_TOKEN` repository secret
           projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}

.github/workflows/cron-surveyStatusUpdate.yml

@@ -18,11 +18,6 @@ jobs:
       CRON_SECRET: ${{ secrets.CRON_SECRET }}
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: cURL request
         if: ${{ env.APP_URL && env.CRON_SECRET }}
         run: |

.github/workflows/cron-weeklySummary.yml

@@ -7,9 +7,6 @@ on:
   schedule:
     # Runs “At 08:00 on Monday.” (see https://crontab.guru)
     - cron: "0 8 * * 1"
-permissions:
-  contents: read
-
 jobs:
   cron-weeklySummary:
     permissions:
@@ -19,10 +16,6 @@ jobs:
       CRON_SECRET: ${{ secrets.CRON_SECRET }}
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481
-        with:
-          egress-policy: audit
       - name: cURL request
         if: ${{ env.APP_URL && env.CRON_SECRET }}
         run: |

.github/workflows/dependency-review.yml

@@ -1,27 +0,0 @@
-# Dependency Review Action
-#
-# This Action will scan dependency manifest files that change as part of a Pull Request,
-# surfacing known-vulnerable versions of the packages declared or updated in the PR.
-# Once installed, if the workflow run is marked as required,
-# PRs introducing known-vulnerable packages will be blocked from merging.
-#
-# Source repository: https://github.com/actions/dependency-review-action
-name: 'Dependency Review'
-on: [pull_request]
-
-permissions:
-  contents: read
-
-jobs:
-  dependency-review:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - name: 'Checkout Repository'
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0

.github/workflows/e2e.yml

@@ -43,21 +43,16 @@ jobs:
           --health-timeout=5s
           --health-retries=5
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/dangerous-git-checkout
 
       - name: Setup Node.js 20.x
-        uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3.8.2
+        uses: actions/setup-node@v3
         with:
           node-version: 20.x
 
       - name: Install pnpm
-        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+        uses: pnpm/action-setup@v4
 
       - name: Install dependencies
         run: pnpm install --config.platform=linux --config.architecture=x64
@@ -117,7 +112,7 @@ jobs:
 
       - name: Azure login
         if: env.AZURE_ENABLED == 'true'
-        uses: azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0
+        uses: azure/login@v2
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -135,14 +130,14 @@ jobs:
         run: |
           pnpm test:e2e
 
-      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+      - uses: actions/upload-artifact@v4
         if: always()
         with:
           name: playwright-report
           path: playwright-report/
           retention-days: 30
 
-      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+      - uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: app-logs

.github/workflows/labeler.yml

@@ -4,9 +4,6 @@ on:
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true
-permissions:
-  contents: read
-
 jobs:
   labeler:
     name: Pull Request Labeler
@@ -15,12 +12,7 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0
+      - uses: actions/labeler@v4
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
           # https://github.com/actions/labeler/issues/442#issuecomment-1297359481

.github/workflows/lint.yml

@@ -12,11 +12,6 @@ jobs:
     timeout-minutes: 15
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - uses: ./.github/actions/dangerous-git-checkout
 

.github/workflows/pr.yml

@@ -50,10 +50,6 @@ jobs:
       checks: write
       statuses: write
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481
-        with:
-          egress-policy: audit
       - name: fail if conditional jobs failed
         if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'skipped') || contains(needs.*.result, 'cancelled')
         run: exit 1

.github/workflows/prepare-release.yml

@@ -0,0 +1,62 @@
+name: Prepare release
+run-name: Prepare release ${{ inputs.next_version }}
+
+on:
+  workflow_dispatch:
+    inputs:
+      next_version:
+        required: true
+        type: string
+        description: "Version name"
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  prepare_release:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+
+      - uses: ./.github/actions/dangerous-git-checkout
+
+      - name: Configure git
+        run: |
+          git config --local user.email "github-actions@github.com"
+          git config --local user.name "GitHub Actions"
+
+      - name: Setup Node.js 20.x
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
+        with:
+          node-version: 20.x
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2
+
+      - name: Install dependencies
+        run: pnpm install --config.platform=linux --config.architecture=x64
+
+      - name: Bump version
+        run: |
+          cd apps/web
+          pnpm version ${{ inputs.next_version }} --no-workspaces-update
+
+      - name: Commit changes and create a branch
+        run: |
+          branch_name="release-v${{ inputs.next_version }}"
+          git checkout -b "$branch_name"
+          git add .
+          git commit -m "chore: release v${{ inputs.next_version }}"
+          git push origin "$branch_name"
+
+      - name: Create pull request
+        run: |
+          gh pr create \
+            --base main \
+            --head "release-v${{ inputs.next_version }}" \
+            --title "chore: bump version to v${{ inputs.next_version }}" \
+            --body "This PR contains the changes for the v${{ inputs.next_version }} release."
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release-changesets.yml

@@ -26,28 +26,23 @@ jobs:
       TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
       TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout Repo
-        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+        uses: actions/checkout@v2
 
       - name: Setup Node.js 18.x
-        uses: actions/setup-node@7c12f8017d5436eb855f1ed4399f037a36fbd9e8 # v2.5.2
+        uses: actions/setup-node@v2
         with:
           node-version: 18.x
 
       - name: Install pnpm
-        uses: pnpm/action-setup@c3b53f6a16e57305370b4ae5a540c2077a1d50dd # v2.2.4
+        uses: pnpm/action-setup@v2.2.4
 
       - name: Install Dependencies
         run: pnpm install --config.platform=linux --config.architecture=x64
 
       - name: Create Release Pull Request or Publish to npm
         id: changesets
-        uses: changesets/action@c8bada60c408975afd1a20b3db81d6eee6789308 # v1.4.9
+        uses: changesets/action@v1
         with:
           # This expects you to have a script called release which does a build for your packages and calls changeset publish
           publish: pnpm release

.github/workflows/release-docker-github-experimental.yml

@@ -17,9 +17,6 @@ env:
   TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
   DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/formbricks?schema=public"
 
-permissions:
-  contents: read
-
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -31,28 +28,23 @@ jobs:
       id-token: write
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout repository
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@v3
 
       - name: Set up Depot CLI
-        uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5 # v1.6.0
+        uses: depot/setup-action@v1
 
       # Install the cosign tool except on PR
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
         if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
+        uses: sigstore/cosign-installer@v3.5.0
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        uses: docker/login-action@v3 # v3.0.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -62,7 +54,7 @@ jobs:
       # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+        uses: docker/metadata-action@v5 # v5.0.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
@@ -70,7 +62,7 @@ jobs:
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
         id: build-and-push
-        uses: depot/build-push-action@636daae76684e38c301daa0c5eca1c095b24e780 # v1.14.0
+        uses: depot/build-push-action@v1
         with:
           project: tw0fqmsx3c
           token: ${{ secrets.DEPOT_PROJECT_TOKEN }}

.github/workflows/release-docker-github.yml

@@ -20,9 +20,6 @@ env:
   TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
   DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/formbricks?schema=public"
 
-permissions:
-  contents: read
-
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -34,40 +31,23 @@ jobs:
       id-token: write
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout repository
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
-
-      - name: Get Release Tag
-        id: extract_release_tag
-        run: |
-          TAG=${{ github.ref }}
-          TAG=${TAG#refs/tags/v}
-          echo "RELEASE_TAG=$TAG" >> $GITHUB_ENV
-
-      - name: Update package.json version
-        run: |
-          sed -i "s/\"version\": \"0.0.0\"/\"version\": \"${{ env.RELEASE_TAG }}\"/" ./apps/web/package.json
-          cat ./apps/web/package.json | grep version
+        uses: actions/checkout@v3
 
       - name: Set up Depot CLI
-        uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5 # v1.6.0
+        uses: depot/setup-action@v1
 
       # Install the cosign tool except on PR
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
         if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
+        uses: sigstore/cosign-installer@v3.5.0
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        uses: docker/login-action@v3 # v3.0.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -77,7 +57,7 @@ jobs:
       # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+        uses: docker/metadata-action@v5 # v5.0.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
@@ -85,7 +65,7 @@ jobs:
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
         id: build-and-push
-        uses: depot/build-push-action@636daae76684e38c301daa0c5eca1c095b24e780 # v1.14.0
+        uses: depot/build-push-action@v1
         with:
           project: tw0fqmsx3c
           token: ${{ secrets.DEPOT_PROJECT_TOKEN }}

.github/workflows/release-docker.yml

@@ -5,9 +5,6 @@ on:
     tags:
       - "v*"
 
-permissions:
-  contents: read
-
 jobs:
   release-image-on-dockerhub:
     name: Release on Dockerhub
@@ -19,13 +16,17 @@ jobs:
       TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
       DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/formbricks?schema=public"
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout Repo
-        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+        uses: actions/checkout@v2
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
 
       - name: Get Release Tag
         id: extract_release_tag
@@ -34,22 +35,8 @@ jobs:
           TAG=${TAG#refs/tags/v}
           echo "RELEASE_TAG=$TAG" >> $GITHUB_ENV
 
-      - name: Update package.json version
-        run: |
-          sed -i "s/\"version\": \"0.0.0\"/\"version\": \"${{ env.RELEASE_TAG }}\"/" ./apps/web/package.json
-          cat ./apps/web/package.json | grep version
-
-      - name: Log in to Docker Hub
-        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0
-
       - name: Build and push Docker image
-        uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1
+        uses: docker/build-push-action@v4
         with:
           context: .
           file: ./apps/web/Dockerfile

.github/workflows/release-helm-chart.yml

@@ -1,51 +0,0 @@
-name: Publish Helm Chart
-
-on:
-  release:
-    types:
-      - published
-
-permissions:
-  contents: read
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      packages: write
-      contents: read
-    steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: Extract release version
-        run: echo "VERSION=${{ github.event.release.tag_name }}" >> $GITHUB_ENV
-
-      - name: Set up Helm
-        uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
-        with:
-          version: latest
-
-      - name: Log in to GitHub Container Registry
-        run: echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io --username ${{ github.actor }} --password-stdin
-
-      - name: Install YQ
-        uses: dcarbone/install-yq-action@4075b4dca348d74bd83f2bf82d30f25d7c54539b # v1.3.1
-
-      - name: Update Chart.yaml with new version
-        run: |
-          yq -i ".version = \"${VERSION#v}\"" helm-chart/Chart.yaml
-          yq -i ".appVersion = \"${VERSION}\"" helm-chart/Chart.yaml
-
-      - name: Package Helm chart
-        run: |
-          helm package ./helm-chart
-
-      - name: Push Helm chart to GitHub Container Registry
-        run: |
-          helm push formbricks-${VERSION#v}.tgz oci://ghcr.io/formbricks/helm-charts

.github/workflows/scorecard.yml

@@ -34,11 +34,6 @@ jobs:
       # actions: read
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: "Checkout code"
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
@@ -76,6 +71,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif

.github/workflows/semantic-pull-requests.yml

@@ -16,12 +16,7 @@ jobs:
     name: PR title
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
+      - uses: amannn/action-semantic-pull-request@v5
         id: lint_pr_title
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -40,7 +35,7 @@ jobs:
             revert
             ossgg
 
-      - uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
+      - uses: marocchino/sticky-pull-request-comment@v2
         # When the previous steps fails, the workflow would stop. By adding this
         # condition you can continue the execution with the populated error message.
         if: always() && (steps.lint_pr_title.outputs.error_message != null)
@@ -59,7 +54,7 @@ jobs:
 
       # Delete a previous comment when the issue has been resolved
       - if: ${{ steps.lint_pr_title.outputs.error_message == null }}
-        uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
+        uses: marocchino/sticky-pull-request-comment@v2
         with:
           header: pr-title-lint-error
           message: |

.github/workflows/sonarqube.yml

@@ -14,12 +14,7 @@ jobs:
     name: SonarQube
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 

.github/workflows/terrafrom-plan-and-apply.yml

@@ -1,74 +0,0 @@
-name: 'Terraform'
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - main
-
-permissions:
-  id-token: write
-  contents: write
-
-jobs:
-  terraform:
-    runs-on: ubuntu-latest
-    env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-    steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
-        with:
-          role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN }}
-          aws-region: "eu-central-1"
-
-      - name: Setup Terraform
-        uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
-
-      - name: Terraform Format
-        id: fmt
-        run: terraform fmt -check -recursive
-        continue-on-error: true
-        working-directory: infra/terraform
-
-      - name: Terraform Init
-        id: init
-        run: terraform init
-        working-directory: infra/terraform
-
-      - name: Terraform Validate
-        id: validate
-        run: terraform validate
-        working-directory: infra/terraform
-
-      - name: Terraform Plan
-        id: plan
-        run: terraform plan -out .planfile
-        working-directory: infra/terraform
-
-      - name: Post PR comment
-        uses: borchero/terraform-plan-comment@3399d8dbae8b05185e815e02361ede2949cd99c4 # v2.4.0
-        if: always() && github.ref != 'refs/heads/main' && (steps.validate.outcome == 'success' || steps.validate.outcome == 'failure')
-        with:
-          token: ${{ github.token }}
-          planfile: .planfile
-          working-directory: "infra/terraform"
-          skip-comment: true
-
-      - name: Terraform Apply
-        id: apply
-        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
-        run: terraform apply .planfile
-        working-directory: "infra/terraform"
-

.github/workflows/test.yml

@@ -1,9 +1,6 @@
 name: Tests
 on:
   workflow_call:
-permissions:
-  contents: read
-
 jobs:
   build:
     name: Unit Tests
@@ -13,21 +10,16 @@ jobs:
       contents: read
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/dangerous-git-checkout
 
       - name: Setup Node.js 20.x
-        uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3.8.2
+        uses: actions/setup-node@v3
         with:
           node-version: 20.x
 
       - name: Install pnpm
-        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+        uses: pnpm/action-setup@v4
 
       - name: Install dependencies
         run: pnpm install --config.platform=linux --config.architecture=x64

.github/workflows/tolgee-missing-key-check.yml

@@ -5,30 +5,18 @@ permissions:
 
 on:
   workflow_dispatch:
-  pull_request_target:
+  pull_request:
     types: [opened, synchronize, reopened]
 
 jobs:
   check-missing-translations:
     runs-on: ubuntu-latest
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          ref: ${{ github.event.pull_request.base.ref }}
-
-      - name: Checkout PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
+        uses: actions/checkout@v4
 
       - name: Setup Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@v4
         with:
           node-version: 18
 

.github/workflows/tolgee.yml

@@ -3,7 +3,7 @@ permissions:
   contents: read
 
 on:
-  pull_request_target:
+  pull_request:
     types: [closed]
     branches:
       - main
@@ -15,33 +15,30 @@ jobs:
     if: github.event.pull_request.merged == true
 
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0 # This ensures we get the full git history
 
       - name: Get source branch name
         id: branch-name
         run: |
-          RAW_BRANCH="${{ github.head_ref }}"
-          SOURCE_BRANCH=$(echo "$RAW_BRANCH" | sed 's/[^a-zA-Z0-9._\/-]//g')
+          # For PR merges, use the head ref from the pull request event
+          SOURCE_BRANCH="${{ github.head_ref }}"
 
+          # Only remove username prefix if needed
+          if [[ "$SOURCE_BRANCH" =~ ^[a-zA-Z0-9][a-zA-Z0-9-]+/ ]]; then
+            PREFIX=${SOURCE_BRANCH%%/*}
+            if [[ ! "$PREFIX" =~ ^(feature|fix|bugfix|hotfix|release|chore|docs|test|refactor|style|perf|build|ci|revert)$ ]]; then
+              SOURCE_BRANCH=${SOURCE_BRANCH#*/}
+            fi
+          fi
 
-          # Safely add to environment variables using GitHub's recommended method
-          # This prevents environment variable injection attacks
-          echo "SOURCE_BRANCH<<EOF" >> $GITHUB_ENV
-          echo "$SOURCE_BRANCH" >> $GITHUB_ENV
-          echo "EOF" >> $GITHUB_ENV
-
+          echo "SOURCE_BRANCH=$SOURCE_BRANCH" >> $GITHUB_ENV
           echo "Detected source branch: $SOURCE_BRANCH"
 
       - name: Setup Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@v4
         with:
           node-version: 18 # Ensure compatibility with your project
 
@@ -80,7 +77,7 @@ jobs:
             --yes
 
       - name: Upload backup as artifact
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        uses: actions/upload-artifact@v4
         with:
           name: tolgee-backup-${{ github.sha }}
           path: ./tolgee-backup

.github/workflows/welcome-new-contributors.yml

@@ -17,12 +17,7 @@ jobs:
     timeout-minutes: 10
     if: github.event.action == 'opened'
     steps:
-      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
-        with:
-          egress-policy: audit
-
-      - uses: actions/first-interaction@3c71ce730280171fd1cfb57c00c774f8998586f7 # v1
+      - uses: actions/first-interaction@v1
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           pr-message: |-

.gitignore

@@ -53,22 +53,4 @@ yarn-error.log*
 packages/lib/uploads
 apps/web/public/js
 packages/database/migrations
-branch.json
-.vercel
-
-# Terraform
-infra/terraform/.terraform/
-**/.terraform.lock.hcl
-**/terraform.tfstate
-**/terraform.tfstate.*
-**/crash.log
-**/override.tf
-**/override.tf.json
-**/*.tfvars
-**/*.tfvars.json
-**/.terraformrc
-**/terraform.rc
-
-# IntelliJ IDEA
-/.idea/
-/*.iml
+branch.json

