punctuation fix

* reformatted and tweaked wording

* fixed change to anchor

* again with broken anchor

* aligned code example

---------

Co-authored-by: Tana M Berry <tana@goauthentik.com>

Dockerfile

@@ -94,7 +94,7 @@ RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \
     /bin/sh -c "/usr/bin/entry.sh || echo 'Failed to get GeoIP database, disabling'; exit 0"
 
 # Stage 5: Python dependencies
-FROM ghcr.io/goauthentik/fips-python:3.12.3-slim-bookworm-fips-full AS python-deps
+FROM ghcr.io/goauthentik/fips-python:3.12.5-slim-bookworm-fips-full AS python-deps
 
 WORKDIR /ak-root/poetry
 
@@ -121,7 +121,7 @@ RUN --mount=type=bind,target=./pyproject.toml,src=./pyproject.toml \
     pip install --force-reinstall /wheels/*"
 
 # Stage 6: Run
-FROM ghcr.io/goauthentik/fips-python:3.12.3-slim-bookworm-fips-full AS final-image
+FROM ghcr.io/goauthentik/fips-python:3.12.5-slim-bookworm-fips-full AS final-image
 
 ARG GIT_BUILD_HASH
 ARG VERSION

authentik/admin/api/system.py

@@ -73,7 +73,7 @@ class SystemInfoSerializer(PassiveSerializer):
             "authentik_version": get_full_version(),
             "environment": get_env(),
             "openssl_fips_enabled": (
-                backend._fips_enabled if LicenseKey.get_total().is_valid() else None
+                backend._fips_enabled if LicenseKey.get_total().status().is_valid else None
             ),
             "openssl_version": OPENSSL_VERSION,
             "platform": platform.platform(),

authentik/blueprints/v1/importer.py

@@ -171,7 +171,7 @@ class Importer:
     def default_context(self):
         """Default context"""
         return {
-            "goauthentik.io/enterprise/licensed": LicenseKey.get_total().is_valid(),
+            "goauthentik.io/enterprise/licensed": LicenseKey.get_total().status().is_valid,
             "goauthentik.io/rbac/models": rbac_models(),
         }
 

authentik/enterprise/api.py

@@ -19,7 +19,7 @@ from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer, PassiveSerializer
 from authentik.core.models import User, UserTypes
 from authentik.enterprise.license import LicenseKey, LicenseSummarySerializer
-from authentik.enterprise.models import License
+from authentik.enterprise.models import License, LicenseUsageStatus
 from authentik.rbac.decorators import permission_required
 from authentik.tenants.utils import get_unique_identifier
 
@@ -30,7 +30,7 @@ class EnterpriseRequiredMixin:
 
     def validate(self, attrs: dict) -> dict:
         """Check that a valid license exists"""
-        if not LicenseKey.cached_summary().has_license:
+        if LicenseKey.cached_summary().status != LicenseUsageStatus.UNLICENSED:
             raise ValidationError(_("Enterprise is required to create/update this object."))
         return super().validate(attrs)
 
@@ -128,7 +128,7 @@ class LicenseViewSet(UsedByMixin, ModelViewSet):
         forecast_for_months = 12
         response = LicenseForecastSerializer(
             data={
-                "internal_users": LicenseKey.get_default_user_count(),
+                "internal_users": LicenseKey.get_internal_user_count(),
                 "external_users": LicenseKey.get_external_user_count(),
                 "forecasted_internal_users": (internal_in_last_month * forecast_for_months),
                 "forecasted_external_users": (external_in_last_month * forecast_for_months),

authentik/enterprise/apps.py

@@ -25,4 +25,4 @@ class AuthentikEnterpriseConfig(EnterpriseConfig):
         """Actual enterprise check, cached"""
         from authentik.enterprise.license import LicenseKey
 
-        return LicenseKey.cached_summary().valid
+        return LicenseKey.cached_summary().status

authentik/enterprise/license.py

@@ -3,24 +3,36 @@
 from base64 import b64decode
 from binascii import Error
 from dataclasses import asdict, dataclass, field
-from datetime import datetime, timedelta
+from datetime import UTC, datetime, timedelta
 from enum import Enum
 from functools import lru_cache
 from time import mktime
 
 from cryptography.exceptions import InvalidSignature
 from cryptography.x509 import Certificate, load_der_x509_certificate, load_pem_x509_certificate
-from dacite import from_dict
+from dacite import DaciteError, from_dict
 from django.core.cache import cache
 from django.db.models.query import QuerySet
 from django.utils.timezone import now
 from jwt import PyJWTError, decode, get_unverified_header
 from rest_framework.exceptions import ValidationError
-from rest_framework.fields import BooleanField, DateTimeField, IntegerField
+from rest_framework.fields import (
+    ChoiceField,
+    DateTimeField,
+    IntegerField,
+)
 
 from authentik.core.api.utils import PassiveSerializer
 from authentik.core.models import User, UserTypes
-from authentik.enterprise.models import License, LicenseUsage
+from authentik.enterprise.models import (
+    THRESHOLD_READ_ONLY_WEEKS,
+    THRESHOLD_WARNING_ADMIN_WEEKS,
+    THRESHOLD_WARNING_EXPIRY_WEEKS,
+    THRESHOLD_WARNING_USER_WEEKS,
+    License,
+    LicenseUsage,
+    LicenseUsageStatus,
+)
 from authentik.tenants.utils import get_unique_identifier
 
 CACHE_KEY_ENTERPRISE_LICENSE = "goauthentik.io/enterprise/license"
@@ -42,6 +54,8 @@ def get_license_aud() -> str:
 class LicenseFlags(Enum):
     """License flags"""
 
+    TRIAL = "trial"
+
 
 @dataclass
 class LicenseSummary:
@@ -49,12 +63,8 @@ class LicenseSummary:
 
     internal_users: int
     external_users: int
-    valid: bool
-    show_admin_warning: bool
-    show_user_warning: bool
-    read_only: bool
+    status: LicenseUsageStatus
     latest_valid: datetime
-    has_license: bool
 
 
 class LicenseSummarySerializer(PassiveSerializer):
@@ -62,12 +72,8 @@ class LicenseSummarySerializer(PassiveSerializer):
 
     internal_users = IntegerField(required=True)
     external_users = IntegerField(required=True)
-    valid = BooleanField()
-    show_admin_warning = BooleanField()
-    show_user_warning = BooleanField()
-    read_only = BooleanField()
+    status = ChoiceField(choices=LicenseUsageStatus.choices)
     latest_valid = DateTimeField()
-    has_license = BooleanField()
 
 
 @dataclass
@@ -83,7 +89,7 @@ class LicenseKey:
     flags: list[LicenseFlags] = field(default_factory=list)
 
     @staticmethod
-    def validate(jwt: str) -> "LicenseKey":
+    def validate(jwt: str, check_expiry=True) -> "LicenseKey":
         """Validate the license from a given JWT"""
         try:
             headers = get_unverified_header(jwt)
@@ -107,6 +113,7 @@ class LicenseKey:
                     our_cert.public_key(),
                     algorithms=["ES512"],
                     audience=get_license_aud(),
+                    options={"verify_exp": check_expiry},
                 ),
             )
         except PyJWTError:
@@ -116,9 +123,8 @@ class LicenseKey:
     @staticmethod
     def get_total() -> "LicenseKey":
         """Get a summarized version of all (not expired) licenses"""
-        active_licenses = License.objects.filter(expiry__gte=now())
         total = LicenseKey(get_license_aud(), 0, "Summarized license", 0, 0)
-        for lic in active_licenses:
+        for lic in License.objects.all():
             total.internal_users += lic.internal_users
             total.external_users += lic.external_users
             exp_ts = int(mktime(lic.expiry.timetuple()))
@@ -135,7 +141,7 @@ class LicenseKey:
         return User.objects.all().exclude_anonymous().exclude(is_active=False)
 
     @staticmethod
-    def get_default_user_count():
+    def get_internal_user_count():
         """Get current default user count"""
         return LicenseKey.base_user_qs().filter(type=UserTypes.INTERNAL).count()
 
@@ -144,59 +150,72 @@ class LicenseKey:
         """Get current external user count"""
         return LicenseKey.base_user_qs().filter(type=UserTypes.EXTERNAL).count()
 
-    def is_valid(self) -> bool:
-        """Check if the given license body covers all users
+    def _last_valid_date(self):
+        last_valid_date = (
+            LicenseUsage.objects.order_by("-record_date")
+            .filter(status=LicenseUsageStatus.VALID)
+            .first()
+        )
+        if not last_valid_date:
+            return datetime.fromtimestamp(0, UTC)
+        return last_valid_date.record_date
 
-        Only checks the current count, no historical data is checked"""
-        default_users = self.get_default_user_count()
-        if default_users > self.internal_users:
-            return False
-        active_users = self.get_external_user_count()
-        if active_users > self.external_users:
-            return False
-        return True
+    def status(self) -> LicenseUsageStatus:
+        """Check if the given license body covers all users, and is valid."""
+        last_valid = self._last_valid_date()
+        if self.exp == 0 and not License.objects.exists():
+            return LicenseUsageStatus.UNLICENSED
+        _now = now()
+        # Check limit-exceeded based status
+        internal_users = self.get_internal_user_count()
+        external_users = self.get_external_user_count()
+        if internal_users > self.internal_users or external_users > self.external_users:
+            if last_valid < _now - timedelta(weeks=THRESHOLD_READ_ONLY_WEEKS):
+                return LicenseUsageStatus.READ_ONLY
+            if last_valid < _now - timedelta(weeks=THRESHOLD_WARNING_USER_WEEKS):
+                return LicenseUsageStatus.LIMIT_EXCEEDED_USER
+            if last_valid < _now - timedelta(weeks=THRESHOLD_WARNING_ADMIN_WEEKS):
+                return LicenseUsageStatus.LIMIT_EXCEEDED_ADMIN
+        # Check expiry based status
+        if datetime.fromtimestamp(self.exp, UTC) < _now:
+            if datetime.fromtimestamp(self.exp, UTC) < _now - timedelta(
+                weeks=THRESHOLD_READ_ONLY_WEEKS
+            ):
+                return LicenseUsageStatus.READ_ONLY
+            return LicenseUsageStatus.EXPIRED
+        # Expiry warning
+        if datetime.fromtimestamp(self.exp, UTC) <= _now + timedelta(
+            weeks=THRESHOLD_WARNING_EXPIRY_WEEKS
+        ):
+            return LicenseUsageStatus.EXPIRY_SOON
+        return LicenseUsageStatus.VALID
 
     def record_usage(self):
         """Capture the current validity status and metrics and save them"""
         threshold = now() - timedelta(hours=8)
-        if not LicenseUsage.objects.filter(record_date__gte=threshold).exists():
-            LicenseUsage.objects.create(
-                user_count=self.get_default_user_count(),
+        usage = (
+            LicenseUsage.objects.order_by("-record_date").filter(record_date__gte=threshold).first()
+        )
+        if not usage:
+            usage = LicenseUsage.objects.create(
+                internal_user_count=self.get_internal_user_count(),
                 external_user_count=self.get_external_user_count(),
-                within_limits=self.is_valid(),
+                status=self.status(),
             )
         summary = asdict(self.summary())
         # Also cache the latest summary for the middleware
         cache.set(CACHE_KEY_ENTERPRISE_LICENSE, summary, timeout=CACHE_EXPIRY_ENTERPRISE_LICENSE)
-        return summary
-
-    @staticmethod
-    def last_valid_date() -> datetime:
-        """Get the last date the license was valid"""
-        usage: LicenseUsage = (
-            LicenseUsage.filter_not_expired(within_limits=True).order_by("-record_date").first()
-        )
-        if not usage:
-            return now()
-        return usage.record_date
+        return usage
 
     def summary(self) -> LicenseSummary:
         """Summary of license status"""
-        has_license = License.objects.all().count() > 0
-        last_valid = LicenseKey.last_valid_date()
-        show_admin_warning = last_valid < now() - timedelta(weeks=2)
-        show_user_warning = last_valid < now() - timedelta(weeks=4)
-        read_only = last_valid < now() - timedelta(weeks=6)
+        status = self.status()
         latest_valid = datetime.fromtimestamp(self.exp)
         return LicenseSummary(
-            show_admin_warning=show_admin_warning and has_license,
-            show_user_warning=show_user_warning and has_license,
-            read_only=read_only and has_license,
             latest_valid=latest_valid,
             internal_users=self.internal_users,
             external_users=self.external_users,
-            valid=self.is_valid(),
-            has_license=has_license,
+            status=status,
         )
 
