website: migrate brand assets to pkg

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

.github/actions/setup-node/action.yml

@@ -1,77 +0,0 @@
-name: "Setup Node.js and NPM"
-description: "Sets up Node.js with a specific NPM version via Corepack"
-inputs:
-  working-directory:
-    description: "Path to the working directory containing the package.json file"
-    required: false
-    default: "."
-  dependencies:
-    required: false
-    description: "List of dependencies to setup"
-    default: "monorepo,working-directory"
-  node-version-file:
-    description: "Path to file containing the Node.js version"
-    required: false
-    default: "package.json"
-  cache-dependency-path:
-    description: "Path to dependency lock file for caching"
-    required: false
-    default: "package-lock.json"
-  cache:
-    description: "Package manager to cache"
-    default: "npm"
-  registry-url:
-    description: "npm registry URL"
-    default: "https://registry.npmjs.org"
-
-runs:
-  using: "composite"
-  steps:
-    - name: Setup Node.js (Corepack bootstrap)
-      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v4
-      with:
-        node-version-file: ${{ inputs.node-version-file }}
-        registry-url: ${{ inputs.registry-url }}
-        cache: ${{ inputs.cache }}
-        cache-dependency-path: |
-          ${{ inputs.cache-dependency-path }}
-          ${{ inputs.working-directory }}/${{ inputs.cache-dependency-path }}
-
-    - name: Install Corepack
-      working-directory: ${{ github.workspace}}
-      shell: bash
-      run: | #shell
-        node ./scripts/node/setup-corepack.mjs --force
-        corepack enable
-    - name: Lint Node.js and NPM versions
-      shell: bash
-      run: node ./scripts/node/lint-runtime.mjs
-    - name: Setup Node.js (Monorepo Root)
-      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v4
-      with:
-        node-version-file: ${{ inputs.node-version-file }}
-        registry-url: ${{ inputs.registry-url }}
-    - name: Install monorepo dependencies
-      if: ${{ contains(inputs.dependencies, 'monorepo') }}
-      shell: bash
-      run: | #shell
-        node ./scripts/node/lint-lockfile.mjs
-        corepack npm ci
-    - name: Setup Node.js (Working Directory)
-      if: ${{ contains(inputs.dependencies, 'working-directory') }}
-      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v4
-      with:
-        node-version-file: ${{ inputs.working-directory }}/${{ inputs.node-version-file }}
-        registry-url: ${{ inputs.registry-url }}
-
-    - name: Install working directory dependencies
-      if: ${{ contains(inputs.dependencies, 'working-directory') }}
-      shell: bash
-      run: | # shell
-        corepack install
-
-        echo "node version: $(node --version)"
-        echo "npm version: $(corepack npm --version)"
-
-        node ./scripts/node/lint-lockfile.mjs ${{ inputs.working-directory }}
-        corepack npm ci --prefix ${{ inputs.working-directory }}

.github/actions/setup/action.yml

@@ -67,11 +67,27 @@ runs:
       uses: taiki-e/install-action@ec28e287910af896fd98e04056d31fa68607e7ad # v2
       with:
         tool: cargo-deny cargo-machete cargo-llvm-cov nextest
-    - name: Setup node (root, web)
+    - name: Setup node (web)
       if: ${{ contains(inputs.dependencies, 'node') }}
-      uses: ./.github/actions/setup-node
+      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v4
       with:
-        working-directory: web
+        node-version-file: "${{ inputs.working-directory }}web/package.json"
+        cache: "npm"
+        cache-dependency-path: "${{ inputs.working-directory }}web/package-lock.json"
+        registry-url: "https://registry.npmjs.org"
+    - name: Setup node (root)
+      if: ${{ contains(inputs.dependencies, 'node') }}
+      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v4
+      with:
+        node-version-file: "${{ inputs.working-directory }}package.json"
+        cache: "npm"
+        cache-dependency-path: "${{ inputs.working-directory }}package-lock.json"
+        registry-url: "https://registry.npmjs.org"
+    - name: Install Node deps
+      if: ${{ contains(inputs.dependencies, 'node') }}
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}
+      run: npm ci
     - name: Setup go
       if: ${{ contains(inputs.dependencies, 'go') }}
       uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v5
@@ -89,7 +105,7 @@ runs:
       run: |
         export PSQL_TAG=${{ inputs.postgresql_version }}
         docker compose -f .github/actions/setup/compose.yml up -d --wait
-        corepack npm ci --prefix web
+        cd web && npm ci
     - name: Generate config
       if: ${{ contains(inputs.dependencies, 'python') }}
       shell: uv run python {0}

.github/codecov.yml

@@ -1,6 +1,3 @@
-codecov:
-  notify:
-    wait_for_ci: true
 coverage:
   status:
     project:

.github/workflows/_reusable-docker-build-single.yml

@@ -67,16 +67,6 @@ jobs:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - uses: ./.github/actions/setup-node
-        with:
-          working-directory: web
-          dependencies: "monorepo"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
-        with:
-          go-version-file: "go.mod"
-      - name: Generate API Clients
-        run: |
-          make gen-client-ts
       - name: Build Docker Image
         uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
         id: push

.github/workflows/ci-api-docs.yml

@@ -22,19 +22,25 @@ jobs:
           - prettier-check
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
-        with:
-          working-directory: website
+      - name: Install Dependencies
+        working-directory: website/
+        run: npm ci
       - name: Lint
-        run: corepack npm run ${{ matrix.command }} --prefix website
+        working-directory: website/
+        run: npm run ${{ matrix.command }}
   build:
     runs-on: ubuntu-latest
 
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: website
+          node-version-file: website/package.json
+          cache: "npm"
+          cache-dependency-path: website/package-lock.json
+      - working-directory: website/
+        name: Install Dependencies
+        run: npm ci
       - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4
         with:
           path: |
@@ -48,7 +54,7 @@ jobs:
         working-directory: website
         env:
           NODE_ENV: production
-        run: corepack npm run build -w api
+        run: npm run build -w api
       - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v4
         with:
           name: api-docs
@@ -65,9 +71,11 @@ jobs:
         with:
           name: api-docs
           path: website/api/build
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: website
+          node-version-file: website/package.json
+          cache: "npm"
+          cache-dependency-path: website/package-lock.json
       - name: Deploy Netlify (Production)
         working-directory: website/api
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'

.github/workflows/ci-aws-cfn.yml

@@ -24,9 +24,14 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
       - name: Setup authentik env
         uses: ./.github/actions/setup
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: lifecycle/aws
+          node-version-file: lifecycle/aws/package.json
+          cache: "npm"
+          cache-dependency-path: lifecycle/aws/package-lock.json
+      - working-directory: lifecycle/aws/
+        run: |
+          npm ci
       - name: Check changes have been applied
         run: |
           uv run make aws-cfn

.github/workflows/ci-docs.yml

@@ -24,34 +24,46 @@ jobs:
           - prettier-check
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
-        with:
-          working-directory: website
+      - name: Install dependencies
+        working-directory: website/
+        run: npm ci
       - name: Lint
-        run: corepack npm run ${{ matrix.command }} --prefix website
+        working-directory: website/
+        run: npm run ${{ matrix.command }}
   build-docs:
     runs-on: ubuntu-latest
     env:
       NODE_ENV: production
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
-        name: Setup Node.js
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: website
+          node-version-file: website/package.json
+          cache: "npm"
+          cache-dependency-path: website/package-lock.json
+      - working-directory: website/
+        name: Install Dependencies
+        run: npm ci
       - name: Build Documentation via Docusaurus
-        run: corepack npm run build --prefix website
+        working-directory: website/
+        run: npm run build
   build-integrations:
     runs-on: ubuntu-latest
     env:
       NODE_ENV: production
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: website
+          node-version-file: website/package.json
+          cache: "npm"
+          cache-dependency-path: website/package-lock.json
+      - working-directory: website/
+        name: Install Dependencies
+        run: npm ci
       - name: Build Integrations via Docusaurus
-        run: corepack npm run build -w integrations --prefix website
+        working-directory: website/
+        run: npm run build -w integrations
   build-container:
     runs-on: ubuntu-latest
     permissions:

.github/workflows/ci-main.yml

@@ -109,13 +109,8 @@ jobs:
       - name: checkout stable
         run: |
           set -e -o pipefail
-
           cp -R .github ..
           cp -R scripts ..
-
-          mkdir -p ../packages
-          cp -R packages/logger-js ../packages/logger-js
-
           # Previous stable tag
           prev_stable=$(git tag --sort=version:refname | grep '^version/' | grep -vE -- '-rc[0-9]+$' | tail -n1)
           # Current version family based on
@@ -123,13 +118,10 @@ jobs:
           if [[ -n $current_version_family ]]; then
               prev_stable="version/${current_version_family}"
           fi
-
           echo "::notice::Checking out ${prev_stable} as stable version..."
           git checkout ${prev_stable}
-
-          rm -rf .github/ scripts/ packages/logger-js/
+          rm -rf .github/ scripts/
           mv ../.github ../scripts .
-          mv ../packages/logger-js ./packages/
       - name: Setup authentik env (stable)
         uses: ./.github/actions/setup
         with:
@@ -260,7 +252,6 @@ jobs:
           COMPOSE_PROFILES: ${{ matrix.job.profiles }}
         run: |
           docker compose -f tests/e2e/compose.yml up -d --quiet-pull
-      - uses: ./.github/actions/setup-node
       - id: cache-web
         uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4
         if: contains(matrix.job.profiles, 'selenium')
@@ -270,12 +261,10 @@ jobs:
       - name: prepare web ui
         if: steps.cache-web.outputs.cache-hit != 'true' && contains(matrix.job.profiles, 'selenium')
         working-directory: web
-        env:
-          NODE_ENV: "production"
         run: |
-          corepack npm ci
-          corepack npm run build
-          corepack npm run build:sfe
+          npm ci
+          npm run build
+          npm run build:sfe
       - name: run e2e
         run: |
           uv run coverage run manage.py test ${{ matrix.job.glob }}
@@ -324,12 +313,11 @@ jobs:
           key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**', 'web/packages/sfe/src/**') }}-b
       - name: prepare web ui
         if: steps.cache-web.outputs.cache-hit != 'true'
-        env:
-          NODE_ENV: "production"
+        working-directory: web
         run: |
-          corepack npm ci --prefix web
-          corepack npm run build --prefix web
-          corepack npm run build:sfe --prefix web
+          npm ci
+          npm run build
+          npm run build:sfe
       - name: run conformance
         run: |
           uv run coverage run manage.py test ${{ matrix.job.glob }}

.github/workflows/ci-outpost.yml

@@ -145,11 +145,16 @@ jobs:
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
         with:
           go-version-file: "go.mod"
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: web
+          node-version-file: web/package.json
+          cache: "npm"
+          cache-dependency-path: web/package-lock.json
       - name: Build web
-        run: corepack npm run build-proxy --prefix web
+        working-directory: web/
+        run: |
+          npm ci
+          npm run build-proxy
       - name: Build outpost
         run: |
           set -x

.github/workflows/ci-web.yml

@@ -15,34 +15,48 @@ on:
 jobs:
   lint:
     runs-on: ubuntu-latest
-    timeout-minutes: 15
+    strategy:
+      fail-fast: false
+      matrix:
+        command:
+          - lint
+          - lint:lockfile
+          - tsc
+          - prettier-check
+        project:
+          - web
+        include:
+          - command: tsc
+            project: web
+          - command: lit-analyse
+            project: web
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: web
+          node-version-file: ${{ matrix.project }}/package.json
+          cache: "npm"
+          cache-dependency-path: ${{ matrix.project }}/package-lock.json
+      - working-directory: ${{ matrix.project }}/
+        run: |
+          npm ci
       - name: Lint
-        run: corepack npm run lint-check --prefix web
-      - name: Check types
-        run: corepack npm run tsc --prefix web
-      - name: Check formatting
-        run: corepack npm run prettier-check --prefix web
-      - name: Lit analyse
-        run: corepack npm run lit-analyse --prefix web
-
+        working-directory: ${{ matrix.project }}/
+        run: npm run ${{ matrix.command }}
   build:
     runs-on: ubuntu-latest
-    timeout-minutes: 15
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: web
+          node-version-file: web/package.json
+          cache: "npm"
+          cache-dependency-path: web/package-lock.json
+      - working-directory: web/
+        run: npm ci
       - name: build
-        env:
-          NODE_ENV: "production"
         working-directory: web/
-        run: corepack npm run build
+        run: npm run build
   ci-web-mark:
     if: always()
     needs:
@@ -57,12 +71,15 @@ jobs:
     needs:
       - ci-web-mark
     runs-on: ubuntu-latest
-    timeout-minutes: 30
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: web
+          node-version-file: web/package.json
+          cache: "npm"
+          cache-dependency-path: web/package-lock.json
+      - working-directory: web/
+        run: npm ci
       - name: test
         working-directory: web/
-        run: corepack npm run test || exit 0
+        run: npm run test || exit 0

.github/workflows/packages-npm-publish.yml

@@ -35,19 +35,22 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
         with:
           fetch-depth: 2
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: ${{ matrix.package }}
+          node-version-file: ${{ matrix.package }}/package.json
+          registry-url: "https://registry.npmjs.org"
       - name: Get changed files
         id: changed-files
         uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # 24d32ffd492484c1d75e0c0b894501ddb9d30d62
         with:
           files: |
             ${{ matrix.package }}/package.json
+      - name: Install Dependencies
+        run: npm ci
       - name: Publish package
         if: steps.changed-files.outputs.any_changed == 'true'
         working-directory: ${{ matrix.package }}
         run: |
-          corepack npm ci
-          corepack npm run build
-          corepack npm publish
+          npm ci
+          npm run build
+          npm publish

.github/workflows/release-publish.yml

@@ -87,9 +87,11 @@ jobs:
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
         with:
           go-version-file: "go.mod"
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: web
+          node-version-file: web/package.json
+          cache: "npm"
+          cache-dependency-path: web/package-lock.json
       - name: Set up QEMU
         uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
       - name: Set up Docker Buildx
@@ -149,9 +151,15 @@ jobs:
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
         with:
           go-version-file: "go.mod"
-      - uses: ./.github/actions/setup-node
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v5
         with:
-          working-directory: web
+          node-version-file: web/package.json
+          cache: "npm"
+          cache-dependency-path: web/package-lock.json
+      - name: Install web dependencies
+        working-directory: web/
+        run: |
+          npm ci
       - name: Build web
         working-directory: web/
         run: |

.github/workflows/repo-stale.yml

@@ -27,6 +27,8 @@ jobs:
           exempt-issue-labels: pinned,security,pr_wanted,enhancement,bug/confirmed,enhancement/confirmed,question,status/reviewing
           stale-issue-label: status/stale
           stale-issue-message: >
-            This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
+            This issue has been automatically marked as stale because it has not had
+            recent activity. It will be closed if no further activity occurs. Thank you
+            for your contributions.
           # Don't stale PRs, so only apply to PRs with a non-existent label
           only-pr-labels: foo

.gitignore

@@ -14,8 +14,6 @@ media
 # Node
 
 node_modules
-corepack.tgz
-.corepack
 
 .cspellcache
 cspell-report.*

.vscode/settings.json

@@ -20,9 +20,6 @@
     },
     "todo-tree.tree.showCountsInTree": true,
     "todo-tree.tree.showBadges": true,
-    "yaml.format.printWidth": 200,
-    "yaml.format.singleQuote": true,
-    "yaml.format.bracketSpacing": false,
     "yaml.customTags": [
         "!Condition sequence",
         "!Context scalar",

Makefile

@@ -106,9 +106,8 @@ migrate: ## Run the Authentik Django server's migrations
 
 i18n-extract: core-i18n-extract web-i18n-extract  ## Extract strings that require translation into files to send to a translation service
 
-aws-cfn: node-install
-	corepack npm install --prefix lifecycle/aws
-	$(UV) run corepack npm run aws-cfn --prefix lifecycle/aws
+aws-cfn:
+	cd lifecycle/aws && npm i && $(UV) run npm run aws-cfn
 
 run:  ## Run the main authentik server and worker processes
 	$(UV) run ak allinone
@@ -236,48 +235,44 @@ gen-dev-config:  ## Generate a local development config file
 # additions: each entry runs arbitrary code at install time.
 TRUSTED_INSTALL_SCRIPTS := esbuild chromedriver tree-sitter tree-sitter-json
 
-node-preinstall: ## Install corepack and lint the runtime to ensure the correct Node.js version is being used before installing dependencies.
-	node ./scripts/node/setup-corepack.mjs
-	node ./scripts/node/lint-runtime.mjs
-
-node-install: node-preinstall ## Install the necessary libraries to build Node.js packages
-	corepack npm ci
+node-install:  ## Install the necessary libraries to build Node.js packages
+	npm ci
 
 #########################
 ## Web
 #########################
 
 web-install: ## Install the necessary libraries to build the Authentik UI
-	corepack npm ci --prefix web
+	npm ci --prefix web
 
 web-postinstall:  ## Trigger postinstall scripts for packages with native bindings or binary downloads, which are blocked by default for security reasons.
-	corepack npm rebuild --prefix web --ignore-scripts=false --foreground-scripts $(TRUSTED_INSTALL_SCRIPTS)
+	npm rebuild --prefix web --ignore-scripts=false --foreground-scripts $(TRUSTED_INSTALL_SCRIPTS)
 
 web-build: node-install  ## Build the Authentik UI
-	corepack npm run --prefix web build
+	npm run --prefix web build
 
 web: web-lint-fix web-lint web-check-compile  ## Automatically fix formatting issues in the Authentik UI source code, lint the code, and compile it
 
 web-test: ## Run tests for the Authentik UI
-	corepack npm run --prefix web test
+	npm run --prefix web test
 
 web-watch:  ## Build and watch the Authentik UI for changes, updating automatically
-	corepack npm run --prefix web watch
+	npm run --prefix web watch
 web-storybook-watch:  ## Build and run the storybook documentation server
-	corepack npm run --prefix web storybook
+	npm run --prefix web storybook
 
 web-lint-fix:
-	corepack npm run --prefix web prettier
+	npm run --prefix web prettier
 
 web-lint:
-	corepack npm run --prefix web lint
-	corepack npm run --prefix web lit-analyse
+	npm run --prefix web lint
+	npm run --prefix web lit-analyse
 
 web-check-compile:
-	corepack npm run --prefix web tsc
+	npm run --prefix web tsc
 
 web-i18n-extract:
-	corepack npm run --prefix web extract-locales
+	npm run --prefix web extract-locales
 
 #########################
 ## Docs
@@ -285,36 +280,35 @@ web-i18n-extract:
 
 docs: docs-lint-fix docs-build  ## Automatically fix formatting issues in the Authentik docs source code, lint the code, and compile it
 
-docs-install: node-install  ## Install the necessary libraries to build the Authentik documentation
-	corepack npm ci --prefix website
+docs-install: node-install
+	npm ci --prefix website
 
 docs-lint-fix: lint-spellcheck
-	corepack npm run --prefix website prettier
+	npm run --prefix website prettier
 
 docs-build:
-	node ./scripts/node/lint-runtime.mjs website
-	corepack npm run --prefix website build
+	npm run --prefix website build
 
 docs-watch:  ## Build and watch the topics documentation
-	corepack npm run --prefix website start
+	npm run --prefix website start
 
 integrations: docs-lint-fix integrations-build ## Fix formatting issues in the integrations source code, lint the code, and compile it
 
 integrations-build:
-	corepack npm run --prefix website -w integrations build
+	npm run --prefix website -w integrations build
 
 integrations-watch:  ## Build and watch the Integrations documentation
-	corepack npm run --prefix website -w integrations start
+	npm run --prefix website -w integrations start
 
 docs-api-build:
-	corepack npm run --prefix website -w api build
+	npm run --prefix website -w api build
 
 docs-api-watch:  ## Build and watch the API documentation
-	corepack npm run --prefix website -w api generate
-	corepack npm run --prefix website -w api start
+	npm run --prefix website -w api generate
+	npm run --prefix website -w api start
 
 docs-api-clean: ## Clean generated API documentation
-	corepack npm run --prefix website -w api build:api:clean
+	npm run --prefix website -w api build:api:clean
 
 #########################
 ## Docker

authentik/enterprise/providers/scim/api.py

@@ -1,72 +1,14 @@
-from datetime import datetime
-
-from django.urls import reverse
 from django.utils.translation import gettext as _
 from rest_framework.exceptions import ValidationError
 
 from authentik.enterprise.license import LicenseKey
-from authentik.providers.scim.models import SCIMAuthenticationMode, SCIMProvider
-from authentik.sources.oauth.models import UserOAuthSourceConnection
+from authentik.providers.scim.models import SCIMAuthenticationMode
 
 
 class SCIMProviderSerializerMixin:
 
-    def _get_token(self, instance: SCIMProvider) -> UserOAuthSourceConnection | None:
-        user = instance.auth_oauth_user
-        conn = UserOAuthSourceConnection.objects.filter(
-            user=user, source=instance.auth_oauth
-        ).first()
-        return conn
-
-    def get_auth_oauth_token_last_updated(self, instance: SCIMProvider) -> datetime | None:
-        conn = self._get_token(instance)
-        return conn.last_updated if conn else None
-
-    def get_auth_oauth_token_expires(self, instance: SCIMProvider) -> datetime | None:
-        conn = self._get_token(instance)
-        return conn.expires if conn else None
-
-    def get_auth_oauth_url_callback(self, instance: SCIMProvider) -> str | None:
-        if (
-            instance.auth_mode
-            in [
-                SCIMAuthenticationMode.TOKEN,
-                SCIMAuthenticationMode.OAUTH_SILENT,
-            ]
-            or not instance.backchannel_application
-        ):
-            return None
-        relative_url = reverse(
-            "authentik_enterprise_providers_scim:callback",
-            kwargs={"application_slug": instance.backchannel_application.slug},
-        )
-        if "request" not in self.context:
-            return relative_url
-        return self.context["request"].build_absolute_uri(relative_url)
-
-    def get_auth_oauth_url_start(self, instance: SCIMProvider) -> str | None:
-        if (
-            instance.auth_mode
-            in [
-                SCIMAuthenticationMode.TOKEN,
-                SCIMAuthenticationMode.OAUTH_SILENT,
-            ]
-            or not instance.backchannel_application
-        ):
-            return None
-        relative_url = reverse(
-            "authentik_enterprise_providers_scim:start",
-            kwargs={"application_slug": instance.backchannel_application.slug},
-        )
-        if "request" not in self.context:
-            return relative_url
-        return self.context["request"].build_absolute_uri(relative_url)
-
     def validate_auth_mode(self, auth_mode: SCIMAuthenticationMode) -> SCIMAuthenticationMode:
-        if auth_mode in [
-            SCIMAuthenticationMode.OAUTH_SILENT,
-            SCIMAuthenticationMode.OAUTH_INTERACTIVE,
-        ]:
+        if auth_mode == SCIMAuthenticationMode.OAUTH:
             if not LicenseKey.cached_summary().status.is_valid:
                 raise ValidationError(_("Enterprise is required to use the OAuth mode."))
         return auth_mode

authentik/enterprise/providers/scim/apps.py

@@ -7,4 +7,3 @@ class AuthentikEnterpriseProviderSCIMConfig(EnterpriseConfig):
     label = "authentik_enterprise_providers_scim"
     verbose_name = "authentik Enterprise.Providers.SCIM"
     default = True
-    mountpoint = "application/scim/"

authentik/enterprise/providers/scim/auth_oauth2.py

@@ -1,14 +1,12 @@
 from datetime import timedelta
-from typing import TYPE_CHECKING, Any
+from typing import TYPE_CHECKING
 
 from django.utils.timezone import now
 from requests import Request, RequestException
 from structlog.stdlib import get_logger
 
-from authentik.common.oauth.constants import GRANT_TYPE_PASSWORD, GRANT_TYPE_REFRESH_TOKEN
 from authentik.providers.scim.clients.exceptions import SCIMRequestException
-from authentik.providers.scim.models import SCIMAuthenticationMode
-from authentik.sources.oauth.clients.base import BaseOAuthClient
+from authentik.sources.oauth.clients.oauth2 import OAuth2Client
 from authentik.sources.oauth.models import OAuthSource, UserOAuthSourceConnection
 
 if TYPE_CHECKING:
@@ -20,26 +18,23 @@ class SCIMOAuthException(SCIMRequestException):
 
 
 class SCIMOAuthAuth:
+
     def __init__(self, provider: SCIMProvider):
         self.provider = provider
         self.user = provider.auth_oauth_user
         self.logger = get_logger().bind()
         self.connection = self.get_connection()
 