.gitpod/init.bash

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-images=($(yq eval '.services.*.image' docker-compose.dev.yml))
+images=($(yq eval '.services.*.image' packages/database/docker-compose.yml))
 
 pull_image() {
   docker pull "$1"

.tolgeerc.json

@@ -27,10 +27,6 @@
       {
         "language": "zh-Hant-TW",
         "path": "./packages/lib/messages/zh-Hant-TW.json"
-      },
-      {
-        "language": "pt-PT",
-        "path": "./packages/lib/messages/pt-PT.json"
       }
     ],
     "forceMode": "OVERRIDE"

apps/demo/pages/index.tsx

@@ -9,12 +9,6 @@ declare const window: Window;
 export default function AppPage(): React.JSX.Element {
   const [darkMode, setDarkMode] = useState(false);
   const router = useRouter();
-  const userId = "THIS-IS-A-VERY-LONG-USER-ID-FOR-TESTING";
-  const userAttributes = {
-    "Attribute 1": "one",
-    "Attribute 2": "two",
-    "Attribute 3": "three",
-  };
 
   useEffect(() => {
     if (darkMode) {
@@ -39,9 +33,18 @@ export default function AppPage(): React.JSX.Element {
       addFormbricksDebugParam();
 
       if (process.env.NEXT_PUBLIC_FORMBRICKS_ENVIRONMENT_ID && process.env.NEXT_PUBLIC_FORMBRICKS_API_HOST) {
-        void formbricks.setup({
+        const userId = "THIS-IS-A-VERY-LONG-USER-ID-FOR-TESTING";
+        const userInitAttributes = {
+          language: "de",
+          "Init Attribute 1": "eight",
+          "Init Attribute 2": "two",
+        };
+
+        void formbricks.init({
           environmentId: process.env.NEXT_PUBLIC_FORMBRICKS_ENVIRONMENT_ID,
-          appUrl: process.env.NEXT_PUBLIC_FORMBRICKS_API_HOST,
+          apiHost: process.env.NEXT_PUBLIC_FORMBRICKS_API_HOST,
+          userId,
+          attributes: userInitAttributes,
         });
       }
 
@@ -123,19 +126,19 @@ export default function AppPage(): React.JSX.Element {
         <div className="md:grid md:grid-cols-3">
           <div className="col-span-3 self-start rounded-lg border border-slate-300 bg-slate-100 p-6 dark:border-slate-600 dark:bg-slate-900">
             <h3 className="text-lg font-semibold dark:text-white">
-              Set a user ID / pull data from Formbricks app
+              Reset person / pull data from Formbricks app
             </h3>
             <p className="text-slate-700 dark:text-slate-300">
-              On formbricks.setUserId() the user state will <strong>be fetched from Formbricks</strong> and
-              the local state gets <strong>updated with the user state</strong>.
+              On formbricks.reset() the local state will <strong>be deleted</strong> and formbricks gets{" "}
+              <strong>reinitialized</strong>.
             </p>
             <button
               className="my-4 rounded-lg bg-slate-500 px-6 py-3 text-white hover:bg-slate-700 dark:bg-slate-700 dark:hover:bg-slate-600"
               type="button"
               onClick={() => {
-                void formbricks.setUserId(userId);
+                void formbricks.reset();
               }}>
-              Set user ID
+              Reset
             </button>
             <p className="text-xs text-slate-700 dark:text-slate-300">
               If you made a change in Formbricks app and it does not seem to work, hit &apos;Reset&apos; and
@@ -155,7 +158,7 @@ export default function AppPage(): React.JSX.Element {
               <p className="text-xs text-slate-700 dark:text-slate-300">
                 This button sends a{" "}
                 <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/actions#setting-up-no-code-actions"
+                  href="https://formbricks.com/docs/actions/no-code"
                   rel="noopener noreferrer"
                   className="underline dark:text-blue-500"
                   target="_blank">
@@ -163,7 +166,7 @@ export default function AppPage(): React.JSX.Element {
                 </a>{" "}
                 as long as you created it beforehand in the Formbricks App.{" "}
                 <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/actions#setting-up-no-code-actions"
+                  href="https://formbricks.com/docs/actions/no-code"
                   rel="noopener noreferrer"
                   target="_blank"
                   className="underline dark:text-blue-500">
@@ -172,7 +175,6 @@ export default function AppPage(): React.JSX.Element {
               </p>
             </div>
           </div>
-
           <div className="p-6">
             <div>
               <button
@@ -188,7 +190,7 @@ export default function AppPage(): React.JSX.Element {
               <p className="text-xs text-slate-700 dark:text-slate-300">
                 This button sets the{" "}
                 <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/user-identification#setting-custom-user-attributes"
+                  href="https://formbricks.com/docs/attributes/custom-attributes"
                   target="_blank"
                   rel="noopener noreferrer"
                   className="underline dark:text-blue-500">
@@ -213,7 +215,7 @@ export default function AppPage(): React.JSX.Element {
               <p className="text-xs text-slate-700 dark:text-slate-300">
                 This button sets the{" "}
                 <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/user-identification#setting-custom-user-attributes"
+                  href="https://formbricks.com/docs/attributes/custom-attributes"
                   target="_blank"
                   rel="noopener noreferrer"
                   className="underline dark:text-blue-500">
@@ -238,7 +240,7 @@ export default function AppPage(): React.JSX.Element {
               <p className="text-xs text-slate-700 dark:text-slate-300">
                 This button sets the{" "}
                 <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/user-identification"
+                  href="https://formbricks.com/docs/attributes/identify-users"
                   target="_blank"
                   rel="noopener noreferrer"
                   className="underline dark:text-blue-500">
@@ -248,110 +250,6 @@ export default function AppPage(): React.JSX.Element {
               </p>
             </div>
           </div>
-
-          <div className="p-6">
-            <div>
-              <button
-                type="button"
-                onClick={() => {
-                  void formbricks.setAttributes(userAttributes);
-                }}
-                className="mb-4 rounded-lg bg-slate-800 px-6 py-3 text-white hover:bg-slate-700 dark:bg-slate-700 dark:hover:bg-slate-600">
-                Set Multiple Attributes
-              </button>
-            </div>
-            <div>
-              <p className="text-xs text-slate-700 dark:text-slate-300">
-                This button sets the{" "}
-                <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/user-identification#setting-custom-user-attributes"
-                  target="_blank"
-                  rel="noopener noreferrer"
-                  className="underline dark:text-blue-500">
-                  user attributes
-                </a>{" "}
-                to &apos;one&apos;, &apos;two&apos;, &apos;three&apos;.
-              </p>
-            </div>
-          </div>
-
-          <div className="p-6">
-            <div>
-              <button
-                type="button"
-                onClick={() => {
-                  void formbricks.setLanguage("de");
-                }}
-                className="mb-4 rounded-lg bg-slate-800 px-6 py-3 text-white hover:bg-slate-700 dark:bg-slate-700 dark:hover:bg-slate-600">
-                Set Language to &apos;de&apos;
-              </button>
-            </div>
-            <div>
-              <p className="text-xs text-slate-700 dark:text-slate-300">
-                This button sets the{" "}
-                <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/general-features/multi-language-surveys"
-                  target="_blank"
-                  rel="noopener noreferrer"
-                  className="underline dark:text-blue-500">
-                  language
-                </a>{" "}
-                to &apos;de&apos;.
-              </p>
-            </div>
-          </div>
-
-          <div className="p-6">
-            <div>
-              <button
-                type="button"
-                className="mb-4 rounded-lg bg-slate-800 px-6 py-3 text-white hover:bg-slate-700 dark:bg-slate-700 dark:hover:bg-slate-600"
-                onClick={() => {
-                  void formbricks.track("code");
-                }}>
-                Code Action
-              </button>
-            </div>
-            <div>
-              <p className="text-xs text-slate-700 dark:text-slate-300">
-                This button sends a{" "}
-                <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/actions#setting-up-code-actions"
-                  rel="noopener noreferrer"
-                  className="underline dark:text-blue-500"
-                  target="_blank">
-                  Code Action
-                </a>{" "}
-                as long as you created it beforehand in the Formbricks App.{" "}
-                <a
-                  href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/actions#setting-up-code-actions"
-                  rel="noopener noreferrer"
-                  target="_blank"
-                  className="underline dark:text-blue-500">
-                  Here are instructions on how to do it.
-                </a>
-              </p>
-            </div>
-          </div>
-
-          <div className="p-6">
-            <div>
-              <button
-                type="button"
-                className="mb-4 rounded-lg bg-slate-800 px-6 py-3 text-white hover:bg-slate-700 dark:bg-slate-700 dark:hover:bg-slate-600"
-                onClick={() => {
-                  void formbricks.logout();
-                }}>
-                Logout
-              </button>
-            </div>
-            <div>
-              <p className="text-xs text-slate-700 dark:text-slate-300">
-                This button logs out the user and syncs the local state with Formbricks. (Only works if a
-                userId is set)
-              </p>
-            </div>
-          </div>
         </div>
       </div>
     </div>

apps/storybook/package.json

@@ -30,7 +30,7 @@
     "@typescript-eslint/eslint-plugin": "8.18.0",
     "@typescript-eslint/parser": "8.18.0",
     "@vitejs/plugin-react": "4.3.4",
-    "esbuild": "0.25.1",
+    "esbuild": "0.25.0",
     "eslint-plugin-storybook": "0.11.1",
     "prop-types": "15.8.1",
     "storybook": "8.4.7",

apps/web/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:22-alpine3.20@sha256:40be979442621049f40b1d51a26b55e281246b5de4e5f51a18da7beb6e17e3f9 AS base
+FROM node:22-alpine3.20 AS base
 
 #
 ## step 1: Prune monorepo
@@ -111,12 +111,7 @@ VOLUME /home/nextjs/apps/web/uploads/
 RUN mkdir -p /home/nextjs/apps/web/saml-connection
 VOLUME /home/nextjs/apps/web/saml-connection
 
-CMD if [ "${DOCKER_CRON_ENABLED:-1}" = "1" ]; then \
-      echo "Starting cron jobs..."; \
-      supercronic -quiet /app/docker/cronjobs & \
-    else \
-      echo "Docker cron jobs are disabled via DOCKER_CRON_ENABLED=0"; \
-    fi; \
+CMD supercronic -quiet /app/docker/cronjobs & \
     (cd packages/database && npm run db:migrate:deploy) && \
     (cd packages/database && npm run db:create-saml-database:deploy) && \
     exec node apps/web/server.js

apps/web/app/(app)/(onboarding)/environments/[environmentId]/connect/components/OnboardingSetupInstructions.tsx

@@ -34,9 +34,10 @@ export const OnboardingSetupInstructions = ({
   const htmlSnippetForAppSurveys = `<!-- START Formbricks Surveys -->
   <script type="text/javascript">
   !function(){
-      var appUrl = "${webAppUrl}";
+      var apiHost = "${webAppUrl}";
       var environmentId = "${environmentId}";
-      var t=document.createElement("script");t.type="text/javascript",t.async=!0,t.src=appUrl+"/js/formbricks.umd.cjs";var e=document.getElementsByTagName("script")[0];e.parentNode.insertBefore(t,e),setTimeout(function(){window.formbricks.setup({environmentId: environmentId, appUrl: appUrl})},500)}();
+      var userId = "testUser";
+      var t=document.createElement("script");t.type="text/javascript",t.async=!0,t.src=apiHost+"/js/formbricks.umd.cjs";var e=document.getElementsByTagName("script")[0];e.parentNode.insertBefore(t,e),setTimeout(function(){window.formbricks.init({environmentId: environmentId, apiHost: apiHost, userId: userId})},500)}();
   </script>
   <!-- END Formbricks Surveys -->
   `;
@@ -44,9 +45,9 @@ export const OnboardingSetupInstructions = ({
   const htmlSnippetForWebsiteSurveys = `<!-- START Formbricks Surveys -->
   <script type="text/javascript">
   !function(){
-    var appUrl = "${webAppUrl}";
+    var apiHost = "${webAppUrl}";
     var environmentId = "${environmentId}";
-      var t=document.createElement("script");t.type="text/javascript",t.async=!0,t.src=appUrl+"/js/formbricks.umd.cjs";var e=document.getElementsByTagName("script")[0];e.parentNode.insertBefore(t,e),setTimeout(function(){window.formbricks.setup({environmentId: environmentId, appUrl: appUrl })},500)}();
+      var t=document.createElement("script");t.type="text/javascript",t.async=!0,t.src=apiHost+"/js/formbricks.umd.cjs";var e=document.getElementsByTagName("script")[0];e.parentNode.insertBefore(t,e),setTimeout(function(){window.formbricks.init({environmentId: environmentId, apiHost: apiHost})},500)}();
   </script>
   <!-- END Formbricks Surveys -->
   `;
@@ -55,9 +56,10 @@ export const OnboardingSetupInstructions = ({
   import formbricks from "@formbricks/js";
   
   if (typeof window !== "undefined") {
-    formbricks.setup({
+    formbricks.init({
       environmentId: "${environmentId}",
-      appUrl: "${webAppUrl}",
+      apiHost: "${webAppUrl}",
+      userId: "testUser",
     });
   }
   
@@ -73,9 +75,9 @@ export const OnboardingSetupInstructions = ({
   import formbricks from "@formbricks/js";
   
   if (typeof window !== "undefined") {
-    formbricks.setup({
+    formbricks.init({
       environmentId: "${environmentId}",
-      appUrl: "${webAppUrl}",
+      apiHost: "${webAppUrl}",
     });
   }
   

apps/web/app/(app)/(onboarding)/organizations/[organizationId]/projects/new/settings/components/ProjectSettings.tsx

@@ -231,7 +231,6 @@ export const ProjectSettings = ({
         <p className="text-sm text-slate-400">{t("common.preview")}</p>
         <div className="z-0 h-3/4 w-3/4">
           <SurveyInline
-            isPreviewMode={true}
             survey={previewSurvey(projectName || "my Product", t)}
             styling={{ brandColor: { light: brandColor } }}
             isBrandingEnabled={false}

apps/web/app/(app)/components/FormbricksClient.tsx

@@ -12,12 +12,12 @@ export const FormbricksClient = ({ userId, email }: { userId: string; email: str
 
   useEffect(() => {
     if (formbricksEnabled && userId) {
-      formbricks.setup({
+      formbricks.init({
         environmentId: env.NEXT_PUBLIC_FORMBRICKS_ENVIRONMENT_ID || "",
-        appUrl: env.NEXT_PUBLIC_FORMBRICKS_API_HOST || "",
+        apiHost: env.NEXT_PUBLIC_FORMBRICKS_API_HOST || "",
+        userId,
       });
 
-      formbricks.setUserId(userId);
       formbricks.setEmail(email);
     }
   }, [userId, email]);

apps/web/app/(app)/environments/[environmentId]/actions/page.tsx

@@ -2,14 +2,21 @@ import { ActionClassesTable } from "@/app/(app)/environments/[environmentId]/act
 import { ActionClassDataRow } from "@/app/(app)/environments/[environmentId]/actions/components/ActionRowData";
 import { ActionTableHeading } from "@/app/(app)/environments/[environmentId]/actions/components/ActionTableHeading";
 import { AddActionModal } from "@/app/(app)/environments/[environmentId]/actions/components/AddActionModal";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
 import { Metadata } from "next";
+import { getServerSession } from "next-auth";
 import { redirect } from "next/navigation";
 import { getActionClasses } from "@formbricks/lib/actionClass/service";
 import { getEnvironments } from "@formbricks/lib/environment/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { findMatchingLocale } from "@formbricks/lib/utils/locale";
 
 export const metadata: Metadata = {
@@ -18,24 +25,51 @@ export const metadata: Metadata = {
 
 const Page = async (props) => {
   const params = await props.params;
-
-  const { isReadOnly, project, isBilling, environment } = await getEnvironmentAuth(params.environmentId);
-
+  const session = await getServerSession(authOptions);
   const t = await getTranslate();
-
-  const [actionClasses] = await Promise.all([getActionClasses(params.environmentId)]);
-
+  const [actionClasses, organization, project] = await Promise.all([
+    getActionClasses(params.environmentId),
+    getOrganizationByEnvironmentId(params.environmentId),
+    getProjectByEnvironmentId(params.environmentId),
+  ]);
   const locale = await findMatchingLocale();
+
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
+
+  if (!project) {
+    throw new Error(t("common.project_not_found"));
+  }
+
   const environments = await getEnvironments(project.id);
+  const currentEnvironment = environments.find((env) => env.id === params.environmentId);
+
+  if (!currentEnvironment) {
+    throw new Error(t("common.environment_not_found"));
+  }
 
   const otherEnvironment = environments.filter((env) => env.id !== params.environmentId)[0];
 
   const otherEnvActionClasses = await getActionClasses(otherEnvironment.id);
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(session?.user.id, organization.id);
+  const { isMember, isBilling } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session?.user.id, project.id);
+
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
   if (isBilling) {
     return redirect(`/environments/${params.environmentId}/settings/billing`);
   }
 