     @staticmethod
@@ -205,4 +224,8 @@ class LicenseKey:
         summary = cache.get(CACHE_KEY_ENTERPRISE_LICENSE)
         if not summary:
             return LicenseKey.get_total().summary()
-        return from_dict(LicenseSummary, summary)
+        try:
+            return from_dict(LicenseSummary, summary)
+        except DaciteError:
+            cache.delete(CACHE_KEY_ENTERPRISE_LICENSE)
+            return LicenseKey.get_total().summary()

authentik/enterprise/middleware.py

@@ -8,6 +8,7 @@ from structlog.stdlib import BoundLogger, get_logger
 
 from authentik.enterprise.api import LicenseViewSet
 from authentik.enterprise.license import LicenseKey
+from authentik.enterprise.models import LicenseUsageStatus
 from authentik.flows.views.executor import FlowExecutorView
 from authentik.lib.utils.reflection import class_to_path
 
@@ -43,7 +44,7 @@ class EnterpriseMiddleware:
         cached_status = LicenseKey.cached_summary()
         if not cached_status:
             return True
-        if cached_status.read_only:
+        if cached_status.status == LicenseUsageStatus.READ_ONLY:
             return False
         return True
 
@@ -53,10 +54,10 @@ class EnterpriseMiddleware:
         if request.method.lower() in ["get", "head", "options", "trace"]:
             return True
         # Always allow requests to manage licenses
-        if class_to_path(request.resolver_match.func) == class_to_path(LicenseViewSet):
+        if request.resolver_match._func_path == class_to_path(LicenseViewSet):
             return True
         # Flow executor is mounted as an API path but explicitly allowed
-        if class_to_path(request.resolver_match.func) == class_to_path(FlowExecutorView):
+        if request.resolver_match._func_path == class_to_path(FlowExecutorView):
             return True
         # Only apply these restrictions to the API
         if "authentik_api" not in request.resolver_match.app_names:

authentik/enterprise/migrations/0003_remove_licenseusage_within_limits_and_more.py

@@ -0,0 +1,68 @@
+# Generated by Django 5.0.8 on 2024-08-08 14:15
+
+from django.db import migrations, models
+from django.apps.registry import Apps
+from django.db.backends.base.schema import BaseDatabaseSchemaEditor
+
+
+def migrate_license_usage(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
+    LicenseUsage = apps.get_model("authentik_enterprise", "licenseusage")
+    db_alias = schema_editor.connection.alias
+
+    for usage in LicenseUsage.objects.using(db_alias).all():
+        usage.status = "valid" if usage.within_limits else "limit_exceeded_admin"
+        usage.save()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("authentik_enterprise", "0002_rename_users_license_internal_users_and_more"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="licenseusage",
+            name="status",
+            field=models.TextField(
+                choices=[
+                    ("unlicensed", "Unlicensed"),
+                    ("valid", "Valid"),
+                    ("expired", "Expired"),
+                    ("expiry_soon", "Expiry Soon"),
+                    ("limit_exceeded_admin", "Limit Exceeded Admin"),
+                    ("limit_exceeded_user", "Limit Exceeded User"),
+                    ("read_only", "Read Only"),
+                ],
+                default=None,
+                null=True,
+            ),
+            preserve_default=False,
+        ),
+        migrations.RunPython(migrate_license_usage),
+        migrations.RemoveField(
+            model_name="licenseusage",
+            name="within_limits",
+        ),
+        migrations.AlterField(
+            model_name="licenseusage",
+            name="status",
+            field=models.TextField(
+                choices=[
+                    ("unlicensed", "Unlicensed"),
+                    ("valid", "Valid"),
+                    ("expired", "Expired"),
+                    ("expiry_soon", "Expiry Soon"),
+                    ("limit_exceeded_admin", "Limit Exceeded Admin"),
+                    ("limit_exceeded_user", "Limit Exceeded User"),
+                    ("read_only", "Read Only"),
+                ],
+            ),
+            preserve_default=False,
+        ),
+        migrations.RenameField(
+            model_name="licenseusage",
+            old_name="user_count",
+            new_name="internal_user_count",
+        ),
+    ]

authentik/enterprise/models.py

@@ -17,6 +17,17 @@ if TYPE_CHECKING:
     from authentik.enterprise.license import LicenseKey
 
 
+def usage_expiry():
+    """Keep license usage records for 3 months"""
+    return now() + timedelta(days=30 * 3)
+
+
+THRESHOLD_WARNING_ADMIN_WEEKS = 2
+THRESHOLD_WARNING_USER_WEEKS = 4
+THRESHOLD_WARNING_EXPIRY_WEEKS = 2
+THRESHOLD_READ_ONLY_WEEKS = 6
+
+
 class License(SerializerModel):
     """An authentik enterprise license"""
 
@@ -39,7 +50,7 @@ class License(SerializerModel):
         """Get parsed license status"""
         from authentik.enterprise.license import LicenseKey
 
-        return LicenseKey.validate(self.key)
+        return LicenseKey.validate(self.key, check_expiry=False)
 
     class Meta:
         indexes = (HashIndex(fields=("key",)),)
@@ -47,9 +58,23 @@ class License(SerializerModel):
         verbose_name_plural = _("Licenses")
 
 
-def usage_expiry():
-    """Keep license usage records for 3 months"""
-    return now() + timedelta(days=30 * 3)
+class LicenseUsageStatus(models.TextChoices):
+    """License states an instance/tenant can be in"""
+
+    UNLICENSED = "unlicensed"
+    VALID = "valid"
+    EXPIRED = "expired"
+    EXPIRY_SOON = "expiry_soon"
+    # User limit exceeded, 2 week threshold, show message in admin interface
+    LIMIT_EXCEEDED_ADMIN = "limit_exceeded_admin"
+    # User limit exceeded, 4 week threshold, show message in user interface
+    LIMIT_EXCEEDED_USER = "limit_exceeded_user"
+    READ_ONLY = "read_only"
+
+    @property
+    def is_valid(self) -> bool:
+        """Quickly check if a license is valid"""
+        return self in [LicenseUsageStatus.VALID, LicenseUsageStatus.EXPIRY_SOON]
 
 
 class LicenseUsage(ExpiringModel):
@@ -59,9 +84,9 @@ class LicenseUsage(ExpiringModel):
 
     usage_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)
 
-    user_count = models.BigIntegerField()
+    internal_user_count = models.BigIntegerField()
     external_user_count = models.BigIntegerField()
-    within_limits = models.BooleanField()
+    status = models.TextField(choices=LicenseUsageStatus.choices)
 
     record_date = models.DateTimeField(auto_now_add=True)
 

authentik/enterprise/policy.py

@@ -13,7 +13,7 @@ class EnterprisePolicyAccessView(PolicyAccessView):
 
     def check_license(self):
         """Check license"""
-        if not LicenseKey.get_total().is_valid():
+        if not LicenseKey.get_total().status().is_valid:
             return PolicyResult(False, _("Enterprise required to access this feature."))
         if self.request.user.type != UserTypes.INTERNAL:
             return PolicyResult(False, _("Feature only accessible for internal users."))

authentik/enterprise/tests/test_license.py

@@ -9,10 +9,26 @@ from django.utils.timezone import now
 from rest_framework.exceptions import ValidationError
 
 from authentik.enterprise.license import LicenseKey
-from authentik.enterprise.models import License
+from authentik.enterprise.models import (
+    THRESHOLD_READ_ONLY_WEEKS,
+    THRESHOLD_WARNING_ADMIN_WEEKS,
+    THRESHOLD_WARNING_USER_WEEKS,
+    License,
+    LicenseUsage,
+    LicenseUsageStatus,
+)
 from authentik.lib.generators import generate_id
 
-_exp = int(mktime((now() + timedelta(days=3000)).timetuple()))
+# Valid license expiry
+expiry_valid = int(mktime((now() + timedelta(days=3000)).timetuple()))
+# Valid license expiry, expires soon
+expiry_soon = int(mktime((now() + timedelta(hours=10)).timetuple()))
+# Invalid license expiry, recently expired
+expiry_expired = int(mktime((now() - timedelta(hours=10)).timetuple()))
+# Invalid license expiry, expired longer ago
+expiry_expired_read_only = int(
+    mktime((now() - timedelta(weeks=THRESHOLD_READ_ONLY_WEEKS + 1)).timetuple())
+)
 
 
 class TestEnterpriseLicense(TestCase):
@@ -23,7 +39,7 @@ class TestEnterpriseLicense(TestCase):
         MagicMock(
             return_value=LicenseKey(
                 aud="",
-                exp=_exp,
+                exp=expiry_valid,
                 name=generate_id(),
                 internal_users=100,
                 external_users=100,
@@ -33,7 +49,7 @@ class TestEnterpriseLicense(TestCase):
     def test_valid(self):
         """Check license verification"""
         lic = License.objects.create(key=generate_id())
-        self.assertTrue(lic.status.is_valid())
+        self.assertTrue(lic.status.status().is_valid)
         self.assertEqual(lic.internal_users, 100)
 
     def test_invalid(self):
@@ -46,7 +62,7 @@ class TestEnterpriseLicense(TestCase):
         MagicMock(
             return_value=LicenseKey(
                 aud="",
-                exp=_exp,
+                exp=expiry_valid,
                 name=generate_id(),
                 internal_users=100,
                 external_users=100,
@@ -56,11 +72,186 @@ class TestEnterpriseLicense(TestCase):
     def test_valid_multiple(self):
         """Check license verification"""
         lic = License.objects.create(key=generate_id())
-        self.assertTrue(lic.status.is_valid())
+        self.assertTrue(lic.status.status().is_valid)
         lic2 = License.objects.create(key=generate_id())
-        self.assertTrue(lic2.status.is_valid())
+        self.assertTrue(lic2.status.status().is_valid)
         total = LicenseKey.get_total()
         self.assertEqual(total.internal_users, 200)
         self.assertEqual(total.external_users, 200)
-        self.assertEqual(total.exp, _exp)
-        self.assertTrue(total.is_valid())
+        self.assertEqual(total.exp, expiry_valid)
+        self.assertTrue(total.status().is_valid)
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_internal_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_external_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_limit_exceeded_read_only(self):
+        """Check license verification"""
+        License.objects.create(key=generate_id())
+        usage = LicenseUsage.objects.create(
+            internal_user_count=100,
+            external_user_count=100,
+            status=LicenseUsageStatus.VALID,
+        )
+        usage.record_date = now() - timedelta(weeks=THRESHOLD_READ_ONLY_WEEKS + 1)
+        usage.save(update_fields=["record_date"])
+        self.assertEqual(LicenseKey.get_total().summary().status, LicenseUsageStatus.READ_ONLY)
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_internal_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_external_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_limit_exceeded_user_warning(self):
+        """Check license verification"""
+        License.objects.create(key=generate_id())
+        usage = LicenseUsage.objects.create(
+            internal_user_count=100,
+            external_user_count=100,
+            status=LicenseUsageStatus.VALID,
+        )
+        usage.record_date = now() - timedelta(weeks=THRESHOLD_WARNING_USER_WEEKS + 1)
+        usage.save(update_fields=["record_date"])
+        self.assertEqual(
+            LicenseKey.get_total().summary().status, LicenseUsageStatus.LIMIT_EXCEEDED_USER
+        )
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_internal_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_external_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_limit_exceeded_admin_warning(self):
+        """Check license verification"""
+        License.objects.create(key=generate_id())
+        usage = LicenseUsage.objects.create(
+            internal_user_count=100,
+            external_user_count=100,
+            status=LicenseUsageStatus.VALID,
+        )
+        usage.record_date = now() - timedelta(weeks=THRESHOLD_WARNING_ADMIN_WEEKS + 1)
+        usage.save(update_fields=["record_date"])
+        self.assertEqual(
+            LicenseKey.get_total().summary().status, LicenseUsageStatus.LIMIT_EXCEEDED_ADMIN
+        )
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_expired_read_only,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_expiry_read_only(self):
+        """Check license verification"""
+        License.objects.create(key=generate_id())
+        self.assertEqual(LicenseKey.get_total().summary().status, LicenseUsageStatus.READ_ONLY)
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_expired,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_expiry_expired(self):
+        """Check license verification"""
+        License.objects.create(key=generate_id())
+        self.assertEqual(LicenseKey.get_total().summary().status, LicenseUsageStatus.EXPIRED)
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_soon,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_expiry_soon(self):
+        """Check license verification"""
+        License.objects.create(key=generate_id())
+        self.assertEqual(LicenseKey.get_total().summary().status, LicenseUsageStatus.EXPIRY_SOON)