-    def retrieve_token(self, conn: UserOAuthSourceConnection | None) -> dict[str, Any]:
+    def retrieve_token(self):
+        if not self.provider.auth_oauth:
+            return None
         source: OAuthSource = self.provider.auth_oauth
-        client: BaseOAuthClient = source.source_type.callback_view(request=None).get_client(source)
+        client = OAuth2Client(source, None)
         access_token_url = source.source_type.access_token_url or ""
         if source.source_type.urls_customizable and source.access_token_url:
             access_token_url = source.access_token_url
         data = client.get_access_token_args(None, None)
-        if self.provider.auth_mode == SCIMAuthenticationMode.OAUTH_SILENT:
-            data["grant_type"] = GRANT_TYPE_PASSWORD
-        elif self.provider.auth_mode == SCIMAuthenticationMode.OAUTH_INTERACTIVE:
-            data["grant_type"] = GRANT_TYPE_REFRESH_TOKEN
-            if not conn:
-                raise SCIMOAuthException(None, "Could not refresh SCIM OAuth token")
-            data["refresh_token"] = conn.refresh_token
+        data["grant_type"] = "password"
         data.update(self.provider.auth_oauth_params)
         try:
             response = client.do_request(
@@ -59,14 +54,12 @@ class SCIMOAuthAuth:
             raise SCIMOAuthException(exc.response, message="Failed to get OAuth token") from exc
 
     def get_connection(self):
-        if not self.provider.auth_oauth:
-            return None
-        conn = UserOAuthSourceConnection.objects.filter(
-            source=self.provider.auth_oauth, user=self.user
+        token = UserOAuthSourceConnection.objects.filter(
+            source=self.provider.auth_oauth, user=self.user, expires__gt=now()
         ).first()
-        if conn and conn.access_token and conn.expires > now():
-            return conn
-        token = self.retrieve_token(conn)
+        if token and token.access_token:
+            return token
+        token = self.retrieve_token()
         access_token = token["access_token"]
         expires_in = int(token.get("expires_in", 0))
         token, _ = UserOAuthSourceConnection.objects.update_or_create(
@@ -74,10 +67,7 @@ class SCIMOAuthAuth:
             user=self.user,
             defaults={
                 "access_token": access_token,
-                "refresh_token": token.get("refresh_token"),
                 "expires": now() + timedelta(seconds=expires_in),
-                # When using `update_or_create`, `last_updated` is not updated
-                "last_updated": now(),
             },
         )
         return token

authentik/enterprise/providers/scim/signals.py

@@ -14,10 +14,7 @@ def scim_provider_post_save(sender: type[Model], instance: SCIMProvider, created
     """Create service account before provider is saved"""
     identifier = f"ak-providers-scim-{instance.pk}"
     with audit_ignore():
-        if instance.auth_mode in [
-            SCIMAuthenticationMode.OAUTH_SILENT,
-            SCIMAuthenticationMode.OAUTH_INTERACTIVE,
-        ]:
+        if instance.auth_mode == SCIMAuthenticationMode.OAUTH:
             user, user_created = User.objects.update_or_create(
                 username=identifier,
                 defaults={

authentik/enterprise/providers/scim/tests.py

@@ -2,7 +2,7 @@
 
 from base64 import b64encode
 from datetime import timedelta
-from urllib.parse import parse_qs, urlencode, urlparse
+from unittest.mock import MagicMock, PropertyMock, patch
 
 from django.urls import reverse
 from django.utils.timezone import now
@@ -11,14 +11,17 @@ from rest_framework.test import APITestCase
 
 from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import Application, Group, User
+from authentik.core.tests.utils import create_test_admin_user
+from authentik.enterprise.license import LicenseKey
+from authentik.enterprise.models import License
+from authentik.enterprise.tests.test_license import expiry_valid
 from authentik.lib.generators import generate_id
 from authentik.providers.scim.models import SCIMAuthenticationMode, SCIMMapping, SCIMProvider
 from authentik.sources.oauth.models import OAuthSource, UserOAuthSourceConnection
 from authentik.tenants.models import Tenant
-from tests.live import create_test_admin_user
 
 
-class TestSCIMOAuthToken(APITestCase):
+class SCIMOAuthTests(APITestCase):
     """SCIM User tests"""
 
     @apply_blueprint("system/providers-scim.yaml")
@@ -39,7 +42,7 @@ class TestSCIMOAuthToken(APITestCase):
         self.provider = SCIMProvider.objects.create(
             name=generate_id(),
             url="https://localhost",
-            auth_mode=SCIMAuthenticationMode.OAUTH_SILENT,
+            auth_mode=SCIMAuthenticationMode.OAUTH,
             auth_oauth=self.source,
             auth_oauth_params={
                 "foo": "bar",
@@ -57,9 +60,8 @@ class TestSCIMOAuthToken(APITestCase):
         self.provider.property_mappings_group.add(
             SCIMMapping.objects.get(managed="goauthentik.io/providers/scim/group")
         )
-        self.admin = create_test_admin_user()
 
-    def test_retrieve_token_silent(self):
+    def test_retrieve_token(self):
         """Test token retrieval"""
         with Mocker() as mocker:
             token = generate_id()
@@ -84,44 +86,6 @@ class TestSCIMOAuthToken(APITestCase):
         )
         self.assertEqual(mocker.request_history[0].body, "grant_type=password&foo=bar")
 
-    def test_retrieve_token_interactive(self):
-        """Test token retrieval"""
-        self.provider.auth_mode = SCIMAuthenticationMode.OAUTH_INTERACTIVE
-        self.provider.save()
-        refresh_token = generate_id()
-        access_token = generate_id()
-        UserOAuthSourceConnection.objects.create(
-            user=self.provider.auth_oauth_user,
-            source=self.source,
-            refresh_token=refresh_token,
-            access_token=access_token,
-        )
-        with Mocker() as mocker:
-            token = generate_id()
-            mocker.post("http://localhost/token", json={"access_token": token, "expires_in": 3600})
-            self.provider.scim_auth()
-        conn = UserOAuthSourceConnection.objects.filter(
-            source=self.source,
-            user=self.provider.auth_oauth_user,
-        ).first()
-        self.assertIsNotNone(conn)
-        self.assertTrue(conn.is_valid)
-        auth = (
-            b64encode(
-                b":".join((self.source.consumer_key.encode(), self.source.consumer_secret.encode()))
-            )
-            .strip()
-            .decode()
-        )
-        self.assertEqual(
-            mocker.request_history[0].headers["Authorization"],
-            f"Basic {auth}",
-        )
-        self.assertEqual(
-            mocker.request_history[0].body,
-            f"grant_type=refresh_token&refresh_token={refresh_token}&foo=bar",
-        )
-
     def test_existing_token(self):
         """Test existing token"""
         UserOAuthSourceConnection.objects.create(
@@ -134,54 +98,96 @@ class TestSCIMOAuthToken(APITestCase):
             self.provider.scim_auth()
             self.assertEqual(len(mocker.request_history), 0)
 
-    def test_interactive_start(self):
-        self.client.force_login(self.admin)
-        res = self.client.get(
-            reverse(
-                "authentik_enterprise_providers_scim:start",
-                kwargs={
-                    "application_slug": self.app.slug,
+    @Mocker()
+    def test_user_create(self, mock: Mocker):
+        """Test user creation"""
+        scim_id = generate_id()
+        token = generate_id()
+        mock.post("http://localhost/token", json={"access_token": token, "expires_in": 3600})
+        mock.get(
+            "https://localhost/ServiceProviderConfig",
+            json={},
+        )
+        mock.post(
+            "https://localhost/Users",
+            json={
+                "id": scim_id,
+            },
+        )
+        uid = generate_id()
+        user = User.objects.create(
+            username=uid,
+            name=f"{uid} {uid}",
+            email=f"{uid}@goauthentik.io",
+        )
+        self.assertEqual(mock.call_count, 3)
+        self.assertEqual(mock.request_history[1].method, "GET")
+        self.assertEqual(mock.request_history[2].method, "POST")
+        self.assertJSONEqual(
+            mock.request_history[2].body,
+            {
+                "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
+                "active": True,
+                "emails": [
+                    {
+                        "primary": True,
+                        "type": "other",
+                        "value": f"{uid}@goauthentik.io",
+                    }
+                ],
+                "externalId": user.uid,
+                "name": {
+                    "familyName": uid,
+                    "formatted": f"{uid} {uid}",
+                    "givenName": uid,
                 },
-            )
+                "displayName": f"{uid} {uid}",
+                "userName": uid,
+            },
         )
-        self.assertEqual(res.status_code, 302)
-        query = parse_qs(urlparse(res.url).query)
-        self.assertEqual(query["client_id"], [self.source.consumer_key])
-        self.assertEqual(
-            query["redirect_uri"],
-            [f"http://testserver/application/scim/{self.app.slug}/oauth2/callback/"],
-        )
-        self.assertEqual(query["response_type"], ["code"])
 
-    def test_interactive_callback(self):
-        self.client.force_login(self.admin)
-        res = self.client.get(
-            reverse(
-                "authentik_enterprise_providers_scim:start",
-                kwargs={
-                    "application_slug": self.app.slug,
-                },
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
             )
+        ),
+    )
+    def test_api_create(self):
+        License.objects.create(key=generate_id())
+        self.client.force_login(create_test_admin_user())
+        res = self.client.post(
+            reverse("authentik_api:scimprovider-list"),
+            {
+                "name": generate_id(),
+                "url": "http://localhost",
+                "auth_mode": "oauth",
+                "auth_oauth": str(self.source.pk),
+            },
         )
-        self.assertEqual(res.status_code, 302)
-        query = parse_qs(urlparse(res.url).query)
+        self.assertEqual(res.status_code, 201)
 
-        with Mocker() as mock:
-            token = generate_id()
-            mock.post("http://localhost/token", json={"access_token": token, "expires_in": 3600})
-
-            res = self.client.get(
-                reverse(
-                    "authentik_enterprise_providers_scim:callback",
-                    kwargs={
-                        "application_slug": self.app.slug,
-                    },
-                )
-                + "?"
-                + urlencode({"state": query["state"][0], "code": generate_id()})
-            )
-            self.assertEqual(res.status_code, 302)
-
-        conn = UserOAuthSourceConnection.objects.filter(source=self.source).first()
-        self.assertIsNotNone(conn)
-        self.assertTrue(conn.is_valid)
+    @patch(
+        "authentik.enterprise.models.LicenseUsageStatus.is_valid",
+        PropertyMock(return_value=False),
+    )
+    def test_api_create_no_license(self):
+        self.client.force_login(create_test_admin_user())
+        res = self.client.post(
+            reverse("authentik_api:scimprovider-list"),
+            {
+                "name": generate_id(),
+                "url": "http://localhost",
+                "auth_mode": "oauth",
+                "auth_oauth": str(self.source.pk),
+            },
+        )
+        self.assertEqual(res.status_code, 400)
+        self.assertJSONEqual(
+            res.content, {"auth_mode": ["Enterprise is required to use the OAuth mode."]}
+        )

authentik/enterprise/providers/scim/tests/test_api.py

@@ -1,73 +0,0 @@
-"""SCIM OAuth tests"""
-
-from unittest.mock import MagicMock, PropertyMock, patch
-
-from django.urls import reverse
-from rest_framework.test import APITestCase
-
-from authentik.core.tests.utils import create_test_admin_user
-from authentik.enterprise.license import LicenseKey
-from authentik.enterprise.models import License
-from authentik.enterprise.tests.test_license import expiry_valid
-from authentik.lib.generators import generate_id
-from authentik.sources.oauth.models import OAuthSource
-
-
-class TestSCIMOAuthAPI(APITestCase):
-    """SCIM User tests"""
-
-    def setUp(self):
-        self.source = OAuthSource.objects.create(
-            name=generate_id(),
-            slug=generate_id(),
-            access_token_url="http://localhost/token",  # nosec
-            consumer_key=generate_id(),
-            consumer_secret=generate_id(),
-            provider_type="openidconnect",
-        )
-
-    @patch(
-        "authentik.enterprise.license.LicenseKey.validate",
-        MagicMock(
-            return_value=LicenseKey(
-                aud="",
-                exp=expiry_valid,
-                name=generate_id(),
-                internal_users=100,
-                external_users=100,
-            )
-        ),
-    )
-    def test_api_create(self):
-        License.objects.create(key=generate_id())
-        self.client.force_login(create_test_admin_user())
-        res = self.client.post(
-            reverse("authentik_api:scimprovider-list"),
-            {
-                "name": generate_id(),
-                "url": "http://localhost",
-                "auth_mode": "oauth",
-                "auth_oauth": str(self.source.pk),
-            },
-        )
-        self.assertEqual(res.status_code, 201)
-
-    @patch(
-        "authentik.enterprise.models.LicenseUsageStatus.is_valid",
-        PropertyMock(return_value=False),
-    )
-    def test_api_create_no_license(self):
-        self.client.force_login(create_test_admin_user())
-        res = self.client.post(
-            reverse("authentik_api:scimprovider-list"),
-            {
-                "name": generate_id(),
-                "url": "http://localhost",
-                "auth_mode": "oauth",
-                "auth_oauth": str(self.source.pk),
-            },
-        )
-        self.assertEqual(res.status_code, 400)
-        self.assertJSONEqual(
-            res.content, {"auth_mode": ["Enterprise is required to use the OAuth mode."]}
-        )

authentik/enterprise/providers/scim/tests/test_auth.py

@@ -1,100 +0,0 @@
-"""SCIM OAuth tests"""
-
-from requests_mock import Mocker
-from rest_framework.test import APITestCase
-
-from authentik.blueprints.tests import apply_blueprint
-from authentik.core.models import Application, Group, User
-from authentik.lib.generators import generate_id
-from authentik.providers.scim.models import SCIMAuthenticationMode, SCIMMapping, SCIMProvider
-from authentik.sources.oauth.models import OAuthSource
-from authentik.tenants.models import Tenant
-
-
-class TestSCIMOAuthAuth(APITestCase):
-    """SCIM User tests"""
-
-    @apply_blueprint("system/providers-scim.yaml")
-    def setUp(self) -> None:
-        # Delete all users and groups as the mocked HTTP responses only return one ID
-        # which will cause errors with multiple users
-        Tenant.objects.update(avatars="none")
-        User.objects.all().exclude_anonymous().delete()
-        Group.objects.all().delete()
-        self.source = OAuthSource.objects.create(
-            name=generate_id(),
-            slug=generate_id(),
-            access_token_url="http://localhost/token",  # nosec
-            consumer_key=generate_id(),
-            consumer_secret=generate_id(),
-            provider_type="openidconnect",
-        )
-        self.provider = SCIMProvider.objects.create(
-            name=generate_id(),
-            url="https://localhost",
-            auth_mode=SCIMAuthenticationMode.OAUTH_SILENT,
-            auth_oauth=self.source,
-            auth_oauth_params={
-                "foo": "bar",
-            },
-            exclude_users_service_account=True,
-        )
-        self.app: Application = Application.objects.create(
-            name=generate_id(),
-            slug=generate_id(),
-        )
-        self.app.backchannel_providers.add(self.provider)
-        self.provider.property_mappings.add(
-            SCIMMapping.objects.get(managed="goauthentik.io/providers/scim/user")
-        )
-        self.provider.property_mappings_group.add(
-            SCIMMapping.objects.get(managed="goauthentik.io/providers/scim/group")
-        )
-
-    @Mocker()
-    def test_user_create(self, mock: Mocker):
-        """Test user creation"""
-        scim_id = generate_id()
-        token = generate_id()
-        mock.post("http://localhost/token", json={"access_token": token, "expires_in": 3600})
-        mock.get(
-            "https://localhost/ServiceProviderConfig",
-            json={},
-        )
-        mock.post(
-            "https://localhost/Users",
-            json={
-                "id": scim_id,
-            },
-        )
-        uid = generate_id()
-        user = User.objects.create(
-            username=uid,
-            name=f"{uid} {uid}",
-            email=f"{uid}@goauthentik.io",
-        )
-        self.assertEqual(mock.call_count, 3)
-        self.assertEqual(mock.request_history[1].method, "GET")
-        self.assertEqual(mock.request_history[2].method, "POST")
-        self.assertJSONEqual(
-            mock.request_history[2].body,
-            {
-                "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
-                "active": True,
-                "emails": [
-                    {
-                        "primary": True,
-                        "type": "other",
-                        "value": f"{uid}@goauthentik.io",
-                    }
-                ],
-                "externalId": user.uid,
-                "name": {
-                    "familyName": uid,
-                    "formatted": f"{uid} {uid}",
-                    "givenName": uid,
-                },
-                "displayName": f"{uid} {uid}",
-                "userName": uid,
-            },
-        )

authentik/enterprise/providers/scim/urls.py

@@ -1,10 +0,0 @@
-from django.urls import path
-
-from authentik.enterprise.providers.scim.views import SCIMOAuthStart, SCIMRedirectCallback
-
-urlpatterns = [
-    path("<slug:application_slug>/oauth2/start/", SCIMOAuthStart.as_view(), name="start"),
-    path(
-        "<slug:application_slug>/oauth2/callback/", SCIMRedirectCallback.as_view(), name="callback"
-    ),
-]

authentik/enterprise/providers/scim/views.py

@@ -1,70 +0,0 @@
-from datetime import timedelta
-
-from django.core.exceptions import PermissionDenied
-from django.http import HttpRequest
-from django.shortcuts import redirect
-from django.urls import reverse
-from django.utils.timezone import now
-
-from authentik.core.models import Application
-from authentik.providers.scim.models import SCIMProvider
-from authentik.sources.oauth.clients.base import BaseOAuthClient
-from authentik.sources.oauth.models import OAuthSource, UserOAuthSourceConnection
-from authentik.sources.oauth.types.registry import RequestKind, registry
-from authentik.sources.oauth.views.callback import OAuthCallback
-from authentik.sources.oauth.views.redirect import OAuthRedirect
-
-
-class SCIMOAuthViewMixin:
-
-    provider: SCIMProvider
-
-    def get_client(self, source: OAuthSource, **kwargs) -> BaseOAuthClient:
-        source: OAuthSource = self.provider.auth_oauth
-        source_cls = registry.find(source.provider_type, kind=RequestKind.CALLBACK)
-        if not source_cls.client_class:
-            return super().get_client(source, **kwargs)
-        return source_cls.client_class(source, self.request, **kwargs)
-
-    def _get_scim_provider(self, app_slug: str):
-        app = Application.objects.filter(slug=app_slug).first()
-        if not app:
-            return None
-        provider = SCIMProvider.objects.filter(backchannel_application=app)
-        return provider.first()
-
-    def dispatch(self, request: HttpRequest, application_slug: str):
-        if not request.user.is_authenticated:
-            raise PermissionDenied()
-        provider = self._get_scim_provider(application_slug)
-        if not provider or not provider.auth_oauth:
-            raise PermissionDenied()
-        if not request.user.has_perm(
-            "authentik_providers_scim.change_scimprovider",
-            provider,
-        ):
-            raise PermissionDenied()
-        self.provider = provider
-        return super().dispatch(request, source_slug=provider.auth_oauth.slug)
-
-
-class SCIMOAuthStart(SCIMOAuthViewMixin, OAuthRedirect):
-
-    def get_callback_url(self, source: OAuthSource):
-        return reverse("authentik_enterprise_providers_scim:callback", kwargs=self.kwargs)
-
-
-class SCIMRedirectCallback(SCIMOAuthViewMixin, OAuthCallback):
-
-    def redirect_flow_manager(self, client: BaseOAuthClient):
-        expires_in = int(self.token.get("expires_in", 0))
-        UserOAuthSourceConnection.objects.update_or_create(
-            source=self.provider.auth_oauth,
-            user=self.provider.auth_oauth_user,
-            defaults={
-                "access_token": self.token.get("access_token"),
-                "refresh_token": self.token.get("refresh_token"),
-                "expires": now() + timedelta(seconds=expires_in),
-            },
-        )
-        return redirect("authentik_core:if-admin")

authentik/providers/scim/api/providers.py

@@ -1,6 +1,5 @@
 """SCIM Provider API Views"""
 
-from rest_framework.fields import SerializerMethodField
 from rest_framework.viewsets import ModelViewSet
 
 from authentik.core.api.providers import ProviderSerializer
@@ -17,11 +16,6 @@ class SCIMProviderSerializer(
 ):
     """SCIMProvider Serializer"""
 
-    auth_oauth_token_last_updated = SerializerMethodField()
-    auth_oauth_token_expires = SerializerMethodField()
-    auth_oauth_url_callback = SerializerMethodField()
-    auth_oauth_url_start = SerializerMethodField()
-
     class Meta:
         model = SCIMProvider
         fields = [
@@ -41,10 +35,6 @@ class SCIMProviderSerializer(
             "auth_mode",
             "auth_oauth",
             "auth_oauth_params",
-            "auth_oauth_token_last_updated",
-            "auth_oauth_token_expires",
-            "auth_oauth_url_callback",
-            "auth_oauth_url_start",
             "compatibility_mode",
             "service_provider_config_cache_timeout",
             "exclude_users_service_account",

authentik/providers/scim/migrations/0019_scimprovider_group_filters_and_more.py

@@ -102,16 +102,4 @@ class Migration(migrations.Migration):
                 verbose_name="SCIM Compatibility Mode",
             ),
         ),
-        migrations.AlterField(
-            model_name="scimprovider",
-            name="auth_mode",
-            field=models.TextField(
-                choices=[
-                    ("token", "Token"),
-                    ("oauth", "OAuth (Silent)"),
-                    ("oauth_interactive", "OAuth (interactive)"),
-                ],
-                default="token",
-            ),
-        ),
     ]

authentik/providers/scim/models.py

@@ -72,8 +72,7 @@ class SCIMAuthenticationMode(models.TextChoices):
     """SCIM authentication modes"""
 
     TOKEN = "token", _("Token")
-    OAUTH_SILENT = "oauth", _("OAuth (Silent)")
-    OAUTH_INTERACTIVE = "oauth_interactive", _("OAuth (interactive)")
+    OAUTH = "oauth", _("OAuth")
 
 
 class SCIMCompatibilityMode(models.TextChoices):
@@ -145,10 +144,7 @@ class SCIMProvider(OutgoingSyncProvider, BackchannelProvider):
     )
 
     def scim_auth(self) -> AuthBase:
-        if self.auth_mode in [
-            SCIMAuthenticationMode.OAUTH_SILENT,
-            SCIMAuthenticationMode.OAUTH_INTERACTIVE,
-        ]:
+        if self.auth_mode == SCIMAuthenticationMode.OAUTH:
             try:
                 from authentik.enterprise.providers.scim.auth_oauth2 import SCIMOAuthAuth
 

authentik/sources/oauth/types/registry.py

@@ -1,5 +1,6 @@
 """Source type manager"""
 
+from collections.abc import Callable
 from enum import Enum
 from typing import Any
 
@@ -113,7 +114,7 @@ class SourceTypeRegistry:
             )
         return found_type
 
-    def find(self, type_name: str, kind: RequestKind) -> type[OAuthCallback | OAuthRedirect]:
+    def find(self, type_name: str, kind: RequestKind) -> Callable:
         """Find fitting Source Type"""
         found_type = self.find_type(type_name)
         if kind == RequestKind.CALLBACK:

authentik/sources/oauth/views/callback.py

@@ -15,7 +15,6 @@ from structlog.stdlib import get_logger
 
 from authentik.core.sources.flow_manager import SourceFlowManager
 from authentik.events.models import Event, EventAction
-from authentik.sources.oauth.clients.base import BaseOAuthClient
 from authentik.sources.oauth.models import (
     GroupOAuthSourceConnection,
     OAuthSource,
@@ -30,7 +29,7 @@ class OAuthCallback(OAuthClientMixin, View):
     "Base OAuth callback view."
 
     source: OAuthSource
-    token: dict[str, Any] | None = None
+    token: dict | None = None
 
     def dispatch(self, request: HttpRequest, *_, **kwargs) -> HttpResponse:
         """View Get handler"""
@@ -50,31 +49,20 @@ class OAuthCallback(OAuthClientMixin, View):
         if "error" in self.token:
             return self.handle_login_failure(self.token["error"])
         # Fetch profile info
-        try:
-            res = self.redirect_flow_manager(client)
-        except ValueError as exc:
-            # if we're authenticated and not in a source stage and this new flag is enabled,
-            # just continue
-            if self.request.user.is_authenticated:
-                pass
-            return self.handle_login_failure(exc.args[0])
-        return res
-
-    def redirect_flow_manager(self, client: BaseOAuthClient) -> HttpResponse:
         try:
             raw_info = client.get_profile_info(self.token)
             if raw_info is None:
-                raise ValueError("Could not retrieve profile.")
+                return self.handle_login_failure("Could not retrieve profile.")
         except JSONDecodeError as exc:
             Event.new(
                 EventAction.CONFIGURATION_ERROR,
                 message="Failed to JSON-decode profile.",
                 raw_profile=exc.doc,
             ).from_http(self.request)
-            raise ValueError("Could not retrieve profile.") from None
+            return self.handle_login_failure("Could not retrieve profile.")
         identifier = self.get_user_id(info=raw_info)
         if identifier is None:
-            raise ValueError("Could not determine id.")
+            return self.handle_login_failure("Could not determine id.")
         sfm = OAuthSourceFlowManager(
             source=self.source,
             request=self.request,

blueprints/schema.json

@@ -11203,8 +11203,7 @@
                     "type": "string",
                     "enum": [
                         "token",
-                        "oauth",
-                        "oauth_interactive"
+                        "oauth"
                     ],
                     "title": "Auth mode"
                 },

lifecycle/aws/package-lock.json

@@ -13,8 +13,8 @@
                 "cross-env": "^10.1.0"
             },
             "engines": {
-                "node": ">=24",
-                "npm": ">=11.10.1"
+                "node": ">=20",
+                "npm": ">=11.6.2"
             }
         },
         "node_modules/@epic-web/invariant": {

lifecycle/aws/package.json

@@ -11,20 +11,7 @@
         "cross-env": "^10.1.0"
     },
     "engines": {
-        "node": ">=24",
-        "npm": ">=11.14.1"
-    },
-    "devEngines": {
-        "runtime": {
-            "name": "node",
-            "onFail": "warn",
-            "version": ">=24"
-        },
-        "packageManager": {
-            "name": "npm",
-            "version": ">=11.14.1",
-            "onFail": "warn"
-        }
-    },
-    "packageManager": "npm@11.14.1+sha512.6a8a4d67478497a2dbc6815cad72e64c43f33413717e242756047d466241ab39bee61e691683a64658e94496ec5f1a1c05e4a5ec62dcc773280dfd949443a367"
+        "node": ">=20",
+        "npm": ">=11.6.2"
+    }
 }

lifecycle/container/Dockerfile

@@ -7,17 +7,6 @@ ARG GIT_BUILD_HASH
 ENV GIT_BUILD_HASH=$GIT_BUILD_HASH
 ENV NODE_ENV=production
 
-WORKDIR /work
-
-RUN --mount=type=bind,target=/work/package.json,src=./package.json \
-    --mount=type=bind,target=/work/package-lock.json,src=./package-lock.json \
-    --mount=type=bind,target=/work/web/package.json,src=./web/package.json \
-    --mount=type=bind,target=/work/web/package-lock.json,src=./web/package-lock.json \
-    --mount=type=bind,target=/work/scripts/node/,src=./scripts/node/ \
-    --mount=type=bind,target=/work/packages/logger-js/,src=./packages/logger-js/ \
-    node ./scripts/node/setup-corepack.mjs --force && \
-    node ./scripts/node/lint-runtime.mjs ./web
-
 WORKDIR /work/web
 