+  const isReadOnly = isMember && hasReadAccess;
+
   const renderAddActionButton = () => (
     <AddActionModal
       environmentId={params.environmentId}
@@ -48,7 +82,7 @@ const Page = async (props) => {
     <PageContentWrapper>
       <PageHeader pageTitle={t("common.actions")} cta={!isReadOnly ? renderAddActionButton() : undefined} />
       <ActionClassesTable
-        environment={environment}
+        environment={currentEnvironment}
         otherEnvironment={otherEnvironment}
         otherEnvActionClasses={otherEnvActionClasses}
         environmentId={params.environmentId}

apps/web/app/(app)/environments/[environmentId]/integrations/airtable/page.tsx

@@ -1,14 +1,21 @@
 import { AirtableWrapper } from "@/app/(app)/environments/[environmentId]/integrations/airtable/components/AirtableWrapper";
 import { getSurveys } from "@/app/(app)/environments/[environmentId]/integrations/lib/surveys";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { GoBackButton } from "@/modules/ui/components/go-back-button";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { redirect } from "next/navigation";
 import { getAirtableTables } from "@formbricks/lib/airtable/service";
 import { AIRTABLE_CLIENT_ID, WEBAPP_URL } from "@formbricks/lib/constants";
+import { getEnvironment } from "@formbricks/lib/environment/service";
 import { getIntegrations } from "@formbricks/lib/integration/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { findMatchingLocale } from "@formbricks/lib/utils/locale";
 import { TIntegrationItem } from "@formbricks/types/integration";
 import { TIntegrationAirtable } from "@formbricks/types/integration/airtable";
@@ -17,25 +24,48 @@ const Page = async (props) => {
   const params = await props.params;
   const t = await getTranslate();
   const isEnabled = !!AIRTABLE_CLIENT_ID;
-
-  const { isReadOnly, environment } = await getEnvironmentAuth(params.environmentId);
-
-  const [surveys, integrations] = await Promise.all([
+  const [session, surveys, integrations, environment] = await Promise.all([
+    getServerSession(authOptions),
     getSurveys(params.environmentId),
     getIntegrations(params.environmentId),
+    getEnvironment(params.environmentId),
   ]);
 
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+  const project = await getProjectByEnvironmentId(params.environmentId);
+  if (!project) {
+    throw new Error(t("common.project_not_found"));
+  }
+
   const airtableIntegration: TIntegrationAirtable | undefined = integrations?.find(
     (integration): integration is TIntegrationAirtable => integration.type === "airtable"
   );
 
   let airtableArray: TIntegrationItem[] = [];
-  if (airtableIntegration?.config.key) {
+  if (airtableIntegration && airtableIntegration.config.key) {
     airtableArray = await getAirtableTables(params.environmentId);
   }
 
   const locale = await findMatchingLocale();
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(
+    session?.user.id,
+    project.organizationId
+  );
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session?.user.id, environment?.projectId);
+
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   if (isReadOnly) {
     redirect("./");
   }

apps/web/app/(app)/environments/[environmentId]/integrations/google-sheets/actions.ts

@@ -1,41 +1,25 @@
 "use server";
 
-import { authenticatedActionClient } from "@/lib/utils/action-client";
-import { checkAuthorizationUpdated } from "@/lib/utils/action-client-middleware";
-import { getOrganizationIdFromEnvironmentId, getProjectIdFromEnvironmentId } from "@/lib/utils/helper";
-import { z } from "zod";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getServerSession } from "next-auth";
+import { hasUserEnvironmentAccess } from "@formbricks/lib/environment/auth";
 import { getSpreadsheetNameById } from "@formbricks/lib/googleSheet/service";
-import { ZIntegrationGoogleSheets } from "@formbricks/types/integration/google-sheet";
+import { AuthorizationError } from "@formbricks/types/errors";
+import { TIntegrationGoogleSheets } from "@formbricks/types/integration/google-sheet";
 
-const ZGetSpreadsheetNameByIdAction = z.object({
-  googleSheetIntegration: ZIntegrationGoogleSheets,
-  environmentId: z.string(),
-  spreadsheetId: z.string(),
-});
+export async function getSpreadsheetNameByIdAction(
+  googleSheetIntegration: TIntegrationGoogleSheets,
+  environmentId: string,
+  spreadsheetId: string
+) {
+  const session = await getServerSession(authOptions);
+  if (!session) throw new AuthorizationError("Not authorized");
 
-export const getSpreadsheetNameByIdAction = authenticatedActionClient
-  .schema(ZGetSpreadsheetNameByIdAction)
-  .action(async ({ ctx, parsedInput }) => {
-    await checkAuthorizationUpdated({
-      userId: ctx.user.id,
-      organizationId: await getOrganizationIdFromEnvironmentId(parsedInput.environmentId),
-      access: [
-        {
-          type: "organization",
-          roles: ["owner", "manager"],
-        },
-        {
-          type: "projectTeam",
-          projectId: await getProjectIdFromEnvironmentId(parsedInput.environmentId),
-          minPermission: "readWrite",
-        },
-      ],
-    });
-
-    const integrationData = structuredClone(parsedInput.googleSheetIntegration);
-    integrationData.config.data.forEach((data) => {
-      data.createdAt = new Date(data.createdAt);
-    });
-
-    return await getSpreadsheetNameById(integrationData, parsedInput.spreadsheetId);
+  const isAuthorized = await hasUserEnvironmentAccess(session.user.id, environmentId);
+  if (!isAuthorized) throw new AuthorizationError("Not authorized");
+  const integrationData = structuredClone(googleSheetIntegration);
+  integrationData.config.data.forEach((data) => {
+    data.createdAt = new Date(data.createdAt);
   });
+  return await getSpreadsheetNameById(integrationData, spreadsheetId);
+}

apps/web/app/(app)/environments/[environmentId]/integrations/google-sheets/components/AddIntegrationModal.tsx

@@ -8,7 +8,6 @@ import {
   isValidGoogleSheetsUrl,
 } from "@/app/(app)/environments/[environmentId]/integrations/google-sheets/lib/util";
 import GoogleSheetLogo from "@/images/googleSheetsLogo.png";
-import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { AdditionalIntegrationSettings } from "@/modules/ui/components/additional-integration-settings";
 import { Button } from "@/modules/ui/components/button";
 import { Checkbox } from "@/modules/ui/components/checkbox";
@@ -116,18 +115,11 @@ export const AddIntegrationModal = ({
         throw new Error(t("environments.integrations.select_at_least_one_question_error"));
       }
       const spreadsheetId = extractSpreadsheetIdFromUrl(spreadsheetUrl);
-      const spreadsheetNameResponse = await getSpreadsheetNameByIdAction({
+      const spreadsheetName = await getSpreadsheetNameByIdAction(
         googleSheetIntegration,
         environmentId,
-        spreadsheetId,
-      });
-
-      if (!spreadsheetNameResponse?.data) {
-        const errorMessage = getFormattedErrorMessage(spreadsheetNameResponse);
-        throw new Error(errorMessage);
-      }
-
-      const spreadsheetName = spreadsheetNameResponse.data;
+        spreadsheetId
+      );
 
       setIsLinkingSheet(true);
       integrationData.spreadsheetId = spreadsheetId;

apps/web/app/(app)/environments/[environmentId]/integrations/google-sheets/page.tsx

@@ -1,10 +1,13 @@
 import { GoogleSheetWrapper } from "@/app/(app)/environments/[environmentId]/integrations/google-sheets/components/GoogleSheetWrapper";
 import { getSurveys } from "@/app/(app)/environments/[environmentId]/integrations/lib/surveys";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { GoBackButton } from "@/modules/ui/components/go-back-button";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { redirect } from "next/navigation";
 import {
   GOOGLE_SHEETS_CLIENT_ID,
@@ -12,7 +15,11 @@ import {
   GOOGLE_SHEETS_REDIRECT_URL,
   WEBAPP_URL,
 } from "@formbricks/lib/constants";
+import { getEnvironment } from "@formbricks/lib/environment/service";
 import { getIntegrations } from "@formbricks/lib/integration/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { findMatchingLocale } from "@formbricks/lib/utils/locale";
 import { TIntegrationGoogleSheets } from "@formbricks/types/integration/google-sheet";
 
@@ -20,20 +27,43 @@ const Page = async (props) => {
   const params = await props.params;
   const t = await getTranslate();
   const isEnabled = !!(GOOGLE_SHEETS_CLIENT_ID && GOOGLE_SHEETS_CLIENT_SECRET && GOOGLE_SHEETS_REDIRECT_URL);
-
-  const { isReadOnly, environment } = await getEnvironmentAuth(params.environmentId);
-
-  const [surveys, integrations] = await Promise.all([
+  const [session, surveys, integrations, environment] = await Promise.all([
+    getServerSession(authOptions),
     getSurveys(params.environmentId),
     getIntegrations(params.environmentId),
+    getEnvironment(params.environmentId),
   ]);
 
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+  const project = await getProjectByEnvironmentId(params.environmentId);
+  if (!project) {
+    throw new Error(t("common.project_not_found"));
+  }
+
   const googleSheetIntegration: TIntegrationGoogleSheets | undefined = integrations?.find(
     (integration): integration is TIntegrationGoogleSheets => integration.type === "googleSheets"
   );
 
   const locale = await findMatchingLocale();
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(
+    session?.user.id,
+    project.organizationId
+  );
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session?.user.id, environment?.projectId);
+
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   if (isReadOnly) {
     redirect("./");
   }

apps/web/app/(app)/environments/[environmentId]/integrations/notion/page.tsx

@@ -1,10 +1,13 @@
 import { getSurveys } from "@/app/(app)/environments/[environmentId]/integrations/lib/surveys";
 import { NotionWrapper } from "@/app/(app)/environments/[environmentId]/integrations/notion/components/NotionWrapper";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { GoBackButton } from "@/modules/ui/components/go-back-button";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { redirect } from "next/navigation";
 import {
   NOTION_AUTH_URL,
@@ -13,8 +16,12 @@ import {
   NOTION_REDIRECT_URI,
   WEBAPP_URL,
 } from "@formbricks/lib/constants";
+import { getEnvironment } from "@formbricks/lib/environment/service";
 import { getIntegrationByType } from "@formbricks/lib/integration/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
 import { getNotionDatabases } from "@formbricks/lib/notion/service";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { findMatchingLocale } from "@formbricks/lib/utils/locale";
 import { TIntegrationNotion, TIntegrationNotionDatabase } from "@formbricks/types/integration/notion";
 
@@ -27,20 +34,44 @@ const Page = async (props) => {
     NOTION_AUTH_URL &&
     NOTION_REDIRECT_URI
   );
-
-  const { isReadOnly, environment } = await getEnvironmentAuth(params.environmentId);
-
-  const [surveys, notionIntegration] = await Promise.all([
+  const [session, surveys, notionIntegration, environment] = await Promise.all([
+    getServerSession(authOptions),
     getSurveys(params.environmentId),
     getIntegrationByType(params.environmentId, "notion"),
+    getEnvironment(params.environmentId),
   ]);
 
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+
+  const project = await getProjectByEnvironmentId(params.environmentId);
+  if (!project) {
+    throw new Error(t("common.project_not_found"));
+  }
+
   let databasesArray: TIntegrationNotionDatabase[] = [];
   if (notionIntegration && (notionIntegration as TIntegrationNotion).config.key?.bot_id) {
     databasesArray = (await getNotionDatabases(environment.id)) ?? [];
   }
   const locale = await findMatchingLocale();
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(
+    session?.user.id,
+    project.organizationId
+  );
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session?.user.id, environment?.projectId);
+
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   if (isReadOnly) {
     redirect("./");
   }

apps/web/app/(app)/environments/[environmentId]/integrations/page.tsx

@@ -9,40 +9,71 @@ import notionLogo from "@/images/notion.png";
 import SlackLogo from "@/images/slacklogo.png";
 import WebhookLogo from "@/images/webhook.png";
 import ZapierLogo from "@/images/zapier-small.png";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { Card } from "@/modules/ui/components/integration-card";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import Image from "next/image";
 import { redirect } from "next/navigation";
+import { getEnvironment } from "@formbricks/lib/environment/service";
 import { getIntegrations } from "@formbricks/lib/integration/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
 import { TIntegrationType } from "@formbricks/types/integration";
 
 const Page = async (props) => {
   const params = await props.params;
+  const environmentId = params.environmentId;
   const t = await getTranslate();
-
-  const { isReadOnly, environment, isBilling } = await getEnvironmentAuth(params.environmentId);
-
   const [
+    environment,
     integrations,
+    organization,
+    session,
     userWebhookCount,
     zapierWebhookCount,
     makeWebhookCount,
     n8nwebhookCount,
     activePiecesWebhookCount,
   ] = await Promise.all([
-    getIntegrations(params.environmentId),
-    getWebhookCountBySource(params.environmentId, "user"),
-    getWebhookCountBySource(params.environmentId, "zapier"),
-    getWebhookCountBySource(params.environmentId, "make"),
-    getWebhookCountBySource(params.environmentId, "n8n"),
-    getWebhookCountBySource(params.environmentId, "activepieces"),
+    getEnvironment(environmentId),
+    getIntegrations(environmentId),
+    getOrganizationByEnvironmentId(params.environmentId),
+    getServerSession(authOptions),
+    getWebhookCountBySource(environmentId, "user"),
+    getWebhookCountBySource(environmentId, "zapier"),
+    getWebhookCountBySource(environmentId, "make"),
+    getWebhookCountBySource(environmentId, "n8n"),
+    getWebhookCountBySource(environmentId, "activepieces"),
   ]);
 
   const isIntegrationConnected = (type: TIntegrationType) =>
     integrations.some((integration) => integration.type === type);
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(session?.user.id, organization.id);
+  const { isMember, isBilling } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session?.user.id, environment?.projectId);
+
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
 
   if (isBilling) {
     return redirect(`/environments/${params.environmentId}/settings/billing`);
@@ -213,7 +244,7 @@ const Page = async (props) => {
     docsHref: "https://formbricks.com/docs/app-surveys/quickstart",
     docsText: t("common.docs"),
     docsNewTab: true,
-    connectHref: `/environments/${params.environmentId}/project/app-connection`,
+    connectHref: `/environments/${environmentId}/project/app-connection`,
     connectText: t("common.connect"),
     connectNewTab: false,
     label: "Javascript SDK",

apps/web/app/(app)/environments/[environmentId]/integrations/slack/page.tsx

@@ -1,13 +1,20 @@
 import { getSurveys } from "@/app/(app)/environments/[environmentId]/integrations/lib/surveys";
 import { SlackWrapper } from "@/app/(app)/environments/[environmentId]/integrations/slack/components/SlackWrapper";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { GoBackButton } from "@/modules/ui/components/go-back-button";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { redirect } from "next/navigation";
 import { SLACK_CLIENT_ID, SLACK_CLIENT_SECRET, WEBAPP_URL } from "@formbricks/lib/constants";
+import { getEnvironment } from "@formbricks/lib/environment/service";
 import { getIntegrationByType } from "@formbricks/lib/integration/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { findMatchingLocale } from "@formbricks/lib/utils/locale";
 import { TIntegrationSlack } from "@formbricks/types/integration/slack";
 
@@ -16,16 +23,40 @@ const Page = async (props) => {
   const isEnabled = !!(SLACK_CLIENT_ID && SLACK_CLIENT_SECRET);
 
   const t = await getTranslate();
-
-  const { isReadOnly, environment } = await getEnvironmentAuth(params.environmentId);
-
-  const [surveys, slackIntegration] = await Promise.all([
+  const [session, surveys, slackIntegration, environment] = await Promise.all([
+    getServerSession(authOptions),
     getSurveys(params.environmentId),
     getIntegrationByType(params.environmentId, "slack"),
+    getEnvironment(params.environmentId),
   ]);
 
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+
+  const project = await getProjectByEnvironmentId(params.environmentId);
+  if (!project) {
+    throw new Error(t("common.project_not_found"));
+  }
+
   const locale = await findMatchingLocale();
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(
+    session?.user.id,
+    project.organizationId
+  );
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session?.user.id, environment?.projectId);
+
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   if (isReadOnly) {
     redirect("./");
   }

apps/web/app/(app)/environments/[environmentId]/layout.tsx

@@ -4,7 +4,7 @@ import { authOptions } from "@/modules/auth/lib/authOptions";
 import { ToasterClient } from "@/modules/ui/components/toaster-client";
 import { getTranslate } from "@/tolgee/server";
 import { getServerSession } from "next-auth";
-import { redirect } from "next/navigation";
+import { notFound, redirect } from "next/navigation";
 import { hasUserEnvironmentAccess } from "@formbricks/lib/environment/auth";
 import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
 import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
@@ -49,10 +49,7 @@ const EnvLayout = async (props: {
   }
 
   const membership = await getMembershipByUserIdOrganizationId(session.user.id, organization.id);
-
-  if (!membership) {
-    throw new Error(t("common.membership_not_found"));
-  }
+  if (!membership) return notFound();
 
   return (
     <>

apps/web/app/(app)/environments/[environmentId]/settings/(account)/notifications/components/EditAlerts.tsx

@@ -27,7 +27,7 @@ export const EditAlerts = ({
   return (
     <>
       {memberships.map((membership) => (
-        <div key={membership.organization.id}>
+        <>
           <div className="mb-5 grid grid-cols-6 items-center space-x-3">
             <div className="col-span-3 flex items-center space-x-3">
               <UsersIcon className="h-6 w-7 text-slate-600" />
@@ -110,7 +110,7 @@ export const EditAlerts = ({
               </Link>
             </p>
           </div>
-        </div>
+        </>
       ))}
     </>
   );

apps/web/app/(app)/environments/[environmentId]/settings/(account)/notifications/components/EditWeeklySummary.tsx