authentik/enterprise/tests/test_read_only.py

@@ -0,0 +1,217 @@
+"""read only tests"""
+
+from datetime import timedelta
+from unittest.mock import MagicMock, patch
+
+from django.urls import reverse
+from django.utils.timezone import now
+
+from authentik.core.tests.utils import create_test_admin_user, create_test_flow, create_test_user
+from authentik.enterprise.license import LicenseKey
+from authentik.enterprise.models import (
+    THRESHOLD_READ_ONLY_WEEKS,
+    License,
+    LicenseUsage,
+    LicenseUsageStatus,
+)
+from authentik.enterprise.tests.test_license import expiry_valid
+from authentik.flows.models import (
+    FlowDesignation,
+    FlowStageBinding,
+)
+from authentik.flows.tests import FlowTestCase
+from authentik.lib.generators import generate_id
+from authentik.stages.identification.models import IdentificationStage, UserFields
+from authentik.stages.password import BACKEND_INBUILT
+from authentik.stages.password.models import PasswordStage
+from authentik.stages.user_login.models import UserLoginStage
+
+
+class TestReadOnly(FlowTestCase):
+    """Test read_only"""
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_internal_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_external_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_login(self):
+        """Test flow, ensure login is still possible with read only mode"""
+        License.objects.create(key=generate_id())
+        usage = LicenseUsage.objects.create(
+            internal_user_count=100,
+            external_user_count=100,
+            status=LicenseUsageStatus.VALID,
+        )
+        usage.record_date = now() - timedelta(weeks=THRESHOLD_READ_ONLY_WEEKS + 1)
+        usage.save(update_fields=["record_date"])
+
+        flow = create_test_flow(
+            FlowDesignation.AUTHENTICATION,
+        )
+
+        ident_stage = IdentificationStage.objects.create(
+            name=generate_id(),
+            user_fields=[UserFields.E_MAIL],
+            pretend_user_exists=False,
+        )
+        FlowStageBinding.objects.create(
+            target=flow,
+            stage=ident_stage,
+            order=0,
+        )
+        password_stage = PasswordStage.objects.create(
+            name=generate_id(), backends=[BACKEND_INBUILT]
+        )
+        FlowStageBinding.objects.create(
+            target=flow,
+            stage=password_stage,
+            order=1,
+        )
+        login_stage = UserLoginStage.objects.create(
+            name=generate_id(),
+        )
+        FlowStageBinding.objects.create(
+            target=flow,
+            stage=login_stage,
+            order=2,
+        )
+
+        user = create_test_user()
+
+        exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
+        response = self.client.get(exec_url)
+        self.assertStageResponse(
+            response,
+            flow,
+            component="ak-stage-identification",
+            password_fields=False,
+            primary_action="Log in",
+            sources=[],
+            show_source_labels=False,
+            user_fields=[UserFields.E_MAIL],
+        )
+        response = self.client.post(exec_url, {"uid_field": user.email}, follow=True)
+        self.assertStageResponse(response, flow, component="ak-stage-password")
+        response = self.client.post(exec_url, {"password": user.username}, follow=True)
+        self.assertStageRedirects(response, reverse("authentik_core:root-redirect"))
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_internal_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_external_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_manage_licenses(self):
+        """Test that managing licenses is still possible"""
+        license = License.objects.create(key=generate_id())
+        usage = LicenseUsage.objects.create(
+            internal_user_count=100,
+            external_user_count=100,
+            status=LicenseUsageStatus.VALID,
+        )
+        usage.record_date = now() - timedelta(weeks=THRESHOLD_READ_ONLY_WEEKS + 1)
+        usage.save(update_fields=["record_date"])
+
+        admin = create_test_admin_user()
+        self.client.force_login(admin)
+
+        # Reading is always allowed
+        response = self.client.get(reverse("authentik_api:license-list"))
+        self.assertEqual(response.status_code, 200)
+
+        # Writing should also be allowed
+        response = self.client.patch(
+            reverse("authentik_api:license-detail", kwargs={"pk": license.pk})
+        )
+        self.assertEqual(response.status_code, 200)
+
+    @patch(
+        "authentik.enterprise.license.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=expiry_valid,
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_internal_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.get_external_user_count",
+        MagicMock(return_value=1000),
+    )
+    @patch(
+        "authentik.enterprise.license.LicenseKey.record_usage",
+        MagicMock(),
+    )
+    def test_manage_flows(self):
+        """Test flow"""
+        License.objects.create(key=generate_id())
+        usage = LicenseUsage.objects.create(
+            internal_user_count=100,
+            external_user_count=100,
+            status=LicenseUsageStatus.VALID,
+        )
+        usage.record_date = now() - timedelta(weeks=THRESHOLD_READ_ONLY_WEEKS + 1)
+        usage.save(update_fields=["record_date"])
+
+        admin = create_test_admin_user()
+        self.client.force_login(admin)
+
+        # Read only is still allowed
+        response = self.client.get(reverse("authentik_api:flow-list"))
+        self.assertEqual(response.status_code, 200)
+
+        flow = create_test_flow()
+        # Writing is not
+        response = self.client.patch(
+            reverse("authentik_api:flow-detail", kwargs={"slug": flow.slug})
+        )
+        self.assertJSONEqual(
+            response.content,
+            {"detail": "Request denied due to expired/invalid license.", "code": "denied_license"},
+        )
+        self.assertEqual(response.status_code, 400)

authentik/outposts/api/outposts.py

@@ -140,7 +140,7 @@ class OutpostHealthSerializer(PassiveSerializer):
 
     def get_fips_enabled(self, obj: dict) -> bool | None:
         """Get FIPS enabled"""
-        if not LicenseKey.get_total().is_valid():
+        if not LicenseKey.get_total().status().is_valid:
             return None
         return obj["fips_enabled"]
 

blueprints/schema.json

@@ -6321,22 +6321,6 @@
                             "authentik_rbac.edit_system_settings",
                             "authentik_rbac.view_system_info",
                             "authentik_rbac.view_system_settings",
-                            "authentik_sources_kerberos.add_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.change_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.delete_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.view_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.add_kerberospropertymapping",
-                            "authentik_sources_kerberos.change_kerberospropertymapping",
-                            "authentik_sources_kerberos.delete_kerberospropertymapping",
-                            "authentik_sources_kerberos.view_kerberospropertymapping",
-                            "authentik_sources_kerberos.add_kerberossource",
-                            "authentik_sources_kerberos.change_kerberossource",
-                            "authentik_sources_kerberos.delete_kerberossource",
-                            "authentik_sources_kerberos.view_kerberossource",
-                            "authentik_sources_kerberos.add_userkerberossourceconnection",
-                            "authentik_sources_kerberos.change_userkerberossourceconnection",
-                            "authentik_sources_kerberos.delete_userkerberossourceconnection",
-                            "authentik_sources_kerberos.view_userkerberossourceconnection",
                             "authentik_sources_ldap.add_ldapsource",
                             "authentik_sources_ldap.change_ldapsource",
                             "authentik_sources_ldap.delete_ldapsource",
@@ -6361,14 +6345,26 @@
                             "authentik_sources_oauth.change_useroauthsourceconnection",
                             "authentik_sources_oauth.delete_useroauthsourceconnection",
                             "authentik_sources_oauth.view_useroauthsourceconnection",
+                            "authentik_sources_plex.add_groupplexsourceconnection",
+                            "authentik_sources_plex.change_groupplexsourceconnection",
+                            "authentik_sources_plex.delete_groupplexsourceconnection",
+                            "authentik_sources_plex.view_groupplexsourceconnection",
                             "authentik_sources_plex.add_plexsource",
                             "authentik_sources_plex.change_plexsource",
                             "authentik_sources_plex.delete_plexsource",
                             "authentik_sources_plex.view_plexsource",
+                            "authentik_sources_plex.add_plexsourcepropertymapping",
+                            "authentik_sources_plex.change_plexsourcepropertymapping",
+                            "authentik_sources_plex.delete_plexsourcepropertymapping",
+                            "authentik_sources_plex.view_plexsourcepropertymapping",
                             "authentik_sources_plex.add_plexsourceconnection",
+                            "authentik_sources_plex.add_userplexsourceconnection",
                             "authentik_sources_plex.change_plexsourceconnection",
+                            "authentik_sources_plex.change_userplexsourceconnection",
                             "authentik_sources_plex.delete_plexsourceconnection",
+                            "authentik_sources_plex.delete_userplexsourceconnection",
                             "authentik_sources_plex.view_plexsourceconnection",
+                            "authentik_sources_plex.view_userplexsourceconnection",
                             "authentik_sources_saml.add_groupsamlsourceconnection",
                             "authentik_sources_saml.change_groupsamlsourceconnection",
                             "authentik_sources_saml.delete_groupsamlsourceconnection",
@@ -11984,22 +11980,6 @@
                             "authentik_rbac.edit_system_settings",
                             "authentik_rbac.view_system_info",
                             "authentik_rbac.view_system_settings",
-                            "authentik_sources_kerberos.add_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.change_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.delete_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.view_groupkerberossourceconnection",
-                            "authentik_sources_kerberos.add_kerberospropertymapping",
-                            "authentik_sources_kerberos.change_kerberospropertymapping",
-                            "authentik_sources_kerberos.delete_kerberospropertymapping",
-                            "authentik_sources_kerberos.view_kerberospropertymapping",
-                            "authentik_sources_kerberos.add_kerberossource",
-                            "authentik_sources_kerberos.change_kerberossource",
-                            "authentik_sources_kerberos.delete_kerberossource",
-                            "authentik_sources_kerberos.view_kerberossource",
-                            "authentik_sources_kerberos.add_userkerberossourceconnection",
-                            "authentik_sources_kerberos.change_userkerberossourceconnection",
-                            "authentik_sources_kerberos.delete_userkerberossourceconnection",
-                            "authentik_sources_kerberos.view_userkerberossourceconnection",
                             "authentik_sources_ldap.add_ldapsource",
                             "authentik_sources_ldap.change_ldapsource",
                             "authentik_sources_ldap.delete_ldapsource",
@@ -12024,14 +12004,26 @@
                             "authentik_sources_oauth.change_useroauthsourceconnection",
                             "authentik_sources_oauth.delete_useroauthsourceconnection",
                             "authentik_sources_oauth.view_useroauthsourceconnection",
+                            "authentik_sources_plex.add_groupplexsourceconnection",
+                            "authentik_sources_plex.change_groupplexsourceconnection",
+                            "authentik_sources_plex.delete_groupplexsourceconnection",
+                            "authentik_sources_plex.view_groupplexsourceconnection",
                             "authentik_sources_plex.add_plexsource",
                             "authentik_sources_plex.change_plexsource",
                             "authentik_sources_plex.delete_plexsource",
                             "authentik_sources_plex.view_plexsource",
+                            "authentik_sources_plex.add_plexsourcepropertymapping",
+                            "authentik_sources_plex.change_plexsourcepropertymapping",
+                            "authentik_sources_plex.delete_plexsourcepropertymapping",
+                            "authentik_sources_plex.view_plexsourcepropertymapping",
                             "authentik_sources_plex.add_plexsourceconnection",
+                            "authentik_sources_plex.add_userplexsourceconnection",
                             "authentik_sources_plex.change_plexsourceconnection",
+                            "authentik_sources_plex.change_userplexsourceconnection",
                             "authentik_sources_plex.delete_plexsourceconnection",
+                            "authentik_sources_plex.delete_userplexsourceconnection",
                             "authentik_sources_plex.view_plexsourceconnection",
+                            "authentik_sources_plex.view_userplexsourceconnection",
                             "authentik_sources_saml.add_groupsamlsourceconnection",
                             "authentik_sources_saml.change_groupsamlsourceconnection",
                             "authentik_sources_saml.delete_groupsamlsourceconnection",