 # These files need to be copied and cannot be mounted as `npm ci` will build the client's typescript
@@ -29,7 +18,7 @@ RUN --mount=type=bind,target=/work/web/package.json,src=./web/package.json \
     --mount=type=bind,target=/work/web/packages/sfe/package.json,src=./web/packages/sfe/package.json \
     --mount=type=bind,target=/work/web/scripts,src=./web/scripts \
     --mount=type=cache,id=npm-ak,sharing=shared,target=/root/.npm \
-    corepack npm ci
+    npm ci
 
 COPY ./package.json /work
 COPY ./web /work/web/

lifecycle/container/proxy.Dockerfile

@@ -10,22 +10,12 @@ WORKDIR /static
 COPY ./packages /packages
 COPY ./web/packages /static/packages
 
-RUN --mount=type=bind,target=/static/package.json,src=./package.json \
-    --mount=type=bind,target=/static/package-lock.json,src=./package-lock.json \
-    --mount=type=bind,target=/static/web/package.json,src=./web/package.json \
-    --mount=type=bind,target=/static/web/package-lock.json,src=./web/package-lock.json \
-    --mount=type=bind,target=/static/scripts/node/,src=./scripts/node/ \
-    --mount=type=bind,target=/static/packages/logger-js/,src=./packages/logger-js/ \
-    node ./scripts/node/setup-corepack.mjs --force && \
-    node ./scripts/node/lint-runtime.mjs ./web
-
 COPY package.json /
-
 RUN --mount=type=bind,target=/static/package.json,src=./web/package.json \
     --mount=type=bind,target=/static/package-lock.json,src=./web/package-lock.json \
     --mount=type=bind,target=/static/scripts,src=./web/scripts \
     --mount=type=cache,target=/root/.npm \
-    corepack npm ci
+    npm ci
 
 COPY web .
 RUN npm run build-proxy

locale/en/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-05-14 00:33+0000\n"
+"POT-Creation-Date: 2026-05-13 05:39+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -2801,11 +2801,7 @@ msgid "SAML Sessions"
 msgstr ""
 
 #: authentik/providers/scim/models.py
-msgid "OAuth (Silent)"
-msgstr ""
-
-#: authentik/providers/scim/models.py
-msgid "OAuth (interactive)"
+msgid "OAuth"
 msgstr ""
 
 #: authentik/providers/scim/models.py

package.json

@@ -3,9 +3,9 @@
     "version": "2026.8.0-rc1",
     "private": true,
     "scripts": {
-        "lint": "run-s lint:runtime lint:spellcheck lint:lockfile",
-        "lint:lockfile": "node ./scripts/node/lint-lockfile.mjs",
-        "lint:runtime": "node ./scripts/node/lint-runtime.mjs",
+        "lint": "run-s lint:spellcheck lint:lockfile",
+        "lint:lockfile": "echo 'Skipping lockfile linting'",
+        "lint:node": "echo 'Skipping node linting'",
         "lint:spellcheck": "cspell . --config cspell.config.jsonc"
     },
     "type": "module",
@@ -14,7 +14,6 @@
     },
     "dependencies": {
         "@eslint/js": "^9.39.3",
-        "@goauthentik/docusaurus-config": "./packages/docusaurus-config",
         "@goauthentik/eslint-config": "./packages/eslint-config",
         "@goauthentik/logger-js": "./packages/logger-js",
         "@goauthentik/prettier-config": "./packages/prettier-config",
@@ -24,15 +23,15 @@
         "npm-run-all": "^4.1.5",
         "pino": "^10.3.1",
         "pino-pretty": "^13.1.2",
-        "prettier": "^3.8.3",
+        "prettier": "^3.8.1",
         "prettier-plugin-packagejson": "^3.0.0",
-        "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3"
+        "typescript": "^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "workspaces": [],
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -42,11 +41,11 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "warn"
         }
     },
-    "packageManager": "npm@11.14.1+sha512.6a8a4d67478497a2dbc6815cad72e64c43f33413717e242756047d466241ab39bee61e691683a64658e94496ec5f1a1c05e4a5ec62dcc773280dfd949443a367",
+    "packageManager": "npm@11.11.0+sha512.f36811c4aae1fde639527368ae44c571d050006a608d67a191f195a801a52637a312d259186254aa3a3799b05335b7390539cf28656d18f0591a1125ba35f973",
     "prettier": "@goauthentik/prettier-config",
     "overrides": {
         "@typescript-eslint/eslint-plugin": {

packages/client-ts/src/models/SCIMAuthenticationModeEnum.ts

@@ -19,7 +19,6 @@
 export const SCIMAuthenticationModeEnum = {
     Token: "token",
     Oauth: "oauth",
-    OauthInteractive: "oauth_interactive",
     UnknownDefaultOpenApi: "11184809",
 } as const;
 export type SCIMAuthenticationModeEnum =

packages/client-ts/src/models/SCIMProvider.ts

@@ -125,30 +125,6 @@ export interface SCIMProvider {
      * @memberof SCIMProvider
      */
     authOauthParams?: { [key: string]: any };
-    /**
-     *
-     * @type {Date}
-     * @memberof SCIMProvider
-     */
-    readonly authOauthTokenLastUpdated: Date | null;
-    /**
-     *
-     * @type {Date}
-     * @memberof SCIMProvider
-     */
-    readonly authOauthTokenExpires: Date | null;
-    /**
-     *
-     * @type {string}
-     * @memberof SCIMProvider
-     */
-    readonly authOauthUrlCallback: string | null;
-    /**
-     *
-     * @type {string}
-     * @memberof SCIMProvider
-     */
-    readonly authOauthUrlStart: string | null;
     /**
      * Alter authentik behavior for vendor-specific SCIM implementations.
      * @type {CompatibilityModeEnum}
@@ -214,13 +190,6 @@ export function instanceOfSCIMProvider(value: object): value is SCIMProvider {
     if (!("verboseNamePlural" in value) || value["verboseNamePlural"] === undefined) return false;
     if (!("metaModelName" in value) || value["metaModelName"] === undefined) return false;
     if (!("url" in value) || value["url"] === undefined) return false;
-    if (!("authOauthTokenLastUpdated" in value) || value["authOauthTokenLastUpdated"] === undefined)
-        return false;
-    if (!("authOauthTokenExpires" in value) || value["authOauthTokenExpires"] === undefined)
-        return false;
-    if (!("authOauthUrlCallback" in value) || value["authOauthUrlCallback"] === undefined)
-        return false;
-    if (!("authOauthUrlStart" in value) || value["authOauthUrlStart"] === undefined) return false;
     return true;
 }
 
@@ -254,16 +223,6 @@ export function SCIMProviderFromJSONTyped(json: any, ignoreDiscriminator: boolea
                 : SCIMAuthenticationModeEnumFromJSON(json["auth_mode"]),
         authOauth: json["auth_oauth"] == null ? undefined : json["auth_oauth"],
         authOauthParams: json["auth_oauth_params"] == null ? undefined : json["auth_oauth_params"],
-        authOauthTokenLastUpdated:
-            json["auth_oauth_token_last_updated"] == null
-                ? null
-                : new Date(json["auth_oauth_token_last_updated"]),
-        authOauthTokenExpires:
-            json["auth_oauth_token_expires"] == null
-                ? null
-                : new Date(json["auth_oauth_token_expires"]),
-        authOauthUrlCallback: json["auth_oauth_url_callback"],
-        authOauthUrlStart: json["auth_oauth_url_start"],
         compatibilityMode:
             json["compatibility_mode"] == null
                 ? undefined
@@ -297,10 +256,6 @@ export function SCIMProviderToJSONTyped(
         | "verbose_name"
         | "verbose_name_plural"
         | "meta_model_name"
-        | "auth_oauth_token_last_updated"
-        | "auth_oauth_token_expires"
-        | "auth_oauth_url_callback"
-        | "auth_oauth_url_start"
     > | null,
     ignoreDiscriminator: boolean = false,
 ): any {

packages/docusaurus-config/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@goauthentik/docusaurus-config",
-    "version": "3.0.0",
+    "version": "2.7.0",
     "description": "authentik's Docusaurus config",
     "license": "MIT",
     "repository": {
@@ -30,33 +30,33 @@
         "prism-react-renderer": "^2.4.1"
     },
     "devDependencies": {
-        "@docusaurus/theme-common": "^3.10.0",
+        "@docusaurus/theme-common": "3.10.0",
         "@docusaurus/theme-search-algolia": "^3.10.0",
         "@docusaurus/types": "^3.10.0",
         "@eslint/js": "^9.39.3",
         "@goauthentik/eslint-config": "../eslint-config",
         "@goauthentik/prettier-config": "../prettier-config",
         "@goauthentik/tsconfig": "../tsconfig",
-        "@types/node": "^25.7.0",
+        "@types/node": "^25.5.0",
         "@types/react": "^19.2.14",
         "@types/react-dom": "^19.2.3",
         "eslint": "^9.39.3",
         "pino": "^10.3.1",
-        "prettier": "^3.8.3",
+        "prettier": "^3.8.1",
         "prettier-plugin-packagejson": "^3.0.2",
-        "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3"
+        "typescript": "^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "peerDependencies": {
-        "@docusaurus/theme-common": "^3.10.1",
-        "@docusaurus/theme-search-algolia": "^3.10.1",
-        "@docusaurus/types": "^3.10.1",
-        "react": ">=19",
-        "react-dom": ">=19"
+        "@docusaurus/theme-common": "^3.9.2",
+        "@docusaurus/theme-search-algolia": "^3.9.2",
+        "@docusaurus/types": "^3.9.2",
+        "react": ">=18",
+        "react-dom": ">=18"
     },
     "optionalDependencies": {
-        "react": ">=19",
-        "react-dom": ">=19"
+        "react": ">=18",
+        "react-dom": ">=18"
     },
     "files": [
         "./index.js",
@@ -66,7 +66,7 @@
     ],
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -76,7 +76,7 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "warn"
         }
     },

packages/esbuild-plugin-live-reload/package-lock.json

@@ -17,20 +17,20 @@
                 "@goauthentik/logger-js": "../logger-js",
                 "@goauthentik/prettier-config": "../prettier-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.3.0",
                 "esbuild": "^0.27.4",
                 "eslint": "^9.39.3",
                 "pino": "^10.3.1",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
                 "typedoc": "^0.28.18",
                 "typedoc-plugin-markdown": "^4.11.0",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
                 "@goauthentik/logger-js": "^1.0.1",
@@ -44,7 +44,7 @@
         },
         "../eslint-config": {
             "name": "@goauthentik/eslint-config",
-            "version": "2.0.0",
+            "version": "1.3.0",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -52,26 +52,26 @@
                 "eslint-plugin-import": "^2.32.0",
                 "eslint-plugin-lit": "^2.2.1",
                 "eslint-plugin-react": "^7.37.5",
-                "eslint-plugin-react-hooks": "^7.1.1",
+                "eslint-plugin-react-hooks": "^7.0.1",
                 "eslint-plugin-wc": "^3.1.0"
             },
             "devDependencies": {
                 "@goauthentik/prettier-config": "../prettier-config",
                 "@goauthentik/tsconfig": "../tsconfig",
                 "@types/eslint": "^9.6.1",
-                "@types/node": "^25.7.0",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "@types/node": "^25.5.0",
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
                 "react": "^18.0.0 || ^19.0.0",
                 "react-dom": "^18.0.0 || ^19.0.0",
-                "typescript": "^6.0.3 || ^7.0.0",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^5.9.3 || ^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "peerDependenciesMeta": {
                 "react": {
@@ -84,25 +84,25 @@
         },
         "../logger-js": {
             "name": "@goauthentik/logger-js",
-            "version": "2.0.0",
+            "version": "1.1.1",
             "dev": true,
             "license": "MIT",
             "devDependencies": {
                 "@eslint/js": "^9.39.3",
                 "@goauthentik/prettier-config": "../prettier-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.5.0",
                 "eslint": "^9.39.3",
                 "pino": "^10.3.1",
                 "pino-pretty": "^13.1.2",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
                 "pino": "^10.3.1",
@@ -119,7 +119,7 @@
         },
         "../prettier-config": {
             "name": "@goauthentik/prettier-config",
-            "version": "4.0.0",
+            "version": "3.5.0",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -129,30 +129,30 @@
                 "@eslint/js": "^9.39.3",
                 "@goauthentik/eslint-config": "../eslint-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.0.0",
                 "eslint": "^9.39.3",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2"
             }
         },
         "../tsconfig": {
             "name": "@goauthentik/tsconfig",
-            "version": "1.0.9",
+            "version": "1.0.8",
             "dev": true,
             "license": "MIT",
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             }
         },
         "node_modules/@esbuild/aix-ppc64": {
@@ -904,13 +904,13 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "25.7.0",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz",
-            "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==",
+            "version": "25.5.0",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.0.tgz",
+            "integrity": "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "undici-types": "~7.21.0"
+                "undici-types": "~7.18.0"
             }
         },
         "node_modules/@types/unist": {
@@ -921,20 +921,20 @@
             "license": "MIT"
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.59.3.tgz",
-            "integrity": "sha512-PwFvSKsXGShKGW6n5bZOhGHEcCZXM8HofLK9fNsEwZXzFRjoY+XT1Vsf1zgyXdwTr0ZYz1/2tkZ0DBTT9jZjhw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.57.2.tgz",
+            "integrity": "sha512-NZZgp0Fm2IkD+La5PR81sd+g+8oS6JwJje+aRWsDocxHkjyRw0J5L5ZTlN3LI1LlOcGL7ph3eaIUmTXMIjLk0w==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/regexpp": "^4.12.2",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/type-utils": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/type-utils": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -944,9 +944,9 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.59.3",
+                "@typescript-eslint/parser": "^8.57.2",
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin/node_modules/ignore": {
@@ -960,16 +960,16 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.59.3.tgz",
-            "integrity": "sha512-HPwA+hVkfcriajbNvTmZv4VRauibay+cWArYUYq7u7W7PmGShMxbPxLvrwDme55a6d5alG3nrYfhyJ/G28XlLg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.57.2.tgz",
+            "integrity": "sha512-30ScMRHIAD33JJQkgfGW1t8CURZtjc2JpTrq5n2HFhOefbAhb7ucc7xJwdWcrEtqUIYJ73Nybpsggii6GtAHjA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -981,18 +981,18 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.59.3.tgz",
-            "integrity": "sha512-ECiUWa/KYRGDFUqTNehaRgzDshnJfkTABJxVemHk4ko22gcr0ukloKjWvyQ64g8YCV/UI47kN1dbmjf/GaQYng==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.57.2.tgz",
+            "integrity": "sha512-FuH0wipFywXRTHf+bTTjNyuNQQsQC3qh/dYzaM4I4W0jrCqjCVuUh99+xd9KamUfmCGPvbO8NDngo/vsnNVqgw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.59.3",
-                "@typescript-eslint/types": "^8.59.3",
+                "@typescript-eslint/tsconfig-utils": "^8.57.2",
+                "@typescript-eslint/types": "^8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -1003,18 +1003,18 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.59.3.tgz",
-            "integrity": "sha512-t2LvZnoEfzKtnPjgeEu41xw5gxq9mQVfYy4OoZ4Vlt0sk3JwxmhCca/AR7DwOiHrjWgjAj6as4AhRLKSDfvZIA==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.57.2.tgz",
+            "integrity": "sha512-snZKH+W4WbWkrBqj4gUNRIGb/jipDW3qMqVJ4C9rzdFc+wLwruxk+2a5D+uoFcKPAqyqEnSb4l2ULuZf95eSkw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3"
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1025,9 +1025,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.59.3.tgz",
-            "integrity": "sha512-PcIJHjmaREXLgIAIzLnSY9VucEzz8FKXsRgFa1DmdGCK/5tJpW03TKJF01Q6VZd1lLdz2sIKPWaDUZN9dp//dw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.57.2.tgz",
+            "integrity": "sha512-3Lm5DSM+DCowsUOJC+YqHHnKEfFh5CoGkj5Z31NQSNF4l5wdOwqGn99wmwN/LImhfY3KJnmordBq/4+VDe2eKw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -1038,21 +1038,21 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.59.3.tgz",
-            "integrity": "sha512-g71d8QD8UaiHGvrJwyIS1hCX5r63w6Jll+4VEYhEAHXTDIqX1JgxhTAbEHtKntL9kuc4jRo7/GWw5xfCepSccQ==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.57.2.tgz",
+            "integrity": "sha512-Co6ZCShm6kIbAM/s+oYVpKFfW7LBc6FXoPXjTRQ449PPNBY8U0KZXuevz5IFuuUj2H9ss40atTaf9dlGLzbWZg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
                 "debug": "^4.4.3",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1063,13 +1063,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.59.3.tgz",
-            "integrity": "sha512-ePFoH0g4ludssdRFqqDxQePCxU4WQyRa9+XVwjm7yLn0FKhMeoetC+qBEEI1Eyb1pGSDveTIT09Bvw2WhlGayg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.57.2.tgz",
+            "integrity": "sha512-/iZM6FnM4tnx9csuTxspMW4BOSegshwX5oBDznJ7S4WggL7Vczz5d2W11ecc4vRrQMQHXRSxzrCsyG5EsPPTbA==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -1081,21 +1081,21 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.59.3.tgz",
-            "integrity": "sha512-CbRjVRAf7Lr9Kr8RopKcbY45p2VfmmHrm0ygOCYFi7oU8q19m0Fs/6iHS7kNOmwpp+ob07ZVcAqlxUod9lYdmg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.57.2.tgz",
+            "integrity": "sha512-2MKM+I6g8tJxfSmFKOnHv2t8Sk3T6rF20A1Puk0svLK+uVapDZB/4pfAeB7nE83uAZrU6OxW+HmOd5wHVdXwXA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.59.3",
-                "@typescript-eslint/tsconfig-utils": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/project-service": "8.57.2",
+                "@typescript-eslint/tsconfig-utils": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3",
                 "minimatch": "^10.2.2",
                 "semver": "^7.7.3",
                 "tinyglobby": "^0.2.15",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1105,7 +1105,7 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
@@ -1119,9 +1119,9 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
-            "version": "5.0.6",
-            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz",
-            "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==",
+            "version": "5.0.5",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+            "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -1132,13 +1132,13 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-            "version": "10.2.5",
-            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz",
-            "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==",
+            "version": "10.2.4",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz",
+            "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==",
             "dev": true,
             "license": "BlueOak-1.0.0",
             "dependencies": {
-                "brace-expansion": "^5.0.5"
+                "brace-expansion": "^5.0.2"
             },
             "engines": {
                 "node": "18 || 20 || >=22"
@@ -1148,16 +1148,16 @@
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.59.3.tgz",
-            "integrity": "sha512-JAvT14goBzRzzzZyqq3P9BLArIxTtQURUtFgQ/V7FO+eU+Gg6ES+5ymOPP1wRxXcxAYeivCk4uS3jCKWI1K8Zg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.57.2.tgz",
+            "integrity": "sha512-krRIbvPK1ju1WBKIefiX+bngPs+odIQUtR7kymzPfo1POVw3jlF+nLkmexdSSd4UCbDcQn+wMBATOOmpBbqgKg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.9.1",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3"
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1168,17 +1168,17 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.59.3.tgz",
-            "integrity": "sha512-f1UQF7ggd42YiwI5wGrRaPsa+P0CINBlrkLPmGfpq/u/I/oVtecoEIfFR9ag/oa1sLOsRNZ6xehf6qMZhQGBDg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.57.2.tgz",
+            "integrity": "sha512-zhahknjobV2FiD6Ee9iLbS7OV9zi10rG26odsQdfBO/hjSzUQbkIYgda+iNKK1zNiW2ey+Lf8MU5btN17V3dUw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
                 "eslint-visitor-keys": "^5.0.0"
             },
             "engines": {
@@ -2164,9 +2164,9 @@
             }
         },
         "node_modules/prettier": {
-            "version": "3.8.3",
-            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.3.tgz",
-            "integrity": "sha512-7igPTM53cGHMW8xWuVTydi2KO233VFiTNyF5hLJqpilHfmn8C8gPf+PS7dUT64YcXFbiMGZxS9pCSxL/Dxm/Jw==",
+            "version": "3.8.1",
+            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz",
+            "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
             "dev": true,
             "license": "MIT",
             "bin": {
@@ -2515,9 +2515,9 @@
             }
         },
         "node_modules/typescript": {
-            "version": "6.0.3",
-            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz",
-            "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==",
+            "version": "6.0.2",
+            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz",
+            "integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==",
             "dev": true,
             "license": "Apache-2.0",
             "bin": {
@@ -2529,16 +2529,16 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.59.3.tgz",
-            "integrity": "sha512-KgusgyDgG4LI8Ih/sWaCtZ06tckLAS5CvT5A4D1Q7bYVoAAyzwiZvE4BmwDHkhRVkvhRBepKeASoFzQetha7Fg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.57.2.tgz",
+            "integrity": "sha512-VEPQ0iPgWO/sBaZOU1xo4nuNdODVOajPnTIbog2GKYr31nIlZ0fWPoCQgGfF3ETyBl1vn63F/p50Um9Z4J8O8A==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.59.3",
-                "@typescript-eslint/parser": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3"
+                "@typescript-eslint/eslint-plugin": "8.57.2",
+                "@typescript-eslint/parser": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -2549,7 +2549,7 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/uc.micro": {
@@ -2560,9 +2560,9 @@
             "license": "MIT"
         },
         "node_modules/undici-types": {
-            "version": "7.21.0",
-            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz",
-            "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==",
+            "version": "7.18.2",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+            "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
             "dev": true,
             "license": "MIT"
         },

packages/esbuild-plugin-live-reload/package.json

@@ -49,16 +49,16 @@
         "@goauthentik/logger-js": "../logger-js",
         "@goauthentik/prettier-config": "../prettier-config",
         "@goauthentik/tsconfig": "../tsconfig",
-        "@types/node": "^25.7.0",
+        "@types/node": "^25.3.0",
         "esbuild": "^0.27.4",
         "eslint": "^9.39.3",
         "pino": "^10.3.1",
-        "prettier": "^3.8.3",
+        "prettier": "^3.8.1",
         "prettier-plugin-packagejson": "^3.0.2",
         "typedoc": "^0.28.18",
         "typedoc-plugin-markdown": "^4.11.0",
-        "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3"
+        "typescript": "^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "peerDependencies": {
         "@goauthentik/logger-js": "^1.0.1",
@@ -73,7 +73,7 @@
     ],
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -83,7 +83,7 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "warn"
         }
     },