@@ -18,7 +18,7 @@ export const EditWeeklySummary = ({ memberships, user, environmentId }: EditAler
   return (
     <>
       {memberships.map((membership) => (
-        <div key={membership.organization.id}>
+        <>
           <div className="mb-5 flex items-center space-x-3 text-sm font-medium">
             <UsersIcon className="h-6 w-7 text-slate-600" />
 
@@ -52,7 +52,7 @@ export const EditWeeklySummary = ({ memberships, user, environmentId }: EditAler
               </Link>
             </p>
           </div>
-        </div>
+        </>
       ))}
     </>
   );

apps/web/app/(app)/environments/[environmentId]/settings/(account)/notifications/page.tsx

@@ -157,10 +157,6 @@ const Page = async (props) => {
     throw new Error(t("common.user_not_found"));
   }
 
-  if (!memberships) {
-    throw new Error(t("common.membership_not_found"));
-  }
-
   if (user?.notificationSettings) {
     user.notificationSettings = setCompleteNotificationSettings(user.notificationSettings, memberships);
   }

apps/web/app/(app)/environments/[environmentId]/settings/(account)/profile/page.tsx

@@ -1,14 +1,16 @@
 import { AccountSettingsNavbar } from "@/app/(app)/environments/[environmentId]/settings/(account)/components/AccountSettingsNavbar";
 import { AccountSecurity } from "@/app/(app)/environments/[environmentId]/settings/(account)/profile/components/AccountSecurity";
+import { authOptions } from "@/modules/auth/lib/authOptions";
 import { getIsMultiOrgEnabled, getIsTwoFactorAuthEnabled } from "@/modules/ee/license-check/lib/utils";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { SettingsId } from "@/modules/ui/components/settings-id";
 import { UpgradePrompt } from "@/modules/ui/components/upgrade-prompt";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { IS_FORMBRICKS_CLOUD } from "@formbricks/lib/constants";
 import { getOrganizationsWhereUserIsSingleOwner } from "@formbricks/lib/organization/service";
+import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
 import { getUser } from "@formbricks/lib/user/service";
 import { SettingsCard } from "../../components/SettingsCard";
 import { DeleteAccount } from "./components/DeleteAccount";
@@ -21,16 +23,20 @@ const Page = async (props: { params: Promise<{ environmentId: string }> }) => {
   const params = await props.params;
   const t = await getTranslate();
   const { environmentId } = params;
+  const session = await getServerSession(authOptions);
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
 
-  const { session } = await getEnvironmentAuth(params.environmentId);
+  const organization = await getOrganizationByEnvironmentId(environmentId);
+
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
 
   const organizationsWithSingleOwner = await getOrganizationsWhereUserIsSingleOwner(session.user.id);
 
-  const user = session?.user ? await getUser(session.user.id) : null;
-
-  if (!user) {
-    throw new Error(t("common.user_not_found"));
-  }
+  const user = session && session.user ? await getUser(session.user.id) : null;
 
   return (
     <PageContentWrapper>
@@ -65,9 +71,7 @@ const Page = async (props: { params: Promise<{ environmentId: string }> }) => {
                   description={t("environments.settings.profile.two_factor_authentication_description")}
                   buttons={[
                     {
-                      text: IS_FORMBRICKS_CLOUD
-                        ? t("common.start_free_trial")
-                        : t("common.request_trial_license"),
+                      text: t("common.start_free_trial"),
                       href: IS_FORMBRICKS_CLOUD
                         ? `/environments/${params.environmentId}/settings/billing`
                         : "https://formbricks.com/upgrade-self-hosting-license",

apps/web/app/(app)/environments/[environmentId]/settings/(organization)/enterprise/page.tsx

@@ -1,14 +1,18 @@
 import { OrganizationSettingsNavbar } from "@/app/(app)/environments/[environmentId]/settings/(organization)/components/OrganizationSettingsNavbar";
+import { authOptions } from "@/modules/auth/lib/authOptions";
 import { getEnterpriseLicense } from "@/modules/ee/license-check/lib/utils";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
 import { Button } from "@/modules/ui/components/button";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
 import { CheckIcon } from "lucide-react";
+import { getServerSession } from "next-auth";
 import Link from "next/link";
 import { notFound } from "next/navigation";
 import { IS_FORMBRICKS_CLOUD } from "@formbricks/lib/constants";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
 
 const Page = async (props) => {
   const params = await props.params;
@@ -17,8 +21,20 @@ const Page = async (props) => {
     notFound();
   }
 
-  const { isMember, currentUserMembership } = await getEnvironmentAuth(params.environmentId);
+  const session = await getServerSession(authOptions);
 
+  const organization = await getOrganizationByEnvironmentId(params.environmentId);
+
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
+
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(session?.user.id, organization.id);
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
   const isPricingDisabled = isMember;
 
   if (isPricingDisabled) {

apps/web/app/(app)/environments/[environmentId]/settings/(organization)/general/page.tsx

@@ -12,6 +12,7 @@ import { PageHeader } from "@/modules/ui/components/page-header";
 import { SettingsId } from "@/modules/ui/components/settings-id";
 import { getTranslate } from "@/tolgee/server";
 import { getServerSession } from "next-auth";
+import React from "react";
 import { FB_LOGO_URL, IS_FORMBRICKS_CLOUD } from "@formbricks/lib/constants";
 import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
 import { getAccessFlags } from "@formbricks/lib/membership/utils";

apps/web/app/(app)/environments/[environmentId]/settings/components/SettingsCard.tsx

@@ -2,6 +2,7 @@
 
 import { Badge } from "@/modules/ui/components/badge";
 import { useTranslate } from "@tolgee/react";
+import React from "react";
 import { cn } from "@formbricks/lib/cn";
 
 export const SettingsCard = ({

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/ShareEmbedSurvey.tsx

@@ -60,7 +60,7 @@ export const ShareEmbedSurvey = ({
 
   const [activeId, setActiveId] = useState(survey.type === "link" ? tabs[0].id : tabs[3].id);
   const [showView, setShowView] = useState<"start" | "embed" | "panel">("start");
-  const [surveyUrl, setSurveyUrl] = useState("");
+  const [surveyUrl, setSurveyUrl] = useState(webAppUrl + "/s/" + survey.id);
 
   useEffect(() => {
     if (survey.type !== "link") {

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/AppTab.tsx

@@ -1,12 +1,11 @@
 "use client";
 
-import { MobileAppTab } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/MobileAppTab";
-import { WebAppTab } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/WebAppTab";
 import { OptionsSwitch } from "@/modules/ui/components/options-switch";
 import { useTranslate } from "@tolgee/react";
+import Link from "next/link";
 import { useState } from "react";
 
-export const AppTab = () => {
+export const AppTab = ({ environmentId }) => {
   const { t } = useTranslate();
   const [selectedTab, setSelectedTab] = useState("webapp");
 
@@ -21,7 +20,79 @@ export const AppTab = () => {
         handleOptionChange={(value) => setSelectedTab(value)}
       />
 
-      <div className="mt-4">{selectedTab === "webapp" ? <WebAppTab /> : <MobileAppTab />}</div>
+      <div className="mt-4">
+        {selectedTab === "webapp" ? <WebAppTab environmentId={environmentId} /> : <MobileAppTab />}
+      </div>
+    </div>
+  );
+};
+
+const MobileAppTab = () => {
+  const { t } = useTranslate();
+  return (
+    <div>
+      <p className="text-lg font-semibold text-slate-800">
+        {t("environments.surveys.summary.how_to_embed_a_survey_on_your_react_native_app")}
+      </p>
+      <ol className="mt-4 list-decimal space-y-2 pl-5 text-sm text-slate-700">
+        <li>
+          {t("common.follow_these")}{" "}
+          <Link
+            href="https://formbricks.com/docs/developer-docs/react-native-in-app-surveys"
+            target="_blank"
+            className="decoration-brand-dark font-medium underline underline-offset-2">
+            {t("environments.surveys.summary.setup_instructions_for_react_native_apps")}
+          </Link>{" "}
+          {t("environments.surveys.summary.to_connect_your_app_with_formbricks")}
+        </li>
+      </ol>
+      <div className="mt-2 text-sm italic text-slate-700">
+        {t("environments.surveys.summary.were_working_on_sdks_for_flutter_swift_and_kotlin")}
+      </div>
+    </div>
+  );
+};
+
+const WebAppTab = ({ environmentId }) => {
+  const { t } = useTranslate();
+  return (
+    <div>
+      <p className="text-lg font-semibold text-slate-800">
+        {t("environments.surveys.summary.how_to_embed_a_survey_on_your_web_app")}
+      </p>
+      <ol className="mt-4 list-decimal space-y-2 pl-5 text-sm text-slate-700">
+        <li>
+          {t("common.follow_these")}{" "}
+          <Link
+            href={`/environments/${environmentId}/project/app-connection`}
+            target="_blank"
+            className="decoration-brand-dark font-medium underline underline-offset-2">
+            {t("environments.surveys.summary.setup_instructions")}
+          </Link>{" "}
+          {t("environments.surveys.summary.to_connect_your_web_app_with_formbricks")}
+        </li>
+        <li>
+          {t("environments.surveys.summary.learn_how_to")}{" "}
+          <Link
+            href="https://formbricks.com/docs/app-surveys/user-identification"
+            target="_blank"
+            className="decoration-brand-dark font-medium underline underline-offset-2">
+            {t("environments.surveys.summary.identify_users_and_set_attributes")}
+          </Link>{" "}
+          {t("environments.surveys.summary.to_run_highly_targeted_surveys")}.
+        </li>
+        <li>
+          {t("environments.surveys.summary.make_sure_the_survey_type_is_set_to")}{" "}
+          <b>{t("common.app_survey")}</b>
+        </li>
+        <li>{t("environments.surveys.summary.define_when_and_where_the_survey_should_pop_up")}</li>
+      </ol>
+      <div className="mt-4">
+        <video autoPlay loop muted className="w-full rounded-xl border border-slate-200">
+          <source src="/video/tooltips/change-survey-type-app.mp4" type="video/mp4" />
+          {t("environments.surveys.summary.unsupported_video_tag_warning")}
+        </video>
+      </div>
     </div>
   );
 };

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/EmbedView.tsx

@@ -88,7 +88,7 @@ export const EmbedView = ({
               locale={locale}
             />
           ) : activeId === "app" ? (
-            <AppTab />
+            <AppTab environmentId={environmentId} />
           ) : null}
           <div className="mt-2 rounded-md p-3 text-center lg:hidden">
             {tabs.slice(0, 2).map((tab) => (

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/LinkTab.tsx

@@ -16,7 +16,6 @@ interface LinkTabProps {
 
 export const LinkTab = ({ survey, webAppUrl, surveyUrl, setSurveyUrl, locale }: LinkTabProps) => {
   const { t } = useTranslate();
-
   const docsLinks = [
     {
       title: t("environments.surveys.summary.data_prefilling"),
@@ -49,7 +48,6 @@ export const LinkTab = ({ survey, webAppUrl, surveyUrl, setSurveyUrl, locale }:
           locale={locale}
         />
       </div>
-
       <div className="flex flex-wrap justify-between gap-2">
         <p className="pt-2 font-semibold text-slate-700">
           {t("environments.surveys.summary.you_can_do_a_lot_more_with_links_surveys")} 💡

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/MobileAppTab.tsx

@@ -1,25 +0,0 @@
-"use client";
-
-import { Alert, AlertDescription, AlertTitle } from "@/modules/ui/components/alert";
-import { Button } from "@/modules/ui/components/button";
-import { useTranslate } from "@tolgee/react";
-import Link from "next/link";
-
-export const MobileAppTab = () => {
-  const { t } = useTranslate();
-  return (
-    <Alert>
-      <AlertTitle>{t("environments.surveys.summary.quickstart_mobile_apps")}</AlertTitle>
-      <AlertDescription>
-        {t("environments.surveys.summary.quickstart_mobile_apps_description")}
-        <Button asChild className="w-fit" size="sm" variant="link">
-          <Link
-            href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/framework-guides"
-            target="_blank">
-            {t("common.learn_more")}
-          </Link>
-        </Button>
-      </AlertDescription>
-    </Alert>
-  );
-};

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/PanelInfoView.tsx

@@ -85,10 +85,8 @@ export const PanelInfoView = ({ disableBack, handleInitialPageButton }: PanelInf
             </p>
           </div>
           <Button className="justify-center" asChild>
-            <Link
-              href="https://formbricks.com/docs/xm-and-surveys/surveys/link-surveys/market-research-panel"
-              target="_blank">
-              {t("common.learn_more")}
+            <Link href="https://formbricks.com/docs/link-surveys/market-research-panel" target="_blank">
+              {t("common.get_started")}
             </Link>
           </Button>
         </div>

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/shareEmbedModal/WebAppTab.tsx

@@ -1,25 +0,0 @@
-"use client";
-
-import { Alert, AlertDescription, AlertTitle } from "@/modules/ui/components/alert";
-import { Button } from "@/modules/ui/components/button";
-import { useTranslate } from "@tolgee/react";
-import Link from "next/link";
-
-export const WebAppTab = () => {
-  const { t } = useTranslate();
-  return (
-    <Alert>
-      <AlertTitle>{t("environments.surveys.summary.quickstart_web_apps")}</AlertTitle>
-      <AlertDescription>
-        {t("environments.surveys.summary.quickstart_web_apps_description")}
-        <Button asChild className="w-fit" size="sm" variant="link">
-          <Link
-            href="https://formbricks.com/docs/xm-and-surveys/surveys/website-app-surveys/quickstart"
-            target="_blank">
-            {t("common.learn_more")}
-          </Link>
-        </Button>
-      </AlertDescription>
-    </Alert>
-  );
-};

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/lib/get-qr-code-options.ts

@@ -1,36 +0,0 @@
-import { Options } from "qr-code-styling";
-
-export const getQRCodeOptions = (width: number, height: number): Options => ({
-  width,
-  height,
-  type: "svg",
-  data: "",
-  margin: 0,
-  qrOptions: {
-    typeNumber: 0,
-    mode: "Byte",
-    errorCorrectionLevel: "L",
-  },
-  imageOptions: {
-    saveAsBlob: true,
-    hideBackgroundDots: false,
-    imageSize: 0,
-    margin: 0,
-  },
-  dotsOptions: {
-    type: "extra-rounded",
-    color: "#000000",
-    roundSize: true,
-  },
-  backgroundOptions: {
-    color: "#ffffff",
-  },
-  cornersSquareOptions: {
-    type: "dot",
-    color: "#000000",
-  },
-  cornersDotOptions: {
-    type: "dot",
-    color: "#000000",
-  },
-});