go.mod

@@ -28,7 +28,7 @@ require (
 	github.com/spf13/cobra v1.8.1
 	github.com/stretchr/testify v1.9.0
 	github.com/wwt/guac v1.3.2
-	goauthentik.io/api/v3 v3.2024063.5
+	goauthentik.io/api/v3 v3.2024063.6
 	golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
 	golang.org/x/oauth2 v0.22.0
 	golang.org/x/sync v0.8.0

go.sum

@@ -293,8 +293,8 @@ go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y
 go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
 go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
 go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
-goauthentik.io/api/v3 v3.2024063.5 h1:iCjsJDDGt9H8AkNk0cQdGV6PYErKJlFThPsmbZ4Vp6E=
-goauthentik.io/api/v3 v3.2024063.5/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
+goauthentik.io/api/v3 v3.2024063.6 h1:TloJKYEhdxej4PRPjQiA//SlaSByxc5XCYT3QmjErN8=
+goauthentik.io/api/v3 v3.2024063.6/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=

poetry.lock

@@ -3098,6 +3098,8 @@ files = [
     {file = "orjson-3.10.6-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:960db0e31c4e52fa0fc3ecbaea5b2d3b58f379e32a95ae6b0ebeaa25b93dfd34"},
     {file = "orjson-3.10.6-cp312-none-win32.whl", hash = "sha256:a6ea7afb5b30b2317e0bee03c8d34c8181bc5a36f2afd4d0952f378972c4efd5"},
     {file = "orjson-3.10.6-cp312-none-win_amd64.whl", hash = "sha256:874ce88264b7e655dde4aeaacdc8fd772a7962faadfb41abe63e2a4861abc3dc"},
+    {file = "orjson-3.10.6-cp313-none-win32.whl", hash = "sha256:efdf2c5cde290ae6b83095f03119bdc00303d7a03b42b16c54517baa3c4ca3d0"},
+    {file = "orjson-3.10.6-cp313-none-win_amd64.whl", hash = "sha256:8e190fe7888e2e4392f52cafb9626113ba135ef53aacc65cd13109eb9746c43e"},
     {file = "orjson-3.10.6-cp38-cp38-macosx_10_15_x86_64.macosx_11_0_arm64.macosx_10_15_universal2.whl", hash = "sha256:66680eae4c4e7fc193d91cfc1353ad6d01b4801ae9b5314f17e11ba55e934183"},
     {file = "orjson-3.10.6-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:caff75b425db5ef8e8f23af93c80f072f97b4fb3afd4af44482905c9f588da28"},
     {file = "orjson-3.10.6-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:3722fddb821b6036fd2a3c814f6bd9b57a89dc6337b9924ecd614ebce3271394"},
@@ -4185,29 +4187,29 @@ pyasn1 = ">=0.1.3"
 
 [[package]]
 name = "ruff"
-version = "0.5.6"
+version = "0.5.7"
 description = "An extremely fast Python linter and code formatter, written in Rust."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "ruff-0.5.6-py3-none-linux_armv6l.whl", hash = "sha256:a0ef5930799a05522985b9cec8290b185952f3fcd86c1772c3bdbd732667fdcd"},
-    {file = "ruff-0.5.6-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:b652dc14f6ef5d1552821e006f747802cc32d98d5509349e168f6bf0ee9f8f42"},
-    {file = "ruff-0.5.6-py3-none-macosx_11_0_arm64.whl", hash = "sha256:80521b88d26a45e871f31e4b88938fd87db7011bb961d8afd2664982dfc3641a"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d9bc8f328a9f1309ae80e4d392836e7dbc77303b38ed4a7112699e63d3b066ab"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:4d394940f61f7720ad371ddedf14722ee1d6250fd8d020f5ea5a86e7be217daf"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:111a99cdb02f69ddb2571e2756e017a1496c2c3a2aeefe7b988ddab38b416d36"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:e395daba77a79f6dc0d07311f94cc0560375ca20c06f354c7c99af3bf4560c5d"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c476acb43c3c51e3c614a2e878ee1589655fa02dab19fe2db0423a06d6a5b1b6"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:e2ff8003f5252fd68425fd53d27c1f08b201d7ed714bb31a55c9ac1d4c13e2eb"},
-    {file = "ruff-0.5.6-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c94e084ba3eaa80c2172918c2ca2eb2230c3f15925f4ed8b6297260c6ef179ad"},
-    {file = "ruff-0.5.6-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:1f77c1c3aa0669fb230b06fb24ffa3e879391a3ba3f15e3d633a752da5a3e670"},
-    {file = "ruff-0.5.6-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:f908148c93c02873210a52cad75a6eda856b2cbb72250370ce3afef6fb99b1ed"},
-    {file = "ruff-0.5.6-py3-none-musllinux_1_2_i686.whl", hash = "sha256:563a7ae61ad284187d3071d9041c08019975693ff655438d8d4be26e492760bd"},
-    {file = "ruff-0.5.6-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:94fe60869bfbf0521e04fd62b74cbca21cbc5beb67cbb75ab33fe8c174f54414"},
-    {file = "ruff-0.5.6-py3-none-win32.whl", hash = "sha256:e6a584c1de6f8591c2570e171cc7ce482bb983d49c70ddf014393cd39e9dfaed"},
-    {file = "ruff-0.5.6-py3-none-win_amd64.whl", hash = "sha256:d7fe7dccb1a89dc66785d7aa0ac283b2269712d8ed19c63af908fdccca5ccc1a"},
-    {file = "ruff-0.5.6-py3-none-win_arm64.whl", hash = "sha256:57c6c0dd997b31b536bff49b9eee5ed3194d60605a4427f735eeb1f9c1b8d264"},
-    {file = "ruff-0.5.6.tar.gz", hash = "sha256:07c9e3c2a8e1fe377dd460371c3462671a728c981c3205a5217291422209f642"},
+    {file = "ruff-0.5.7-py3-none-linux_armv6l.whl", hash = "sha256:548992d342fc404ee2e15a242cdbea4f8e39a52f2e7752d0e4cbe88d2d2f416a"},
+    {file = "ruff-0.5.7-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:00cc8872331055ee017c4f1071a8a31ca0809ccc0657da1d154a1d2abac5c0be"},
+    {file = "ruff-0.5.7-py3-none-macosx_11_0_arm64.whl", hash = "sha256:eaf3d86a1fdac1aec8a3417a63587d93f906c678bb9ed0b796da7b59c1114a1e"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a01c34400097b06cf8a6e61b35d6d456d5bd1ae6961542de18ec81eaf33b4cb8"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:fcc8054f1a717e2213500edaddcf1dbb0abad40d98e1bd9d0ad364f75c763eea"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:7f70284e73f36558ef51602254451e50dd6cc479f8b6f8413a95fcb5db4a55fc"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:a78ad870ae3c460394fc95437d43deb5c04b5c29297815a2a1de028903f19692"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9ccd078c66a8e419475174bfe60a69adb36ce04f8d4e91b006f1329d5cd44bcf"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7e31c9bad4ebf8fdb77b59cae75814440731060a09a0e0077d559a556453acbb"},
+    {file = "ruff-0.5.7-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8d796327eed8e168164346b769dd9a27a70e0298d667b4ecee6877ce8095ec8e"},
+    {file = "ruff-0.5.7-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:4a09ea2c3f7778cc635e7f6edf57d566a8ee8f485f3c4454db7771efb692c499"},
+    {file = "ruff-0.5.7-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:a36d8dcf55b3a3bc353270d544fb170d75d2dff41eba5df57b4e0b67a95bb64e"},
+    {file = "ruff-0.5.7-py3-none-musllinux_1_2_i686.whl", hash = "sha256:9369c218f789eefbd1b8d82a8cf25017b523ac47d96b2f531eba73770971c9e5"},
+    {file = "ruff-0.5.7-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:b88ca3db7eb377eb24fb7c82840546fb7acef75af4a74bd36e9ceb37a890257e"},
+    {file = "ruff-0.5.7-py3-none-win32.whl", hash = "sha256:33d61fc0e902198a3e55719f4be6b375b28f860b09c281e4bdbf783c0566576a"},
+    {file = "ruff-0.5.7-py3-none-win_amd64.whl", hash = "sha256:083bbcbe6fadb93cd86709037acc510f86eed5a314203079df174c40bbbca6b3"},
+    {file = "ruff-0.5.7-py3-none-win_arm64.whl", hash = "sha256:2dca26154ff9571995107221d0aeaad0e75a77b5a682d6236cf89a58c70b76f4"},
+    {file = "ruff-0.5.7.tar.gz", hash = "sha256:8dfc0a458797f5d9fb622dd0efc52d796f23f0a1493a9527f4e49a550ae9a7e5"},
 ]
 
 [[package]]

schema.yml

@@ -41386,28 +41386,26 @@ components:
           type: integer
         external_users:
           type: integer
-        valid:
-          type: boolean
-        show_admin_warning:
-          type: boolean
-        show_user_warning:
-          type: boolean
-        read_only:
-          type: boolean
+        status:
+          $ref: '#/components/schemas/LicenseSummaryStatusEnum'
         latest_valid:
           type: string
           format: date-time
-        has_license:
-          type: boolean
       required:
       - external_users
-      - has_license
       - internal_users
       - latest_valid
-      - read_only
-      - show_admin_warning
-      - show_user_warning
+      - status
+    LicenseSummaryStatusEnum:
+      enum:
+      - unlicensed
       - valid
+      - expired
+      - expiry_soon
+      - limit_exceeded_admin
+      - limit_exceeded_user
+      - read_only
+      type: string
     Link:
       type: object
       description: Returns a single link

web/build.mjs

@@ -43,7 +43,7 @@ const otherFiles = [
     ["node_modules/@patternfly/patternfly/patternfly.min.css", "."],
     ["node_modules/@patternfly/patternfly/assets/**", ".", "node_modules/@patternfly/patternfly/"],
     ["src/custom.css", "."],
-    ["packages/common/src/styles/**", "."],
+    ["src/common/styles/**", "."],
     ["src/assets/images/**", "./assets/images"],
     ["./icons/*", "./assets/icons"],
 ];

web/eslint.config.mjs

@@ -12,8 +12,6 @@ export default [
     {
         ignores: [
             "dist/",
-            ".wireit/",
-            "packages/",
             // don't ever lint node_modules
             "node_modules/",
             ".storybook/*",