packages/eslint-config/package-lock.json

@@ -1,38 +1,38 @@
 {
     "name": "@goauthentik/eslint-config",
-    "version": "2.0.0",
+    "version": "1.3.0",
     "lockfileVersion": 3,
     "requires": true,
     "packages": {
         "": {
             "name": "@goauthentik/eslint-config",
-            "version": "2.0.0",
+            "version": "1.3.0",
             "license": "MIT",
             "dependencies": {
                 "eslint": "^9.39.3",
                 "eslint-plugin-import": "^2.32.0",
-                "eslint-plugin-lit": "^2.3.1",
+                "eslint-plugin-lit": "^2.2.1",
                 "eslint-plugin-react": "^7.37.5",
-                "eslint-plugin-react-hooks": "^7.1.1",
+                "eslint-plugin-react-hooks": "^7.0.1",
                 "eslint-plugin-wc": "^3.1.0"
             },
             "devDependencies": {
                 "@goauthentik/prettier-config": "../prettier-config",
                 "@goauthentik/tsconfig": "../tsconfig",
                 "@types/eslint": "^9.6.1",
-                "@types/node": "^25.7.0",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "@types/node": "^25.5.0",
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
                 "react": "^18.0.0 || ^19.0.0",
                 "react-dom": "^18.0.0 || ^19.0.0",
-                "typescript": "^6.0.3 || ^7.0.0",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^5.9.3 || ^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "peerDependenciesMeta": {
                 "react": {
@@ -45,7 +45,7 @@
         },
         "../prettier-config": {
             "name": "@goauthentik/prettier-config",
-            "version": "4.0.0",
+            "version": "3.5.0",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -55,30 +55,30 @@
                 "@eslint/js": "^9.39.3",
                 "@goauthentik/eslint-config": "../eslint-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.0.0",
                 "eslint": "^9.39.3",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2"
             }
         },
         "../tsconfig": {
             "name": "@goauthentik/tsconfig",
-            "version": "2.0.0",
+            "version": "1.0.8",
             "dev": true,
             "license": "MIT",
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             }
         },
         "node_modules/@babel/code-frame": {
@@ -576,30 +576,30 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "25.7.0",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz",
-            "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==",
+            "version": "25.5.0",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.0.tgz",
+            "integrity": "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "undici-types": "~7.21.0"
+                "undici-types": "~7.18.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.59.3.tgz",
-            "integrity": "sha512-PwFvSKsXGShKGW6n5bZOhGHEcCZXM8HofLK9fNsEwZXzFRjoY+XT1Vsf1zgyXdwTr0ZYz1/2tkZ0DBTT9jZjhw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.57.2.tgz",
+            "integrity": "sha512-NZZgp0Fm2IkD+La5PR81sd+g+8oS6JwJje+aRWsDocxHkjyRw0J5L5ZTlN3LI1LlOcGL7ph3eaIUmTXMIjLk0w==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/regexpp": "^4.12.2",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/type-utils": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/type-utils": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -609,9 +609,9 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.59.3",
+                "@typescript-eslint/parser": "^8.57.2",
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin/node_modules/ignore": {
@@ -625,16 +625,16 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.59.3.tgz",
-            "integrity": "sha512-HPwA+hVkfcriajbNvTmZv4VRauibay+cWArYUYq7u7W7PmGShMxbPxLvrwDme55a6d5alG3nrYfhyJ/G28XlLg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.57.2.tgz",
+            "integrity": "sha512-30ScMRHIAD33JJQkgfGW1t8CURZtjc2JpTrq5n2HFhOefbAhb7ucc7xJwdWcrEtqUIYJ73Nybpsggii6GtAHjA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -646,18 +646,18 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.59.3.tgz",
-            "integrity": "sha512-ECiUWa/KYRGDFUqTNehaRgzDshnJfkTABJxVemHk4ko22gcr0ukloKjWvyQ64g8YCV/UI47kN1dbmjf/GaQYng==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.57.2.tgz",
+            "integrity": "sha512-FuH0wipFywXRTHf+bTTjNyuNQQsQC3qh/dYzaM4I4W0jrCqjCVuUh99+xd9KamUfmCGPvbO8NDngo/vsnNVqgw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.59.3",
-                "@typescript-eslint/types": "^8.59.3",
+                "@typescript-eslint/tsconfig-utils": "^8.57.2",
+                "@typescript-eslint/types": "^8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -668,18 +668,18 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.59.3.tgz",
-            "integrity": "sha512-t2LvZnoEfzKtnPjgeEu41xw5gxq9mQVfYy4OoZ4Vlt0sk3JwxmhCca/AR7DwOiHrjWgjAj6as4AhRLKSDfvZIA==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.57.2.tgz",
+            "integrity": "sha512-snZKH+W4WbWkrBqj4gUNRIGb/jipDW3qMqVJ4C9rzdFc+wLwruxk+2a5D+uoFcKPAqyqEnSb4l2ULuZf95eSkw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3"
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -690,9 +690,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.59.3.tgz",
-            "integrity": "sha512-PcIJHjmaREXLgIAIzLnSY9VucEzz8FKXsRgFa1DmdGCK/5tJpW03TKJF01Q6VZd1lLdz2sIKPWaDUZN9dp//dw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.57.2.tgz",
+            "integrity": "sha512-3Lm5DSM+DCowsUOJC+YqHHnKEfFh5CoGkj5Z31NQSNF4l5wdOwqGn99wmwN/LImhfY3KJnmordBq/4+VDe2eKw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -703,21 +703,21 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.59.3.tgz",
-            "integrity": "sha512-g71d8QD8UaiHGvrJwyIS1hCX5r63w6Jll+4VEYhEAHXTDIqX1JgxhTAbEHtKntL9kuc4jRo7/GWw5xfCepSccQ==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.57.2.tgz",
+            "integrity": "sha512-Co6ZCShm6kIbAM/s+oYVpKFfW7LBc6FXoPXjTRQ449PPNBY8U0KZXuevz5IFuuUj2H9ss40atTaf9dlGLzbWZg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
                 "debug": "^4.4.3",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -728,13 +728,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.59.3.tgz",
-            "integrity": "sha512-ePFoH0g4ludssdRFqqDxQePCxU4WQyRa9+XVwjm7yLn0FKhMeoetC+qBEEI1Eyb1pGSDveTIT09Bvw2WhlGayg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.57.2.tgz",
+            "integrity": "sha512-/iZM6FnM4tnx9csuTxspMW4BOSegshwX5oBDznJ7S4WggL7Vczz5d2W11ecc4vRrQMQHXRSxzrCsyG5EsPPTbA==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -746,21 +746,21 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.59.3.tgz",
-            "integrity": "sha512-CbRjVRAf7Lr9Kr8RopKcbY45p2VfmmHrm0ygOCYFi7oU8q19m0Fs/6iHS7kNOmwpp+ob07ZVcAqlxUod9lYdmg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.57.2.tgz",
+            "integrity": "sha512-2MKM+I6g8tJxfSmFKOnHv2t8Sk3T6rF20A1Puk0svLK+uVapDZB/4pfAeB7nE83uAZrU6OxW+HmOd5wHVdXwXA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.59.3",
-                "@typescript-eslint/tsconfig-utils": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/project-service": "8.57.2",
+                "@typescript-eslint/tsconfig-utils": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3",
                 "minimatch": "^10.2.2",
                 "semver": "^7.7.3",
                 "tinyglobby": "^0.2.15",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -770,7 +770,7 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
@@ -784,9 +784,9 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
-            "version": "5.0.6",
-            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz",
-            "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==",
+            "version": "5.0.5",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+            "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -797,13 +797,13 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-            "version": "10.2.5",
-            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz",
-            "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==",
+            "version": "10.2.4",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz",
+            "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==",
             "dev": true,
             "license": "BlueOak-1.0.0",
             "dependencies": {
-                "brace-expansion": "^5.0.5"
+                "brace-expansion": "^5.0.2"
             },
             "engines": {
                 "node": "18 || 20 || >=22"
@@ -813,9 +813,9 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/semver": {
-            "version": "7.8.0",
-            "resolved": "https://registry.npmjs.org/semver/-/semver-7.8.0.tgz",
-            "integrity": "sha512-AcM7dV/5ul4EekoQ29Agm5vri8JNqRyj39o0qpX6vDF2GZrtutZl5RwgD1XnZjiTAfncsJhMI48QQH3sN87YNA==",
+            "version": "7.7.4",
+            "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+            "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
             "dev": true,
             "license": "ISC",
             "bin": {
@@ -826,16 +826,16 @@
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.59.3.tgz",
-            "integrity": "sha512-JAvT14goBzRzzzZyqq3P9BLArIxTtQURUtFgQ/V7FO+eU+Gg6ES+5ymOPP1wRxXcxAYeivCk4uS3jCKWI1K8Zg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.57.2.tgz",
+            "integrity": "sha512-krRIbvPK1ju1WBKIefiX+bngPs+odIQUtR7kymzPfo1POVw3jlF+nLkmexdSSd4UCbDcQn+wMBATOOmpBbqgKg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.9.1",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3"
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -846,17 +846,17 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.59.3.tgz",
-            "integrity": "sha512-f1UQF7ggd42YiwI5wGrRaPsa+P0CINBlrkLPmGfpq/u/I/oVtecoEIfFR9ag/oa1sLOsRNZ6xehf6qMZhQGBDg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.57.2.tgz",
+            "integrity": "sha512-zhahknjobV2FiD6Ee9iLbS7OV9zi10rG26odsQdfBO/hjSzUQbkIYgda+iNKK1zNiW2ey+Lf8MU5btN17V3dUw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
                 "eslint-visitor-keys": "^5.0.0"
             },
             "engines": {
@@ -1431,37 +1431,6 @@
                 "node": ">=0.10.0"
             }
         },
-        "node_modules/domelementtype": {
-            "version": "3.0.0",
-            "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-3.0.0.tgz",
-            "integrity": "sha512-umCQid3jKbDmVjx8jGaW7uUykm4DEUeyV21hPxNMo2nV955DhUThwqyOIDtreepP31hl84X7G5U9ZfsWvIB3Pg==",
-            "funding": [
-                {
-                    "type": "github",
-                    "url": "https://github.com/sponsors/fb55"
-                }
-            ],
-            "license": "BSD-2-Clause",
-            "engines": {
-                "node": ">=20.19.0"
-            }
-        },
-        "node_modules/domhandler": {
-            "version": "6.0.1",
-            "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-6.0.1.tgz",
-            "integrity": "sha512-gYzvtM72ZtxQO0T048kd6HWSbbGCNOUwcnfQ01cqIJ4X2IYKFFHZ5mKvrQETcFXxsRObZulDaKmy//R7TPtsBg==",
-            "license": "BSD-2-Clause",
-            "dependencies": {
-                "domelementtype": "^3.0.0"
-            },
-            "engines": {
-                "node": ">=20.19.0"
-            },
-            "funding": {
-                "type": "github",
-                "url": "https://github.com/fb55/domhandler?sponsor=1"
-            }
-        },
         "node_modules/dunder-proto": {
             "version": "1.0.1",
             "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
@@ -1482,18 +1451,6 @@
             "integrity": "sha512-PwfIw7WQSt3xX7yOf5OE/unLzsK9CaN2f/FvV3WjPR1Knoc1T9vePRVV4W1EM301JzzysK51K7FNKcusCr0zYA==",
             "license": "ISC"
         },
-        "node_modules/entities": {
-            "version": "8.0.0",
-            "resolved": "https://registry.npmjs.org/entities/-/entities-8.0.0.tgz",
-            "integrity": "sha512-zwfzJecQ/Uej6tusMqwAqU/6KL2XaB2VZ2Jg54Je6ahNBGNH6Ek6g3jjNCF0fG9EWQKGZNddNjU5F1ZQn/sBnA==",
-            "license": "BSD-2-Clause",
-            "engines": {
-                "node": ">=20.19.0"
-            },
-            "funding": {
-                "url": "https://github.com/fb55/entities?sponsor=1"
-            }
-        },
         "node_modules/es-abstract": {
             "version": "1.24.1",
             "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.24.1.tgz",
@@ -1833,13 +1790,13 @@
             }
         },
         "node_modules/eslint-plugin-lit": {
-            "version": "2.3.1",
-            "resolved": "https://registry.npmjs.org/eslint-plugin-lit/-/eslint-plugin-lit-2.3.1.tgz",
-            "integrity": "sha512-wAqDOOWQzUoY5uK124ZR+h7Snx0+KdZd3Knv6133gRHEcu03jbqnouK4GBwVl6PkGOkNy40zSchOp9VbBh4yHg==",
+            "version": "2.2.1",
+            "resolved": "https://registry.npmjs.org/eslint-plugin-lit/-/eslint-plugin-lit-2.2.1.tgz",
+            "integrity": "sha512-mnqqwpWF4PBF/YjlGt9mbHwrWCGMtaqdpnqISv3nGcTl8iStaAt9UGieMY3i8vwKfSSWtkEfBZUcRKFGys6yiw==",
             "license": "MIT",
             "dependencies": {
-                "parse5": "^8.0.1",
-                "parse5-htmlparser2-tree-adapter": "^8.0.1"
+                "parse5": "^6.0.1",
+                "parse5-htmlparser2-tree-adapter": "^6.0.1"
             },
             "engines": {
                 "node": ">= 18"
@@ -1881,9 +1838,9 @@
             }
         },
         "node_modules/eslint-plugin-react-hooks": {
-            "version": "7.1.1",
-            "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-7.1.1.tgz",
-            "integrity": "sha512-f2I7Gw6JbvCexzIInuSbZpfdQ44D7iqdWX01FKLvrPgqxoE7oMj8clOfto8U6vYiz4yd5oKu39rRSVOe1zRu0g==",
+            "version": "7.0.1",
+            "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-7.0.1.tgz",
+            "integrity": "sha512-O0d0m04evaNzEPoSW+59Mezf8Qt0InfgGIBJnpC0h3NH/WjUAR7BIKUfysC6todmtiZ/A0oUVS8Gce0WhBrHsA==",
             "license": "MIT",
             "dependencies": {
                 "@babel/core": "^7.24.4",
@@ -1896,7 +1853,7 @@
                 "node": ">=18"
             },
             "peerDependencies": {
-                "eslint": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0-0 || ^9.0.0 || ^10.0.0"
+                "eslint": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0-0 || ^9.0.0"
             }
         },
         "node_modules/eslint-plugin-react/node_modules/resolve": {
@@ -3237,28 +3194,18 @@
             }
         },
         "node_modules/parse5": {
-            "version": "8.0.1",
-            "resolved": "https://registry.npmjs.org/parse5/-/parse5-8.0.1.tgz",
-            "integrity": "sha512-z1e/HMG90obSGeidlli3hj7cbocou0/wa5HacvI3ASx34PecNjNQeaHNo5WIZpWofN9kgkqV1q5YvXe3F0FoPw==",
-            "license": "MIT",
-            "dependencies": {
-                "entities": "^8.0.0"
-            },
-            "funding": {
-                "url": "https://github.com/inikulin/parse5?sponsor=1"
-            }
+            "version": "6.0.1",
+            "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz",
+            "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==",
+            "license": "MIT"
         },
         "node_modules/parse5-htmlparser2-tree-adapter": {
-            "version": "8.0.1",
-            "resolved": "https://registry.npmjs.org/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-8.0.1.tgz",
-            "integrity": "sha512-aqkH+xQxX+QGZtP5GIMmqqp16Y0v9muEf2VVeypv35kFsD5bqP1UeBanSshdfjMY+RTh2vN4mmK6nEOVRMEvHg==",
+            "version": "6.0.1",
+            "resolved": "https://registry.npmjs.org/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-6.0.1.tgz",
+            "integrity": "sha512-qPuWvbLgvDGilKc5BoicRovlT4MtYT6JfJyBOMDsKoiT+GiuP5qyrPCnR9HcPECIJJmZh5jRndyNThnhhb/vlA==",
             "license": "MIT",
             "dependencies": {
-                "domhandler": "^6.0.1",
-                "parse5": "^8.0.0"
-            },
-            "funding": {
-                "url": "https://github.com/inikulin/parse5?sponsor=1"
+                "parse5": "^6.0.1"
             }
         },
         "node_modules/path-exists": {
@@ -3771,14 +3718,14 @@
             }
         },
         "node_modules/tinyglobby": {
-            "version": "0.2.16",
-            "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.16.tgz",
-            "integrity": "sha512-pn99VhoACYR8nFHhxqix+uvsbXineAasWm5ojXoN8xEwK5Kd3/TrhNn1wByuD52UxWRLy8pu+kRMniEi6Eq9Zg==",
+            "version": "0.2.15",
+            "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz",
+            "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "fdir": "^6.5.0",
-                "picomatch": "^4.0.4"
+                "picomatch": "^4.0.3"
             },
             "engines": {
                 "node": ">=12.0.0"
@@ -3911,9 +3858,9 @@
             }
         },
         "node_modules/typescript": {
-            "version": "6.0.3",
-            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz",
-            "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==",
+            "version": "6.0.2",
+            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz",
+            "integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==",
             "dev": true,
             "license": "Apache-2.0",
             "bin": {
@@ -3925,16 +3872,16 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.59.3.tgz",
-            "integrity": "sha512-KgusgyDgG4LI8Ih/sWaCtZ06tckLAS5CvT5A4D1Q7bYVoAAyzwiZvE4BmwDHkhRVkvhRBepKeASoFzQetha7Fg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.57.2.tgz",
+            "integrity": "sha512-VEPQ0iPgWO/sBaZOU1xo4nuNdODVOajPnTIbog2GKYr31nIlZ0fWPoCQgGfF3ETyBl1vn63F/p50Um9Z4J8O8A==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.59.3",
-                "@typescript-eslint/parser": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3"
+                "@typescript-eslint/eslint-plugin": "8.57.2",
+                "@typescript-eslint/parser": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -3945,7 +3892,7 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/unbox-primitive": {
@@ -3967,9 +3914,9 @@
             }
         },
         "node_modules/undici-types": {
-            "version": "7.21.0",
-            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz",
-            "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==",
+            "version": "7.18.2",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+            "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
             "dev": true,
             "license": "MIT"
         },

packages/eslint-config/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@goauthentik/eslint-config",
-    "version": "2.0.0",
+    "version": "1.3.0",
     "description": "authentik's ESLint config",
     "license": "MIT",
     "repository": {
@@ -39,24 +39,24 @@
     "dependencies": {
         "eslint": "^9.39.3",
         "eslint-plugin-import": "^2.32.0",
-        "eslint-plugin-lit": "^2.3.1",
+        "eslint-plugin-lit": "^2.2.1",
         "eslint-plugin-react": "^7.37.5",
-        "eslint-plugin-react-hooks": "^7.1.1",
+        "eslint-plugin-react-hooks": "^7.0.1",
         "eslint-plugin-wc": "^3.1.0"
     },
     "devDependencies": {
         "@goauthentik/prettier-config": "../prettier-config",
         "@goauthentik/tsconfig": "../tsconfig",
         "@types/eslint": "^9.6.1",
-        "@types/node": "^25.7.0",
-        "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3"
+        "@types/node": "^25.5.0",
+        "typescript": "^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "peerDependencies": {
         "react": "^18.0.0 || ^19.0.0",
         "react-dom": "^18.0.0 || ^19.0.0",
-        "typescript": "^6.0.3 || ^7.0.0",
-        "typescript-eslint": "^8.59.3"
+        "typescript": "^5.9.3 || ^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "files": [
         "./index.js",
@@ -65,7 +65,7 @@
     ],
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -75,7 +75,7 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "warn"
         }
     },

packages/logger-js/package-lock.json

@@ -1,29 +1,29 @@
 {
     "name": "@goauthentik/logger-js",
-    "version": "2.0.0",
+    "version": "1.1.2",
     "lockfileVersion": 3,
     "requires": true,
     "packages": {
         "": {
             "name": "@goauthentik/logger-js",
-            "version": "2.0.0",
+            "version": "1.1.2",
             "license": "MIT",
             "devDependencies": {
                 "@eslint/js": "^9.39.3",
                 "@goauthentik/prettier-config": "../prettier-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.5.0",
                 "eslint": "^9.39.3",
                 "pino": "^10.3.1",
                 "pino-pretty": "^13.1.2",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
                 "pino": "^10.3.1",
@@ -40,7 +40,7 @@
         },
         "../prettier-config": {
             "name": "@goauthentik/prettier-config",
-            "version": "4.0.0",
+            "version": "3.5.0",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -50,30 +50,30 @@
                 "@eslint/js": "^9.39.3",
                 "@goauthentik/eslint-config": "../eslint-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.0.0",
                 "eslint": "^9.39.3",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2"
             }
         },
         "../tsconfig": {
             "name": "@goauthentik/tsconfig",
-            "version": "2.0.0",
+            "version": "1.0.9",
             "dev": true,
             "license": "MIT",
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             }
         },
         "node_modules/@eslint-community/eslint-utils": {
@@ -361,30 +361,30 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "25.7.0",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz",
-            "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==",
+            "version": "25.5.0",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.0.tgz",
+            "integrity": "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "undici-types": "~7.21.0"
+                "undici-types": "~7.18.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.59.3.tgz",
-            "integrity": "sha512-PwFvSKsXGShKGW6n5bZOhGHEcCZXM8HofLK9fNsEwZXzFRjoY+XT1Vsf1zgyXdwTr0ZYz1/2tkZ0DBTT9jZjhw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.57.2.tgz",
+            "integrity": "sha512-NZZgp0Fm2IkD+La5PR81sd+g+8oS6JwJje+aRWsDocxHkjyRw0J5L5ZTlN3LI1LlOcGL7ph3eaIUmTXMIjLk0w==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/regexpp": "^4.12.2",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/type-utils": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/type-utils": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -394,22 +394,22 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.59.3",
+                "@typescript-eslint/parser": "^8.57.2",
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.59.3.tgz",
-            "integrity": "sha512-HPwA+hVkfcriajbNvTmZv4VRauibay+cWArYUYq7u7W7PmGShMxbPxLvrwDme55a6d5alG3nrYfhyJ/G28XlLg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.57.2.tgz",
+            "integrity": "sha512-30ScMRHIAD33JJQkgfGW1t8CURZtjc2JpTrq5n2HFhOefbAhb7ucc7xJwdWcrEtqUIYJ73Nybpsggii6GtAHjA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -421,18 +421,18 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.59.3.tgz",
-            "integrity": "sha512-ECiUWa/KYRGDFUqTNehaRgzDshnJfkTABJxVemHk4ko22gcr0ukloKjWvyQ64g8YCV/UI47kN1dbmjf/GaQYng==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.57.2.tgz",
+            "integrity": "sha512-FuH0wipFywXRTHf+bTTjNyuNQQsQC3qh/dYzaM4I4W0jrCqjCVuUh99+xd9KamUfmCGPvbO8NDngo/vsnNVqgw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.59.3",
-                "@typescript-eslint/types": "^8.59.3",
+                "@typescript-eslint/tsconfig-utils": "^8.57.2",
+                "@typescript-eslint/types": "^8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -443,18 +443,18 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.59.3.tgz",
-            "integrity": "sha512-t2LvZnoEfzKtnPjgeEu41xw5gxq9mQVfYy4OoZ4Vlt0sk3JwxmhCca/AR7DwOiHrjWgjAj6as4AhRLKSDfvZIA==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.57.2.tgz",
+            "integrity": "sha512-snZKH+W4WbWkrBqj4gUNRIGb/jipDW3qMqVJ4C9rzdFc+wLwruxk+2a5D+uoFcKPAqyqEnSb4l2ULuZf95eSkw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3"
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -465,9 +465,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.59.3.tgz",
-            "integrity": "sha512-PcIJHjmaREXLgIAIzLnSY9VucEzz8FKXsRgFa1DmdGCK/5tJpW03TKJF01Q6VZd1lLdz2sIKPWaDUZN9dp//dw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.57.2.tgz",
+            "integrity": "sha512-3Lm5DSM+DCowsUOJC+YqHHnKEfFh5CoGkj5Z31NQSNF4l5wdOwqGn99wmwN/LImhfY3KJnmordBq/4+VDe2eKw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -478,21 +478,21 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.59.3.tgz",
-            "integrity": "sha512-g71d8QD8UaiHGvrJwyIS1hCX5r63w6Jll+4VEYhEAHXTDIqX1JgxhTAbEHtKntL9kuc4jRo7/GWw5xfCepSccQ==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.57.2.tgz",
+            "integrity": "sha512-Co6ZCShm6kIbAM/s+oYVpKFfW7LBc6FXoPXjTRQ449PPNBY8U0KZXuevz5IFuuUj2H9ss40atTaf9dlGLzbWZg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
                 "debug": "^4.4.3",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -503,13 +503,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.59.3.tgz",
-            "integrity": "sha512-ePFoH0g4ludssdRFqqDxQePCxU4WQyRa9+XVwjm7yLn0FKhMeoetC+qBEEI1Eyb1pGSDveTIT09Bvw2WhlGayg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.57.2.tgz",
+            "integrity": "sha512-/iZM6FnM4tnx9csuTxspMW4BOSegshwX5oBDznJ7S4WggL7Vczz5d2W11ecc4vRrQMQHXRSxzrCsyG5EsPPTbA==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -521,21 +521,21 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.59.3.tgz",
-            "integrity": "sha512-CbRjVRAf7Lr9Kr8RopKcbY45p2VfmmHrm0ygOCYFi7oU8q19m0Fs/6iHS7kNOmwpp+ob07ZVcAqlxUod9lYdmg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.57.2.tgz",
+            "integrity": "sha512-2MKM+I6g8tJxfSmFKOnHv2t8Sk3T6rF20A1Puk0svLK+uVapDZB/4pfAeB7nE83uAZrU6OxW+HmOd5wHVdXwXA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.59.3",
-                "@typescript-eslint/tsconfig-utils": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/project-service": "8.57.2",
+                "@typescript-eslint/tsconfig-utils": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3",
                 "minimatch": "^10.2.2",
                 "semver": "^7.7.3",
                 "tinyglobby": "^0.2.15",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -545,20 +545,20 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.59.3.tgz",
-            "integrity": "sha512-JAvT14goBzRzzzZyqq3P9BLArIxTtQURUtFgQ/V7FO+eU+Gg6ES+5ymOPP1wRxXcxAYeivCk4uS3jCKWI1K8Zg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.57.2.tgz",
+            "integrity": "sha512-krRIbvPK1ju1WBKIefiX+bngPs+odIQUtR7kymzPfo1POVw3jlF+nLkmexdSSd4UCbDcQn+wMBATOOmpBbqgKg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.9.1",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3"
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -569,17 +569,17 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.59.3.tgz",
-            "integrity": "sha512-f1UQF7ggd42YiwI5wGrRaPsa+P0CINBlrkLPmGfpq/u/I/oVtecoEIfFR9ag/oa1sLOsRNZ6xehf6qMZhQGBDg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.57.2.tgz",
+            "integrity": "sha512-zhahknjobV2FiD6Ee9iLbS7OV9zi10rG26odsQdfBO/hjSzUQbkIYgda+iNKK1zNiW2ey+Lf8MU5btN17V3dUw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
                 "eslint-visitor-keys": "^5.0.0"
             },
             "engines": {
@@ -687,9 +687,9 @@
             }
         },
         "node_modules/brace-expansion": {
-            "version": "5.0.6",
-            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz",
-            "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==",
+            "version": "5.0.5",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+            "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -1409,13 +1409,13 @@
             "license": "MIT"
         },
         "node_modules/minimatch": {
-            "version": "10.2.5",
-            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz",
-            "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==",
+            "version": "10.2.4",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz",
+            "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==",
             "dev": true,
             "license": "BlueOak-1.0.0",
             "dependencies": {
-                "brace-expansion": "^5.0.5"
+                "brace-expansion": "^5.0.2"
             },
             "engines": {
                 "node": "18 || 20 || >=22"
@@ -1653,9 +1653,9 @@
             }
         },
         "node_modules/prettier": {
-            "version": "3.8.3",
-            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.3.tgz",
-            "integrity": "sha512-7igPTM53cGHMW8xWuVTydi2KO233VFiTNyF5hLJqpilHfmn8C8gPf+PS7dUT64YcXFbiMGZxS9pCSxL/Dxm/Jw==",
+            "version": "3.8.1",
+            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz",
+            "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
             "dev": true,
             "license": "MIT",
             "bin": {
@@ -1946,9 +1946,9 @@
             }
         },
         "node_modules/typescript": {
-            "version": "6.0.3",
-            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz",
-            "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==",
+            "version": "6.0.2",
+            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz",
+            "integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==",
             "dev": true,
             "license": "Apache-2.0",
             "bin": {
@@ -1960,16 +1960,16 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.59.3.tgz",
-            "integrity": "sha512-KgusgyDgG4LI8Ih/sWaCtZ06tckLAS5CvT5A4D1Q7bYVoAAyzwiZvE4BmwDHkhRVkvhRBepKeASoFzQetha7Fg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.57.2.tgz",
+            "integrity": "sha512-VEPQ0iPgWO/sBaZOU1xo4nuNdODVOajPnTIbog2GKYr31nIlZ0fWPoCQgGfF3ETyBl1vn63F/p50Um9Z4J8O8A==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.59.3",
-                "@typescript-eslint/parser": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3"
+                "@typescript-eslint/eslint-plugin": "8.57.2",
+                "@typescript-eslint/parser": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1980,13 +1980,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/undici-types": {
-            "version": "7.21.0",
-            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz",
-            "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==",
+            "version": "7.18.2",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+            "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
             "dev": true,
             "license": "MIT"
         },