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/lib/survey-qr-code.tsx

@@ -1,44 +0,0 @@
-"use client";
-
-import { getQRCodeOptions } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/lib/get-qr-code-options";
-import { useTranslate } from "@tolgee/react";
-import QRCodeStyling from "qr-code-styling";
-import { useEffect, useRef } from "react";
-import { toast } from "react-hot-toast";
-
-export const useSurveyQRCode = (surveyUrl: string) => {
-  const qrCodeRef = useRef<HTMLDivElement>(null);
-  const qrInstance = useRef<QRCodeStyling | null>(null);
-  const { t } = useTranslate();
-
-  useEffect(() => {
-    try {
-      if (!qrInstance.current) {
-        qrInstance.current = new QRCodeStyling(getQRCodeOptions(70, 70));
-      }
-
-      if (surveyUrl && qrInstance.current) {
-        qrInstance.current.update({ data: surveyUrl });
-
-        if (qrCodeRef.current) {
-          qrCodeRef.current.innerHTML = "";
-          qrInstance.current.append(qrCodeRef.current);
-        }
-      }
-    } catch (error) {
-      toast.error(t("environments.surveys.summary.failed_to_generate_qr_code"));
-    }
-  }, [surveyUrl]);
-
-  const downloadQRCode = () => {
-    try {
-      const downloadInstance = new QRCodeStyling(getQRCodeOptions(500, 500));
-      downloadInstance.update({ data: surveyUrl });
-      downloadInstance.download({ name: "survey-qr", extension: "png" });
-    } catch (error) {
-      toast.error(t("environments.surveys.summary.failed_to_generate_qr_code"));
-    }
-  };
-
-  return { qrCodeRef, downloadQRCode };
-};

apps/web/app/(app)/layout.test.tsx

@@ -1,92 +0,0 @@
-import "@testing-library/jest-dom/vitest";
-import { cleanup, render, screen } from "@testing-library/react";
-import { getServerSession } from "next-auth";
-import { afterEach, describe, expect, it, vi } from "vitest";
-import { getUser } from "@formbricks/lib/user/service";
-import { TUser } from "@formbricks/types/user";
-import AppLayout from "./layout";
-
-vi.mock("next-auth", () => ({
-  getServerSession: vi.fn(),
-}));
-
-vi.mock("@formbricks/lib/user/service", () => ({
-  getUser: vi.fn(),
-}));
-
-vi.mock("@formbricks/lib/constants", () => ({
-  INTERCOM_SECRET_KEY: "test-secret-key",
-  IS_INTERCOM_CONFIGURED: true,
-  INTERCOM_APP_ID: "test-app-id",
-  ENCRYPTION_KEY: "test-encryption-key",
-  ENTERPRISE_LICENSE_KEY: "test-enterprise-license-key",
-  GITHUB_ID: "test-github-id",
-  GITHUB_SECRET: "test-githubID",
-  GOOGLE_CLIENT_ID: "test-google-client-id",
-  GOOGLE_CLIENT_SECRET: "test-google-client-secret",
-  AZUREAD_CLIENT_ID: "test-azuread-client-id",
-  AZUREAD_CLIENT_SECRET: "test-azure",
-  AZUREAD_TENANT_ID: "test-azuread-tenant-id",
-  OIDC_DISPLAY_NAME: "test-oidc-display-name",
-  OIDC_CLIENT_ID: "test-oidc-client-id",
-  OIDC_ISSUER: "test-oidc-issuer",
-  OIDC_CLIENT_SECRET: "test-oidc-client-secret",
-  OIDC_SIGNING_ALGORITHM: "test-oidc-signing-algorithm",
-  WEBAPP_URL: "test-webapp-url",
-}));
-
-vi.mock("@/app/(app)/components/FormbricksClient", () => ({
-  FormbricksClient: () => <div data-testid="formbricks-client" />,
-}));
-vi.mock("@/app/intercom/IntercomClientWrapper", () => ({
-  IntercomClientWrapper: () => <div data-testid="mock-intercom-wrapper" />,
-}));
-vi.mock("@/modules/ui/components/no-mobile-overlay", () => ({
-  NoMobileOverlay: () => <div data-testid="no-mobile-overlay" />,
-}));
-vi.mock("@/modules/ui/components/post-hog-client", () => ({
-  PHProvider: ({ children }: { children: React.ReactNode }) => (
-    <div data-testid="ph-provider">{children}</div>
-  ),
-  PostHogPageview: () => <div data-testid="ph-pageview" />,
-}));
-vi.mock("@/modules/ui/components/toaster-client", () => ({
-  ToasterClient: () => <div data-testid="toaster-client" />,
-}));
-
-describe("(app) AppLayout", () => {
-  afterEach(() => {
-    cleanup();
-  });
-
-  it("renders child content and all sub-components when user exists", async () => {
-    vi.mocked(getServerSession).mockResolvedValueOnce({ user: { id: "user-123" } });
-    vi.mocked(getUser).mockResolvedValueOnce({ id: "user-123", email: "test@example.com" } as TUser);
-
-    // Because AppLayout is async, call it like a function
-    const element = await AppLayout({
-      children: <div data-testid="child-content">Hello from children</div>,
-    });
-
-    render(element);
-
-    expect(screen.getByTestId("no-mobile-overlay")).toBeInTheDocument();
-    expect(screen.getByTestId("ph-pageview")).toBeInTheDocument();
-    expect(screen.getByTestId("ph-provider")).toBeInTheDocument();
-    expect(screen.getByTestId("mock-intercom-wrapper")).toBeInTheDocument();
-    expect(screen.getByTestId("toaster-client")).toBeInTheDocument();
-    expect(screen.getByTestId("child-content")).toHaveTextContent("Hello from children");
-    expect(screen.getByTestId("formbricks-client")).toBeInTheDocument();
-  });
-
-  it("skips FormbricksClient if no user is present", async () => {
-    vi.mocked(getServerSession).mockResolvedValueOnce(null);
-
-    const element = await AppLayout({
-      children: <div data-testid="child-content">Hello from children</div>,
-    });
-    render(element);
-
-    expect(screen.queryByTestId("formbricks-client")).not.toBeInTheDocument();
-  });
-});

apps/web/app/(app)/layout.tsx

@@ -1,11 +1,12 @@
 import { FormbricksClient } from "@/app/(app)/components/FormbricksClient";
-import { IntercomClientWrapper } from "@/app/intercom/IntercomClientWrapper";
+import { IntercomClient } from "@/app/IntercomClient";
 import { authOptions } from "@/modules/auth/lib/authOptions";
 import { NoMobileOverlay } from "@/modules/ui/components/no-mobile-overlay";
 import { PHProvider, PostHogPageview } from "@/modules/ui/components/post-hog-client";
 import { ToasterClient } from "@/modules/ui/components/toaster-client";
 import { getServerSession } from "next-auth";
 import { Suspense } from "react";
+import { INTERCOM_SECRET_KEY, IS_INTERCOM_CONFIGURED } from "@formbricks/lib/constants";
 import { getUser } from "@formbricks/lib/user/service";
 
 const AppLayout = async ({ children }) => {
@@ -21,7 +22,11 @@ const AppLayout = async ({ children }) => {
       <PHProvider>
         <>
           {user ? <FormbricksClient userId={user.id} email={user.email} /> : null}
-          <IntercomClientWrapper user={user} />
+          <IntercomClient
+            isIntercomConfigured={IS_INTERCOM_CONFIGURED}
+            intercomSecretKey={INTERCOM_SECRET_KEY}
+            user={user}
+          />
           <ToasterClient />
           {children}
         </>

apps/web/app/(auth)/layout.test.tsx

@@ -1,34 +0,0 @@
-import "@testing-library/jest-dom/vitest";
-import { render, screen } from "@testing-library/react";
-import { describe, expect, it, vi } from "vitest";
-import AppLayout from "../(auth)/layout";
-
-vi.mock("@formbricks/lib/constants", () => ({
-  IS_FORMBRICKS_CLOUD: false,
-  IS_INTERCOM_CONFIGURED: true,
-  INTERCOM_SECRET_KEY: "mock-intercom-secret-key",
-  INTERCOM_APP_ID: "mock-intercom-app-id",
-}));
-
-vi.mock("@/app/intercom/IntercomClientWrapper", () => ({
-  IntercomClientWrapper: () => <div data-testid="mock-intercom-wrapper" />,
-}));
-vi.mock("@/modules/ui/components/no-mobile-overlay", () => ({
-  NoMobileOverlay: () => <div data-testid="mock-no-mobile-overlay" />,
-}));
-
-describe("(auth) AppLayout", () => {
-  it("renders the NoMobileOverlay and IntercomClient, plus children", async () => {
-    const appLayoutElement = await AppLayout({
-      children: <div data-testid="child-content">Hello from children!</div>,
-    });
-
-    const childContentText = "Hello from children!";
-
-    render(appLayoutElement);
-
-    expect(screen.getByTestId("mock-no-mobile-overlay")).toBeInTheDocument();
-    expect(screen.getByTestId("mock-intercom-wrapper")).toBeInTheDocument();
-    expect(screen.getByTestId("child-content")).toHaveTextContent(childContentText);
-  });
-});

apps/web/app/(auth)/layout.tsx

@@ -1,11 +1,12 @@
-import { IntercomClientWrapper } from "@/app/intercom/IntercomClientWrapper";
+import { IntercomClient } from "@/app/IntercomClient";
 import { NoMobileOverlay } from "@/modules/ui/components/no-mobile-overlay";
+import { INTERCOM_SECRET_KEY, IS_INTERCOM_CONFIGURED } from "@formbricks/lib/constants";
 
 const AppLayout = async ({ children }) => {
   return (
     <>
       <NoMobileOverlay />
-      <IntercomClientWrapper />
+      <IntercomClient isIntercomConfigured={IS_INTERCOM_CONFIGURED} intercomSecretKey={INTERCOM_SECRET_KEY} />
       {children}
     </>
   );

apps/web/app/IntercomClient.tsx

@@ -1,31 +1,30 @@
 "use client";
 
 import Intercom from "@intercom/messenger-js-sdk";
+import { createHmac } from "crypto";
 import { useCallback, useEffect } from "react";
+import { env } from "@formbricks/lib/env";
 import { TUser } from "@formbricks/types/user";
 
+const intercomAppId = env.NEXT_PUBLIC_INTERCOM_APP_ID;
+
 interface IntercomClientProps {
   isIntercomConfigured: boolean;
-  intercomUserHash?: string;
+  intercomSecretKey?: string;
   user?: TUser | null;
-  intercomAppId?: string;
 }
 
-export const IntercomClient = ({
-  user,
-  intercomUserHash,
-  isIntercomConfigured,
-  intercomAppId,
-}: IntercomClientProps) => {
+export const IntercomClient = ({ user, intercomSecretKey, isIntercomConfigured }: IntercomClientProps) => {
   const initializeIntercom = useCallback(() => {
     let initParams = {};
 
-    if (user && intercomUserHash) {
+    if (user) {
       const { id, name, email, createdAt } = user;
+      const hash = createHmac("sha256", intercomSecretKey!).update(user?.id).digest("hex");
 
       initParams = {
         user_id: id,
-        user_hash: intercomUserHash,
+        user_hash: hash,
         name,
         email,
         created_at: createdAt ? Math.floor(createdAt.getTime() / 1000) : undefined,
@@ -36,21 +35,11 @@ export const IntercomClient = ({
       app_id: intercomAppId!,
       ...initParams,
     });
-  }, [user, intercomUserHash, intercomAppId]);
+  }, [user, intercomSecretKey]);
 
   useEffect(() => {
     try {
-      if (isIntercomConfigured) {
-        if (!intercomAppId) {
-          throw new Error("Intercom app ID is required");
-        }
-
-        if (user && !intercomUserHash) {
-          throw new Error("Intercom user hash is required");
-        }
-
-        initializeIntercom();
-      }
+      if (isIntercomConfigured) initializeIntercom();
 
       return () => {
         // Shutdown Intercom when component unmounts
@@ -61,7 +50,7 @@ export const IntercomClient = ({
     } catch (error) {
       console.error("Failed to initialize Intercom:", error);
     }
-  }, [isIntercomConfigured, initializeIntercom, intercomAppId, intercomUserHash, user]);
+  }, [isIntercomConfigured, initializeIntercom]);
 
   return null;
 };

apps/web/app/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/route.ts

@@ -1,3 +0,0 @@
-import { GET } from "@/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/route";
-
-export { GET };

apps/web/app/c/[jwt]/page.tsx

@@ -1,4 +0,0 @@
-import { ContactSurveyPage, generateMetadata } from "@/modules/survey/link/contact-survey/page";
-
-export { generateMetadata };
-export default ContactSurveyPage;

apps/web/app/intercom/IntercomClient.test.tsx

@@ -1,186 +0,0 @@
-import Intercom from "@intercom/messenger-js-sdk";
-import "@testing-library/jest-dom/vitest";
-import { cleanup, render } from "@testing-library/react";
-import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
-import { TUser } from "@formbricks/types/user";
-import { IntercomClient } from "./IntercomClient";
-
-// Mock the Intercom package
-vi.mock("@intercom/messenger-js-sdk", () => ({
-  default: vi.fn(),
-}));
-
-describe("IntercomClient", () => {
-  let originalWindowIntercom: any;
-  let mockWindowIntercom = vi.fn();
-
-  beforeEach(() => {
-    // Save original window.Intercom so we can restore it later
-    originalWindowIntercom = global.window?.Intercom;
-    // Mock window.Intercom so we can verify the shutdown call on unmount
-    global.window.Intercom = mockWindowIntercom;
-  });
-
-  afterEach(() => {
-    cleanup();
-    // Restore the original window.Intercom
-    global.window.Intercom = originalWindowIntercom;
-  });
-
-  it("calls Intercom with user data when isIntercomConfigured is true and user is provided", () => {
-    const testUser = {
-      id: "test-id",
-      name: "Test User",
-      email: "test@example.com",
-      createdAt: new Date("2020-01-01T00:00:00Z"),
-    } as TUser;
-
-    render(
-      <IntercomClient
-        isIntercomConfigured={true}
-        intercomUserHash="my-user-hash"
-        intercomAppId="my-app-id"
-        user={testUser}
-      />
-    );
-
-    // Verify Intercom was called with the expected params
-    expect(Intercom).toHaveBeenCalledTimes(1);
-    expect(Intercom).toHaveBeenCalledWith({
-      app_id: "my-app-id",
-      user_id: "test-id",
-      user_hash: "my-user-hash",
-      name: "Test User",
-      email: "test@example.com",
-      created_at: 1577836800, // Epoch for 2020-01-01T00:00:00Z
-    });
-  });
-
-  it("calls Intercom with user data without createdAt", () => {
-    const testUser = {
-      id: "test-id",
-      name: "Test User",
-      email: "test@example.com",
-    } as TUser;
-
-    render(
-      <IntercomClient
-        isIntercomConfigured={true}
-        intercomUserHash="my-user-hash"
-        intercomAppId="my-app-id"
-        user={testUser}
-      />
-    );
-
-    // Verify Intercom was called with the expected params
-    expect(Intercom).toHaveBeenCalledTimes(1);
-    expect(Intercom).toHaveBeenCalledWith({
-      app_id: "my-app-id",
-      user_id: "test-id",
-      user_hash: "my-user-hash",
-      name: "Test User",
-      email: "test@example.com",
-      created_at: undefined,
-    });
-  });
-
-  it("calls Intercom with minimal params if user is not provided", () => {
-    render(
-      <IntercomClient isIntercomConfigured={true} intercomAppId="my-app-id" intercomUserHash="my-user-hash" />
-    );
-
-    expect(Intercom).toHaveBeenCalledTimes(1);
-    expect(Intercom).toHaveBeenCalledWith({
-      app_id: "my-app-id",
-    });
-  });
-
-  it("does not call Intercom if isIntercomConfigured is false", () => {
-    render(
-      <IntercomClient
-        isIntercomConfigured={false}
-        intercomAppId="my-app-id"
-        user={{ id: "whatever" } as TUser}
-      />
-    );
-
-    expect(Intercom).not.toHaveBeenCalled();
-  });
-
-  it("shuts down Intercom on unmount", () => {
-    const { unmount } = render(
-      <IntercomClient isIntercomConfigured={true} intercomAppId="my-app-id" intercomUserHash="my-user-hash" />
-    );
-
-    // Reset call count; we only care about the shutdown after unmount
-    mockWindowIntercom.mockClear();
-
-    unmount();
-
-    // Intercom should be shut down on unmount
-    expect(mockWindowIntercom).toHaveBeenCalledWith("shutdown");
-  });
-
-  it("logs an error if Intercom initialization fails", () => {
-    // Spy on console.error
-    const consoleErrorSpy = vi.spyOn(console, "error").mockImplementation(() => {});
-
-    // Force Intercom to throw an error on invocation
-    vi.mocked(Intercom).mockImplementationOnce(() => {
-      throw new Error("Intercom test error");
-    });
-
-    // Render the component with isIntercomConfigured=true so it tries to initialize
-    render(
-      <IntercomClient isIntercomConfigured={true} intercomAppId="my-app-id" intercomUserHash="my-user-hash" />
-    );
-
-    // Verify that console.error was called with the correct message
-    expect(consoleErrorSpy).toHaveBeenCalledWith("Failed to initialize Intercom:", expect.any(Error));
-
-    // Clean up the spy
-    consoleErrorSpy.mockRestore();
-  });
-
-  it("logs an error if isIntercomConfigured is true but no intercomAppId is provided", () => {
-    const consoleErrorSpy = vi.spyOn(console, "error").mockImplementation(() => {});
-
-    render(
-      <IntercomClient
-        isIntercomConfigured={true}
-        // missing intercomAppId
-        intercomUserHash="my-user-hash"
-      />
-    );
-
-    // We expect a caught error: "Intercom app ID is required"
-    expect(consoleErrorSpy).toHaveBeenCalledWith("Failed to initialize Intercom:", expect.any(Error));
-    const [, caughtError] = consoleErrorSpy.mock.calls[0];
-    expect((caughtError as Error).message).toBe("Intercom app ID is required");
-    consoleErrorSpy.mockRestore();
-  });
-
-  it("logs an error if isIntercomConfigured is true but no intercomUserHash is provided", () => {
-    const consoleErrorSpy = vi.spyOn(console, "error").mockImplementation(() => {});
-    const testUser = {
-      id: "test-id",
-      name: "Test User",
-      email: "test@example.com",
-    } as TUser;
-
-    render(
-      <IntercomClient
-        isIntercomConfigured={true}
-        intercomAppId="some-app-id"
-        user={testUser}
-        // missing intercomUserHash
-      />
-    );
-
-    // We expect a caught error: "Intercom user hash is required"
-    expect(consoleErrorSpy).toHaveBeenCalledWith("Failed to initialize Intercom:", expect.any(Error));
-    const [, caughtError] = consoleErrorSpy.mock.calls[0];
-    expect((caughtError as Error).message).toBe("Intercom user hash is required");
-    consoleErrorSpy.mockRestore();
-  });
-});