web/package-lock.json

@@ -11,8 +11,7 @@
             "license": "MIT",
             "workspaces": [
                 ".",
-                "./packages/sfe",
-                "./packages/common"
+                "./packages/*"
             ],
             "dependencies": {
                 "@codemirror/lang-html": "^6.4.9",
@@ -24,7 +23,7 @@
                 "@floating-ui/dom": "^1.6.9",
                 "@formatjs/intl-listformat": "^7.5.7",
                 "@fortawesome/fontawesome-free": "^6.6.0",
-                "@goauthentik/api": "^2024.6.3-1723109801",
+                "@goauthentik/api": "^2024.6.3-1723206419",
                 "@lit/context": "^1.1.2",
                 "@lit/localize": "^0.12.2",
                 "@lit/reactive-element": "^2.0.4",
@@ -3373,13 +3372,9 @@
             "license": "MIT"
         },
         "node_modules/@goauthentik/api": {
-            "version": "2024.6.3-1723109801",
-            "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.6.3-1723109801.tgz",
-            "integrity": "sha512-liqFlqaAqmcCQyfrfkmJC3W+6tgzglf5hpONNpyV6qCxY81xVKzL4qhW9gk1CMbViVCrnKCeFBdYEyLHus7izg=="
-        },
-        "node_modules/@goauthentik/common": {
-            "resolved": "packages/common",
-            "link": true
+            "version": "2024.6.3-1723206419",
+            "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.6.3-1723206419.tgz",
+            "integrity": "sha512-hxDk3SvCVsUKdfFccvrTCAGOn+qV307PeZ556/GcxWtpH9gcwMv48oTthQu29pwim6qxlVVVHlCeqD48kDRM2g=="
         },
         "node_modules/@goauthentik/web": {
             "resolved": "",
@@ -4090,61 +4085,6 @@
                 "node": ">= 8"
             }
         },
-        "node_modules/@npmcli/agent": {
-            "version": "2.2.2",
-            "resolved": "https://registry.npmjs.org/@npmcli/agent/-/agent-2.2.2.tgz",
-            "integrity": "sha512-OrcNPXdpSl9UX7qPVRWbmWMCSXrcDa2M9DvrbOTj7ao1S4PlqVFYv9/yLKMkrJKZ/V5A/kDBC690or307i26Og==",
-            "dev": true,
-            "dependencies": {
-                "agent-base": "^7.1.0",
-                "http-proxy-agent": "^7.0.0",
-                "https-proxy-agent": "^7.0.1",
-                "lru-cache": "^10.0.1",
-                "socks-proxy-agent": "^8.0.3"
-            },
-            "engines": {
-                "node": "^16.14.0 || >=18.0.0"
-            }
-        },
-        "node_modules/@npmcli/agent/node_modules/lru-cache": {
-            "version": "10.4.3",
-            "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
-            "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
-            "dev": true
-        },
-        "node_modules/@npmcli/fs": {
-            "version": "3.1.1",
-            "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-3.1.1.tgz",
-            "integrity": "sha512-q9CRWjpHCMIh5sVyefoD1cA7PkvILqCZsnSOEUUivORLjxCO/Irmue2DprETiNgEqktDBZaM1Bi+jrarx1XdCg==",
-            "dev": true,
-            "dependencies": {
-                "semver": "^7.3.5"
-            },
-            "engines": {
-                "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
-            }
-        },
-        "node_modules/@npmcli/fs/node_modules/semver": {
-            "version": "7.6.3",
-            "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
-            "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==",
-            "dev": true,
-            "bin": {
-                "semver": "bin/semver.js"
-            },
-            "engines": {
-                "node": ">=10"
-            }
-        },
-        "node_modules/@npmcli/redact": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/@npmcli/redact/-/redact-2.0.1.tgz",
-            "integrity": "sha512-YgsR5jCQZhVmTJvjduTOIHph0L73pK8xwMVaDY0PatySqVM9AZj93jpoXYSJqfHFxFkN9dmqTw6OiqExsS3LPw==",
-            "dev": true,
-            "engines": {
-                "node": "^16.14.0 || >=18.0.0"
-            }
-        },
         "node_modules/@open-wc/lit-helpers": {
             "version": "0.7.0",
             "license": "MIT",
@@ -8816,11 +8756,6 @@
             "dev": true,
             "license": "MIT"
         },
-        "node_modules/@types/webappsec-credential-management": {
-            "version": "0.6.8",
-            "resolved": "https://registry.npmjs.org/@types/webappsec-credential-management/-/webappsec-credential-management-0.6.8.tgz",
-            "integrity": "sha512-DES/SkK54U7AG8hmMkGCJkOSlywM3R+TzaWT+rBnX3lQTJ3K57jWr+UccWY8ImkuKekC9BjB+AH4zLJB4JKpvQ=="
-        },
         "node_modules/@types/which": {
             "version": "2.0.2",
             "dev": true,
@@ -10200,19 +10135,6 @@
                 "node": ">= 14"
             }
         },
-        "node_modules/aggregate-error": {
-            "version": "3.1.0",
-            "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz",
-            "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==",
-            "dev": true,
-            "dependencies": {
-                "clean-stack": "^2.0.0",
-                "indent-string": "^4.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
         "node_modules/ajv": {
             "version": "6.12.6",
             "dev": true,
@@ -10634,19 +10556,6 @@
                 "url": "https://github.com/sponsors/ljharb"
             }
         },
-        "node_modules/awilix": {
-            "version": "10.0.2",
-            "resolved": "https://registry.npmjs.org/awilix/-/awilix-10.0.2.tgz",
-            "integrity": "sha512-hFatb7eZFdtiWjjmGRSm/K/uxZpmcBlM+YoeMB3VpOPXk3xa6+7zctg3LRbUzoimom5bwGrePF0jXReO6b4zNQ==",
-            "dev": true,
-            "dependencies": {
-                "camel-case": "^4.1.2",
-                "fast-glob": "^3.3.2"
-            },
-            "engines": {
-                "node": ">=14.0.0"
-            }
-        },
         "node_modules/axios": {
             "version": "1.7.3",
             "license": "MIT",
@@ -11292,113 +11201,6 @@
                 "node": ">= 0.8"
             }
         },
-        "node_modules/cacache": {
-            "version": "18.0.4",
-            "resolved": "https://registry.npmjs.org/cacache/-/cacache-18.0.4.tgz",
-            "integrity": "sha512-B+L5iIa9mgcjLbliir2th36yEwPftrzteHYujzsx3dFP/31GCHcIeS8f5MGd80odLOjaOvSpU3EEAmRQptkxLQ==",
-            "dev": true,
-            "dependencies": {
-                "@npmcli/fs": "^3.1.0",
-                "fs-minipass": "^3.0.0",
-                "glob": "^10.2.2",
-                "lru-cache": "^10.0.1",
-                "minipass": "^7.0.3",
-                "minipass-collect": "^2.0.1",
-                "minipass-flush": "^1.0.5",
-                "minipass-pipeline": "^1.2.4",
-                "p-map": "^4.0.0",
-                "ssri": "^10.0.0",
-                "tar": "^6.1.11",
-                "unique-filename": "^3.0.0"
-            },
-            "engines": {
-                "node": "^16.14.0 || >=18.0.0"
-            }
-        },
-        "node_modules/cacache/node_modules/fs-minipass": {
-            "version": "3.0.3",
-            "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-3.0.3.tgz",
-            "integrity": "sha512-XUBA9XClHbnJWSfBzjkm6RvPsyg3sryZt06BEQoXcF7EK/xpGaQYJgQKDJSUH5SGZ76Y7pFx1QBnXz09rU5Fbw==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^7.0.3"
-            },
-            "engines": {
-                "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
-            }
-        },
-        "node_modules/cacache/node_modules/glob": {
-            "version": "10.4.5",
-            "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
-            "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
-            "dev": true,
-            "dependencies": {
-                "foreground-child": "^3.1.0",
-                "jackspeak": "^3.1.2",
-                "minimatch": "^9.0.4",
-                "minipass": "^7.1.2",
-                "package-json-from-dist": "^1.0.0",
-                "path-scurry": "^1.11.1"
-            },
-            "bin": {
-                "glob": "dist/esm/bin.mjs"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            }
-        },
-        "node_modules/cacache/node_modules/jackspeak": {
-            "version": "3.4.3",
-            "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
-            "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
-            "dev": true,
-            "dependencies": {
-                "@isaacs/cliui": "^8.0.2"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            },
-            "optionalDependencies": {
-                "@pkgjs/parseargs": "^0.11.0"
-            }
-        },
-        "node_modules/cacache/node_modules/lru-cache": {
-            "version": "10.4.3",
-            "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
-            "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
-            "dev": true
-        },
-        "node_modules/cacache/node_modules/p-map": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz",
-            "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==",
-            "dev": true,
-            "dependencies": {
-                "aggregate-error": "^3.0.0"
-            },
-            "engines": {
-                "node": ">=10"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/sindresorhus"
-            }
-        },
-        "node_modules/cacache/node_modules/path-scurry": {
-            "version": "1.11.1",
-            "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
-            "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
-            "dev": true,
-            "dependencies": {
-                "lru-cache": "^10.2.0",
-                "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
-            },
-            "engines": {
-                "node": ">=16 || 14 >=14.18"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            }
-        },
         "node_modules/cacheable-lookup": {
             "version": "7.0.0",
             "dev": true,
@@ -11471,16 +11273,6 @@
                 "node": ">=6"
             }
         },
-        "node_modules/camel-case": {
-            "version": "4.1.2",
-            "resolved": "https://registry.npmjs.org/camel-case/-/camel-case-4.1.2.tgz",
-            "integrity": "sha512-gxGWBrTT1JuMx6R+o5PTXMmUnhnVzLQ9SNutD4YqKtI6ap897t3tKECYla6gCWEkplXnlNybEkZg9GEGxKFCgw==",
-            "dev": true,
-            "dependencies": {
-                "pascal-case": "^3.1.2",
-                "tslib": "^2.0.3"
-            }
-        },
         "node_modules/camelcase": {
             "version": "5.3.1",
             "dev": true,
@@ -11642,15 +11434,6 @@
                 "consola": "^3.2.3"
             }
         },
-        "node_modules/clean-stack": {
-            "version": "2.2.0",
-            "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz",
-            "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==",
-            "dev": true,
-            "engines": {
-                "node": ">=6"
-            }
-        },
         "node_modules/cli-cursor": {
             "version": "3.1.0",
             "dev": true,
@@ -13153,6 +12936,7 @@
             "dev": true,
             "license": "MIT",
             "optional": true,
+            "peer": true,
             "dependencies": {
                 "iconv-lite": "^0.6.2"
             }
@@ -13162,6 +12946,7 @@
             "dev": true,
             "license": "MIT",
             "optional": true,
+            "peer": true,
             "dependencies": {
                 "safer-buffer": ">= 2.1.2 < 3.0.0"
             },
@@ -13230,12 +13015,6 @@
                 "node": ">=4"
             }
         },
-        "node_modules/err-code": {
-            "version": "2.0.3",
-            "resolved": "https://registry.npmjs.org/err-code/-/err-code-2.0.3.tgz",
-            "integrity": "sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA==",
-            "dev": true
-        },
         "node_modules/error-ex": {
             "version": "1.3.2",
             "dev": true,
@@ -14180,24 +13959,6 @@
                 "eslint": ">=5.16.0"
             }
         },
-        "node_modules/eslint-config-nightmare-mode": {
-            "version": "2.3.0",
-            "resolved": "https://registry.npmjs.org/eslint-config-nightmare-mode/-/eslint-config-nightmare-mode-2.3.0.tgz",
-            "integrity": "sha512-oDstNzzG6wwOUupvQniUpV641RLlP6NFkltQVBdHx67CjaOsIXkPbDWWYANvx1BwxscPQW+Mzh5NFPATvgDBEQ==",
-            "dev": true,
-            "dependencies": {
-                "object-assign": "^2.0.0"
-            }
-        },
-        "node_modules/eslint-plugin-custom-elements": {
-            "version": "0.0.8",
-            "resolved": "https://registry.npmjs.org/eslint-plugin-custom-elements/-/eslint-plugin-custom-elements-0.0.8.tgz",
-            "integrity": "sha512-726XMAabRLKKm6/yjvYfvY4MKBwX9C4x8yPjj/ap470KhSIBHm+xHbm3P7cKlsFz/4cxq6YrBeSwKmwlacF1jg==",
-            "dev": true,
-            "peerDependencies": {
-                "eslint": ">=4.19.0"
-            }
-        },
         "node_modules/eslint-plugin-lit": {
             "version": "1.14.0",
             "dev": true,
@@ -16153,15 +15914,6 @@
                 "node": ">=0.8.19"
             }
         },
-        "node_modules/indent-string": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz",
-            "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==",
-            "dev": true,
-            "engines": {
-                "node": ">=8"
-            }
-        },
         "node_modules/inflight": {
             "version": "1.0.6",
             "dev": true,
@@ -16503,12 +16255,6 @@
                 "node": ">=8"
             }
         },
-        "node_modules/is-lambda": {
-            "version": "1.0.1",
-            "resolved": "https://registry.npmjs.org/is-lambda/-/is-lambda-1.0.1.tgz",
-            "integrity": "sha512-z7CMFGNrENq5iFB9Bqo64Xk6Y9sg+epq1myIcdHaGnbMTYOxvzsEtdYqQUylB7LxfkvgrrjP32T6Ywciio9UIQ==",
-            "dev": true
-        },
         "node_modules/is-module": {
             "version": "1.0.0",
             "dev": true,
@@ -17402,15 +17148,6 @@
                 "graceful-fs": "^4.1.6"
             }
         },
-        "node_modules/jsonparse": {
-            "version": "1.3.1",
-            "resolved": "https://registry.npmjs.org/jsonparse/-/jsonparse-1.3.1.tgz",
-            "integrity": "sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==",
-            "dev": true,
-            "engines": [
-                "node >= 0.2.0"
-            ]
-        },
         "node_modules/jsonschema": {
             "version": "1.4.1",
             "dev": true,
@@ -17996,15 +17733,6 @@
                 "loose-envify": "cli.js"
             }
         },
-        "node_modules/lower-case": {
-            "version": "2.0.2",
-            "resolved": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz",
-            "integrity": "sha512-7fm3l3NAF9WfN6W3JOmf5drwpVqX78JtoGJ3A6W0a6ZnldM41w2fV5D490psKFTpMds8TJse/eHLFFsNHHjHgg==",
-            "dev": true,
-            "dependencies": {
-                "tslib": "^2.0.3"
-            }
-        },
         "node_modules/lowercase-keys": {
             "version": "3.0.0",
             "dev": true,
@@ -18051,29 +17779,6 @@
             "dev": true,
             "license": "ISC"
         },
-        "node_modules/make-fetch-happen": {
-            "version": "13.0.1",
-            "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-13.0.1.tgz",
-            "integrity": "sha512-cKTUFc/rbKUd/9meOvgrpJ2WrNzymt6jfRDdwg5UCnVzv9dTpEj9JS5m3wtziXVCjluIXyL8pcaukYqezIzZQA==",
-            "dev": true,
-            "dependencies": {
-                "@npmcli/agent": "^2.0.0",
-                "cacache": "^18.0.0",
-                "http-cache-semantics": "^4.1.1",
-                "is-lambda": "^1.0.1",
-                "minipass": "^7.0.2",
-                "minipass-fetch": "^3.0.0",
-                "minipass-flush": "^1.0.5",
-                "minipass-pipeline": "^1.2.4",
-                "negotiator": "^0.6.3",
-                "proc-log": "^4.2.0",
-                "promise-retry": "^2.0.1",
-                "ssri": "^10.0.0"
-            },
-            "engines": {
-                "node": "^16.14.0 || >=18.0.0"
-            }
-        },
         "node_modules/map-or-similar": {
             "version": "1.5.0",
             "dev": true,
@@ -18752,125 +18457,6 @@
                 "node": ">=16 || 14 >=14.17"
             }
         },
-        "node_modules/minipass-collect": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-2.0.1.tgz",
-            "integrity": "sha512-D7V8PO9oaz7PWGLbCACuI1qEOsq7UKfLotx/C0Aet43fCUB/wfQ7DYeq2oR/svFJGYDHPr38SHATeaj/ZoKHKw==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^7.0.3"
-            },
-            "engines": {
-                "node": ">=16 || 14 >=14.17"
-            }
-        },
-        "node_modules/minipass-fetch": {
-            "version": "3.0.5",
-            "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.5.tgz",
-            "integrity": "sha512-2N8elDQAtSnFV0Dk7gt15KHsS0Fyz6CbYZ360h0WTYV1Ty46li3rAXVOQj1THMNLdmrD9Vt5pBPtWtVkpwGBqg==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^7.0.3",
-                "minipass-sized": "^1.0.3",
-                "minizlib": "^2.1.2"
-            },
-            "engines": {
-                "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
-            },
-            "optionalDependencies": {
-                "encoding": "^0.1.13"
-            }
-        },
-        "node_modules/minipass-flush": {
-            "version": "1.0.5",
-            "resolved": "https://registry.npmjs.org/minipass-flush/-/minipass-flush-1.0.5.tgz",