packages/logger-js/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@goauthentik/logger-js",
-    "version": "2.0.0",
+    "version": "1.1.2",
     "description": "Pino-based logger for authentik",
     "license": "MIT",
     "repository": {
@@ -31,14 +31,14 @@
         "@eslint/js": "^9.39.3",
         "@goauthentik/prettier-config": "../prettier-config",
         "@goauthentik/tsconfig": "../tsconfig",
-        "@types/node": "^25.7.0",
+        "@types/node": "^25.5.0",
         "eslint": "^9.39.3",
         "pino": "^10.3.1",
         "pino-pretty": "^13.1.2",
-        "prettier": "^3.8.3",
+        "prettier": "^3.8.1",
         "prettier-plugin-packagejson": "^3.0.2",
-        "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3"
+        "typescript": "^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "peerDependencies": {
         "pino": "^10.3.1",
@@ -51,7 +51,7 @@
     ],
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -61,7 +61,7 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "ignore"
         }
     },

packages/prettier-config/package-lock.json

@@ -1,12 +1,12 @@
 {
     "name": "@goauthentik/prettier-config",
-    "version": "4.0.0",
+    "version": "3.5.0",
     "lockfileVersion": 3,
     "requires": true,
     "packages": {
         "": {
             "name": "@goauthentik/prettier-config",
-            "version": "4.0.0",
+            "version": "3.5.0",
             "license": "MIT",
             "dependencies": {
                 "format-imports": "^4.0.8"
@@ -15,25 +15,25 @@
                 "@eslint/js": "^9.39.3",
                 "@goauthentik/eslint-config": "../eslint-config",
                 "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.0.0",
                 "eslint": "^9.39.3",
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
-                "prettier": "^3.8.3",
+                "prettier": "^3.8.1",
                 "prettier-plugin-packagejson": "^3.0.2"
             }
         },
         "../eslint-config": {
             "name": "@goauthentik/eslint-config",
-            "version": "2.0.0",
+            "version": "1.3.0",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -41,26 +41,26 @@
                 "eslint-plugin-import": "^2.32.0",
                 "eslint-plugin-lit": "^2.2.1",
                 "eslint-plugin-react": "^7.37.5",
-                "eslint-plugin-react-hooks": "^7.1.1",
+                "eslint-plugin-react-hooks": "^7.0.1",
                 "eslint-plugin-wc": "^3.1.0"
             },
             "devDependencies": {
                 "@goauthentik/prettier-config": "../prettier-config",
                 "@goauthentik/tsconfig": "../tsconfig",
                 "@types/eslint": "^9.6.1",
-                "@types/node": "^25.7.0",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
+                "@types/node": "^25.3.0",
+                "typescript": "^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             },
             "peerDependencies": {
                 "react": "^18.0.0 || ^19.0.0",
                 "react-dom": "^18.0.0 || ^19.0.0",
-                "typescript": "^6.0.3 || ^7.0.0",
-                "typescript-eslint": "^8.59.3"
+                "typescript": "^5.9.3 || ^6.0.2",
+                "typescript-eslint": "^8.57.2"
             },
             "peerDependenciesMeta": {
                 "react": {
@@ -73,12 +73,12 @@
         },
         "../tsconfig": {
             "name": "@goauthentik/tsconfig",
-            "version": "1.0.9",
+            "version": "1.0.8",
             "dev": true,
             "license": "MIT",
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             }
         },
         "node_modules/@babel/helper-string-parser": {
@@ -382,30 +382,30 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "25.7.0",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz",
-            "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==",
+            "version": "25.5.0",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.0.tgz",
+            "integrity": "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "undici-types": "~7.21.0"
+                "undici-types": "~7.18.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.59.3.tgz",
-            "integrity": "sha512-PwFvSKsXGShKGW6n5bZOhGHEcCZXM8HofLK9fNsEwZXzFRjoY+XT1Vsf1zgyXdwTr0ZYz1/2tkZ0DBTT9jZjhw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.57.2.tgz",
+            "integrity": "sha512-NZZgp0Fm2IkD+La5PR81sd+g+8oS6JwJje+aRWsDocxHkjyRw0J5L5ZTlN3LI1LlOcGL7ph3eaIUmTXMIjLk0w==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/regexpp": "^4.12.2",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/type-utils": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/type-utils": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -415,9 +415,9 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.59.3",
+                "@typescript-eslint/parser": "^8.57.2",
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin/node_modules/ignore": {
@@ -431,16 +431,16 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.59.3.tgz",
-            "integrity": "sha512-HPwA+hVkfcriajbNvTmZv4VRauibay+cWArYUYq7u7W7PmGShMxbPxLvrwDme55a6d5alG3nrYfhyJ/G28XlLg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.57.2.tgz",
+            "integrity": "sha512-30ScMRHIAD33JJQkgfGW1t8CURZtjc2JpTrq5n2HFhOefbAhb7ucc7xJwdWcrEtqUIYJ73Nybpsggii6GtAHjA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -452,18 +452,18 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.59.3.tgz",
-            "integrity": "sha512-ECiUWa/KYRGDFUqTNehaRgzDshnJfkTABJxVemHk4ko22gcr0ukloKjWvyQ64g8YCV/UI47kN1dbmjf/GaQYng==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.57.2.tgz",
+            "integrity": "sha512-FuH0wipFywXRTHf+bTTjNyuNQQsQC3qh/dYzaM4I4W0jrCqjCVuUh99+xd9KamUfmCGPvbO8NDngo/vsnNVqgw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.59.3",
-                "@typescript-eslint/types": "^8.59.3",
+                "@typescript-eslint/tsconfig-utils": "^8.57.2",
+                "@typescript-eslint/types": "^8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -474,18 +474,18 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.59.3.tgz",
-            "integrity": "sha512-t2LvZnoEfzKtnPjgeEu41xw5gxq9mQVfYy4OoZ4Vlt0sk3JwxmhCca/AR7DwOiHrjWgjAj6as4AhRLKSDfvZIA==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.57.2.tgz",
+            "integrity": "sha512-snZKH+W4WbWkrBqj4gUNRIGb/jipDW3qMqVJ4C9rzdFc+wLwruxk+2a5D+uoFcKPAqyqEnSb4l2ULuZf95eSkw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3"
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -496,9 +496,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.59.3.tgz",
-            "integrity": "sha512-PcIJHjmaREXLgIAIzLnSY9VucEzz8FKXsRgFa1DmdGCK/5tJpW03TKJF01Q6VZd1lLdz2sIKPWaDUZN9dp//dw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.57.2.tgz",
+            "integrity": "sha512-3Lm5DSM+DCowsUOJC+YqHHnKEfFh5CoGkj5Z31NQSNF4l5wdOwqGn99wmwN/LImhfY3KJnmordBq/4+VDe2eKw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -509,21 +509,21 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.59.3.tgz",
-            "integrity": "sha512-g71d8QD8UaiHGvrJwyIS1hCX5r63w6Jll+4VEYhEAHXTDIqX1JgxhTAbEHtKntL9kuc4jRo7/GWw5xfCepSccQ==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.57.2.tgz",
+            "integrity": "sha512-Co6ZCShm6kIbAM/s+oYVpKFfW7LBc6FXoPXjTRQ449PPNBY8U0KZXuevz5IFuuUj2H9ss40atTaf9dlGLzbWZg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
                 "debug": "^4.4.3",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -534,13 +534,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.59.3.tgz",
-            "integrity": "sha512-ePFoH0g4ludssdRFqqDxQePCxU4WQyRa9+XVwjm7yLn0FKhMeoetC+qBEEI1Eyb1pGSDveTIT09Bvw2WhlGayg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.57.2.tgz",
+            "integrity": "sha512-/iZM6FnM4tnx9csuTxspMW4BOSegshwX5oBDznJ7S4WggL7Vczz5d2W11ecc4vRrQMQHXRSxzrCsyG5EsPPTbA==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -552,21 +552,21 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.59.3.tgz",
-            "integrity": "sha512-CbRjVRAf7Lr9Kr8RopKcbY45p2VfmmHrm0ygOCYFi7oU8q19m0Fs/6iHS7kNOmwpp+ob07ZVcAqlxUod9lYdmg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.57.2.tgz",
+            "integrity": "sha512-2MKM+I6g8tJxfSmFKOnHv2t8Sk3T6rF20A1Puk0svLK+uVapDZB/4pfAeB7nE83uAZrU6OxW+HmOd5wHVdXwXA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.59.3",
-                "@typescript-eslint/tsconfig-utils": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/project-service": "8.57.2",
+                "@typescript-eslint/tsconfig-utils": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3",
                 "minimatch": "^10.2.2",
                 "semver": "^7.7.3",
                 "tinyglobby": "^0.2.15",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -576,7 +576,7 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
@@ -590,9 +590,9 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
-            "version": "5.0.6",
-            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz",
-            "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==",
+            "version": "5.0.5",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+            "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -603,13 +603,13 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-            "version": "10.2.5",
-            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz",
-            "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==",
+            "version": "10.2.4",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz",
+            "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==",
             "dev": true,
             "license": "BlueOak-1.0.0",
             "dependencies": {
-                "brace-expansion": "^5.0.5"
+                "brace-expansion": "^5.0.2"
             },
             "engines": {
                 "node": "18 || 20 || >=22"
@@ -619,16 +619,16 @@
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.59.3.tgz",
-            "integrity": "sha512-JAvT14goBzRzzzZyqq3P9BLArIxTtQURUtFgQ/V7FO+eU+Gg6ES+5ymOPP1wRxXcxAYeivCk4uS3jCKWI1K8Zg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.57.2.tgz",
+            "integrity": "sha512-krRIbvPK1ju1WBKIefiX+bngPs+odIQUtR7kymzPfo1POVw3jlF+nLkmexdSSd4UCbDcQn+wMBATOOmpBbqgKg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.9.1",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3"
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -639,17 +639,17 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.59.3.tgz",
-            "integrity": "sha512-f1UQF7ggd42YiwI5wGrRaPsa+P0CINBlrkLPmGfpq/u/I/oVtecoEIfFR9ag/oa1sLOsRNZ6xehf6qMZhQGBDg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.57.2.tgz",
+            "integrity": "sha512-zhahknjobV2FiD6Ee9iLbS7OV9zi10rG26odsQdfBO/hjSzUQbkIYgda+iNKK1zNiW2ey+Lf8MU5btN17V3dUw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
                 "eslint-visitor-keys": "^5.0.0"
             },
             "engines": {
@@ -1745,9 +1745,9 @@
             }
         },
         "node_modules/prettier": {
-            "version": "3.8.3",
-            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.3.tgz",
-            "integrity": "sha512-7igPTM53cGHMW8xWuVTydi2KO233VFiTNyF5hLJqpilHfmn8C8gPf+PS7dUT64YcXFbiMGZxS9pCSxL/Dxm/Jw==",
+            "version": "3.8.1",
+            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz",
+            "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
             "license": "MIT",
             "bin": {
                 "prettier": "bin/prettier.cjs"
@@ -2001,9 +2001,9 @@
             }
         },
         "node_modules/typescript": {
-            "version": "6.0.3",
-            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz",
-            "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==",
+            "version": "6.0.2",
+            "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz",
+            "integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==",
             "dev": true,
             "license": "Apache-2.0",
             "bin": {
@@ -2015,16 +2015,16 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.59.3.tgz",
-            "integrity": "sha512-KgusgyDgG4LI8Ih/sWaCtZ06tckLAS5CvT5A4D1Q7bYVoAAyzwiZvE4BmwDHkhRVkvhRBepKeASoFzQetha7Fg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.57.2.tgz",
+            "integrity": "sha512-VEPQ0iPgWO/sBaZOU1xo4nuNdODVOajPnTIbog2GKYr31nIlZ0fWPoCQgGfF3ETyBl1vn63F/p50Um9Z4J8O8A==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.59.3",
-                "@typescript-eslint/parser": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3"
+                "@typescript-eslint/eslint-plugin": "8.57.2",
+                "@typescript-eslint/parser": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -2035,13 +2035,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/undici-types": {
-            "version": "7.21.0",
-            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz",
-            "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==",
+            "version": "7.18.2",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+            "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
             "dev": true,
             "license": "MIT"
         },

packages/prettier-config/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@goauthentik/prettier-config",
-    "version": "4.0.0",
+    "version": "3.5.0",
     "description": "authentik's Prettier config",
     "license": "MIT",
     "repository": {
@@ -39,15 +39,15 @@
         "@eslint/js": "^9.39.3",
         "@goauthentik/eslint-config": "../eslint-config",
         "@goauthentik/tsconfig": "../tsconfig",
-        "@types/node": "^25.7.0",
+        "@types/node": "^25.0.0",
         "eslint": "^9.39.3",
-        "prettier": "^3.8.3",
+        "prettier": "^3.8.1",
         "prettier-plugin-packagejson": "^3.0.2",
-        "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3"
+        "typescript": "^6.0.2",
+        "typescript-eslint": "^8.57.2"
     },
     "peerDependencies": {
-        "prettier": "^3.8.3",
+        "prettier": "^3.8.1",
         "prettier-plugin-packagejson": "^3.0.2"
     },
     "files": [
@@ -57,7 +57,7 @@
     ],
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -67,7 +67,7 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "warn"
         }
     },

packages/tsconfig/package-lock.json

@@ -1,16 +1,16 @@
 {
     "name": "@goauthentik/tsconfig",
-    "version": "2.0.0",
+    "version": "1.0.9",
     "lockfileVersion": 3,
     "requires": true,
     "packages": {
         "": {
             "name": "@goauthentik/tsconfig",
-            "version": "2.0.0",
+            "version": "1.0.9",
             "license": "MIT",
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.10.1"
             }
         }
     }

packages/tsconfig/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@goauthentik/tsconfig",
-    "version": "2.0.0",
+    "version": "1.0.9",
     "description": "authentik's base TypeScript configuration.",
     "license": "MIT",
     "repository": {
@@ -15,7 +15,7 @@
     "type": "module",
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.10.1"
     },
     "devEngines": {
         "runtime": {
@@ -25,7 +25,7 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": ">=11.10.1",
             "onFail": "warn"
         }
     },

packages/tsconfig/tsconfig.json

@@ -1,6 +1,7 @@
 {
     "$schema": "https://json.schemastore.org/tsconfig",
     "compilerOptions": {
+        "ignoreDeprecations": "6.0",
         "alwaysStrict": true,
         "composite": true,
         "declaration": true,

schema.yml

@@ -54916,7 +54916,6 @@ components:
       enum:
       - token
       - oauth
-      - oauth_interactive
       type: string
     SCIMMapping:
       type: object
@@ -55051,24 +55050,6 @@ components:
           type: object
           additionalProperties: {}
           description: Additional OAuth parameters, such as grant_type
-        auth_oauth_token_last_updated:
-          type: string
-          format: date-time
-          nullable: true
-          readOnly: true
-        auth_oauth_token_expires:
-          type: string
-          format: date-time
-          nullable: true
-          readOnly: true
-        auth_oauth_url_callback:
-          type: string
-          nullable: true
-          readOnly: true
-        auth_oauth_url_start:
-          type: string
-          nullable: true
-          readOnly: true
         compatibility_mode:
           allOf:
           - $ref: '#/components/schemas/CompatibilityModeEnum'
@@ -55101,10 +55082,6 @@ components:
       required:
       - assigned_backchannel_application_name
       - assigned_backchannel_application_slug
-      - auth_oauth_token_expires
-      - auth_oauth_token_last_updated
-      - auth_oauth_url_callback
-      - auth_oauth_url_start
       - component
       - meta_model_name
       - name

scripts/node/lint-lockfile.mjs

@@ -1,278 +0,0 @@
-#!/usr/bin/env node
-/**
- * @file Lints the package-lock.json file to ensure it is in sync with package.json.
- *
- * Usage:
- *   lint-lockfile [options] [directory]
- *
- * Options:
- *   --warn    Report issues as warnings instead of failing. The lockfile is
- *             still regenerated on disk, but the process exits 0.
- *
- * Exit codes:
- *   0  Lockfile is in sync (or --warn was passed)
- *   1  Unexpected error
- *   2  Lockfile drift detected
- */
-
-/// <reference lib="esnext" />
-
-import * as assert from "node:assert/strict";
-import { findPackageJSON } from "node:module";
-import { dirname } from "node:path";
-import { isDeepStrictEqual, parseArgs } from "node:util";
-
-import { ConsoleLogger } from "../../packages/logger-js/lib/node.js";
-import { parseCWD, reportAndExit } from "./utils/commands.mjs";
-import { corepack } from "./utils/corepack.mjs";
-import { gitStatus } from "./utils/git.mjs";
-import { findNPMPackage, loadJSON, npm, pluckDependencyFields } from "./utils/node.mjs";
-
-//#region Constants
-
-const logger = ConsoleLogger.prefix("lint:lockfile");
-
-const { values: options, positionals } = parseArgs({
-    options: {
-        "warn": {
-            type: "boolean",
-            default: false,
-            description: "Report issues as warnings instead of failing",
-        },
-        "skip-git": {
-            type: "boolean",
-            default: !!process.env.CI,
-            description:
-                "Skip checking for uncommitted changes (use with --warn to ignore drift without reporting)",
-        },
-    },
-    allowPositionals: true,
-});
-
-const cwd = parseCWD(positionals);
-
-const ignoredProperties = new Set([
-    // ---
-    "peer",
-    "engines",
-    "optional",
-]);
-
-//#region Utilities
-
-/**
- * @param {Record<string, unknown>} actual
- * @param {Record<string, unknown>} expected
- * @param {string[]} [prefix]
- * @returns {Set<string>[]}
- */
-function extractDiffedProperties(actual, expected, prefix = []) {
-    const a = actual ?? {};
-    const b = expected ?? {};
-    const keys = new Set([...Object.keys(a), ...Object.keys(b)]);
-    /** @type {Set<string>[]} */
-    const diffs = [];
-
-    for (const key of keys) {
-        const path = [...prefix, key];
-        const valA = a[key];
-        const valB = b[key];
-
-        if (
-            valA !== null &&
-            valB !== null &&
-            typeof valA === "object" &&
-            typeof valB === "object" &&
-            !Array.isArray(valA) &&
-            !Array.isArray(valB)
-        ) {
-            // @ts-ignore
-            diffs.push(...extractDiffedProperties(valA, valB, path));
-        } else if (!isDeepStrictEqual(valA, valB)) {
-            diffs.push(new Set(path));
-        }
-    }
-
-    return diffs;
-}
-
-//#endregion
-
-/**
- * Exit code when lockfile drift is detected (distinct from general errors)
- */
-const EXIT_DRIFT = 2;
-
-/**
- * @returns {Promise<string[]>} The list of issues detected.
- */
-async function run() {
-    /** @type {string[]} */
-    const issues = [];
-
-    /**
-     * Records an issue. In strict mode, throws immediately.
-     * In warn mode, collects the message for later reporting.
-     *
-     * @param {boolean} ok
-     * @param {string} message
-     */
-    const check = (ok, message) => {
-        if (ok) return;
-
-        if (options.warn) {
-            issues.push(message);
-            return;
-        }
-
-        assert.fail(message);
-    };
-
-    /**
-     * Checks deep equality of two values. In strict mode, throws if they are not equal.
-     * In warn mode, records an issue instead.
-     *
-     * @param {unknown} actual
-     * @param {unknown} expected
-     * @param {string} message
-     */
-    const checkDeep = (actual, expected, message) => {
-        if (options.warn) {
-            if (!isDeepStrictEqual(actual, expected)) {
-                issues.push(message);
-            }
-
-            return;
-        }
-
-        assert.deepStrictEqual(actual, expected, message);
-    };
-
-    logger.info(`Linting lockfile integrity in: ${cwd}`);
-
-    // MARK: Locate files
-
-    const resolvedPath = import.meta.resolve(cwd);
-    const packageJSONPath = findPackageJSON(resolvedPath);
-
-    assert.ok(
-        packageJSONPath,
-        "Could not find package.json in the current directory or any parent directories",
-    );
-
-    const packageDir = dirname(packageJSONPath);
-    const { packageLockPath } = await findNPMPackage(packageDir);
-    const lockfileDir = dirname(packageLockPath);
-    const isWorkspace = lockfileDir !== packageDir;
-
-    const corepackVersion = await corepack`--version`().catch(() => null);
-    const useCorepack = !!corepackVersion;
-    logger.info(`corepack: ${corepackVersion || "disabled"}`);
-
-    const expected = {
-        lockfile: await loadJSON(packageLockPath),
-        package: await loadJSON(packageJSONPath).then(pluckDependencyFields),
-    };
-
-    logger.info(`package.json: ${packageJSONPath} (${expected.package.name})`);
-    logger.info(`package-lock.json: ${packageLockPath}${isWorkspace ? " (workspace root)" : ""}`);
-
-    // MARK: Uncommitted changes
-
-    if (options["skip-git"]) {
-        logger.warn("Skipping git status check");
-    } else {
-        const packageStatus = await gitStatus(packageJSONPath);
-        const lockfileStatus = await gitStatus(packageLockPath);
-
-        if (!packageStatus.available || !lockfileStatus.available) {
-            logger.warn("Git is not available; skipping uncommitted change detection.");
-        } else {
-            check(packageStatus.clean, `package.json has uncommitted changes: ${packageJSONPath}`);
-
-            check(
-                lockfileStatus.clean,
-                `package-lock.json has uncommitted changes: ${packageLockPath}`,
-            );
-        }
-    }
-
-    // MARK: Regenerate
-
-    const npmVersion = await npm`--version`({ useCorepack });
-
-    logger.info(`Detected npm version: ${npmVersion}`);
-
-    await npm`install --package-lock-only`({
-        cwd: lockfileDir,
-        useCorepack,
-    });
-
-    logger.info("npm install complete.");
-
-    const actual = {
-        lockfile: await loadJSON(packageLockPath),
-        package: await loadJSON(packageJSONPath).then(pluckDependencyFields),
-    };
-
-    // MARK: Compare
-
-    assert.deepStrictEqual(
-        actual.package,
-        expected.package,
-        `package.json was unexpectedly modified during lockfile check: ${packageJSONPath}`,
-    );
-
-    try {
-        checkDeep(
-            actual.lockfile,
-            expected.lockfile,
-            `package-lock.json is out of sync with package.json`,
-        );
-    } catch (error) {
-        if (!(error instanceof assert.AssertionError)) {
-            throw error;
-        }
-
-        // NPM versions <=11.10 has issues with deterministic lockfile generation,
-        // especially around optional peer dependencies.
-        const diffedProperties = extractDiffedProperties(actual.lockfile, expected.lockfile).filter(
-            (segments) => segments.isDisjointFrom(ignoredProperties),
-        );
-
-        if (diffedProperties.length) {
-            const formatted = diffedProperties
-                .map((segments) => Array.from(segments).join("."))
-                .join("\n");
-
-            throw new Error(`Lockfile drift detected:\n${formatted}`, { cause: error });
-        }
-
-        logger.warn(
-            "Permissible dependency differences detected. Run `npm install` to update the lockfile.",
-        );
-    }
-
-    return issues;
-}
-
-run()
-    .then((issues) => {
-        if (issues.length) {
-            logger.warn(`⚠️  ${issues.length} issue(s) detected:`);
-
-            for (const issue of issues) {
-                logger.warn(`  - ${issue}`);
-            }
-
-            if (options.warn) {
-                logger.warn(
-                    "The lockfile on disk has been regenerated. Review and commit the changes.",
-                );
-                process.exit(EXIT_DRIFT);
-            }
-        } else {
-            logger.info("✅ Lockfile is in sync.");
-        }
-    })
-    .catch((error) => reportAndExit(error, logger));

scripts/node/lint-runtime.mjs

@@ -1,114 +0,0 @@
-#!/usr/bin/env node
-/**
- * @file Lints the installed Node.js and npm versions against the requirements specified in package.json.
- *
- * Usage:
- *   lint-node [options] [directory]
- *
- * Exit codes:
- *   0  Versions are in sync
- *   1  Version mismatch detected
- */
-
-import * as assert from "node:assert/strict";
-import { parseArgs } from "node:util";
-
-import { ConsoleLogger } from "../../packages/logger-js/lib/node.js";
-import { CommandError, parseCWD, reportAndExit } from "./utils/commands.mjs";
-import { corepack } from "./utils/corepack.mjs";
-import { resolveRepoRoot } from "./utils/git.mjs";
-import { compareVersions, findNPMPackage, loadJSON, node, npm, parseRange } from "./utils/node.mjs";
-
-const logger = ConsoleLogger.prefix("lint-runtime");
-
-/**
- * @param {string} start
- */
-async function readRequirements(start) {
-    const { packageJSONPath } = await findNPMPackage(start);
-
-    logger.info(`Checking versions in ${packageJSONPath}`);
-
-    const packageJSONData = await loadJSON(packageJSONPath);
-
-    const nodeVersion = await node`--version`().then((output) => output.replace(/^v/, ""));
-
-    const requiredNpmVersion = packageJSONData.engines?.npm;
-    const requiredNodeVersion = packageJSONData.engines?.node;
-
-    return { nodeVersion, requiredNpmVersion, requiredNodeVersion };
-}
-
-async function main() {
-    const parsedArgs = parseArgs({
-        allowPositionals: true,
-    });
-
-    const cwd = parseCWD(parsedArgs.positionals);
-    const repoRoot = await resolveRepoRoot(cwd).catch(() => null);
-
-    logger.info(`cwd ${cwd}`);
-    logger.info(`repository ${repoRoot || "not found"}`);
-
-    const corepackVersion = await corepack`--version`().catch(() => null);
-    const useCorepack = !!corepackVersion;
-    logger.info(`corepack ${corepackVersion || "disabled"}`);
-
-    const npmVersion = await npm`--version`({ cwd, useCorepack })
-        .then((version) => {
-            logger.info(`npm${corepackVersion ? " (via Corepack)" : ""} ${version}`);
-
-            return version;
-        })
-        .catch((error) => {
-            if (error instanceof CommandError && corepackVersion) {
-                logger.warn(`Failed to read npm version via Corepack ${error.message}`);
-
-                logger.info(`Attempting to read npm version directly without Corepack...`);
-                // Corepack might be misconfigured or outdated.
-                // Attempting a second read without Corepack can help us distinguish
-                // between a general npm issue and a Corepack-specific one.
-                return npm`--version`({ cwd }).then((version) => {
-                    logger.info(`npm (direct) ${version}`);
-
-                    return version;
-                });
-            }
-
-            throw error;
-        });
-
-    const { nodeVersion, requiredNpmVersion, requiredNodeVersion } = await readRequirements(cwd);
-
-    logger.info(`node ${nodeVersion}`);
-
-    if (requiredNpmVersion) {
-        logger.info(`package.json npm ${requiredNpmVersion}`);
-
-        const { operator, version: required } = parseRange(requiredNpmVersion);
-        const result = compareVersions(npmVersion, required);
-
-        assert.ok(
-            operator === ">=" ? result >= 0 : result === 0,
-            `npm version ${npmVersion} does not satisfy required version ${requiredNpmVersion}`,
-        );
-    }
-
-    if (requiredNodeVersion) {
-        logger.info(`package.json node ${requiredNodeVersion}`);
-
-        const { operator, version: required } = parseRange(requiredNodeVersion);
-        const result = compareVersions(nodeVersion, required);
-
-        assert.ok(
-            operator === ">=" ? result >= 0 : result === 0,
-            `Node.js version ${nodeVersion} does not satisfy required version ${requiredNodeVersion}`,
-        );
-    }
-}
-
-main()
-    .then(() => {
-        logger.info("✅ Node.js and npm versions are in sync.");
-    })
-    .catch((error) => reportAndExit(error, logger));