apps/web/app/intercom/IntercomClientWrapper.test.tsx

@@ -1,64 +0,0 @@
-import { cleanup, render, screen } from "@testing-library/react";
-import { afterEach, describe, expect, it, vi } from "vitest";
-import { TUser } from "@formbricks/types/user";
-import { IntercomClientWrapper } from "./IntercomClientWrapper";
-
-vi.mock("@formbricks/lib/constants", () => ({
-  IS_INTERCOM_CONFIGURED: true,
-  INTERCOM_APP_ID: "mock-intercom-app-id",
-  INTERCOM_SECRET_KEY: "mock-intercom-secret-key",
-}));
-
-// Mock the crypto createHmac function to return a fake hash.
-// Vite global setup doesn't work here due to Intercom probably using crypto themselves.
-vi.mock("crypto", () => ({
-  default: {
-    createHmac: vi.fn(() => ({
-      update: vi.fn().mockReturnThis(),
-      digest: vi.fn().mockReturnValue("fake-hash"),
-    })),
-  },
-}));
-
-vi.mock("./IntercomClient", () => ({
-  IntercomClient: (props: any) => (
-    <div data-testid="mock-intercom-client" data-props={JSON.stringify(props)} />
-  ),
-}));
-
-describe("IntercomClientWrapper", () => {
-  afterEach(() => {
-    cleanup();
-  });
-
-  it("renders IntercomClient with computed user hash when user is provided", () => {
-    const testUser = { id: "user-123", name: "Test User", email: "test@example.com" } as TUser;
-
-    render(<IntercomClientWrapper user={testUser} />);
-
-    const intercomClientEl = screen.getByTestId("mock-intercom-client");
-    expect(intercomClientEl).toBeInTheDocument();
-
-    const props = JSON.parse(intercomClientEl.getAttribute("data-props") ?? "{}");
-
-    // Check that the computed hash equals "fake-hash" (as per our crypto mock)
-    expect(props.intercomUserHash).toBe("fake-hash");
-    expect(props.intercomAppId).toBe("mock-intercom-app-id");
-    expect(props.isIntercomConfigured).toBe(true);
-    expect(props.user).toEqual(testUser);
-  });
-
-  it("renders IntercomClient without computing a hash when no user is provided", () => {
-    render(<IntercomClientWrapper user={null} />);
-
-    const intercomClientEl = screen.getByTestId("mock-intercom-client");
-    expect(intercomClientEl).toBeInTheDocument();
-
-    const props = JSON.parse(intercomClientEl.getAttribute("data-props") ?? "{}");
-
-    expect(props.intercomUserHash).toBeUndefined();
-    expect(props.intercomAppId).toBe("mock-intercom-app-id");
-    expect(props.isIntercomConfigured).toBe(true);
-    expect(props.user).toBeNull();
-  });
-});

apps/web/app/intercom/IntercomClientWrapper.tsx

@@ -1,26 +0,0 @@
-import { createHmac } from "crypto";
-import { INTERCOM_APP_ID, INTERCOM_SECRET_KEY, IS_INTERCOM_CONFIGURED } from "@formbricks/lib/constants";
-import type { TUser } from "@formbricks/types/user";
-import { IntercomClient } from "./IntercomClient";
-
-interface IntercomClientWrapperProps {
-  user?: TUser | null;
-}
-
-export const IntercomClientWrapper = ({ user }: IntercomClientWrapperProps) => {
-  let intercomUserHash: string | undefined;
-  if (user) {
-    const secretKey = INTERCOM_SECRET_KEY;
-    if (secretKey) {
-      intercomUserHash = createHmac("sha256", secretKey).update(user.id).digest("hex");
-    }
-  }
-  return (
-    <IntercomClient
-      isIntercomConfigured={IS_INTERCOM_CONFIGURED}
-      user={user}
-      intercomAppId={INTERCOM_APP_ID}
-      intercomUserHash={intercomUserHash}
-    />
-  );
-};

apps/web/cache-handler.mjs

@@ -11,7 +11,7 @@ const createTimeoutPromise = (ms, rejectReason) => {
 CacheHandler.onCreation(async () => {
   let client;
 
-  if (process.env.REDIS_URL) {
+  if (process.env.REDIS_URL && process.env.ENTERPRISE_LICENSE_KEY) {
     try {
       // Create a Redis client.
       client = createClient({
@@ -45,22 +45,20 @@ CacheHandler.onCreation(async () => {
           });
       }
     }
+  } else if (process.env.REDIS_URL) {
+    console.log("Redis clustering requires an Enterprise License. Falling back to LRU cache.");
   }
 
   /** @type {import("@neshca/cache-handler").Handler | null} */
   let handler;
 
   if (client?.isReady) {
-    const redisHandlerOptions = {
+    // Create the `redis-stack` Handler if the client is available and connected.
+    handler = await createRedisHandler({
       client,
       keyPrefix: "fb:",
       timeoutMs: 1000,
-    };
-
-    redisHandlerOptions.ttl =  Number(process.env.REDIS_DEFAULT_TTL) || 86400; // 1 day
-
-    // Create the `redis-stack` Handler if the client is available and connected.
-    handler = await createRedisHandler(redisHandlerOptions);
+    });
   } else {
     // Fallback to LRU handler if Redis client is not available.
     // The application will still work, but the cache will be in memory only and not shared.

apps/web/instrumentation-node.ts

@@ -1,58 +0,0 @@
-// instrumentation-node.ts
-import { PrometheusExporter } from "@opentelemetry/exporter-prometheus";
-import { HostMetrics } from "@opentelemetry/host-metrics";
-import { registerInstrumentations } from "@opentelemetry/instrumentation";
-import { HttpInstrumentation } from "@opentelemetry/instrumentation-http";
-import { RuntimeNodeInstrumentation } from "@opentelemetry/instrumentation-runtime-node";
-import {
-  Resource,
-  detectResourcesSync,
-  envDetector,
-  hostDetector,
-  processDetector,
-} from "@opentelemetry/resources";
-import { MeterProvider } from "@opentelemetry/sdk-metrics";
-import { env } from "@formbricks/lib/env";
-
-const exporter = new PrometheusExporter({
-  port: env.PROMETHEUS_EXPORTER_PORT ? parseInt(env.PROMETHEUS_EXPORTER_PORT) : 9464,
-  endpoint: "/metrics",
-  host: "0.0.0.0", // Listen on all network interfaces
-});
-
-const detectedResources = detectResourcesSync({
-  detectors: [envDetector, processDetector, hostDetector],
-});
-
-const customResources = new Resource({});
-
-const resources = detectedResources.merge(customResources);
-
-const meterProvider = new MeterProvider({
-  readers: [exporter],
-  resource: resources,
-});
-
-const hostMetrics = new HostMetrics({
-  name: `otel-metrics`,
-  meterProvider,
-});
-
-registerInstrumentations({
-  meterProvider,
-  instrumentations: [new HttpInstrumentation(), new RuntimeNodeInstrumentation()],
-});
-
-hostMetrics.start();
-
-process.on("SIGTERM", async () => {
-  try {
-    // Stop collecting metrics or flush them if needed
-    await meterProvider.shutdown();
-    // Possibly close other instrumentation resources
-  } catch (e) {
-    console.error("Error during graceful shutdown:", e);
-  } finally {
-    process.exit(0);
-  }
-});

apps/web/instrumentation.ts

@@ -1,8 +1,25 @@
+import { registerOTel } from "@vercel/otel";
+import { LangfuseExporter } from "langfuse-vercel";
 import { env } from "@formbricks/lib/env";
 
-// instrumentation.ts
-export const register = async () => {
-  if (process.env.NEXT_RUNTIME === "nodejs" && env.PROMETHEUS_ENABLED) {
-    await import("./instrumentation-node");
+export async function register() {
+  if (env.LANGFUSE_SECRET_KEY && env.LANGFUSE_PUBLIC_KEY && env.LANGFUSE_BASEURL) {
+    registerOTel({
+      serviceName: "formbricks-cloud-dev",
+      traceExporter: new LangfuseExporter({
+        debug: false,
+        secretKey: env.LANGFUSE_SECRET_KEY,
+        publicKey: env.LANGFUSE_PUBLIC_KEY,
+        baseUrl: env.LANGFUSE_BASEURL,
+      }),
+    });
   }
-};
+
+  if (process.env.NEXT_RUNTIME === "nodejs") {
+    await import("./sentry.server.config");
+  }
+
+  if (process.env.NEXT_RUNTIME === "edge") {
+    await import("./sentry.edge.config");
+  }
+}

apps/web/modules/analysis/components/ShareSurveyLink/components/SurveyLinkDisplay.tsx

@@ -6,17 +6,10 @@ interface SurveyLinkDisplayProps {
 
 export const SurveyLinkDisplay = ({ surveyUrl }: SurveyLinkDisplayProps) => {
   return (
-    <>
-      {surveyUrl ? (
-        <Input
-          autoFocus={true}
-          className="mt-2 w-full min-w-96 text-ellipsis rounded-lg border bg-white px-4 py-2 text-slate-800 caret-transparent"
-          value={surveyUrl}
-        />
-      ) : (
-        //loading state
-        <div className="mt-2 h-10 w-full min-w-96 animate-pulse rounded-lg bg-slate-100 px-4 py-2 text-slate-800 caret-transparent"></div>
-      )}
-    </>
+    <Input
+      autoFocus={true}
+      className="mt-2 w-full min-w-96 text-ellipsis rounded-lg border bg-white px-4 py-2 text-slate-800 caret-transparent"
+      defaultValue={surveyUrl}
+    />
   );
 };

apps/web/modules/analysis/components/ShareSurveyLink/index.tsx

@@ -1,11 +1,10 @@
 "use client";
 
-import { useSurveyQRCode } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/lib/survey-qr-code";
 import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { generateSingleUseIdAction } from "@/modules/survey/list/actions";
 import { Button } from "@/modules/ui/components/button";
 import { useTranslate } from "@tolgee/react";
-import { Copy, QrCode, RefreshCcw, SquareArrowOutUpRight } from "lucide-react";
+import { Copy, RefreshCcw, SquareArrowOutUpRight } from "lucide-react";
 import { useCallback, useEffect, useState } from "react";
 import { toast } from "react-hot-toast";
 import { TSurvey } from "@formbricks/types/surveys/types";
@@ -69,8 +68,6 @@ export const ShareSurveyLink = ({
     getUrl();
   }, [survey, getUrl, language]);
 
-  const { downloadQRCode } = useSurveyQRCode(surveyUrl);
-
   return (
     <div
       className={`flex max-w-full flex-col items-center justify-center space-x-2 ${survey.singleUse?.enabled ? "flex-col" : "lg:flex-row"}`}>
@@ -80,7 +77,6 @@ export const ShareSurveyLink = ({
         <Button
           title={t("environments.surveys.preview_survey_in_a_new_tab")}
           aria-label={t("environments.surveys.preview_survey_in_a_new_tab")}
-          disabled={!surveyUrl}
           onClick={() => {
             let previewUrl = surveyUrl;
             if (previewUrl.includes("?")) {
@@ -94,7 +90,6 @@ export const ShareSurveyLink = ({
           <SquareArrowOutUpRight />
         </Button>
         <Button
-          disabled={!surveyUrl}
           variant="secondary"
           title={t("environments.surveys.copy_survey_link_to_clipboard")}
           aria-label={t("environments.surveys.copy_survey_link_to_clipboard")}
@@ -105,18 +100,8 @@ export const ShareSurveyLink = ({
           {t("common.copy")}
           <Copy />
         </Button>
-        <Button
-          variant="secondary"
-          title={t("environments.surveys.summary.download_qr_code")}
-          aria-label={t("environments.surveys.summary.download_qr_code")}
-          size={"icon"}
-          disabled={!surveyUrl}
-          onClick={downloadQRCode}>
-          <QrCode style={{ width: "24px", height: "24px" }} />
-        </Button>
         {survey.singleUse?.enabled && (
           <Button
-            disabled={!surveyUrl}
             title="Regenerate single use survey link"
             aria-label="Regenerate single use survey link"
             onClick={generateNewSingleUseLink}>

apps/web/modules/analysis/components/SingleResponseCard/components/ResponseNote.tsx

@@ -105,7 +105,7 @@ export const ResponseNotes = ({
         !isOpen && unresolvedNotes.length && "group/hint cursor-pointer bg-white hover:-right-3",
         !isOpen && !unresolvedNotes.length && "cursor-pointer bg-slate-50",
         isOpen
-          ? "-right-2 top-0 h-5/6 max-h-[600px] w-1/4 bg-white"
+          ? "-right-5 top-0 h-5/6 max-h-[600px] w-1/4 bg-white"
           : unresolvedNotes.length
             ? "right-0 top-[8.33%] h-5/6 max-h-[600px] w-1/12"
             : "right-[120px] top-[8.333%] h-5/6 max-h-[600px] w-1/12 group-hover:right-[0]"

apps/web/modules/api/v2/management/lib/tests/utils.test.ts

@@ -4,7 +4,7 @@ import { hashApiKey } from "../utils";
 describe("hashApiKey", () => {
   test("generate the correct sha256 hash for a given input", () => {
     const input = "test";
-    const expectedHash = "fake-hash"; // mocked on the vitestSetup.ts file;
+    const expectedHash = "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08";
     const result = hashApiKey(input);
     expect(result).toEqual(expectedHash);
   });
@@ -12,6 +12,19 @@ describe("hashApiKey", () => {
   test("return a string with length 64", () => {
     const input = "another-api-key";
     const result = hashApiKey(input);
-    expect(result).toHaveLength(9); // mocked on the vitestSetup.ts file;;
+    expect(result).toHaveLength(64);
+  });
+
+  test("produce the same hash for identical inputs", () => {
+    const input = "consistentKey";
+    const firstHash = hashApiKey(input);
+    const secondHash = hashApiKey(input);
+    expect(firstHash).toEqual(secondHash);
+  });
+
+  test("generate different hashes for different inputs", () => {
+    const hash1 = hashApiKey("key1");
+    const hash2 = hashApiKey("key2");
+    expect(hash1).not.toEqual(hash2);
   });
 });

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/contacts.test.ts

@@ -1,61 +0,0 @@
-import { beforeEach, describe, expect, test, vi } from "vitest";
-import { prisma } from "@formbricks/database";
-import { getContact } from "./contacts";
-
-vi.mock("@formbricks/database", () => ({
-  prisma: {
-    contact: {
-      findUnique: vi.fn(),
-    },
-  },
-}));
-
-describe("getContact", () => {
-  const mockContactId = "cm8fj8ry6000008l5daam88nc";
-  const mockEnvironmentId = "cm8fj8xt3000108l5art7594h";
-  const mockContact = {
-    id: mockContactId,
-  };
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-  });
-
-  test("returns contact when found", async () => {
-    vi.mocked(prisma.contact.findUnique).mockResolvedValue(mockContact);
-
-    const result = await getContact(mockContactId, mockEnvironmentId);
-
-    expect(prisma.contact.findUnique).toHaveBeenCalledWith({
-      where: {
-        id: mockContactId,
-        environmentId: mockEnvironmentId,
-      },
-      select: {
-        id: true,
-      },
-    });
-    if (result.ok) {
-      expect(result.data).toEqual(mockContact);
-    }
-  });
-
-  test("returns null when contact not found", async () => {
-    vi.mocked(prisma.contact.findUnique).mockResolvedValue(null);
-
-    const result = await getContact(mockContactId, mockEnvironmentId);
-
-    expect(prisma.contact.findUnique).toHaveBeenCalled();
-    if (!result.ok) {
-      expect(result.error).toEqual({
-        details: [
-          {
-            field: "contact",
-            issue: "not found",
-          },
-        ],
-        type: "not_found",
-      });
-    }
-  });
-});

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/contacts.ts

@@ -1,37 +0,0 @@
-import { contactCache } from "@/lib/cache/contact";
-import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
-import { Contact } from "@prisma/client";
-import { cache as reactCache } from "react";
-import { prisma } from "@formbricks/database";
-import { cache } from "@formbricks/lib/cache";
-import { Result, err, ok } from "@formbricks/types/error-handlers";
-
-export const getContact = reactCache(async (contactId: string, environmentId: string) =>
-  cache(
-    async (): Promise<Result<Pick<Contact, "id">, ApiErrorResponseV2>> => {
-      try {
-        const contact = await prisma.contact.findUnique({
-          where: {
-            id: contactId,
-            environmentId,
-          },
-          select: {
-            id: true,
-          },
-        });
-
-        if (!contact) {
-          return err({ type: "not_found", details: [{ field: "contact", issue: "not found" }] });
-        }
-
-        return ok(contact);
-      } catch (error) {
-        return err({ type: "internal_server_error", details: [{ field: "contact", issue: error.message }] });
-      }
-    },
-    [`contact-link-getContact-${contactId}-${environmentId}`],
-    {
-      tags: [contactCache.tag.byId(contactId), contactCache.tag.byEnvironmentId(environmentId)],
-    }
-  )()
-);

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/response.test.ts

@@ -1,61 +0,0 @@
-import { beforeEach, describe, expect, test, vi } from "vitest";
-import { prisma } from "@formbricks/database";
-import { getResponse } from "./response";
-
-vi.mock("@formbricks/database", () => ({
-  prisma: {
-    response: {
-      findFirst: vi.fn(),
-    },
-  },
-}));
-
-describe("getResponse", () => {
-  const mockContactId = "cm8fj8xt3000108l5art7594h";
-  const mockSurveyId = "cm8fj9962000208l56jcu94i5";
-  const mockResponse = {
-    id: "cm8fj9gqp000308l5ab7y800j",
-  };
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-  });
-
-  test("returns response when found", async () => {
-    vi.mocked(prisma.response.findFirst).mockResolvedValue(mockResponse);
-
-    const result = await getResponse(mockContactId, mockSurveyId);
-
-    expect(prisma.response.findFirst).toHaveBeenCalledWith({
-      where: {
-        contactId: mockContactId,
-        surveyId: mockSurveyId,
-      },
-      select: {
-        id: true,
-      },
-    });
-    if (result.ok) {
-      expect(result.data).toEqual(mockResponse);
-    }
-  });
-
-  test("returns null when response not found", async () => {
-    vi.mocked(prisma.response.findFirst).mockResolvedValue(null);
-
-    const result = await getResponse(mockContactId, mockSurveyId);
-
-    expect(prisma.response.findFirst).toHaveBeenCalled();
-    if (!result.ok) {
-      expect(result.error).toEqual({
-        details: [
-          {
-            field: "response",
-            issue: "not found",
-          },
-        ],
-        type: "not_found",
-      });
-    }
-  });
-});