-            "integrity": "sha512-JmQSYYpPUqX5Jyn1mXaRwOda1uQ8HP5KAT/oDSLCzt1BYRhQU0/hDtsB1ufZfEEzMZ9aAVmsBw8+FWsIXlClWw==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^3.0.0"
-            },
-            "engines": {
-                "node": ">= 8"
-            }
-        },
-        "node_modules/minipass-flush/node_modules/minipass": {
-            "version": "3.3.6",
-            "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
-            "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
-            "dev": true,
-            "dependencies": {
-                "yallist": "^4.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
-        "node_modules/minipass-flush/node_modules/yallist": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
-            "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
-            "dev": true
-        },
-        "node_modules/minipass-pipeline": {
-            "version": "1.2.4",
-            "resolved": "https://registry.npmjs.org/minipass-pipeline/-/minipass-pipeline-1.2.4.tgz",
-            "integrity": "sha512-xuIq7cIOt09RPRJ19gdi4b+RiNvDFYe5JH+ggNvBqGqpQXcru3PcRmOZuHBKWK1Txf9+cQ+HMVN4d6z46LZP7A==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^3.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
-        "node_modules/minipass-pipeline/node_modules/minipass": {
-            "version": "3.3.6",
-            "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
-            "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
-            "dev": true,
-            "dependencies": {
-                "yallist": "^4.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
-        "node_modules/minipass-pipeline/node_modules/yallist": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
-            "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
-            "dev": true
-        },
-        "node_modules/minipass-sized": {
-            "version": "1.0.3",
-            "resolved": "https://registry.npmjs.org/minipass-sized/-/minipass-sized-1.0.3.tgz",
-            "integrity": "sha512-MbkQQ2CTiBMlA2Dm/5cY+9SWFEN8pzzOXi6rlM5Xxq0Yqbda5ZQy9sU75a673FE9ZK0Zsbr6Y5iP6u9nktfg2g==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^3.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
-        "node_modules/minipass-sized/node_modules/minipass": {
-            "version": "3.3.6",
-            "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
-            "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
-            "dev": true,
-            "dependencies": {
-                "yallist": "^4.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
-        "node_modules/minipass-sized/node_modules/yallist": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
-            "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
-            "dev": true
-        },
         "node_modules/minizlib": {
             "version": "2.1.2",
             "dev": true,
@@ -19371,16 +18957,6 @@
             "dev": true,
             "license": "MIT"
         },
-        "node_modules/no-case": {
-            "version": "3.0.4",
-            "resolved": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz",
-            "integrity": "sha512-fgAN3jGAh+RoxUGZHTSOLJIqUc2wmoBwGR4tbpNAKmmovFoWq0OdRkb0VkldReO2a2iBT/OEulG9XSUc10r3zg==",
-            "dev": true,
-            "dependencies": {
-                "lower-case": "^2.0.2",
-                "tslib": "^2.0.3"
-            }
-        },
         "node_modules/node-abi": {
             "version": "3.65.0",
             "license": "MIT",
@@ -19606,25 +19182,6 @@
                 "node": ">=10"
             }
         },
-        "node_modules/npm-registry-fetch": {
-            "version": "17.1.0",
-            "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-17.1.0.tgz",
-            "integrity": "sha512-5+bKQRH0J1xG1uZ1zMNvxW0VEyoNWgJpY9UDuluPFLKDfJ9u2JmmjmTJV1srBGQOROfdBMiVvnH2Zvpbm+xkVA==",
-            "dev": true,
-            "dependencies": {
-                "@npmcli/redact": "^2.0.0",
-                "jsonparse": "^1.3.1",
-                "make-fetch-happen": "^13.0.0",
-                "minipass": "^7.0.2",
-                "minipass-fetch": "^3.0.0",
-                "minizlib": "^2.1.2",
-                "npm-package-arg": "^11.0.0",
-                "proc-log": "^4.0.0"
-            },
-            "engines": {
-                "node": "^16.14.0 || >=18.0.0"
-            }
-        },
         "node_modules/npm-run-all": {
             "version": "4.1.5",
             "dev": true,
@@ -19785,15 +19342,6 @@
                 "node": "^14.16.0 || >=16.10.0"
             }
         },
-        "node_modules/object-assign": {
-            "version": "2.1.1",
-            "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-2.1.1.tgz",
-            "integrity": "sha512-CdsOUYIh5wIiozhJ3rLQgmUTgcyzFwZZrqhkKhODMoGtPKM+wt0h0CNIoauJWMsS9822EdzPsF/6mb4nLvPN5g==",
-            "dev": true,
-            "engines": {
-                "node": ">=0.10.0"
-            }
-        },
         "node_modules/object-hash": {
             "version": "3.0.0",
             "dev": true,
@@ -20253,16 +19801,6 @@
                 "node": ">= 0.8"
             }
         },
-        "node_modules/pascal-case": {
-            "version": "3.1.2",
-            "resolved": "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.2.tgz",
-            "integrity": "sha512-uWlGT3YSnK9x3BQJaOdcZwrnV6hPpd8jFH1/ucpiLRPh/2zCVJKS19E4GvYHvaCcACn3foXZ0cLB9Wrx1KGe5g==",
-            "dev": true,
-            "dependencies": {
-                "no-case": "^3.0.4",
-                "tslib": "^2.0.3"
-            }
-        },
         "node_modules/path-exists": {
             "version": "4.0.0",
             "dev": true,
@@ -20707,19 +20245,6 @@
                 "node": ">=0.4.0"
             }
         },
-        "node_modules/promise-retry": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/promise-retry/-/promise-retry-2.0.1.tgz",
-            "integrity": "sha512-y+WKFlBR8BGXnsNlIHFGPZmyDf3DFMoLhaflAnyZgV6rG6xu+JwesTo2Q9R6XwYmtmwAFCkAk3e35jEdoeh/3g==",
-            "dev": true,
-            "dependencies": {
-                "err-code": "^2.0.2",
-                "retry": "^0.12.0"
-            },
-            "engines": {
-                "node": ">=10"
-            }
-        },
         "node_modules/prompts": {
             "version": "2.4.2",
             "dev": true,
@@ -21877,25 +21402,6 @@
             "dev": true,
             "license": "MIT"
         },
-        "node_modules/rimraf": {
-            "version": "6.0.1",
-            "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-6.0.1.tgz",
-            "integrity": "sha512-9dkvaxAsk/xNXSJzMgFqqMCuFgt2+KsOFek3TMLfo8NCPfWpBmqwyNn5Y+NX56QUYfCtsyhF3ayiboEoUmJk/A==",
-            "dev": true,
-            "dependencies": {
-                "glob": "^11.0.0",
-                "package-json-from-dist": "^1.0.0"
-            },
-            "bin": {
-                "rimraf": "dist/esm/bin.mjs"
-            },
-            "engines": {
-                "node": "20 || >=22"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            }
-        },
         "node_modules/robust-predicates": {
             "version": "3.0.2",
             "license": "Unlicense"
@@ -22737,18 +22243,6 @@
             "dev": true,
             "license": "BSD-3-Clause"
         },
-        "node_modules/ssri": {
-            "version": "10.0.6",
-            "resolved": "https://registry.npmjs.org/ssri/-/ssri-10.0.6.tgz",
-            "integrity": "sha512-MGrFH9Z4NP9Iyhqn16sDtBpRRNJ0Y2hNa6D65h736fVSaPCHr4DM4sWUNvVaSuC+0OBGhwsrydQwmgfg5LncqQ==",
-            "dev": true,
-            "dependencies": {
-                "minipass": "^7.0.3"
-            },
-            "engines": {
-                "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
-            }
-        },
         "node_modules/stack-utils": {
             "version": "2.0.6",
             "dev": true,
@@ -24597,194 +24091,6 @@
             "dev": true,
             "license": "MIT"
         },
-        "node_modules/typesync": {
-            "version": "0.13.0",
-            "resolved": "https://registry.npmjs.org/typesync/-/typesync-0.13.0.tgz",
-            "integrity": "sha512-t5+DHmXqNHJyX9PSocEEB6c5gQlO0j0LLxEiZ/HMz0lWJWBf+bKEXTORkquAuUgjMZ7U5Hx8w63Qmebx7bK2FA==",
-            "dev": true,
-            "dependencies": {
-                "awilix": "^10.0.2",
-                "chalk": "^4.1.2",
-                "cosmiconfig": "^9.0.0",
-                "detect-indent": "^6.0.0",
-                "glob": "^10.4.2",
-                "js-yaml": "^4.1.0",
-                "npm-registry-fetch": "^17.1.0",
-                "ora": "^5.1.0",
-                "semver": "^7.6.2"
-            },
-            "bin": {
-                "typesync": "bin/typesync"
-            },
-            "engines": {
-                "node": ">=16.0.0"
-            }
-        },
-        "node_modules/typesync/node_modules/ansi-styles": {
-            "version": "4.3.0",
-            "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
-            "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
-            "dev": true,
-            "dependencies": {
-                "color-convert": "^2.0.1"
-            },
-            "engines": {
-                "node": ">=8"
-            },
-            "funding": {
-                "url": "https://github.com/chalk/ansi-styles?sponsor=1"
-            }
-        },
-        "node_modules/typesync/node_modules/argparse": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
-            "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
-            "dev": true
-        },
-        "node_modules/typesync/node_modules/chalk": {
-            "version": "4.1.2",
-            "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz",
-            "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==",
-            "dev": true,
-            "dependencies": {
-                "ansi-styles": "^4.1.0",
-                "supports-color": "^7.1.0"
-            },
-            "engines": {
-                "node": ">=10"
-            },
-            "funding": {
-                "url": "https://github.com/chalk/chalk?sponsor=1"
-            }
-        },
-        "node_modules/typesync/node_modules/cosmiconfig": {
-            "version": "9.0.0",
-            "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz",
-            "integrity": "sha512-itvL5h8RETACmOTFc4UfIyB2RfEHi71Ax6E/PivVxq9NseKbOWpeyHEOIbmAw1rs8Ak0VursQNww7lf7YtUwzg==",
-            "dev": true,
-            "dependencies": {
-                "env-paths": "^2.2.1",
-                "import-fresh": "^3.3.0",
-                "js-yaml": "^4.1.0",
-                "parse-json": "^5.2.0"
-            },
-            "engines": {
-                "node": ">=14"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/d-fischer"
-            },
-            "peerDependencies": {
-                "typescript": ">=4.9.5"
-            },
-            "peerDependenciesMeta": {
-                "typescript": {
-                    "optional": true
-                }
-            }
-        },
-        "node_modules/typesync/node_modules/glob": {
-            "version": "10.4.5",
-            "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
-            "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
-            "dev": true,
-            "dependencies": {
-                "foreground-child": "^3.1.0",
-                "jackspeak": "^3.1.2",
-                "minimatch": "^9.0.4",
-                "minipass": "^7.1.2",
-                "package-json-from-dist": "^1.0.0",
-                "path-scurry": "^1.11.1"
-            },
-            "bin": {
-                "glob": "dist/esm/bin.mjs"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            }
-        },
-        "node_modules/typesync/node_modules/has-flag": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
-            "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==",
-            "dev": true,
-            "engines": {
-                "node": ">=8"
-            }
-        },
-        "node_modules/typesync/node_modules/jackspeak": {
-            "version": "3.4.3",
-            "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
-            "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
-            "dev": true,
-            "dependencies": {
-                "@isaacs/cliui": "^8.0.2"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            },
-            "optionalDependencies": {
-                "@pkgjs/parseargs": "^0.11.0"
-            }
-        },
-        "node_modules/typesync/node_modules/js-yaml": {
-            "version": "4.1.0",
-            "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
-            "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
-            "dev": true,
-            "dependencies": {
-                "argparse": "^2.0.1"
-            },
-            "bin": {
-                "js-yaml": "bin/js-yaml.js"
-            }
-        },
-        "node_modules/typesync/node_modules/lru-cache": {
-            "version": "10.4.3",
-            "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
-            "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
-            "dev": true
-        },
-        "node_modules/typesync/node_modules/path-scurry": {
-            "version": "1.11.1",
-            "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
-            "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
-            "dev": true,
-            "dependencies": {
-                "lru-cache": "^10.2.0",
-                "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
-            },
-            "engines": {
-                "node": ">=16 || 14 >=14.18"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/isaacs"
-            }
-        },
-        "node_modules/typesync/node_modules/semver": {
-            "version": "7.6.3",
-            "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
-            "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==",
-            "dev": true,
-            "bin": {
-                "semver": "bin/semver.js"
-            },
-            "engines": {
-                "node": ">=10"
-            }
-        },
-        "node_modules/typesync/node_modules/supports-color": {
-            "version": "7.2.0",
-            "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
-            "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
-            "dev": true,
-            "dependencies": {
-                "has-flag": "^4.0.0"
-            },
-            "engines": {
-                "node": ">=8"
-            }
-        },
         "node_modules/typical": {
             "version": "4.0.0",
             "dev": true,
@@ -24873,30 +24179,6 @@
                 "url": "https://github.com/sponsors/sindresorhus"
             }
         },
-        "node_modules/unique-filename": {
-            "version": "3.0.0",
-            "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-3.0.0.tgz",
-            "integrity": "sha512-afXhuC55wkAmZ0P18QsVE6kp8JaxrEokN2HGIoIVv2ijHQd419H0+6EigAFcIzXeMIkcIkNBpB3L/DXB3cTS/g==",
-            "dev": true,
-            "dependencies": {
-                "unique-slug": "^4.0.0"
-            },
-            "engines": {
-                "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
-            }
-        },
-        "node_modules/unique-slug": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/unique-slug/-/unique-slug-4.0.0.tgz",
-            "integrity": "sha512-WrcA6AyEfqDX5bWige/4NQfPZMtASNVxdmWR76WESYQVAACSgWcR6e9i0mofqqBxYFtL4oAxPIptY73/0YE1DQ==",
-            "dev": true,
-            "dependencies": {
-                "imurmurhash": "^0.1.4"
-            },
-            "engines": {
-                "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
-            }
-        },
         "node_modules/unique-string": {
             "version": "3.0.0",
             "dev": true,
@@ -26149,41 +25431,6 @@
                 "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
             }
         },
-        "packages/common": {
-            "name": "@goauthentik/common",
-            "version": "0.0.0",
-            "license": "MIT",
-            "dependencies": {
-                "@sentry/browser": "^8.23.0",
-                "@types/webappsec-credential-management": "^0.6.8",
-                "base64-js": "^1.5.1"
-            },
-            "devDependencies": {
-                "@eslint/js": "^9.8.0",
-                "@types/eslint__js": "^8.42.3",
-                "esbuild": "^0.23.0",
-                "eslint": "^9.8.0",
-                "eslint-config-google": "^0.14.0",
-                "eslint-config-nightmare-mode": "^2.3.0",
-                "eslint-plugin-custom-elements": "^0.0.8",
-                "eslint-plugin-lit": "^1.14.0",
-                "eslint-plugin-sonarjs": "^1.0.4",
-                "glob": "^11.0.0",
-                "lit-analyzer": "^2.0.3",
-                "lockfile-lint": "^4.14.0",
-                "prettier": "^3.3.3",
-                "rimraf": "^6.0.1",
-                "syncpack": "^12.4.0",
-                "typescript": "^5.5.4",
-                "typescript-eslint": "^8.0.1",
-                "typesync": "^0.13.0",
-                "wireit": "^0.14.4"
-            },
-            "peerDependencies": {
-                "@lit/localize": "^0.12.2",
-                "lit": "^3.2.0"
-            }
-        },
         "packages/sfe": {
             "name": "@goauthentik/web-sfe",
             "version": "0.0.0",