scripts/node/setup-corepack.mjs

@@ -1,110 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * @file Downloads the latest corepack tarball from the npm registry.
- */
-
-import * as fs from "node:fs/promises";
-import { parseArgs } from "node:util";
-
-import { ConsoleLogger } from "../../packages/logger-js/lib/node.js";
-import { $, parseCWD, reportAndExit } from "./utils/commands.mjs";
-import { corepack, pullLatestCorepack, verifyPackageManagerIntegrity } from "./utils/corepack.mjs";
-import { resolveRepoRoot } from "./utils/git.mjs";
-import { findNPMPackage, loadJSON, npm } from "./utils/node.mjs";
-
-/**
- * @deprecated Remove after Corepack is merged into the monorepo and we can rely on the version specified in package.json.
- */
-const FALLBACK_PACKAGE_MANAGER =
-    "npm@11.14.1+sha512.6a8a4d67478497a2dbc6815cad72e64c43f33413717e242756047d466241ab39bee61e691683a64658e94496ec5f1a1c05e4a5ec62dcc773280dfd949443a367";
-const logger = ConsoleLogger.prefix("setup-corepack");
-
-async function main() {
-    const parsedArgs = parseArgs({
-        options: {
-            force: {
-                type: "boolean",
-                default: false,
-                description: "Force re-download of corepack even if a version is already installed",
-            },
-        },
-        allowPositionals: true,
-    });
-
-    const cwdArg = parseCWD(parsedArgs.positionals);
-
-    const repoRoot = await resolveRepoRoot(cwdArg).catch(() => null);
-    const cwd = repoRoot || cwdArg;
-
-    const npmVersion = await npm`--version`({ cwd });
-
-    logger.info(`npm ${npmVersion}`);
-
-    const corepackVersion = await corepack`--version`({ cwd }).catch(() => null);
-
-    logger.info(`corepack ${corepackVersion || "not found"}`);
-
-    if (corepackVersion && !parsedArgs.values.force) {
-        logger.info("Corepack is already installed, skipping download (use --force to override)");
-        return;
-    }
-
-    await pullLatestCorepack(cwd);
-
-    await npm`install --force -g corepack@latest`({ cwd });
-    logger.info("Corepack installed successfully");
-
-    const { packageJSONPath } = await findNPMPackage(cwd);
-
-    logger.info(`Checking versions in ${packageJSONPath}`);
-
-    const packageJSONData = await loadJSON(packageJSONPath);
-
-    const packageManagerSpec = packageJSONData.packageManager || FALLBACK_PACKAGE_MANAGER;
-    const plusIndex = packageManagerSpec.indexOf("+");
-    const packageManager =
-        plusIndex === -1 ? packageManagerSpec : packageManagerSpec.slice(0, plusIndex);
-    const checksum = plusIndex === -1 ? "" : packageManagerSpec.slice(plusIndex + 1);
-
-    if (!checksum) {
-        throw new Error(
-            `Invalid packageManager field in package.json. Expected format "name@version+checksum". Got "${packageJSONData.packageManager}".`,
-        );
-    }
-
-    await verifyPackageManagerIntegrity(packageManager, checksum);
-
-    await $`corepack install -g ${packageManager}`({ cwd });
-
-    logger.info(`Setting up Corepack to use ${packageManager}...`);
-
-    const writablePackageJSON = await fs.access(packageJSONPath, fs.constants.W_OK).then(
-        () => true,
-        () => false,
-    );
-
-    /**
-     * @type {string}
-     */
-    let subcommand;
-
-    if (!writablePackageJSON) {
-        if (!packageJSONData.packageManager) {
-            throw new Error(
-                `package.json is not writable and does not specify a packageManager field. Was the package.json file mounted via Docker?`,
-            );
-        }
-
-        subcommand = "install -g";
-    } else {
-        logger.info("package.json is writable");
-        subcommand = "use";
-    }
-
-    await $`corepack ${subcommand} ${packageManager}`({ cwd });
-
-    logger.info("Corepack installed npm successfully");
-}
-
-main().catch((error) => reportAndExit(error, logger));

scripts/node/utils/commands.mjs

@@ -1,123 +0,0 @@
-/**
- * Utility functions for running shell commands and handling their results.
- *
- * @import { ExecOptions } from "node:child_process"
- * @import { IConsoleLogger } from "../../../packages/logger-js/lib/shared.js"
- */
-
-import { exec } from "node:child_process";
-import { resolve, sep } from "node:path";
-import { promisify } from "node:util";
-
-import { ConsoleLogger } from "../../../packages/logger-js/lib/node.js";
-
-const logger = ConsoleLogger.prefix("commands");
-
-export class CommandError extends Error {
-    name = "CommandError";
-
-    /**
-     * @param {string} command
-     * @param {ErrorOptions & ExecOptions} options
-     */
-    constructor(command, { cause, cwd, shell } = {}) {
-        const cwdInfo = cwd ? ` in directory ${cwd}` : "";
-        const shellInfo = shell ? ` using shell ${shell}` : "";
-
-        super(`Command failed: ${command}${cwdInfo}${shellInfo}`, { cause });
-    }
-}
-
-/**
- * @param {string[]} positionals
- * @returns {string} The resolved current working directory for the script
- */
-export function parseCWD(positionals) {
-    // `INIT_CWD` is present only if the script is run via npm.
-    const initCWD = process.env.INIT_CWD || process.cwd();
-
-    const cwd = (positionals.length ? resolve(initCWD, positionals[0]) : initCWD) + sep;
-
-    return cwd;
-}
-
-const execAsync = promisify(exec);
-
-/**
- * A timeout value to prevent hanging indefinitely when running shell commands,
- * such as if CI is experiencing issues with provisioning or network connectivity.
- */
-const DEFAULT_TIMEOUT_MS = 5 * 60 * 1000;
-
-/**
- * @param {Awaited<ReturnType<typeof execAsync>>} result
- */
-export const trimResult = (result) => String(result.stdout).trim();
-
-/**
- * @typedef {(strings: TemplateStringsArray, ...expressions: unknown[]) =>
- *   (options?: ExecOptions) => Promise<string>
- * } CommandTag
- */
-
-function createTag(prefix = "") {
-    /** @type {CommandTag} */
-    return (strings, ...expressions) => {
-        const command = (prefix ? prefix + " " : "") + String.raw(strings, ...expressions);
-
-        logger.debug(command);
-
-        return (options) =>
-            execAsync(command, { timeout: DEFAULT_TIMEOUT_MS, ...options })
-                .then(trimResult)
-                .catch((cause) => {
-                    throw new CommandError(command, { ...options, cause });
-                });
-    };
-}
-
-/**
- * A tagged template function for running shell commands.
- * @type {CommandTag & { bind(prefix: string): CommandTag }}
- */
-export const $ = createTag();
-
-/**
- * @param {string} prefix
- * @returns {CommandTag}
- */
-$.bind = (prefix) => createTag(prefix);
-
-/**
- * Promisified version of {@linkcode exec} for easier async/await usage.
- *
- * @param {string} command The command to run, with space-separated arguments.
- * @param {ExecOptions} [options] Optional execution options.
- * @throws {CommandError} If the command fails to execute.
- */
-export function $2(command, options) {
-    return execAsync(command, { timeout: DEFAULT_TIMEOUT_MS, ...options })
-        .then(trimResult)
-        .catch((cause) => {
-            throw new CommandError(command, { ...options, cause });
-        });
-}
-
-/**
- * Logs the given error and its cause (if any) and exits the process with a failure code.
- * @param {unknown} error
- * @param {IConsoleLogger} logger
- * @returns {never}
- */
-export function reportAndExit(error, logger = ConsoleLogger) {
-    const message = error instanceof Error ? error.message : String(error);
-    const cause = error instanceof Error && error.cause instanceof Error ? error.cause : null;
-
-    logger.error(`❌ ${message}`);
-
-    if (cause) {
-        logger.error(`Caused by: ${cause.message}`);
-    }
-
-    process.exit(1);
-}

scripts/node/utils/corepack.mjs

@@ -1,165 +0,0 @@
-import * as crypto from "node:crypto";
-import * as fs from "node:fs/promises";
-import { join, relative } from "node:path";
-
-import { ConsoleLogger } from "../../../packages/logger-js/lib/node.js";
-import { $ } from "./commands.mjs";
-
-const REGISTRY_BASE_URL = "https://registry.npmjs.org";
-const REGISTRY_URL = `${REGISTRY_BASE_URL}/corepack`;
-const OUTPUT_DIR = join(".corepack", "releases");
-const OUTPUT_FILENAME = "latest.tgz";
-
-export const corepack = $.bind("corepack");
-
-/**
- * Reads the installed Corepack version.
- *
- * @param {string} [cwd] The directory to run the command in.
- * @returns {Promise<string | null>} The installed Corepack version
- */
-export function readCorepackVersion(cwd = process.cwd()) {
-    return $`corepack --version`({ cwd });
-}
-
-const logger = ConsoleLogger.prefix("setup-corepack");
-
-/**
- * @param {string} baseDirectory
- */
-export async function pullLatestCorepack(baseDirectory = process.cwd()) {
-    logger.info("Fetching corepack metadata from registry...");
-
-    const outputDir = join(baseDirectory, OUTPUT_DIR);
-    const outputPath = join(outputDir, OUTPUT_FILENAME);
-
-    const res = await fetch(REGISTRY_URL, { signal: AbortSignal.timeout(1000 * 60) });
-
-    if (!res.ok) {
-        throw new Error(`Failed to fetch registry metadata: ${res.status} ${res.statusText}`);
-    }
-
-    const metadata = await res.json();
-
-    const latestVersion = metadata["dist-tags"].latest;
-    const versionData = metadata.versions[latestVersion];
-    const tarballUrl = versionData.dist.tarball;
-    const expectedIntegrity = versionData.dist.integrity;
-
-    logger.info(`Latest corepack version: ${latestVersion}`);
-    logger.info(`Tarball URL: ${tarballUrl}`);
-    logger.info(`Expected integrity: ${expectedIntegrity}`);
-
-    logger.info({ url: tarballUrl }, "Downloading tarball...");
-
-    const tarballRes = await fetch(tarballUrl, {
-        signal: AbortSignal.timeout(1000 * 60),
-    });
-
-    if (!tarballRes.ok) {
-        throw new Error(
-            `Failed to download tarball: ${tarballRes.status} ${tarballRes.statusText}`,
-        );
-    }
-
-    const tarballBuffer = Buffer.from(await tarballRes.arrayBuffer());
-
-    logger.info("Verifying integrity...");
-
-    const [algorithm, expectedHash] = expectedIntegrity.split("-");
-    const actualHash = crypto.createHash(algorithm).update(tarballBuffer).digest("base64");
-
-    if (actualHash !== expectedHash) {
-        throw new Error(
-            `Integrity mismatch!\n  Expected: ${expectedHash}\n  Actual:   ${actualHash}`,
-        );
-    }
-
-    logger.info("Integrity verified.");
-
-    await fs.mkdir(outputDir, { recursive: true });
-    await fs.writeFile(outputPath, tarballBuffer);
-
-    logger.info(`Saved to ${relative(baseDirectory, outputPath)}`);
-    logger.info(`corepack@${latestVersion} (${expectedIntegrity})`);
-}
-
-/**
- * Downloads the tarball for a package manager spec from the npm registry and
- * verifies it matches the expected Corepack-style checksum (`<algorithm>.<hex>`).
- *
- * Corepack's CLI does not enforce the `+integrity` suffix on the `packageManager`
- * field when invoked via `corepack install -g`, so we verify the bytes ourselves
- * before handing control back to Corepack.
- *
- * @param {string} packageManager E.g. `npm@11.14.1`.
- * @param {string} expectedChecksum E.g. `sha512.6a8a4d67...`.
- * @returns {Promise<void>}
- */
-export async function verifyPackageManagerIntegrity(packageManager, expectedChecksum) {
-    const atIndex = packageManager.lastIndexOf("@");
-
-    if (atIndex <= 0) {
-        throw new Error(
-            `Invalid packageManager spec "${packageManager}". Expected "name@version".`,
-        );
-    }
-
-    const name = packageManager.slice(0, atIndex);
-    const version = packageManager.slice(atIndex + 1);
-
-    const separatorIndex = expectedChecksum.indexOf(".");
-
-    if (separatorIndex <= 0) {
-        throw new Error(
-            `Invalid checksum format "${expectedChecksum}". Expected "<algorithm>.<hex>".`,
-        );
-    }
-
-    const algorithm = expectedChecksum.slice(0, separatorIndex);
-    const expectedHex = expectedChecksum.slice(separatorIndex + 1).toLowerCase();
-
-    logger.info(`Verifying ${name}@${version} against ${algorithm} checksum...`);
-
-    const metadataUrl = `${REGISTRY_BASE_URL}/${encodeURIComponent(name)}/${encodeURIComponent(version)}`;
-
-    const metadataRes = await fetch(metadataUrl, {
-        signal: AbortSignal.timeout(1000 * 60),
-    });
-
-    if (!metadataRes.ok) {
-        throw new Error(
-            `Failed to fetch registry metadata for ${name}@${version}: ${metadataRes.status} ${metadataRes.statusText}`,
-        );
-    }
-
-    const versionData = await metadataRes.json();
-    const tarballUrl = versionData?.dist?.tarball;
-
-    if (!tarballUrl) {
-        throw new Error(`Registry response missing dist.tarball for ${name}@${version}.`);
-    }
-
-    logger.info({ url: tarballUrl }, "Downloading tarball...");
-
-    const tarballRes = await fetch(tarballUrl, {
-        signal: AbortSignal.timeout(1000 * 60),
-    });
-
-    if (!tarballRes.ok) {
-        throw new Error(
-            `Failed to download tarball: ${tarballRes.status} ${tarballRes.statusText}`,
-        );
-    }
-
-    const tarballBuffer = Buffer.from(await tarballRes.arrayBuffer());
-    const actualHex = crypto.createHash(algorithm).update(tarballBuffer).digest("hex");
-
-    if (actualHex !== expectedHex) {
-        throw new Error(
-            `Integrity mismatch for ${name}@${version}!\n  Expected: ${algorithm}.${expectedHex}\n  Actual:   ${algorithm}.${actualHex}`,
-        );
-    }
-
-    logger.info(`Integrity verified for ${name}@${version}.`);
-}

scripts/node/utils/git.mjs

@@ -1,25 +0,0 @@
-import { $ } from "./commands.mjs";
-
-/**
- * Checks whether the given file has uncommitted changes in git.
- *
- * @param {string} filePath
- * @param {string} [cwd]
- * @returns {Promise<{ clean: boolean, available: boolean }>}
- */
-export async function gitStatus(filePath, cwd = process.cwd()) {
-    return $`git status --porcelain ${filePath}`({ cwd })
-        .then((output) => ({ clean: !output, available: true }))
-        .catch(() => ({ clean: false, available: false }));
-}
-
-/**
- * Finds the root directory of the git repository containing the given directory.
- *
- * @param {string} cwd
- * @returns {Promise<string>} The path to the git repository root.
- * @throws {Error} If the command fails (e.g., not a git repository).
- */
-export function resolveRepoRoot(cwd = process.cwd()) {
-    return $`git rev-parse --show-toplevel`({ cwd });
-}

scripts/node/utils/node.mjs

@@ -1,175 +0,0 @@
-/**
- * Utility functions for working with npm packages and versions.
- *
- * @import { ExecOptions } from "node:child_process"
- */
-
-import * as fs from "node:fs/promises";
-import { dirname, join } from "node:path";
-
-import { $ } from "./commands.mjs";
-
-/**
- * Find the nearest directory containing both package.json and package-lock.json,
- * starting from the given directory and walking upward.
- *
- * @param {string} start The directory to start searching from.
- * @returns {Promise<{ packageJSONPath: string, packageLockPath: string }>}
- * @throws {Error} If no co-located package.json and package-lock.json are found.
- */
-export async function findNPMPackage(start) {
-    let currentDir = start;
-
-    while (currentDir !== dirname(currentDir)) {
-        const packageJSONPath = join(currentDir, "package.json");
-        const packageLockPath = join(currentDir, "package-lock.json");
-
-        try {
-            await Promise.all([fs.access(packageJSONPath), fs.access(packageLockPath)]);
-            return {
-                packageJSONPath,
-                packageLockPath,
-            };
-        } catch {
-            // Continue searching up the directory tree
-        }
-
-        currentDir = dirname(currentDir);
-    }
-
-    throw new Error(`No co-located package.json and package-lock.json found above ${start}`);
-}
-
-/**
- * @typedef {object} PackageJSON
- * @property {string} name
- * @property {string} version
- * @property {Record<string, string>} [dependencies]
- * @property {Record<string, string>} [devDependencies]
- * @property {Record<string, string>} [peerDependencies]
- * @property {Record<string, string>} [optionalDependencies]
- * @property {Record<string, string>} [peerDependenciesMeta]
- * @property {Record<string, string>} [engines]
- * @property {Record<string, string>} [devEngines]
- * @property {string} [packageManager]
- */
-
-/**
- * @param {string} jsonPath
- * @returns {Promise<PackageJSON>}
- */
-export function loadJSON(jsonPath) {
-    return fs
-        .readFile(jsonPath, "utf-8")
-        .then(JSON.parse)
-        .catch((cause) => {
-            throw new Error(`Failed to load JSON file at ${jsonPath}`, { cause });
-        });
-}
-
-const PackageJSONComparisionFields = /** @type {const} */ ([
-    "name",
-    "dependencies",
-    "devDependencies",
-    "optionalDependencies",
-    "peerDependencies",
-    "peerDependenciesMeta",
-]);
-
-/**
- * @typedef {typeof PackageJSONComparisionFields[number]} PackageJSONComparisionField
- */
-
-/**
- * Extracts only the dependency fields from a package.json object for comparison purposes.
- *
- * @param {PackageJSON} data
- * @returns {Pick<PackageJSON, PackageJSONComparisionField>}
- */
-export function pluckDependencyFields(data) {
-    /**
-     * @type {Record<string, unknown>}
-     */
-    const result = {};
-
-    for (const field of PackageJSONComparisionFields) {
-        if (data[field]) {
-            result[field] = data[field];
-        }
-    }
-
-    return /** @type {Pick<PackageJSON, PackageJSONComparisionField>} */ (result);
-}
-
-//#region Versioning
-
-/**
- * Compares two semantic version strings (e.g., "14.17.0").
- *
- * @param {string} a The first version string.
- * @param {string} b The second version string.
- * @returns {number}
- */
-export function compareVersions(a, b) {
-    const pa = a.split(".").map(Number);
-    const pb = b.split(".").map(Number);
-    for (let i = 0; i < 3; i++) {
-        if (pa[i] > pb[i]) return 1;
-        if (pa[i] < pb[i]) return -1;
-    }
-    return 0;
-}
-
-/**
- * Runs a Node.js command and returns its stdout output as a string.
- *
- * @param {TemplateStringsArray} strings
- * @param  {...unknown} expressions
- * @returns {(options?: ExecOptions) => Promise<string>}
- */
-export const node = $.bind("node");
-
-/**
- * @typedef {object} NPMCommandOptions
- * @property {boolean} [useCorepack] Whether to prefix the command with "corepack " to use Corepack's shims.
- * @returns {Promise<string>}
- */
-
-/**
- * Runs an npm command and returns its stdout output as a string.
- *
- * @param {TemplateStringsArray} strings
- * @param  {...unknown} expressions
- * @returns {(options?: ExecOptions & NPMCommandOptions) => Promise<string>}
- */
-export function npm(strings, ...expressions) {
-    const subcommand = String.raw(strings, ...expressions);
-
-    return ({ useCorepack, ...options } = {}) => {
-        const command = [useCorepack ? "corepack" : "", "npm", subcommand]
-            .filter(Boolean)
-            .join(" ");
-
-        return $`${command}`(options);
-    };
-}
-
-/**
- * Parses a version range string, stripping any leading >= and normalizing to three parts.
- * @param {string} range
- * @returns {{ operator: ">=" | "=", version: string }}
- */
-export function parseRange(range) {
-    const hasGte = range.startsWith(">=");
-    const raw = hasGte ? range.slice(2) : range;
-    const parts = raw.split(".").map(Number);
-
-    while (parts.length < 3) parts.push(0);
-
-    return {
-        operator: hasGte ? ">=" : "=",
-        version: parts.join("."),
-    };
-}
-
-//#endregion