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/response.ts

@@ -1,37 +0,0 @@
-import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
-import { Response } from "@prisma/client";
-import { cache as reactCache } from "react";
-import { prisma } from "@formbricks/database";
-import { cache } from "@formbricks/lib/cache";
-import { responseCache } from "@formbricks/lib/response/cache";
-import { Result, err, ok } from "@formbricks/types/error-handlers";
-
-export const getResponse = reactCache(async (contactId: string, surveyId: string) =>
-  cache(
-    async (): Promise<Result<Pick<Response, "id">, ApiErrorResponseV2>> => {
-      try {
-        const response = await prisma.response.findFirst({
-          where: {
-            contactId,
-            surveyId,
-          },
-          select: {
-            id: true,
-          },
-        });
-
-        if (!response) {
-          return err({ type: "not_found", details: [{ field: "response", issue: "not found" }] });
-        }
-
-        return ok(response);
-      } catch (error) {
-        return err({ type: "internal_server_error", details: [{ field: "response", issue: error.message }] });
-      }
-    },
-    [`contact-link-getResponse-${contactId}-${surveyId}`],
-    {
-      tags: [responseCache.tag.byId(contactId), responseCache.tag.bySurveyId(surveyId)],
-    }
-  )()
-);

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/surveys.test.ts

@@ -1,61 +0,0 @@
-import { beforeEach, describe, expect, test, vi } from "vitest";
-import { prisma } from "@formbricks/database";
-import { getSurvey } from "./surveys";
-
-vi.mock("@formbricks/database", () => ({
-  prisma: {
-    survey: {
-      findUnique: vi.fn(),
-    },
-  },
-}));
-
-describe("getSurvey", () => {
-  const mockSurveyId = "cm8fj9psb000408l50e1x4c6f";
-  const mockSurvey = {
-    id: mockSurveyId,
-    type: "web",
-  };
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-  });
-
-  test("returns survey when found", async () => {
-    vi.mocked(prisma.survey.findUnique).mockResolvedValue(mockSurvey);
-
-    const result = await getSurvey(mockSurveyId);
-
-    expect(prisma.survey.findUnique).toHaveBeenCalledWith({
-      where: {
-        id: mockSurveyId,
-      },
-      select: {
-        id: true,
-        type: true,
-      },
-    });
-    if (result.ok) {
-      expect(result.data).toEqual(mockSurvey);
-    }
-  });
-
-  test("returns null when survey not found", async () => {
-    vi.mocked(prisma.survey.findUnique).mockResolvedValue(null);
-
-    const result = await getSurvey(mockSurveyId);
-
-    expect(prisma.survey.findUnique).toHaveBeenCalled();
-    if (!result.ok) {
-      expect(result.error).toEqual({
-        details: [
-          {
-            field: "survey",
-            issue: "not found",
-          },
-        ],
-        type: "not_found",
-      });
-    }
-  });
-});

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/surveys.ts

@@ -1,35 +0,0 @@
-import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
-import { Survey } from "@prisma/client";
-import { cache as reactCache } from "react";
-import { prisma } from "@formbricks/database";
-import { cache } from "@formbricks/lib/cache";
-import { surveyCache } from "@formbricks/lib/survey/cache";
-import { Result, err, ok } from "@formbricks/types/error-handlers";
-
-export const getSurvey = reactCache(async (surveyId: string) =>
-  cache(
-    async (): Promise<Result<Pick<Survey, "id" | "type">, ApiErrorResponseV2>> => {
-      try {
-        const survey = await prisma.survey.findUnique({
-          where: { id: surveyId },
-          select: {
-            id: true,
-            type: true,
-          },
-        });
-
-        if (!survey) {
-          return err({ type: "not_found", details: [{ field: "survey", issue: "not found" }] });
-        }
-
-        return ok(survey);
-      } catch (error) {
-        return err({ type: "internal_server_error", details: [{ field: "survey", issue: error.message }] });
-      }
-    },
-    [`contact-link-getSurvey-${surveyId}`],
-    {
-      tags: [surveyCache.tag.byId(surveyId)],
-    }
-  )()
-);

apps/web/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/route.ts

@@ -1,111 +0,0 @@
-import { responses } from "@/modules/api/v2/lib/response";
-import { handleApiError } from "@/modules/api/v2/lib/utils";
-import { authenticatedApiClient } from "@/modules/api/v2/management/auth/authenticated-api-client";
-import { checkAuthorization } from "@/modules/api/v2/management/auth/check-authorization";
-import { getEnvironmentId } from "@/modules/api/v2/management/lib/helper";
-import { getContact } from "@/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/contacts";
-import { getResponse } from "@/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/response";
-import { getSurvey } from "@/modules/api/v2/management/surveys/[surveyId]/contact-links/contacts/[contactId]/lib/surveys";
-import { getContactSurveyLink } from "@/modules/ee/contacts/lib/contact-survey-link";
-import { z } from "zod";
-import { ZId } from "@formbricks/types/common";
-
-const ZContactLinkParams = z.object({
-  surveyId: ZId,
-  contactId: ZId,
-});
-
-export const GET = async (
-  request: Request,
-  props: { params: Promise<{ surveyId: string; contactId: string }> }
-) =>
-  authenticatedApiClient({
-    request,
-    externalParams: props.params,
-    schemas: {
-      params: ZContactLinkParams,
-    },
-    handler: async ({ authentication, parsedInput }) => {
-      const { params } = parsedInput;
-
-      if (!params) {
-        return handleApiError(request, {
-          type: "bad_request",
-          details: [{ field: "params", issue: "missing" }],
-        });
-      }
-
-      const environmentIdResult = await getEnvironmentId(params.surveyId, false);
-
-      if (!environmentIdResult.ok) {
-        return handleApiError(request, environmentIdResult.error);
-      }
-
-      const environmentId = environmentIdResult.data;
-
-      const checkAuthorizationResult = await checkAuthorization({
-        authentication,
-        environmentId,
-      });
-
-      if (!checkAuthorizationResult.ok) {
-        return handleApiError(request, checkAuthorizationResult.error);
-      }
-
-      const surveyResult = await getSurvey(params.surveyId);
-
-      if (!surveyResult.ok) {
-        return handleApiError(request, surveyResult.error);
-      }
-
-      const survey = surveyResult.data;
-
-      if (!survey) {
-        return handleApiError(request, {
-          type: "not_found",
-          details: [{ field: "surveyId", issue: "Not found" }],
-        });
-      }
-
-      if (survey.type !== "link") {
-        return handleApiError(request, {
-          type: "bad_request",
-          details: [{ field: "surveyId", issue: "Not a link survey" }],
-        });
-      }
-
-      // Check if contact exists and belongs to the environment
-      const contactResult = await getContact(params.contactId, environmentId);
-
-      if (!contactResult.ok) {
-        return handleApiError(request, contactResult.error);
-      }
-
-      const contact = contactResult.data;
-
-      if (!contact) {
-        return handleApiError(request, {
-          type: "not_found",
-          details: [{ field: "contactId", issue: "Not found" }],
-        });
-      }
-
-      // Check if contact has already responded to this survey
-      const existingResponseResult = await getResponse(params.contactId, params.surveyId);
-
-      if (existingResponseResult.ok) {
-        return handleApiError(request, {
-          type: "bad_request",
-          details: [{ field: "contactId", issue: "Already responded" }],
-        });
-      }
-
-      const surveyUrlResult = getContactSurveyLink(params.contactId, params.surveyId, 7);
-
-      if (!surveyUrlResult.ok) {
-        return handleApiError(request, surveyUrlResult.error);
-      }
-
-      return responses.successResponse({ data: { surveyUrl: surveyUrlResult.data } });
-    },
-  });

apps/web/modules/auth/types/auth.ts

@@ -3,9 +3,3 @@ export type TOidcNameFields = {
   family_name?: string;
   preferred_username?: string;
 };
-
-export type TSamlNameFields = {
-  name?: string;
-  firstName?: string;
-  lastName?: string;
-};

apps/web/modules/ee/billing/page.tsx

@@ -1,14 +1,18 @@
 import { OrganizationSettingsNavbar } from "@/app/(app)/environments/[environmentId]/settings/(organization)/components/OrganizationSettingsNavbar";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { authOptions } from "@/modules/auth/lib/authOptions";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { notFound } from "next/navigation";
 import { IS_FORMBRICKS_CLOUD } from "@formbricks/lib/constants";
 import { PROJECT_FEATURE_KEYS, STRIPE_PRICE_LOOKUP_KEYS } from "@formbricks/lib/constants";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
 import {
   getMonthlyActiveOrganizationPeopleCount,
   getMonthlyOrganizationResponseCount,
+  getOrganizationByEnvironmentId,
 } from "@formbricks/lib/organization/service";
 import { getOrganizationProjectsCount } from "@formbricks/lib/project/service";
 import { PricingTable } from "./components/pricing-table";
@@ -16,19 +20,29 @@ import { PricingTable } from "./components/pricing-table";
 export const PricingPage = async (props) => {
   const params = await props.params;
   const t = await getTranslate();
-
-  const { organization, isMember, currentUserMembership } = await getEnvironmentAuth(params.environmentId);
+  const organization = await getOrganizationByEnvironmentId(params.environmentId);
 
   if (!IS_FORMBRICKS_CLOUD) {
     notFound();
   }
 
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
+
+  const session = await getServerSession(authOptions);
+  if (!session) {
+    throw new Error(t("common.not_authorized"));
+  }
+
   const [peopleCount, responseCount, projectCount] = await Promise.all([
     getMonthlyActiveOrganizationPeopleCount(organization.id),
     getMonthlyOrganizationResponseCount(organization.id),
     getOrganizationProjectsCount(organization.id),
   ]);
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(session?.user.id, organization.id);
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
   const hasBillingRights = !isMember;
 
   return (

apps/web/modules/ee/contacts/[contactId]/page.tsx

@@ -1,12 +1,20 @@
+import { authOptions } from "@/modules/auth/lib/authOptions";
 import { AttributesSection } from "@/modules/ee/contacts/[contactId]/components/attributes-section";
 import { DeleteContactButton } from "@/modules/ee/contacts/[contactId]/components/delete-contact-button";
 import { getContactAttributes } from "@/modules/ee/contacts/lib/contact-attributes";
 import { getContact } from "@/modules/ee/contacts/lib/contacts";
 import { getContactIdentifier } from "@/modules/ee/contacts/lib/utils";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
+import { getEnvironment } from "@formbricks/lib/environment/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { getTagsByEnvironmentId } from "@formbricks/lib/tag/service";
 import { ResponseSection } from "./components/response-section";
 
@@ -15,19 +23,45 @@ export const SingleContactPage = async (props: {
 }) => {
   const params = await props.params;
   const t = await getTranslate();
+  const [environment, environmentTags, project, session, organization, contact, contactAttributes] =
+    await Promise.all([
+      getEnvironment(params.environmentId),
+      getTagsByEnvironmentId(params.environmentId),
+      getProjectByEnvironmentId(params.environmentId),
+      getServerSession(authOptions),
+      getOrganizationByEnvironmentId(params.environmentId),
+      getContact(params.contactId),
+      getContactAttributes(params.contactId),
+    ]);
 
-  const { environment, isReadOnly } = await getEnvironmentAuth(params.environmentId);
+  if (!project) {
+    throw new Error(t("common.project_not_found"));
+  }
 
-  const [environmentTags, contact, contactAttributes] = await Promise.all([
-    getTagsByEnvironmentId(params.environmentId),
-    getContact(params.contactId),
-    getContactAttributes(params.contactId),
-  ]);
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+
+  if (!session) {
+    throw new Error(t("common.session_not_found"));
+  }
+
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
 
   if (!contact) {
     throw new Error(t("environments.contacts.contact_not_found"));
   }
 
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(session?.user.id, organization.id);
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const projectPermission = await getProjectPermissionByUserId(session.user.id, project.id);
+  const { hasReadAccess } = getTeamPermissionFlags(projectPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   const getDeletePersonButton = () => {
     return (
       <DeleteContactButton

apps/web/modules/ee/contacts/api/client/[environmentId]/user/route.ts

@@ -5,7 +5,6 @@ import { NextRequest, userAgent } from "next/server";
 import { TContactAttributes } from "@formbricks/types/contact-attribute";
 import { ResourceNotFoundError } from "@formbricks/types/errors";
 import { TJsPersonState, ZJsUserIdentifyInput, ZJsUserUpdateInput } from "@formbricks/types/js";
-import { ZUserEmail } from "@formbricks/types/user";
 import { updateUser } from "./lib/update-user";
 
 export const OPTIONS = async (): Promise<Response> => {
@@ -44,17 +43,6 @@ export const POST = async (
       );
     }
 
-    // validate email if present in attributes
-    if (parsedInput.data.attributes?.email) {
-      const emailValidation = ZUserEmail.safeParse(parsedInput.data.attributes.email);
-      if (!emailValidation.success) {
-        return responses.badRequestResponse(
-          "Invalid email",
-          transformErrorToDetails(emailValidation.error),
-          true
-        );
-      }
-    }
     const { userId, attributes } = parsedInput.data;
 
     const isContactsEnabled = await getIsContactsEnabled();

apps/web/modules/ee/contacts/components/contact-data-view.tsx

@@ -5,6 +5,7 @@ import { debounce } from "lodash";
 import dynamic from "next/dynamic";
 import { useRouter } from "next/navigation";
 import { useEffect, useMemo, useRef, useState } from "react";
+import React from "react";
 import toast from "react-hot-toast";
 import { TContactAttributeKey } from "@formbricks/types/contact-attribute-key";
 import { TEnvironment } from "@formbricks/types/environment";

apps/web/modules/ee/contacts/components/contacts-table.tsx

@@ -27,7 +27,7 @@ import { useAutoAnimate } from "@formkit/auto-animate/react";
 import { VisibilityState, flexRender, getCoreRowModel, useReactTable } from "@tanstack/react-table";
 import { useTranslate } from "@tolgee/react";
 import { useRouter } from "next/navigation";
-import { useEffect, useMemo, useState } from "react";
+import React, { useEffect, useMemo, useState } from "react";
 import { cn } from "@formbricks/lib/cn";
 import { TContactTableData } from "../types/contact";
 import { generateContactTableColumns } from "./contact-table-column";

apps/web/modules/ee/contacts/components/csv-table.tsx

@@ -1,4 +1,5 @@
 import { TContactCSVUploadResponse } from "@/modules/ee/contacts/types/contact";
+import React from "react";
 
 interface CsvTableProps {
   data: TContactCSVUploadResponse;

apps/web/modules/ee/contacts/components/upload-contacts-button.tsx

@@ -77,13 +77,6 @@ export const UploadContactsCSVButton = ({
           return;
         }
 