web/package.json

@@ -11,7 +11,7 @@
         "@floating-ui/dom": "^1.6.9",
         "@formatjs/intl-listformat": "^7.5.7",
         "@fortawesome/fontawesome-free": "^6.6.0",
-        "@goauthentik/api": "^2024.6.3-1723109801",
+        "@goauthentik/api": "^2024.6.3-1723206419",
         "@lit/context": "^1.1.2",
         "@lit/localize": "^0.12.2",
         "@lit/reactive-element": "^2.0.4",
@@ -138,8 +138,6 @@
         "lint": "wireit",
         "lint:lockfile": "wireit",
         "lint:package": "wireit",
-        "lint:precommit": "wireit",
-        "lint:nightmare": "wireit",
         "lit-analyse": "wireit",
         "postinstall": "bash scripts/patch-spotlight.sh",
         "precommit": "wireit",
@@ -188,7 +186,6 @@
             ],
             "dependencies": [
                 "build-locales",
-                "./packages/common:build",
                 "./packages/sfe:build"
             ],
             "env": {
@@ -244,10 +241,6 @@
         },
         "lint": {
             "command": "eslint --max-warnings 0 --fix",
-            "dependencies": [
-                "./packages/common:lint",
-                "./packages/common:build:types"
-            ],
             "env": {
                 "NODE_OPTIONS": "--max_old_space_size=65536"
             }
@@ -258,7 +251,6 @@
         "lint:types": {
             "command": "tsc --noEmit -p .",
             "dependencies": [
-                "./packages/common:build:types",
                 "build-locales"
             ]
         },
@@ -330,19 +322,13 @@
             "command": "node scripts/build-storybook-import-maps.mjs"
         },
         "test": {
-            "command": "wdio run ./wdio.conf.mts --logLevel=warn --autoCompileOpts.tsNodeOpts.project=tsconfig.test.json",
-            "dependencies": [
-                "./packages/common:build"
-            ],                
+            "command": "wdio run ./wdio.conf.ts --logLevel=warn --autoCompileOpts.tsNodeOpts.project=tsconfig.test.json",
             "env": {
                 "CI": "true"
             }
         },
         "test-view": {
-            "command": "wdio run ./wdio.conf.mts --autoCompileOpts.tsNodeOpts.project=tsconfig.test.json",
-            "dependencies": [
-                "./packages/common:build"
-            ]
+            "command": "wdio run ./wdio.conf.ts --autoCompileOpts.tsNodeOpts.project=tsconfig.test.json"
         },
         "tsc": {
             "dependencies": [
@@ -352,7 +338,6 @@
     },
     "workspaces": [
         ".",
-        "./packages/sfe",
-        "./packages/common"
+        "./packages/*"
     ]
 }