web/package-lock.json

@@ -51,7 +51,7 @@
                 "@types/codemirror": "^5.60.17",
                 "@types/grecaptcha": "^3.0.9",
                 "@types/guacamole-common-js": "^1.5.5",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.6.2",
                 "@types/react": "^19.2.14",
                 "@types/react-dom": "^19.2.3",
                 "@typescript-eslint/eslint-plugin": "^8.57.2",
@@ -73,7 +73,7 @@
                 "dompurify": "^3.4.2",
                 "esbuild": "^0.28.0",
                 "eslint": "^9.39.3",
-                "eslint-plugin-lit": "^2.3.1",
+                "eslint-plugin-lit": "^2.2.1",
                 "eslint-plugin-wc": "^3.1.0",
                 "fuse.js": "^7.3.0",
                 "globals": "^17.6.0",
@@ -114,7 +114,7 @@
                 "turnstile-types": "^1.2.3",
                 "type-fest": "^5.6.0",
                 "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3",
+                "typescript-eslint": "^8.57.2",
                 "unist-util-visit": "^5.1.0",
                 "vite": "^8.0.12",
                 "vitest": "^4.1.6",
@@ -124,46 +124,17 @@
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.6.2"
             },
             "optionalDependencies": {
                 "@esbuild/darwin-arm64": "^0.28.0",
                 "@esbuild/linux-arm64": "^0.28.0",
                 "@esbuild/linux-x64": "^0.28.0",
-                "@goauthentik/prettier-config-dev": "../packages/prettier-config",
                 "@rollup/rollup-darwin-arm64": "^4.57.1",
                 "@rollup/rollup-linux-arm64-gnu": "^4.57.1",
                 "@rollup/rollup-linux-x64-gnu": "^4.57.1"
             }
         },
-        "../packages/prettier-config": {
-            "name": "@goauthentik/prettier-config",
-            "version": "4.0.0",
-            "license": "MIT",
-            "optional": true,
-            "dependencies": {
-                "format-imports": "^4.0.8"
-            },
-            "devDependencies": {
-                "@eslint/js": "^9.39.3",
-                "@goauthentik/eslint-config": "../eslint-config",
-                "@goauthentik/tsconfig": "../tsconfig",
-                "@types/node": "^25.7.0",
-                "eslint": "^9.39.3",
-                "prettier": "^3.8.3",
-                "prettier-plugin-packagejson": "^3.0.2",
-                "typescript": "^6.0.3",
-                "typescript-eslint": "^8.59.3"
-            },
-            "engines": {
-                "node": ">=24",
-                "npm": ">=11.14.1"
-            },
-            "peerDependencies": {
-                "prettier": "^3.8.3",
-                "prettier-plugin-packagejson": "^3.0.2"
-            }
-        },
         "node_modules/@adobe/css-tools": {
             "version": "4.4.4",
             "resolved": "https://registry.npmjs.org/@adobe/css-tools/-/css-tools-4.4.4.tgz",
@@ -1626,10 +1597,6 @@
                 "prettier-plugin-packagejson": "^3.0.2"
             }
         },
-        "node_modules/@goauthentik/prettier-config-dev": {
-            "resolved": "../packages/prettier-config",
-            "link": true
-        },
         "node_modules/@goauthentik/tsconfig": {
             "version": "1.0.9",
             "resolved": "https://registry.npmjs.org/@goauthentik/tsconfig/-/tsconfig-1.0.9.tgz",
@@ -5513,12 +5480,12 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "25.7.0",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz",
-            "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==",
+            "version": "25.6.2",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.6.2.tgz",
+            "integrity": "sha512-sokuT28dxf9JT5Kady1fsXOvI4HVpjZa95NKT5y9PNTIrs2AsobR4GFAA90ZG8M+nxVRLysCXsVj6eGC7Vbrlw==",
             "license": "MIT",
             "dependencies": {
-                "undici-types": "~7.21.0"
+                "undici-types": "~7.19.0"
             }
         },
         "node_modules/@types/ramda": {
@@ -5582,19 +5549,19 @@
             "license": "MIT"
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.59.3.tgz",
-            "integrity": "sha512-PwFvSKsXGShKGW6n5bZOhGHEcCZXM8HofLK9fNsEwZXzFRjoY+XT1Vsf1zgyXdwTr0ZYz1/2tkZ0DBTT9jZjhw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.57.2.tgz",
+            "integrity": "sha512-NZZgp0Fm2IkD+La5PR81sd+g+8oS6JwJje+aRWsDocxHkjyRw0J5L5ZTlN3LI1LlOcGL7ph3eaIUmTXMIjLk0w==",
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/regexpp": "^4.12.2",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/type-utils": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/type-utils": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5604,9 +5571,9 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.59.3",
+                "@typescript-eslint/parser": "^8.57.2",
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin/node_modules/ignore": {
@@ -5619,15 +5586,15 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.59.3.tgz",
-            "integrity": "sha512-HPwA+hVkfcriajbNvTmZv4VRauibay+cWArYUYq7u7W7PmGShMxbPxLvrwDme55a6d5alG3nrYfhyJ/G28XlLg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.57.2.tgz",
+            "integrity": "sha512-30ScMRHIAD33JJQkgfGW1t8CURZtjc2JpTrq5n2HFhOefbAhb7ucc7xJwdWcrEtqUIYJ73Nybpsggii6GtAHjA==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -5639,17 +5606,17 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.59.3.tgz",
-            "integrity": "sha512-ECiUWa/KYRGDFUqTNehaRgzDshnJfkTABJxVemHk4ko22gcr0ukloKjWvyQ64g8YCV/UI47kN1dbmjf/GaQYng==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.57.2.tgz",
+            "integrity": "sha512-FuH0wipFywXRTHf+bTTjNyuNQQsQC3qh/dYzaM4I4W0jrCqjCVuUh99+xd9KamUfmCGPvbO8NDngo/vsnNVqgw==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.59.3",
-                "@typescript-eslint/types": "^8.59.3",
+                "@typescript-eslint/tsconfig-utils": "^8.57.2",
+                "@typescript-eslint/types": "^8.57.2",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -5660,17 +5627,17 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.59.3.tgz",
-            "integrity": "sha512-t2LvZnoEfzKtnPjgeEu41xw5gxq9mQVfYy4OoZ4Vlt0sk3JwxmhCca/AR7DwOiHrjWgjAj6as4AhRLKSDfvZIA==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.57.2.tgz",
+            "integrity": "sha512-snZKH+W4WbWkrBqj4gUNRIGb/jipDW3qMqVJ4C9rzdFc+wLwruxk+2a5D+uoFcKPAqyqEnSb4l2ULuZf95eSkw==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3"
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5681,9 +5648,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.59.3.tgz",
-            "integrity": "sha512-PcIJHjmaREXLgIAIzLnSY9VucEzz8FKXsRgFa1DmdGCK/5tJpW03TKJF01Q6VZd1lLdz2sIKPWaDUZN9dp//dw==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.57.2.tgz",
+            "integrity": "sha512-3Lm5DSM+DCowsUOJC+YqHHnKEfFh5CoGkj5Z31NQSNF4l5wdOwqGn99wmwN/LImhfY3KJnmordBq/4+VDe2eKw==",
             "license": "MIT",
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5693,20 +5660,20 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.59.3.tgz",
-            "integrity": "sha512-g71d8QD8UaiHGvrJwyIS1hCX5r63w6Jll+4VEYhEAHXTDIqX1JgxhTAbEHtKntL9kuc4jRo7/GWw5xfCepSccQ==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.57.2.tgz",
+            "integrity": "sha512-Co6ZCShm6kIbAM/s+oYVpKFfW7LBc6FXoPXjTRQ449PPNBY8U0KZXuevz5IFuuUj2H9ss40atTaf9dlGLzbWZg==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2",
                 "debug": "^4.4.3",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5717,13 +5684,13 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.59.3.tgz",
-            "integrity": "sha512-ePFoH0g4ludssdRFqqDxQePCxU4WQyRa9+XVwjm7yLn0FKhMeoetC+qBEEI1Eyb1pGSDveTIT09Bvw2WhlGayg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.57.2.tgz",
+            "integrity": "sha512-/iZM6FnM4tnx9csuTxspMW4BOSegshwX5oBDznJ7S4WggL7Vczz5d2W11ecc4vRrQMQHXRSxzrCsyG5EsPPTbA==",
             "license": "MIT",
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5734,20 +5701,20 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.59.3.tgz",
-            "integrity": "sha512-CbRjVRAf7Lr9Kr8RopKcbY45p2VfmmHrm0ygOCYFi7oU8q19m0Fs/6iHS7kNOmwpp+ob07ZVcAqlxUod9lYdmg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.57.2.tgz",
+            "integrity": "sha512-2MKM+I6g8tJxfSmFKOnHv2t8Sk3T6rF20A1Puk0svLK+uVapDZB/4pfAeB7nE83uAZrU6OxW+HmOd5wHVdXwXA==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.59.3",
-                "@typescript-eslint/tsconfig-utils": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/visitor-keys": "8.59.3",
+                "@typescript-eslint/project-service": "8.57.2",
+                "@typescript-eslint/tsconfig-utils": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/visitor-keys": "8.57.2",
                 "debug": "^4.4.3",
                 "minimatch": "^10.2.2",
                 "semver": "^7.7.3",
                 "tinyglobby": "^0.2.15",
-                "ts-api-utils": "^2.5.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5757,7 +5724,7 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
@@ -5770,9 +5737,9 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
-            "version": "5.0.6",
-            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz",
-            "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==",
+            "version": "5.0.5",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+            "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
             "license": "MIT",
             "dependencies": {
                 "balanced-match": "^4.0.2"
@@ -5782,12 +5749,12 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-            "version": "10.2.5",
-            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz",
-            "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==",
+            "version": "10.2.4",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz",
+            "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==",
             "license": "BlueOak-1.0.0",
             "dependencies": {
-                "brace-expansion": "^5.0.5"
+                "brace-expansion": "^5.0.2"
             },
             "engines": {
                 "node": "18 || 20 || >=22"
@@ -5797,9 +5764,9 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/semver": {
-            "version": "7.8.0",
-            "resolved": "https://registry.npmjs.org/semver/-/semver-7.8.0.tgz",
-            "integrity": "sha512-AcM7dV/5ul4EekoQ29Agm5vri8JNqRyj39o0qpX6vDF2GZrtutZl5RwgD1XnZjiTAfncsJhMI48QQH3sN87YNA==",
+            "version": "7.7.4",
+            "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+            "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
             "license": "ISC",
             "bin": {
                 "semver": "bin/semver.js"
@@ -5809,15 +5776,15 @@
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.59.3.tgz",
-            "integrity": "sha512-JAvT14goBzRzzzZyqq3P9BLArIxTtQURUtFgQ/V7FO+eU+Gg6ES+5ymOPP1wRxXcxAYeivCk4uS3jCKWI1K8Zg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.57.2.tgz",
+            "integrity": "sha512-krRIbvPK1ju1WBKIefiX+bngPs+odIQUtR7kymzPfo1POVw3jlF+nLkmexdSSd4UCbDcQn+wMBATOOmpBbqgKg==",
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.9.1",
-                "@typescript-eslint/scope-manager": "8.59.3",
-                "@typescript-eslint/types": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3"
+                "@typescript-eslint/scope-manager": "8.57.2",
+                "@typescript-eslint/types": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5828,16 +5795,16 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.59.3.tgz",
-            "integrity": "sha512-f1UQF7ggd42YiwI5wGrRaPsa+P0CINBlrkLPmGfpq/u/I/oVtecoEIfFR9ag/oa1sLOsRNZ6xehf6qMZhQGBDg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.57.2.tgz",
+            "integrity": "sha512-zhahknjobV2FiD6Ee9iLbS7OV9zi10rG26odsQdfBO/hjSzUQbkIYgda+iNKK1zNiW2ey+Lf8MU5btN17V3dUw==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.59.3",
+                "@typescript-eslint/types": "8.57.2",
                 "eslint-visitor-keys": "^5.0.0"
             },
             "engines": {
@@ -8711,37 +8678,6 @@
             "license": "MIT",
             "peer": true
         },
-        "node_modules/domelementtype": {
-            "version": "3.0.0",
-            "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-3.0.0.tgz",
-            "integrity": "sha512-umCQid3jKbDmVjx8jGaW7uUykm4DEUeyV21hPxNMo2nV955DhUThwqyOIDtreepP31hl84X7G5U9ZfsWvIB3Pg==",
-            "funding": [
-                {
-                    "type": "github",
-                    "url": "https://github.com/sponsors/fb55"
-                }
-            ],
-            "license": "BSD-2-Clause",
-            "engines": {
-                "node": ">=20.19.0"
-            }
-        },
-        "node_modules/domhandler": {
-            "version": "6.0.1",
-            "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-6.0.1.tgz",
-            "integrity": "sha512-gYzvtM72ZtxQO0T048kd6HWSbbGCNOUwcnfQ01cqIJ4X2IYKFFHZ5mKvrQETcFXxsRObZulDaKmy//R7TPtsBg==",
-            "license": "BSD-2-Clause",
-            "dependencies": {
-                "domelementtype": "^3.0.0"
-            },
-            "engines": {
-                "node": ">=20.19.0"
-            },
-            "funding": {
-                "type": "github",
-                "url": "https://github.com/fb55/domhandler?sponsor=1"
-            }
-        },
         "node_modules/dompurify": {
             "version": "3.4.2",
             "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.2.tgz",
@@ -9259,13 +9195,13 @@
             }
         },
         "node_modules/eslint-plugin-lit": {
-            "version": "2.3.1",
-            "resolved": "https://registry.npmjs.org/eslint-plugin-lit/-/eslint-plugin-lit-2.3.1.tgz",
-            "integrity": "sha512-wAqDOOWQzUoY5uK124ZR+h7Snx0+KdZd3Knv6133gRHEcu03jbqnouK4GBwVl6PkGOkNy40zSchOp9VbBh4yHg==",
+            "version": "2.2.1",
+            "resolved": "https://registry.npmjs.org/eslint-plugin-lit/-/eslint-plugin-lit-2.2.1.tgz",
+            "integrity": "sha512-mnqqwpWF4PBF/YjlGt9mbHwrWCGMtaqdpnqISv3nGcTl8iStaAt9UGieMY3i8vwKfSSWtkEfBZUcRKFGys6yiw==",
             "license": "MIT",
             "dependencies": {
-                "parse5": "^8.0.1",
-                "parse5-htmlparser2-tree-adapter": "^8.0.1"
+                "parse5": "^6.0.1",
+                "parse5-htmlparser2-tree-adapter": "^6.0.1"
             },
             "engines": {
                 "node": ">= 18"
@@ -9274,29 +9210,11 @@
                 "eslint": ">= 8"
             }
         },
-        "node_modules/eslint-plugin-lit/node_modules/entities": {
-            "version": "8.0.0",
-            "resolved": "https://registry.npmjs.org/entities/-/entities-8.0.0.tgz",
-            "integrity": "sha512-zwfzJecQ/Uej6tusMqwAqU/6KL2XaB2VZ2Jg54Je6ahNBGNH6Ek6g3jjNCF0fG9EWQKGZNddNjU5F1ZQn/sBnA==",
-            "license": "BSD-2-Clause",
-            "engines": {
-                "node": ">=20.19.0"
-            },
-            "funding": {
-                "url": "https://github.com/fb55/entities?sponsor=1"
-            }
-        },
         "node_modules/eslint-plugin-lit/node_modules/parse5": {
-            "version": "8.0.1",
-            "resolved": "https://registry.npmjs.org/parse5/-/parse5-8.0.1.tgz",
-            "integrity": "sha512-z1e/HMG90obSGeidlli3hj7cbocou0/wa5HacvI3ASx34PecNjNQeaHNo5WIZpWofN9kgkqV1q5YvXe3F0FoPw==",
-            "license": "MIT",
-            "dependencies": {
-                "entities": "^8.0.0"
-            },
-            "funding": {
-                "url": "https://github.com/inikulin/parse5?sponsor=1"
-            }
+            "version": "6.0.1",
+            "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz",
+            "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==",
+            "license": "MIT"
         },
         "node_modules/eslint-plugin-react": {
             "version": "7.37.5",
@@ -14899,41 +14817,19 @@
             }
         },
         "node_modules/parse5-htmlparser2-tree-adapter": {
-            "version": "8.0.1",
-            "resolved": "https://registry.npmjs.org/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-8.0.1.tgz",
-            "integrity": "sha512-aqkH+xQxX+QGZtP5GIMmqqp16Y0v9muEf2VVeypv35kFsD5bqP1UeBanSshdfjMY+RTh2vN4mmK6nEOVRMEvHg==",
+            "version": "6.0.1",
+            "resolved": "https://registry.npmjs.org/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-6.0.1.tgz",
+            "integrity": "sha512-qPuWvbLgvDGilKc5BoicRovlT4MtYT6JfJyBOMDsKoiT+GiuP5qyrPCnR9HcPECIJJmZh5jRndyNThnhhb/vlA==",
             "license": "MIT",
             "dependencies": {
-                "domhandler": "^6.0.1",
-                "parse5": "^8.0.0"
-            },
-            "funding": {
-                "url": "https://github.com/inikulin/parse5?sponsor=1"
-            }
-        },
-        "node_modules/parse5-htmlparser2-tree-adapter/node_modules/entities": {
-            "version": "8.0.0",
-            "resolved": "https://registry.npmjs.org/entities/-/entities-8.0.0.tgz",
-            "integrity": "sha512-zwfzJecQ/Uej6tusMqwAqU/6KL2XaB2VZ2Jg54Je6ahNBGNH6Ek6g3jjNCF0fG9EWQKGZNddNjU5F1ZQn/sBnA==",
-            "license": "BSD-2-Clause",
-            "engines": {
-                "node": ">=20.19.0"
-            },
-            "funding": {
-                "url": "https://github.com/fb55/entities?sponsor=1"
+                "parse5": "^6.0.1"
             }
         },
         "node_modules/parse5-htmlparser2-tree-adapter/node_modules/parse5": {
-            "version": "8.0.1",
-            "resolved": "https://registry.npmjs.org/parse5/-/parse5-8.0.1.tgz",
-            "integrity": "sha512-z1e/HMG90obSGeidlli3hj7cbocou0/wa5HacvI3ASx34PecNjNQeaHNo5WIZpWofN9kgkqV1q5YvXe3F0FoPw==",
-            "license": "MIT",
-            "dependencies": {
-                "entities": "^8.0.0"
-            },
-            "funding": {
-                "url": "https://github.com/inikulin/parse5?sponsor=1"
-            }
+            "version": "6.0.1",
+            "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz",
+            "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==",
+            "license": "MIT"
         },
         "node_modules/path-data-parser": {
             "version": "0.1.0",
@@ -18570,15 +18466,15 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.59.3",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.59.3.tgz",
-            "integrity": "sha512-KgusgyDgG4LI8Ih/sWaCtZ06tckLAS5CvT5A4D1Q7bYVoAAyzwiZvE4BmwDHkhRVkvhRBepKeASoFzQetha7Fg==",
+            "version": "8.57.2",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.57.2.tgz",
+            "integrity": "sha512-VEPQ0iPgWO/sBaZOU1xo4nuNdODVOajPnTIbog2GKYr31nIlZ0fWPoCQgGfF3ETyBl1vn63F/p50Um9Z4J8O8A==",
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.59.3",
-                "@typescript-eslint/parser": "8.59.3",
-                "@typescript-eslint/typescript-estree": "8.59.3",
-                "@typescript-eslint/utils": "8.59.3"
+                "@typescript-eslint/eslint-plugin": "8.57.2",
+                "@typescript-eslint/parser": "8.57.2",
+                "@typescript-eslint/typescript-estree": "8.57.2",
+                "@typescript-eslint/utils": "8.57.2"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -18589,7 +18485,7 @@
             },
             "peerDependencies": {
                 "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0",
-                "typescript": ">=4.8.4 <6.1.0"
+                "typescript": ">=4.8.4 <6.0.0"
             }
         },
         "node_modules/ufo": {
@@ -18672,9 +18568,9 @@
             }
         },
         "node_modules/undici-types": {
-            "version": "7.21.0",
-            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz",
-            "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==",
+            "version": "7.19.2",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.19.2.tgz",
+            "integrity": "sha512-qYVnV5OEm2AW8cJMCpdV20CDyaN3g0AjDlOGf1OW4iaDEx8MwdtChUp4zu4H0VP3nDRF/8RKWH+IPp9uW0YGZg==",
             "license": "MIT"
         },
         "node_modules/unicorn-magic": {
@@ -19799,14 +19695,14 @@
             "license": "MIT",
             "dependencies": {
                 "@goauthentik/tsconfig": "^1.0.9",
-                "@types/node": "^25.7.0",
+                "@types/node": "^25.6.2",
                 "@types/semver": "^7.7.1",
                 "semver": "^7.7.4",
                 "typescript": "^6.0.3"
             },
             "engines": {
                 "node": ">=24",
-                "npm": ">=11.14.1"
+                "npm": ">=11.6.2"
             }
         },
         "packages/core/node_modules/semver": {

web/package.json

@@ -13,6 +13,7 @@
         "format": "wireit",
         "lint": "eslint --fix .",
         "lint:imports": "knip --config scripts/knip.config.ts",
+        "lint:lockfile": "wireit",
         "lint:types": "wireit",
         "lint-check": "eslint --max-warnings 0 .",
         "lit-analyse": "wireit",
@@ -126,7 +127,7 @@
         "@types/codemirror": "^5.60.17",
         "@types/grecaptcha": "^3.0.9",
         "@types/guacamole-common-js": "^1.5.5",
-        "@types/node": "^25.7.0",
+        "@types/node": "^25.6.2",
         "@types/react": "^19.2.14",
         "@types/react-dom": "^19.2.3",
         "@typescript-eslint/eslint-plugin": "^8.57.2",
@@ -148,7 +149,7 @@
         "dompurify": "^3.4.2",
         "esbuild": "^0.28.0",
         "eslint": "^9.39.3",
-        "eslint-plugin-lit": "^2.3.1",
+        "eslint-plugin-lit": "^2.2.1",
         "eslint-plugin-wc": "^3.1.0",
         "fuse.js": "^7.3.0",
         "globals": "^17.6.0",
@@ -189,7 +190,7 @@
         "turnstile-types": "^1.2.3",
         "type-fest": "^5.6.0",
         "typescript": "^6.0.3",
-        "typescript-eslint": "^8.59.3",
+        "typescript-eslint": "^8.57.2",
         "unist-util-visit": "^5.1.0",
         "vite": "^8.0.12",
         "vitest": "^4.1.6",
@@ -201,7 +202,6 @@
         "@esbuild/darwin-arm64": "^0.28.0",
         "@esbuild/linux-arm64": "^0.28.0",
         "@esbuild/linux-x64": "^0.28.0",
-        "@goauthentik/prettier-config-dev": "../packages/prettier-config",
         "@rollup/rollup-darwin-arm64": "^4.57.1",
         "@rollup/rollup-linux-arm64-gnu": "^4.57.1",
         "@rollup/rollup-linux-x64-gnu": "^4.57.1"
@@ -266,6 +266,11 @@
                 "build-locales"
             ]
         },
+        "lint:lockfile": {
+            "__comment": "The lockfile-lint package does not have an option to ensure resolved hashes are set everywhere",
+            "shell": true,
+            "command": "sh ./scripts/lint-lockfile.sh package-lock.json"
+        },
         "lit-analyse": {
             "command": "lit-analyzer src"
         },
@@ -274,7 +279,8 @@
             "dependencies": [
                 "lint",
                 "lint:types",
-                "lint:components"
+                "lint:components",
+                "lint:lockfile"
             ]
         },
         "storybook:build": {
@@ -292,7 +298,7 @@
     },
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.6.2"
     },
     "devEngines": {
         "runtime": {
@@ -302,12 +308,11 @@
         },
         "packageManager": {
             "name": "npm",
-            "version": ">=11.14.1",
+            "version": "11.10.1",
             "onFail": "warn"
         }
     },
-    "packageManager": "npm@11.14.1+sha512.6a8a4d67478497a2dbc6815cad72e64c43f33413717e242756047d466241ab39bee61e691683a64658e94496ec5f1a1c05e4a5ec62dcc773280dfd949443a367",
-    "prettier": "./prettier.config.mjs",
+    "prettier": "@goauthentik/prettier-config",
     "overrides": {
         "@goauthentik/esbuild-plugin-live-reload": {
             "esbuild": "$esbuild",
@@ -346,7 +351,6 @@
         "rapidoc": {
             "@apitools/openapi-parser": "0.0.37"
         },
-        "tree-sitter": false,
         "typescript-eslint": {
             "typescript": "$typescript"
         },

web/packages/core/package.json

@@ -45,13 +45,13 @@
     },
     "dependencies": {
         "@goauthentik/tsconfig": "^1.0.9",
-        "@types/node": "^25.7.0",
+        "@types/node": "^25.6.2",
         "@types/semver": "^7.7.1",
         "semver": "^7.7.4",
         "typescript": "^6.0.3"
     },
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.6.2"
     }
 }

web/prettier.config.mjs

@@ -1,15 +0,0 @@
-/**
- * @file Prettier config resolver.
- *
- * This file attempts to import the monorepo's local Prettier config package,
- * falling back to the published version if the local one cannot be found.
- */
-
-const config = await import("@goauthentik/prettier-config-dev")
-    .catch(() => {
-        console.debug("Fallback to published @goauthentik/prettier-config");
-        return import("@goauthentik/prettier-config");
-    })
-    .then((module) => module.default);
-
-export default config;

web/scripts/lint-lockfile.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+if ! command -v jq  >/dev/null 2>&1 ; then
+    echo "This check requires the jq program be installed."
+    echo "To install jq, visit"
+    echo "    https://jqlang.github.io/jq/"
+    exit 1
+fi
+
+CMD=$(jq -r '.packages | to_entries[] | select((.key | contains("node_modules")) and (.value | has("resolved") | not)) | .key' < "$1")
+
+if [ -n "$CMD" ]; then
+    echo "ERROR package-lock.json entries missing 'resolved' field:"
+    echo ""
+    # Shellcheck erroneously believes that shell string substitution can be used here, but that
+    # feature lacks a "start of line" discriminator.
+    # shellcheck disable=SC2001
+    echo "$CMD" | sed 's/^/    /g'
+    echo ""
+    exit 1
+fi    

web/src/admin/providers/scim/SCIMProviderFormForm.ts

@@ -93,7 +93,6 @@ export function renderAuth(provider?: Partial<SCIMProvider>, errors: ValidationE
         case SCIMAuthenticationModeEnum.Token:
             return renderAuthToken(provider, errors);
         case SCIMAuthenticationModeEnum.Oauth:
-        case SCIMAuthenticationModeEnum.OauthInteractive:
             return renderAuthOAuth(provider, errors);
     }
 }
@@ -161,18 +160,12 @@ export function renderForm({ provider, errors, update }: SCIMProviderFormProps)
                                 )}`,
                             },
                             {
-                                label: msg("OAuth (Silent)"),
+                                label: msg("OAuth"),
                                 value: SCIMAuthenticationModeEnum.Oauth,
+                                default: true,
                                 description: html`${msg("Authenticate SCIM requests using OAuth.")}
                                     <ak-license-notice></ak-license-notice>`,
                             },
-                            {
-                                label: msg("OAuth (Interactive)"),
-                                value: SCIMAuthenticationModeEnum.OauthInteractive,
-                                description: html`${msg(
-                                        "Authenticate SCIM requests using OAuth, interactively authorized.",
-                                    )} <ak-license-notice></ak-license-notice>`,
-                            },
                         ]}
                     ></ak-radio>
                 </ak-form-element-horizontal>

web/src/admin/providers/scim/SCIMProviderViewPage.ts

@@ -13,7 +13,6 @@ import "#elements/buttons/ModalButton";
 import "#elements/sync/SyncStatusCard";
 import "#elements/tasks/ScheduleList";
 import "#elements/tasks/TaskList";
-import "#elements/timestamp/ak-timestamp";
 
 import { DEFAULT_CONFIG } from "#common/api/config";
 import { EVENT_REFRESH } from "#common/constants";
@@ -21,14 +20,7 @@ import { EVENT_REFRESH } from "#common/constants";
 import { AKElement } from "#elements/Base";
 import { SlottedTemplateResult } from "#elements/types";
 
-import renderDescriptionList from "#components/DescriptionList";
-
-import {
-    ModelEnum,
-    ProvidersApi,
-    SCIMAuthenticationModeEnum,
-    SCIMProvider,
-} from "@goauthentik/api";
+import { ModelEnum, ProvidersApi, SCIMProvider } from "@goauthentik/api";
 
 import MDSCIMProvider from "~docs/add-secure-apps/providers/scim/index.md";
 
@@ -162,42 +154,6 @@ export class SCIMProviderViewPage extends AKElement {
         </main>`;
     }
 