-        if (!parsedRecords.data.length) {
-          setErrror(
-            "The uploaded CSV file does not contain any valid contacts, please see the sample CSV file for the correct format."
-          );
-          return;
-        }
-
         setCSVResponse(parsedRecords.data);
       } catch (error) {
         console.error("Error parsing CSV:", error);
@@ -367,11 +360,13 @@ export const UploadContactsCSVButton = ({
               )}
             </div>
             {!csvResponse.length && (
-              <div className="flex justify-start">
-                <Button onClick={handleDownloadExampleCSV} variant="secondary">
-                  {t("environments.contacts.upload_contacts_modal_download_example_csv")}
-                </Button>
-              </div>
+              <p>
+                <a
+                  onClick={handleDownloadExampleCSV}
+                  className="cursor-pointer text-right text-sm text-slate-500">
+                  {t("environments.contacts.upload_contacts_modal_download_example_csv")}{" "}
+                </a>
+              </p>
             )}
           </div>
 

apps/web/modules/ee/contacts/lib/contact-survey-link.test.ts

@@ -1,188 +0,0 @@
-import jwt from "jsonwebtoken";
-import { beforeEach, describe, expect, it, vi } from "vitest";
-import { ENCRYPTION_KEY, WEBAPP_URL } from "@formbricks/lib/constants";
-import * as crypto from "@formbricks/lib/crypto";
-import * as contactSurveyLink from "./contact-survey-link";
-
-// Mock all modules needed (this gets hoisted to the top of the file)
-vi.mock("jsonwebtoken", () => ({
-  default: {
-    sign: vi.fn(),
-    verify: vi.fn(),
-  },
-}));
-
-// Mock constants - MUST be a literal object without using variables
-vi.mock("@formbricks/lib/constants", () => ({
-  ENCRYPTION_KEY: "test-encryption-key-32-chars-long!",
-  WEBAPP_URL: "https://test.formbricks.com",
-}));
-
-vi.mock("@formbricks/lib/crypto", () => ({
-  symmetricEncrypt: vi.fn(),
-  symmetricDecrypt: vi.fn(),
-}));
-
-describe("Contact Survey Link", () => {
-  const mockContactId = "contact-123";
-  const mockSurveyId = "survey-456";
-  const mockToken = "mock.jwt.token";
-  const mockEncryptedContactId = "encrypted-contact-id";
-  const mockEncryptedSurveyId = "encrypted-survey-id";
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-
-    // Setup default mocks
-    vi.mocked(crypto.symmetricEncrypt).mockImplementation((value) =>
-      value === mockContactId ? mockEncryptedContactId : mockEncryptedSurveyId
-    );
-
-    vi.mocked(crypto.symmetricDecrypt).mockImplementation((value) => {
-      if (value === mockEncryptedContactId) return mockContactId;
-      if (value === mockEncryptedSurveyId) return mockSurveyId;
-      return value;
-    });
-
-    vi.mocked(jwt.sign).mockReturnValue(mockToken as any);
-
-    vi.mocked(jwt.verify).mockReturnValue({
-      contactId: mockEncryptedContactId,
-      surveyId: mockEncryptedSurveyId,
-    } as any);
-  });
-
-  describe("getContactSurveyLink", () => {
-    it("creates a survey link with encrypted contact and survey IDs", () => {
-      const result = contactSurveyLink.getContactSurveyLink(mockContactId, mockSurveyId);
-
-      // Verify encryption was called for both IDs
-      expect(crypto.symmetricEncrypt).toHaveBeenCalledWith(mockContactId, ENCRYPTION_KEY);
-      expect(crypto.symmetricEncrypt).toHaveBeenCalledWith(mockSurveyId, ENCRYPTION_KEY);
-
-      // Verify JWT sign was called with correct payload
-      expect(jwt.sign).toHaveBeenCalledWith(
-        {
-          contactId: mockEncryptedContactId,
-          surveyId: mockEncryptedSurveyId,
-        },
-        ENCRYPTION_KEY,
-        { algorithm: "HS256" }
-      );
-
-      // Verify the returned URL
-      expect(result).toEqual({
-        ok: true,
-        data: `${WEBAPP_URL}/c/${mockToken}`,
-      });
-    });
-
-    it("adds expiration to the token when expirationDays is provided", () => {
-      const expirationDays = 7;
-      contactSurveyLink.getContactSurveyLink(mockContactId, mockSurveyId, expirationDays);
-
-      // Verify JWT sign was called with expiration
-      expect(jwt.sign).toHaveBeenCalledWith(
-        {
-          contactId: mockEncryptedContactId,
-          surveyId: mockEncryptedSurveyId,
-        },
-        ENCRYPTION_KEY,
-        { algorithm: "HS256", expiresIn: "7d" }
-      );
-    });
-
-    it("throws an error when ENCRYPTION_KEY is not available", async () => {
-      // Reset modules so the new mock is used by the module under test
-      vi.resetModules();
-      // Re‑mock constants to simulate missing ENCRYPTION_KEY
-      vi.doMock("@formbricks/lib/constants", () => ({
-        ENCRYPTION_KEY: undefined,
-        WEBAPP_URL: "https://test.formbricks.com",
-      }));
-      // Re‑import the modules so they pick up the new mock
-      const { getContactSurveyLink } = await import("./contact-survey-link");
-
-      const result = getContactSurveyLink(mockContactId, mockSurveyId);
-      expect(result).toEqual({
-        ok: false,
-        error: {
-          type: "internal_server_error",
-          message: "Encryption key not found - cannot create personalized survey link",
-        },
-      });
-    });
-  });
-
-  describe("verifyContactSurveyToken", () => {
-    it("verifies and decrypts a valid token", () => {
-      const result = contactSurveyLink.verifyContactSurveyToken(mockToken);
-
-      // Verify JWT verify was called
-      expect(jwt.verify).toHaveBeenCalledWith(mockToken, ENCRYPTION_KEY);
-
-      // Check the decrypted result
-      expect(result).toEqual({
-        ok: true,
-        data: {
-          contactId: mockContactId,
-          surveyId: mockSurveyId,
-        },
-      });
-    });
-
-    it("throws an error when token verification fails", () => {
-      vi.mocked(jwt.verify).mockImplementation(() => {
-        throw new Error("Token verification failed");
-      });
-
-      const result = contactSurveyLink.verifyContactSurveyToken(mockToken);
-      expect(result.ok).toBe(false);
-      if (!result.ok) {
-        expect(result.error).toEqual({
-          type: "bad_request",
-          message: "Invalid or expired survey token",
-          details: [{ field: "token", issue: "Invalid or expired survey token" }],
-        });
-      }
-    });
-
-    it("throws an error when token has invalid format", () => {
-      // Mock JWT.verify to return an incomplete payload
-      vi.mocked(jwt.verify).mockReturnValue({
-        // Missing surveyId
-        contactId: mockEncryptedContactId,
-      } as any);
-
-      // Suppress console.error for this test
-      vi.spyOn(console, "error").mockImplementation(() => {});
-
-      const result = contactSurveyLink.verifyContactSurveyToken(mockToken);
-      expect(result.ok).toBe(false);
-      if (!result.ok) {
-        expect(result.error).toEqual({
-          type: "bad_request",
-          message: "Invalid or expired survey token",
-          details: [{ field: "token", issue: "Invalid or expired survey token" }],
-        });
-      }
-    });
-
-    it("throws an error when ENCRYPTION_KEY is not available", async () => {
-      vi.resetModules();
-      vi.doMock("@formbricks/lib/constants", () => ({
-        ENCRYPTION_KEY: undefined,
-        WEBAPP_URL: "https://test.formbricks.com",
-      }));
-      const { verifyContactSurveyToken } = await import("./contact-survey-link");
-      const result = verifyContactSurveyToken(mockToken);
-      expect(result.ok).toBe(false);
-      if (!result.ok) {
-        expect(result.error).toEqual({
-          type: "internal_server_error",
-          message: "Encryption key not found - cannot verify survey token",
-        });
-      }
-    });
-  });
-});

apps/web/modules/ee/contacts/lib/contact-survey-link.ts

@@ -1,82 +0,0 @@
-import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
-import jwt from "jsonwebtoken";
-import { ENCRYPTION_KEY, WEBAPP_URL } from "@formbricks/lib/constants";
-import { symmetricDecrypt, symmetricEncrypt } from "@formbricks/lib/crypto";
-import { Result, err, ok } from "@formbricks/types/error-handlers";
-
-// Creates an encrypted personalized survey link for a contact
-export const getContactSurveyLink = (
-  contactId: string,
-  surveyId: string,
-  expirationDays?: number
-): Result<string, ApiErrorResponseV2> => {
-  if (!ENCRYPTION_KEY) {
-    return err({
-      type: "internal_server_error",
-      message: "Encryption key not found - cannot create personalized survey link",
-    });
-  }
-
-  // Encrypt the contact and survey IDs
-  const encryptedContactId = symmetricEncrypt(contactId, ENCRYPTION_KEY);
-  const encryptedSurveyId = symmetricEncrypt(surveyId, ENCRYPTION_KEY);
-
-  // Create JWT payload with encrypted IDs
-  const payload = {
-    contactId: encryptedContactId,
-    surveyId: encryptedSurveyId,
-  };
-
-  // Set token options
-  const tokenOptions: jwt.SignOptions = {
-    algorithm: "HS256",
-  };
-
-  // Add expiration if specified
-  if (expirationDays !== undefined && expirationDays > 0) {
-    tokenOptions.expiresIn = `${expirationDays}d`;
-  }
-
-  // Sign the token with ENCRYPTION_KEY using SHA256
-  const token = jwt.sign(payload, ENCRYPTION_KEY, tokenOptions);
-
-  // Return the personalized URL
-  return ok(`${WEBAPP_URL}/c/${token}`);
-};
-
-// Validates and decrypts a contact survey JWT token
-export const verifyContactSurveyToken = (
-  token: string
-): Result<{ contactId: string; surveyId: string }, ApiErrorResponseV2> => {
-  if (!ENCRYPTION_KEY) {
-    return err({
-      type: "internal_server_error",
-      message: "Encryption key not found - cannot verify survey token",
-    });
-  }
-
-  try {
-    // Verify the token
-    const decoded = jwt.verify(token, ENCRYPTION_KEY) as { contactId: string; surveyId: string };
-
-    if (!decoded || !decoded.contactId || !decoded.surveyId) {
-      throw err("Invalid token format");
-    }
-
-    // Decrypt the contact and survey IDs
-    const contactId = symmetricDecrypt(decoded.contactId, ENCRYPTION_KEY);
-    const surveyId = symmetricDecrypt(decoded.surveyId, ENCRYPTION_KEY);
-
-    return ok({
-      contactId,
-      surveyId,
-    });
-  } catch (error) {
-    console.error("Error verifying contact survey token:", error);
-    return err({
-      type: "bad_request",
-      message: "Invalid or expired survey token",
-      details: [{ field: "token", issue: "Invalid or expired survey token" }],
-    });
-  }
-};

apps/web/modules/ee/contacts/page.tsx

@@ -1,14 +1,21 @@
 import { contactCache } from "@/lib/cache/contact";
+import { authOptions } from "@/modules/auth/lib/authOptions";
 import { UploadContactsCSVButton } from "@/modules/ee/contacts/components/upload-contacts-button";
 import { getContactAttributeKeys } from "@/modules/ee/contacts/lib/contact-attribute-keys";
 import { getContacts } from "@/modules/ee/contacts/lib/contacts";
 import { getIsContactsEnabled } from "@/modules/ee/license-check/lib/utils";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { UpgradePrompt } from "@/modules/ui/components/upgrade-prompt";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { IS_FORMBRICKS_CLOUD, ITEMS_PER_PAGE } from "@formbricks/lib/constants";
+import { getEnvironment } from "@formbricks/lib/environment/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { ContactDataView } from "./components/contact-data-view";
 import { ContactsSecondaryNavigation } from "./components/contacts-secondary-navigation";
 
@@ -17,14 +24,39 @@ export const ContactsPage = async ({
 }: {
   params: Promise<{ environmentId: string }>;
 }) => {
-  const params = await paramsProps;
-
-  const { environment, isReadOnly } = await getEnvironmentAuth(params.environmentId);
-
   const t = await getTranslate();
+  const params = await paramsProps;
+  const session = await getServerSession(authOptions);
+  if (!session) {
+    throw new Error("Session not found");
+  }
 
   const isContactsEnabled = await getIsContactsEnabled();
 
+  const [environment, product] = await Promise.all([
+    getEnvironment(params.environmentId),
+    getProjectByEnvironmentId(params.environmentId),
+  ]);
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+
+  if (!product) {
+    throw new Error(t("common.product_not_found"));
+  }
+
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(
+    session?.user.id,
+    product.organizationId
+  );
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const productPermission = await getProjectPermissionByUserId(session.user.id, product.id);
+  const { hasReadAccess } = getTeamPermissionFlags(productPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   const contactAttributeKeys = await getContactAttributeKeys(params.environmentId);
   const initialContacts = await getContacts(params.environmentId, 0);
 
@@ -63,7 +95,7 @@ export const ContactsPage = async ({
             description={t("environments.contacts.unlock_contacts_description")}
             buttons={[
               {
-                text: IS_FORMBRICKS_CLOUD ? t("common.start_free_trial") : t("common.request_trial_license"),
+                text: t("common.start_free_trial"),
                 href: IS_FORMBRICKS_CLOUD
                   ? `/environments/${params.environmentId}/settings/billing`
                   : "https://formbricks.com/upgrade-self-hosting-license",

apps/web/modules/ee/contacts/segments/page.tsx

@@ -1,14 +1,22 @@
+import { authOptions } from "@/modules/auth/lib/authOptions";
 import { ContactsSecondaryNavigation } from "@/modules/ee/contacts/components/contacts-secondary-navigation";
 import { getContactAttributeKeys } from "@/modules/ee/contacts/lib/contact-attribute-keys";
 import { SegmentTable } from "@/modules/ee/contacts/segments/components/segment-table";
 import { getSegments } from "@/modules/ee/contacts/segments/lib/segments";
 import { getIsContactsEnabled } from "@/modules/ee/license-check/lib/utils";
-import { getEnvironmentAuth } from "@/modules/environments/lib/utils";
+import { getProjectPermissionByUserId } from "@/modules/ee/teams/lib/roles";
+import { getTeamPermissionFlags } from "@/modules/ee/teams/utils/teams";
 import { PageContentWrapper } from "@/modules/ui/components/page-content-wrapper";
 import { PageHeader } from "@/modules/ui/components/page-header";
 import { UpgradePrompt } from "@/modules/ui/components/upgrade-prompt";
 import { getTranslate } from "@/tolgee/server";
+import { getServerSession } from "next-auth";
 import { IS_FORMBRICKS_CLOUD } from "@formbricks/lib/constants";
+import { getEnvironment } from "@formbricks/lib/environment/service";
+import { getMembershipByUserIdOrganizationId } from "@formbricks/lib/membership/service";
+import { getAccessFlags } from "@formbricks/lib/membership/utils";
+import { getOrganizationByEnvironmentId } from "@formbricks/lib/organization/service";
+import { getProjectByEnvironmentId } from "@formbricks/lib/project/service";
 import { CreateSegmentModal } from "./components/create-segment-modal";
 
 export const SegmentsPage = async ({
@@ -18,14 +26,42 @@ export const SegmentsPage = async ({
 }) => {
   const params = await paramsProps;
   const t = await getTranslate();
-
-  const { isReadOnly } = await getEnvironmentAuth(params.environmentId);
-
-  const [segments, contactAttributeKeys] = await Promise.all([
+  const [session, environment, product, segments, contactAttributeKeys, organization] = await Promise.all([
+    getServerSession(authOptions),
+    getEnvironment(params.environmentId),
+    getProjectByEnvironmentId(params.environmentId),
     getSegments(params.environmentId),
     getContactAttributeKeys(params.environmentId),
+    getOrganizationByEnvironmentId(params.environmentId),
   ]);
 
+  if (!session) {
+    throw new Error("Session not found");
+  }
+
+  if (!environment) {
+    throw new Error(t("common.environment_not_found"));
+  }
+
+  if (!organization) {
+    throw new Error(t("common.organization_not_found"));
+  }
+
+  if (!product) {
+    throw new Error(t("common.product_not_found"));
+  }
+
+  const currentUserMembership = await getMembershipByUserIdOrganizationId(
+    session?.user.id,
+    product.organizationId
+  );
+  const { isMember } = getAccessFlags(currentUserMembership?.role);
+
+  const productPermission = await getProjectPermissionByUserId(session.user.id, product.id);
+  const { hasReadAccess } = getTeamPermissionFlags(productPermission);
+
+  const isReadOnly = isMember && hasReadAccess;
+
   const isContactsEnabled = await getIsContactsEnabled();
 
   if (!segments) {
@@ -64,7 +100,7 @@ export const SegmentsPage = async ({
             description={t("environments.segments.unlock_segments_description")}
             buttons={[
               {
-                text: IS_FORMBRICKS_CLOUD ? t("common.start_free_trial") : t("common.request_trial_license"),
+                text: t("common.start_free_trial"),
                 href: IS_FORMBRICKS_CLOUD
                   ? `/environments/${params.environmentId}/settings/billing`
                   : "https://formbricks.com/upgrade-self-hosting-license",

apps/web/modules/ee/insights/components/insights-view.tsx

@@ -43,8 +43,19 @@ export const InsightView = ({
   const [activeTab, setActiveTab] = useState<string>("all");
   const [visibleInsights, setVisibleInsights] = useState(10);
 
-  const handleFeedback = (_feedback: "positive" | "negative") => {
-    formbricks.track("AI Insight Feedback");
+  const handleFeedback = (feedback: "positive" | "negative") => {
+    formbricks.track("AI Insight Feedback", {
+      hiddenFields: {
+        feedbackSentiment: feedback,
+        insightId: currentInsight?.id,
+        insightTitle: currentInsight?.title,
+        insightDescription: currentInsight?.description,
+        insightCategory: currentInsight?.category,
+        environmentId: currentInsight?.environmentId,
+        surveyId,
+        questionId,
+      },
+    });
   };
 
   const handleFilterSelect = useCallback(

apps/web/modules/ee/insights/experience/components/insight-view.tsx

@@ -42,8 +42,17 @@ export const InsightView = ({
   const [currentInsight, setCurrentInsight] = useState<TInsightWithDocumentCount | null>(null);
   const [activeTab, setActiveTab] = useState<string>("featureRequest");
 
-  const handleFeedback = (_feedback: "positive" | "negative") => {
-    formbricks.track("AI Insight Feedback");
+  const handleFeedback = (feedback: "positive" | "negative") => {
+    formbricks.track("AI Insight Feedback", {
+      hiddenFields: {
+        feedbackSentiment: feedback,
+        insightId: currentInsight?.id,
+        insightTitle: currentInsight?.title,
+        insightDescription: currentInsight?.description,
+        insightCategory: currentInsight?.category,
+        environmentId: currentInsight?.environmentId,
+      },
+    });
   };
 
   const insightsFilter: TInsightFilterCriteria = useMemo(

apps/web/modules/ee/languages/loading.tsx

@@ -11,7 +11,7 @@ export const LanguagesLoading = () => {
   const { t } = useTranslate();
   return (
     <PageContentWrapper>
-      <PageHeader pageTitle={t("common.project_configuration")}>
+      <PageHeader pageTitle={t("common.configuration")}>
         <ProjectConfigNavigation activeId="languages" loading />
       </PageHeader>
       <SettingsCard