-    renderSyncStatusExtra() {
-        if (
-            this.provider?.authMode !== SCIMAuthenticationModeEnum.Oauth &&
-            this.provider?.authMode !== SCIMAuthenticationModeEnum.OauthInteractive
-        )
-            return nothing;
-        return html`
-            <div class="pf-c-description-list__group">
-                <dt class="pf-c-description-list__term">
-                    <span class="pf-c-description-list__text"
-                        >${msg("OAuth Token last updated")}</span
-                    >
-                </dt>
-                <dd class="pf-c-description-list__description">
-                    <div class="pf-c-description-list__text">
-                        <ak-timestamp
-                            .timestamp=${this.provider?.authOauthTokenLastUpdated}
-                        ></ak-timestamp>
-                    </div>
-                </dd>
-            </div>
-            <div class="pf-c-description-list__group">
-                <dt class="pf-c-description-list__term">
-                    <span class="pf-c-description-list__text">${msg("OAuth Token expires")}</span>
-                </dt>
-                <dd class="pf-c-description-list__description">
-                    <div class="pf-c-description-list__text">
-                        <ak-timestamp
-                            .timestamp=${this.provider?.authOauthTokenExpires}
-                        ></ak-timestamp>
-                    </div>
-                </dd>
-            </div>
-        `;
-    }
-
     renderTabOverview(): SlottedTemplateResult {
         if (!this.provider) {
             return nothing;
@@ -212,94 +168,91 @@ export class SCIMProviderViewPage extends AKElement {
                 : nothing}
             <div class="pf-c-page__main-section pf-m-no-padding-mobile pf-l-grid pf-m-gutter">
                 <div
-                    class="pf-c-card pf-l-grid__item pf-m-12-col pf-m-4-col-on-xl pf-m-4-col-on-2xl"
+                    class="pf-c-card pf-l-grid__item pf-m-12-col pf-m-6-col-on-xl pf-m-6-col-on-2xl"
                 >
-                    <div class="pf-c-card__title">${msg("Info")}</div>
                     <div class="pf-c-card__body">
-                        ${renderDescriptionList([
-                            [msg("Name"), this.provider.name],
-                            [
-                                msg("Assigned to application"),
-                                html`<ak-provider-related-application
-                                    mode="backchannel"
-                                    .provider=${this.provider}
-                                ></ak-provider-related-application>`,
-                            ],
-                            [
-                                msg("Dry-run"),
-                                html`<ak-status-label
-                                    ?good=${!this.provider.dryRun}
-                                    type="info"
-                                    good-label=${msg("No")}
-                                    bad-label=${msg("Yes")}
-                                ></ak-status-label>`,
-                            ],
-                            [msg("URL"), this.provider.url],
-                            [
-                                msg("Service Provider Config cache timeout"),
-                                this.provider.serviceProviderConfigCacheTimeout,
-                            ],
-                            [
-                                msg("Related actions"),
-                                html`<ak-forms-modal>
-                                    <span slot="submit">${msg("Save Changes")}</span>
-                                    <span slot="header">${msg("Update SCIM Provider")}</span>
-                                    <ak-provider-scim-form
-                                        slot="form"
-                                        .instancePk=${this.provider.pk}
+                        <dl class="pf-c-description-list">
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text">${msg("Name")}</span>
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        ${this.provider.name}
+                                    </div>
+                                </dd>
+                            </div>
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text"
+                                        >${msg("Assigned to application")}</span
                                     >
-                                    </ak-provider-scim-form>
-                                    <button
-                                        slot="trigger"
-                                        class="pf-c-button pf-m-primary pf-m-block"
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        <ak-provider-related-application
+                                            mode="backchannel"
+                                            .provider=${this.provider}
+                                        ></ak-provider-related-application>
+                                    </div>
+                                </dd>
+                            </div>
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text"
+                                        >${msg("Dry-run")}</span
                                     >
-                                        ${msg("Edit")}
-                                    </button>
-                                </ak-forms-modal>`,
-                            ],
-                        ])}
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        <ak-status-label
+                                            ?good=${!this.provider.dryRun}
+                                            type="info"
+                                            good-label=${msg("No")}
+                                            bad-label=${msg("Yes")}
+                                        ></ak-status-label>
+                                    </div>
+                                </dd>
+                            </div>
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text">${msg("URL")}</span>
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        ${this.provider.url}
+                                    </div>
+                                </dd>
+                            </div>
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text">
+                                        ${msg("Service Provider Config cache timeout")}
+                                    </span>
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        ${this.provider.serviceProviderConfigCacheTimeout}
+                                    </div>
+                                </dd>
+                            </div>
+                        </dl>
+                    </div>
+                    <div class="pf-c-card__footer">
+                        <ak-forms-modal>
+                            <span slot="submit">${msg("Save Changes")}</span>
+                            <span slot="header">${msg("Update SCIM Provider")}</span>
+                            <ak-provider-scim-form slot="form" .instancePk=${this.provider.pk}>
+                            </ak-provider-scim-form>
+                            <button slot="trigger" class="pf-c-button pf-m-primary">
+                                ${msg("Edit")}
+                            </button>
+                        </ak-forms-modal>
                     </div>
                 </div>
-                <div class="pf-l-grid__item pf-m-12-col pf-m-8-col-on-xl pf-m-8-col-on-2xl">
-                    ${this.provider.authMode === SCIMAuthenticationModeEnum.OauthInteractive
-                        ? html`
-                              <div class="pf-c-card">
-                                  <div class="pf-c-card__body">
-                                      ${renderDescriptionList(
-                                          [
-                                              [
-                                                  msg("OAuth Status"),
-                                                  html`<ak-status-label
-                                                          ?good=${this.provider
-                                                              .authOauthTokenLastUpdated !== null}
-                                                          good-label=${msg("Authenticated")}
-                                                          bad-label=${msg("No token saved")}
-                                                      ></ak-status-label>
-                                                      <a
-                                                          class="pf-c-button pf-m-primary"
-                                                          href=${this.provider?.authOauthUrlStart ||
-                                                          ""}
-                                                          target="_blank"
-                                                          >${msg("(Re-)authenticate")}</a
-                                                      >`,
-                                              ],
-                                              [
-                                                  msg("OAuth Callback URL"),
-                                                  html`<input
-                                                      class="pf-c-form-control"
-                                                      readonly
-                                                      type="text"
-                                                      value="${this.provider.authOauthUrlCallback ||
-                                                      ""}"
-                                                  />`,
-                                              ],
-                                          ],
-                                          { horizontal: true },
-                                      )}
-                                  </div>
-                              </div>
-                          `
-                        : nothing}
+                <div
+                    class="pf-c-card pf-l-grid__item pf-m-12-col pf-m-6-col-on-xl pf-m-6-col-on-2xl"
+                >
                     <ak-sync-status-card
                         .fetch=${() => {
                             return new ProvidersApi(DEFAULT_CONFIG).providersScimSyncStatusRetrieve(
@@ -308,9 +261,7 @@ export class SCIMProviderViewPage extends AKElement {
                                 },
                             );
                         }}
-                    >
-                        ${this.renderSyncStatusExtra()}
-                    </ak-sync-status-card>
+                    ></ak-sync-status-card>
                 </div>
                 <div class="pf-l-grid__item pf-m-12-col pf-l-stack__item">
                     <div class="pf-c-card">

web/src/elements/ak-drawer/ak-drawer.stories.ts

@@ -121,7 +121,7 @@ export const Default: Story = {
     render: () => html` <ak-drawer> ${contentBlock} ${panelBlock} </ak-drawer> `,
 };
 
-const story = (args: DrawerProps = {}, name?: string): Story => ({
+export const story = (args: DrawerProps = {}, name?: string): Story => ({
     ...Template,
     ...(name ? { name } : {}),
     args: {

web/src/elements/ak-drawer/ak-drawer.styles.ts

@@ -51,11 +51,11 @@ export const styles = css`
         flex-direction: column;
     }
 
-    :host(:not([inline]):not([static])) .ak-v2-c-drawer__main {
+    :host(:not([inline], [static])) .ak-v2-c-drawer__main {
         position: relative;
     }
 
-    :host(:not([inline]):not([static])) .ak-v2-c-drawer__main > .ak-v2-c-drawer__panel {
+    :host(:not([inline], [static])) .ak-v2-c-drawer__main > .ak-v2-c-drawer__panel {
         position: absolute;
         inset-block-start: 0;
         inset-block-end: 0;
@@ -65,17 +65,17 @@ export const styles = css`
     }
 
     :where(.ak-v2-m-dir-rtl, [dir="rtl"])
-        :host(:not([inline]):not([static]))
+        :host(:not([inline], [static]))
         .ak-v2-c-drawer__main
         > .ak-v2-c-drawer__panel {
         transform: translateX(calc(100% * var(--ak-v2-global--inverse--multiplier)));
     }
 
-    :host([expanded]:not([inline]):not([static])) .ak-v2-c-drawer__main > .ak-v2-c-drawer__panel {
+    :host([expanded]:not([inline], [static])) .ak-v2-c-drawer__main > .ak-v2-c-drawer__panel {
         transform: translateX(0);
     }
 
-    :host([position="left"]:not([inline]):not([static]))
+    :host([position="left"]:not([inline], [static]))
         .ak-v2-c-drawer__main
         > .ak-v2-c-drawer__panel {
         inset-inline-end: auto;
@@ -84,19 +84,19 @@ export const styles = css`
     }
 
     :where(.ak-v2-m-dir-rtl, [dir="rtl"])
-        :host([position="left"]:not([inline]):not([static]))
+        :host([position="left"]:not([inline], [static]))
         .ak-v2-c-drawer__main
         > .ak-v2-c-drawer__panel {
         transform: translateX(calc(-100% * var(--ak-v2-global--inverse--multiplier)));
     }
 
-    :host([expanded][position="left"]:not([inline]):not([static]))
+    :host([expanded][position="left"]:not([inline], [static]))
         .ak-v2-c-drawer__main
         > .ak-v2-c-drawer__panel {
         transform: translateX(0);
     }
 
-    :host([position="bottom"]:not([inline]):not([static]))
+    :host([position="bottom"]:not([inline], [static]))
         .ak-v2-c-drawer__main
         > .ak-v2-c-drawer__panel {
         inset-inline-end: 0;
@@ -108,7 +108,7 @@ export const styles = css`
         transform: translateY(100%);
     }
 
-    :host([position="bottom"][expanded]:not([inline]):not([static]))
+    :host([position="bottom"][expanded]:not([inline], [static]))
         .ak-v2-c-drawer__main
         > .ak-v2-c-drawer__panel {
         transform: translateY(0);
@@ -406,10 +406,10 @@ export const styles = css`
             );
         }
 
-        :host([position="left"][inline]:not([no-border]):not([resizable]))
+        :host([position="left"][inline]:not([no-border], [resizable]))
             .ak-v2-c-drawer__main
             > .ak-v2-c-drawer__panel:not(.pf-m-no-border, .pf-m-resizable),
-        :host([position="left"][static]:not([no-border]):not([resizable]))
+        :host([position="left"][static]:not([no-border], [resizable]))
             .ak-v2-c-drawer__main
             > .ak-v2-c-drawer__panel:not(.pf-m-no-border, .pf-m-resizable) {
             padding-inline-start: 0;

web/src/elements/sync/SyncStatusCard.ts

@@ -90,7 +90,6 @@ export class SyncStatusCard extends AKElement {
                         </div>
                     </dd>
                 </div>
-                <slot></slot>
             </dl>
         `;
     }

web/src/flow/stages/prompt/components/locale.ts

@@ -15,6 +15,9 @@ import { msg } from "@lit/localize";
 import { html } from "lit";
 import { guard } from "lit/directives/guard.js";
 
+// Fixes horizontal rule <hr> warning in select dropdowns.
+/* eslint-disable lit/no-invalid-html */
+
 export interface LocalePromptProps {
     activeLanguageTag: TargetLanguageTag;
     prompt: StagePrompt;

web/xliff/cs-CZ.xlf

@@ -2349,6 +2349,10 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -11199,36 +11203,6 @@ Vazby na skupiny/uživatele jsou kontrolovány vůči uživateli události.</tar
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/de-DE.xlf

@@ -2371,6 +2371,10 @@
   <source>Authenticate SCIM requests using a static token.</source>
   <target>SCIM-Anfragen mit einem statischen Token authentifizieren.</target>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
   <target>SCIM-Anfragen per OAuth authentifizieren.</target>
@@ -11231,36 +11235,6 @@ Bindings zu Gruppen/Benutzern werden mit dem Benutzer des Ereignisses abgegliche
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/en.xlf

@@ -1808,6 +1808,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -9221,36 +9224,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/es-ES.xlf

@@ -2326,6 +2326,9 @@ Si se deja vacío, AuthnContextClassRef se establecerá según los métodos de a
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -11157,36 +11160,6 @@ Las vinculaciones a grupos/usuarios se verifican en función del usuario del eve
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/fi-FI.xlf

@@ -2415,6 +2415,10 @@
   <source>Authenticate SCIM requests using a static token.</source>
   <target>Todenna SCIM-pyynnöt staattisella tunnisteella.</target>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
   <target>Todenna SCIM-pyynnöt OAuthilla.</target>
@@ -11397,36 +11401,6 @@ Liitokset käyttäjiin/ryhmiin tarkistetaan tapahtuman käyttäjästä.</target>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/fr-FR.xlf

@@ -2412,6 +2412,10 @@
   <source>Authenticate SCIM requests using a static token.</source>
   <target>Authentifier les requêtes SCIM avec un jeton statique.</target>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
   <target>Authentifier les requêtes SCIM avec OAuth.</target>
@@ -11386,36 +11390,6 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/it-IT.xlf

@@ -2293,6 +2293,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -11106,36 +11109,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/ja-JP.xlf

@@ -2410,6 +2410,10 @@
   <source>Authenticate SCIM requests using a static token.</source>
   <target>静的トークンを使用してSCIMリクエストを認証します。</target>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
   <target>OAuthを使用してSCIMリクエストを認証します。</target>
@@ -11387,36 +11391,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/ko-KR.xlf

@@ -2235,6 +2235,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -10758,36 +10761,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/nl-NL.xlf

@@ -2147,6 +2147,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -10443,36 +10446,6 @@ Bindingen naar groepen/gebruikers worden gecontroleerd tegen de gebruiker van de
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/pl-PL.xlf

@@ -2234,6 +2234,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -10782,36 +10785,6 @@ Powiązania z grupami/użytkownikami są sprawdzane względem użytkownika zdarz
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/pt-BR.xlf

@@ -2414,6 +2414,10 @@
   <source>Authenticate SCIM requests using a static token.</source>
   <target>Autenticar solicitações SCIM usando um token estático.</target>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
   <target>Autenticar solicitações SCIM usando OAuth.</target>
@@ -11379,36 +11383,6 @@ por exemplo: <x id="0" equiv-text="&lt;code&gt;"/>oci://registry.domain.tld/path
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/ru-RU.xlf

@@ -2255,6 +2255,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -10868,36 +10871,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/tr-TR.xlf

@@ -2240,6 +2240,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -10858,36 +10861,6 @@ Gruplara/kullanıcılara yapılan bağlamalar, etkinliğin kullanıcısına kar
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/zh-Hans.xlf

@@ -2409,6 +2409,10 @@
   <source>Authenticate SCIM requests using a static token.</source>
   <target>使用静态令牌验证 SCIM 请求。</target>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+  <target>OAuth</target>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
   <target>使用 OAuth 验证 SCIM 请求</target>
@@ -11681,36 +11685,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

web/xliff/zh-Hant.xlf

@@ -2166,6 +2166,9 @@
 <trans-unit id="s24d7ac2fc280ca5e">
   <source>Authenticate SCIM requests using a static token.</source>
 </trans-unit>
+<trans-unit id="s0e1641692e0dac94">
+  <source>OAuth</source>
+</trans-unit>
 <trans-unit id="s1c34cb0a4cccc041">
   <source>Authenticate SCIM requests using OAuth.</source>
 </trans-unit>
@@ -10495,36 +10498,6 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s3162a5abea92514e">
   <source>View Credentials</source>
 </trans-unit>
-<trans-unit id="s7cbd6ddbb3cdbda4">
-  <source>OAuth (Silent)</source>
-</trans-unit>
-<trans-unit id="sf74719393c9d600b">
-  <source>OAuth (Interactive)</source>
-</trans-unit>
-<trans-unit id="s364366c872ccd349">
-  <source>Authenticate SCIM requests using OAuth, interactively authorized.</source>
-</trans-unit>
-<trans-unit id="s67dbb822a17bf6fc">
-  <source>OAuth Token last updated</source>
-</trans-unit>
-<trans-unit id="sb586db2f11959745">
-  <source>OAuth Token expires</source>
-</trans-unit>
-<trans-unit id="s4011de0d7365d106">
-  <source>OAuth Status</source>
-</trans-unit>
-<trans-unit id="s169a1a1dce3987b8">
-  <source>Authenticated</source>
-</trans-unit>
-<trans-unit id="s02e7dfce69646f50">
-  <source>No token saved</source>
-</trans-unit>
-<trans-unit id="sde2c41117de5db9d">
-  <source>(Re-)authenticate</source>
-</trans-unit>
-<trans-unit id="s13c4adf0d185f12e">
-  <source>OAuth Callback URL</source>
-</trans-unit>
 </body>
 </file>
 </xliff>

website/Dockerfile

@@ -4,27 +4,20 @@ ENV NODE_ENV=production
 
 WORKDIR /work
 
+# TODO: Use setup-corepack.mjs
 RUN --mount=type=bind,target=/work/package.json,src=./package.json \
     --mount=type=bind,target=/work/package-lock.json,src=./package-lock.json \
-    --mount=type=bind,target=/work/scripts/node/,src=./scripts/node/ \
-    --mount=type=bind,target=/work/packages/logger-js/,src=./packages/logger-js/ \
-    --mount=type=bind,target=/work/packages/tsconfig/,src=./packages/tsconfig/ \
-    --mount=type=bind,target=/work/packages/eslint-config/,src=./packages/eslint-config/ \
-    --mount=type=bind,target=/work/packages/prettier-config/,src=./packages/prettier-config/ \
-    --mount=type=bind,target=/work/packages/docusaurus-config/,src=./packages/docusaurus-config/ \
-    --mount=type=bind,target=/work/website/package.json,src=./website/package.json \
-    --mount=type=bind,target=/work/website/package-lock.json,src=./website/package-lock.json \
-    node ./scripts/node/setup-corepack.mjs --force && \
-    node ./scripts/node/lint-runtime.mjs ./website
+    npm install --force -g corepack@latest && \
+    corepack install -g npm@11.11.0+sha512.f36811c4aae1fde639527368ae44c571d050006a608d67a191f195a801a52637a312d259186254aa3a3799b05335b7390539cf28656d18f0591a1125ba35f973 && \
+    corepack enable
+
+WORKDIR /work/website
 
 RUN --mount=type=bind,target=/work/package.json,src=./package.json \
     --mount=type=bind,target=/work/package-lock.json,src=./package-lock.json \
-    --mount=type=bind,target=/work/scripts/node/,src=./scripts/node/ \
-    --mount=type=bind,target=/work/packages/logger-js/,src=./packages/logger-js/ \
     --mount=type=bind,target=/work/packages/tsconfig/,src=./packages/tsconfig/ \
     --mount=type=bind,target=/work/packages/eslint-config/,src=./packages/eslint-config/ \
     --mount=type=bind,target=/work/packages/prettier-config/,src=./packages/prettier-config/ \
-    --mount=type=bind,target=/work/packages/docusaurus-config/,src=./packages/docusaurus-config/ \
     --mount=type=bind,target=/work/website/package.json,src=./website/package.json \
     --mount=type=bind,target=/work/website/package-lock.json,src=./website/package-lock.json \
     --mount=type=bind,target=/work/website/vendored/detect-package-manager,src=./website/vendored/detect-package-manager \
@@ -33,10 +26,7 @@ RUN --mount=type=bind,target=/work/package.json,src=./package.json \
     --mount=type=bind,target=/work/website/integrations/package.json,src=./website/integrations/package.json \
     --mount=type=bind,target=/work/website/docs/package.json,src=./website/docs/package.json \
     --mount=type=cache,id=npm-website,sharing=shared,target=/root/.npm \
-    corepack npm ci && \
-    corepack npm ci --workspaces --include-workspace-root --prefix ./website
-
-WORKDIR /work/website
+    corepack npm ci --workspaces --include-workspace-root
 
 COPY ./website /work/website/
 COPY ./blueprints /work/blueprints/
@@ -44,8 +34,7 @@ COPY ./schema.yml /work/
 COPY ./lifecycle/container/compose.yml /work/lifecycle/container/
 COPY ./SECURITY.md /work/
 
-RUN  --mount=type=bind,target=/work/packages/docusaurus-config/,src=./packages/docusaurus-config/ \
-    corepack npm run build -w docs
+RUN corepack npm run build
 
 FROM docker.io/library/nginx:1.29-trixie@sha256:1881968aff6f7cdcc4b888c00a11f4ce241ad7ec957e0cb4a9e19e93a3ff87ea
 LABEL org.opencontainers.image.authors="Authentik Security Inc." \

website/api/netlify.toml

@@ -10,7 +10,7 @@
 [build]
   base    = "website"
   package = "api"
-  command = "npm ci --prefix ../packages/docusaurus-config && npm run build -w api"
+  command = "npm run build -w api"
   publish = "website/api/build"
 
 [dev]

website/api/package.json

@@ -24,12 +24,12 @@
         "@docusaurus/faster": "^3.10.1",
         "@docusaurus/module-type-aliases": "^3.10.1",
         "@docusaurus/plugin-client-redirects": "^3.10.1",
-        "@docusaurus/plugin-content-docs": "^3.10.1",
+        "@docusaurus/plugin-content-docs": "^3.9.2",
         "@docusaurus/preset-classic": "^3.10.1",
         "@docusaurus/theme-common": "^3.10.1",
         "@docusaurus/tsconfig": "^3.10.1",
-        "@docusaurus/types": "^3.10.1",
-        "@goauthentik/docusaurus-config": "../../packages/docusaurus-config",
+        "@docusaurus/types": "^3.9.2",
+        "@goauthentik/docusaurus-config": "^2.7.0",
         "@goauthentik/docusaurus-theme": "*",
         "@goauthentik/tsconfig": "^1.0.7",
         "@mdx-js/react": "^3.1.1",
@@ -40,12 +40,12 @@
         "docusaurus-theme-openapi-docs": "^5.0.2",
         "npm-run-all": "^4.1.5",
         "openapi-to-postmanv2": "^6.0.1",
-        "postman-code-generators": "^2.1.1",
-        "postman-collection": "^5.3.0",
+        "postman-code-generators": "^2.1.0",
+        "postman-collection": "^5.0.2",
         "prism-react-renderer": "^2.4.1",
         "react": "^19.2.6",
         "react-dom": "^19.2.6",
-        "typescript": "^6.0.3"
+        "typescript": "^6.0.2"
     },
     "optionalDependencies": {
         "@rspack/binding-darwin-arm64": "2.0.0",

website/docs/docusaurus.config.esm.mjs

@@ -9,7 +9,7 @@
  */
 
 import { cp } from "node:fs/promises";
-import { basename, resolve } from "node:path";
+import { resolve } from "node:path";
 import { fileURLToPath } from "node:url";
 
 import { createDocusaurusConfig } from "@goauthentik/docusaurus-config";
@@ -33,16 +33,22 @@ const releaseEnvironment = prepareReleaseEnvironment();
 
 //#region Copy static files
 
-const files = [
-    // ---
-    resolve(authentikModulePath, "lifecycle/container/compose.yml"),
-];
+const brandFiles = new Map([
+    [resolve(authentikModulePath, "lifecycle/container/compose.yml"), "compose.yml"],
+    ["@goauthentik/brand-assets/icon.png", "img/icon.png"],
+    ["@goauthentik/brand-assets/icon.svg", "img/icon.svg"],
+    ["@goauthentik/brand-assets/social.png", "img/social.png"],
+    ["@goauthentik/brand-assets/icon_left_brand.svg", "img/icon_left_brand_colour.svg"],
+    ["@goauthentik/brand-assets/icon_left_brand_white.svg", "img/icon_left_brand.svg"],
+    ["@goauthentik/brand-assets/icon_top_brand.svg", "img/icon_top_brand_colour.svg"],
+    ["@goauthentik/brand-assets/icon_top_brand_white.svg", "img/icon_top_brand.svg"],
+]);
 
 await Promise.all(
-    files.map((file) => {
-        const fileName = basename(file);
-        const destPath = resolve(rootStaticDirectory, fileName);
-        return cp(file, destPath, { recursive: true });
+    Array.from(brandFiles.entries(), async ([src, dest]) => {
+        const srcPath = require.resolve(src);
+        const destPath = resolve(rootStaticDirectory, dest);
+        return cp(srcPath, destPath, { recursive: true });
     }),
 );
 

website/docs/netlify.toml

@@ -10,7 +10,7 @@
 [build]
   base    = "website"
   package = "docs"
-  command = "npm ci --prefix ../packages/docusaurus-config && npm run build -w docs"
+  command = "npm run build -w docs"
   publish = "docs/build"
 
 [dev]

website/docs/package.json

@@ -19,8 +19,8 @@
         "@docusaurus/preset-classic": "^3.10.1",
         "@docusaurus/theme-mermaid": "^3.10.1",
         "@docusaurus/tsconfig": "^3.10.1",
-        "@docusaurus/types": "^3.10.1",
-        "@goauthentik/docusaurus-config": "../../packages/docusaurus-config",
+        "@docusaurus/types": "^3.9.2",
+        "@goauthentik/docusaurus-config": "^2.7.0",
         "@goauthentik/docusaurus-theme": "*",
         "@iconify-json/fa7-regular": "^1.2.2",
         "@iconify-json/fa7-solid": "^1.2.3",
@@ -33,11 +33,11 @@
         "react": "^19.2.6",
         "react-before-after-slider-component": "^1.1.8",
         "react-dom": "^19.2.6",
-        "typescript": "^6.0.3",
+        "typescript": "^6.0.2",
         "unist-util-visit": "^5.0.0"
     },
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.6.2"
     }
 }

website/docusaurus-theme/package.json

@@ -28,14 +28,14 @@
     },
     "dependencies": {
         "@docusaurus/preset-classic": "^3.10.1",
-        "@goauthentik/docusaurus-config": "../../packages/docusaurus-config",
+        "@goauthentik/docusaurus-config": "^2.7.0",
         "@types/semver": "^7.7.1",
         "clsx": "^2.1.1",
         "fast-glob": "^3.3.3",
         "remark-directive": "^4.0.0",
         "remark-github": "^12.0.0",
         "semver": "^7.7.3",
-        "typescript": "^6.0.3",
+        "typescript": "^6.0.2",
         "unist-util-visit": "^5.0.0"
     }
 }

website/integrations/netlify.toml

@@ -10,7 +10,7 @@
 [build]
   base    = "website"
   package = "integrations"
-  command = "npm ci --prefix ../packages/docusaurus-config && npm run build -w integrations"
+  command = "npm run build -w integrations"
   publish = "integrations/build"
 
 [dev]

website/integrations/package.json

@@ -18,8 +18,8 @@
         "@docusaurus/preset-classic": "^3.10.1",
         "@docusaurus/theme-mermaid": "^3.10.1",
         "@docusaurus/tsconfig": "^3.10.1",
-        "@docusaurus/types": "^3.10.1",
-        "@goauthentik/docusaurus-config": "../../packages/docusaurus-config",
+        "@docusaurus/types": "^3.9.2",
+        "@goauthentik/docusaurus-config": "^2.6.0",
         "@goauthentik/docusaurus-theme": "*",
         "@mdx-js/react": "^3.1.1",
         "@types/react": "^19.2.14",
@@ -27,10 +27,10 @@
         "prism-react-renderer": "^2.4.1",
         "react": "^19.2.6",
         "react-dom": "^19.2.6",
-        "typescript": "^6.0.3"
+        "typescript": "^6.0.2"
     },
     "engines": {
         "node": ">=24",
-        "npm": ">=11.14.1"
+        "npm": ">=11.6.2"
     }
 }