web/packages/common/.prettierignore

@@ -1,16 +0,0 @@
-# don't ever lint node_modules
-node_modules
-# don't lint build output (make sure it's set to your correct build folder name)
-dist
-# don't lint nyc coverage output
-coverage
-# Import order matters
-poly.ts
-src/locale-codes.ts
-src/locales/
-storybook-static/
-# Prettier breaks the tsconfig file
-tsconfig.json
-.storybook/css-import-maps*
-package.json
-packages/**/package.json

web/packages/common/.prettierrc.json

@@ -1,23 +0,0 @@
-{
-    "arrowParens": "always",
-    "bracketSpacing": true,
-    "embeddedLanguageFormatting": "auto",
-    "htmlWhitespaceSensitivity": "css",
-    "insertPragma": false,
-    "jsxSingleQuote": false,
-    "printWidth": 100,
-    "proseWrap": "preserve",
-    "quoteProps": "consistent",
-    "requirePragma": false,
-    "semi": true,
-    "singleQuote": false,
-    "tabWidth": 4,
-    "trailingComma": "all",
-    "useTabs": false,
-    "vueIndentScriptAndStyle": false,
-    "plugins": ["@trivago/prettier-plugin-sort-imports"],
-    "importOrder": ["^(@?)lit(.*)$", "\\.css$", "^@goauthentik/api$", "^[./]"],
-    "importOrderSeparation": true,
-    "importOrderSortSpecifiers": true,
-    "importOrderParserPlugins": ["typescript", "classProperties", "decorators-legacy"]
-}

web/packages/common/README.md

@@ -1,93 +0,0 @@
-# @goauthentik/common
-
-The `common` package is a bit of a grab-bag of tools, utilities, and configuration details used
-throughout the Authentik front-end suite. Here, we'll try (emphasis on the _try_) to document what
-each part does.
-
--   `./api`
-
-The `./api` folder contains helpers and plug-ins for communicating with the Authentik API. Its
-primary purpose is to provide the default configuration details for establishing a channel to the
-API, as well as figuring out the default locale, branding information, and even the favicon. (See
-what I said about it being a grab-bag?) It has its own list of todos.
-
--   `/helpers/plex`
-
-Contains configuration tools and access for the Plex TV client. Used by all three primary
-interfaces, but again, not exactly a foundational tool.
-
--   `/helpers/webauthn`
-
-Used entirely by the WebAuthn tools in the Flow interface.
-
--   `/styles`:
-
-authentik's overrides for patternfly and dark mode.
-
-TODO: Move this into its own package.
-
--   `/ui`:
-
-Describes the schema of the UIConfig Attributes Object, which dictates certain details about UI
-behavior, such as the preliminary state of drawers, editors, and layouts. It also has an API call
-to fetch that UIConfig object from the server.
-
--   `/constants.ts`
-
-Another grab-bag of configuration details: event names, default classnames for setting some visual
-details, web socket message type tokens, and the localstorage key.
-
--   `/enums.ts`
-
-Contains one thing: a mapping of generic UI sizing terms to specific classnames in the CSS.
-
--   `./errors.ts`
-
-An error handling toolkit related to the `./api` above.
-
--   `./events.ts`
-
-An extension of the API's "Event" types to assist in reporting server-side events to the user. Has
-nothing to do with the browser's internal Event type. Used entirely within `./admin`, may be
-suitable to being moved there.
-
--   `./global.ts`
-
-A single function that retrieves any global information for the UI from the `index.html` file in
-which it was invoked. Used by our Django application to preload configuration information.
-
--   `./labels.ts`,
-
-Maps a variety of API tokens to human-readable labels, including those for:
-
--   Events
--   Severities
--   User Types
--   Stage Intent
-
-It might make more sense to move these closer to where they're used, if their use is local to a
-single interface or component.
-
--   `./messages.ts`
-
-Contains one thing: a mapping of generic UI alert-level terms to specific classnames in the CSS.
-
--   `./sentry.ts`
-
-Sentry is an application monitoring package for finding code breakage. The Sentry configuration for
-all of our interfaces is kept here.
-
--   `./users.ts`
-
-Despite the plural name, this is entirely about getting the current user's configuration from the
-server. Used by all three major interfaces. Could probably be replaced by a context. (Possibly
-already has been.)
-
--   `./utils.ts`
-
-The classic junk drawer of UI development. A few string functions, a few utilities from
-YouMightNotNeedLodash, a slugifier, some date handling utilities, that sort of thing.
-
--   `./ws.ts`
-
-Sets up our web socket for receiving server-side events. Used by all three major interfaces.

web/packages/common/build.mjs

@@ -1,53 +0,0 @@
-import * as esbuild from "esbuild";
-import fs from "fs";
-import { globSync } from "glob";
-import path from "path";
-import { cwd } from "process";
-import { fileURLToPath } from "url";
-
-const __dirname = fileURLToPath(new URL(".", import.meta.url));
-
-const isProdBuild = process.env.NODE_ENV === "production";
-
-const apiBasePath = process.env.AK_API_BASE_PATH || "";
-
-const definitions = {
-    "process.env.NODE_ENV": JSON.stringify(isProdBuild ? "production" : "development"),
-    "process.env.CWD": JSON.stringify(cwd()),
-    "process.env.AK_API_BASE_PATH": JSON.stringify(apiBasePath),
-};
-
-const otherFiles = [["src/styles/**", "styles"]];
-
-const isFile = (filePath) => fs.statSync(filePath).isFile();
-function nameCopyTarget(src, dest, strip) {
-    const target = path.join(dest, strip ? src.replace(strip, "") : path.parse(src).base);
-    return [src, target];
-}
-
-for (const [source, rawdest, strip] of otherFiles) {
-    const matchedPaths = globSync(source);
-    const dest = path.join("dist", rawdest);
-    const copyTargets = matchedPaths.map((path) => nameCopyTarget(path, dest, strip));
-    for (const [src, dest] of copyTargets) {
-        if (isFile(src)) {
-            fs.mkdirSync(path.dirname(dest), { recursive: true });
-            fs.copyFileSync(src, dest);
-        }
-    }
-}
-
-const tsfiles = globSync("src/**/*.ts");
-
-esbuild
-    .build({
-        entryPoints: tsfiles,
-        sourcemap: true,
-        bundle: false,
-        tsconfig: "./tsconfig.build.json",
-        outdir: "dist/",
-        format: "esm",
-        define: definitions,
-        loader: { ".css": "text" },
-    })
-    .catch(() => process.exit(1));

web/packages/common/eslint.config.mjs

@@ -1,82 +0,0 @@
-import eslint from "@eslint/js";
-import tsparser from "@typescript-eslint/parser";
-import litconf from "eslint-plugin-lit";
-import wcconf from "eslint-plugin-wc";
-import globals from "globals";
-import tseslint from "typescript-eslint";
-
-export default [
-    // You would not believe how much this change has frustrated users: ["if an ignores key is used
-    // without any other keys in the configuration object, then the patterns act as global
-    // ignores"](https://eslint.org/docs/latest/use/configure/ignore)
-    {
-        ignores: [
-            "dist/",
-            ".wireit/",
-            "packages/common/.wireit/",
-            // don't ever lint node_modules
-            "node_modules/",
-            ".storybook/*",
-            // don't lint build output (make sure it's set to your correct build folder name)
-            // don't lint nyc coverage output
-            "coverage/",
-            "src/locale-codes.ts",
-            "storybook-static/",
-            "src/locales/",
-        ],
-    },
-    eslint.configs.recommended,
-    wcconf.configs["flat/recommended"],
-    litconf.configs["flat/recommended"],
-    ...tseslint.configs.recommended,
-    {
-        languageOptions: {
-            parser: tsparser,
-            parserOptions: {
-                ecmaVersion: 12,
-                sourceType: "module",
-            },
-        },
-        files: ["src/**"],
-        rules: {
-            "no-unused-vars": "off",
-            "no-console": ["error", { allow: ["debug", "warn", "error"] }],
-            "@typescript-eslint/ban-ts-comment": "off",
-            "@typescript-eslint/no-unused-vars": [
-                "error",
-                {
-                    argsIgnorePattern: "^_",
-                    varsIgnorePattern: "^_",
-                    caughtErrorsIgnorePattern: "^_",
-                },
-            ],
-        },
-    },
-    {
-        languageOptions: {
-            parser: tsparser,
-            parserOptions: {
-                ecmaVersion: 12,
-                sourceType: "module",
-            },
-            globals: {
-                ...globals.nodeBuiltin,
-            },
-        },
-        files: ["scripts/*.mjs", "*.ts", "*.mjs"],
-        rules: {
-            "no-unused-vars": "off",
-            // We WANT our scripts to output to the console!
-            "no-console": "off",
-            "@typescript-eslint/ban-ts-comment": "off",
-            "@typescript-eslint/no-unused-vars": [
-                "error",
-                {
-                    argsIgnorePattern: "^_",
-                    varsIgnorePattern: "^_",
-                    caughtErrorsIgnorePattern: "^_",
-                },
-            ],
-        },
-    },
-];

web/packages/common/package.json

@@ -1,156 +0,0 @@
-{
-    "name": "@goauthentik/common",
-    "version": "0.0.0",
-    "dependencies": {
-        "@sentry/browser": "^8.23.0",
-        "@types/webappsec-credential-management": "^0.6.8",
-        "base64-js": "^1.5.1"
-    },
-    "devDependencies": {
-        "@eslint/js": "^9.8.0",
-        "@types/eslint__js": "^8.42.3",
-        "esbuild": "^0.23.0",
-        "eslint": "^9.8.0",
-        "eslint-config-google": "^0.14.0",
-        "eslint-config-nightmare-mode": "^2.3.0",
-        "eslint-plugin-custom-elements": "^0.0.8",
-        "eslint-plugin-lit": "^1.14.0",
-        "eslint-plugin-sonarjs": "^1.0.4",
-        "glob": "^11.0.0",
-        "lit-analyzer": "^2.0.3",
-        "lockfile-lint": "^4.14.0",
-        "prettier": "^3.3.3",
-        "rimraf": "^6.0.1",
-        "syncpack": "^12.4.0",
-        "typescript": "^5.5.4",
-        "typescript-eslint": "^8.0.1",
-        "typesync": "^0.13.0",
-        "wireit": "^0.14.4"
-    },
-    "exports": {
-        "./*": "./dist/*"
-    },
-    "files": [
-        "./dist/**/*"
-    ],
-    "license": "MIT",
-    "peerDependencies": {
-        "@lit/localize": "^0.12.2",
-        "lit": "^3.2.0"
-    },
-    "private": true,
-    "scripts": {
-        "build": "wireit",
-        "build:types": "wireit",
-        "format": "wireit",
-        "lint": "wireit",
-        "lint:lockfile": "wireit",
-        "lint:nightmare": "wireit",
-        "lint:package": "wireit",
-        "lint:spelling": "wireit",
-        "lint:types": "wireit",
-        "precommit": "wireit",
-        "prettier": "wireit"
-    },
-    "type": "module",
-    "wireit": {
-        "build": {
-            "command": "${NODE_RUNNER} build.mjs",
-            "dependencies": [
-                "build:types"
-            ],
-            "files": [
-                "src/**/*.{css,jpg,png,ts,js,json}",
-                "!src/**/*.stories.ts",
-                "!src/**/*.tests.ts",
-                "!src/locales/*.ts",
-                "!src/locale-codes.ts"
-            ],
-            "output": [
-                "./dist/**/*.js",
-                "./dist/**/*.css"
-            ],
-            "env": {
-                "NODE_RUNNER": {
-                    "external": true,
-                    "default": "node"
-                }
-            }
-        },
-        "build:types": {
-            "command": "tsc --declaration -p .",
-            "files": [
-                "src/**/*.ts",
-                "!src/**/*.stories.ts",
-                "!src/**/*.tests.ts"
-            ],
-            "output": [
-                "./dist/**/*.d.ts"
-            ]
-        },
-        "lint": {
-            "command": "eslint --max-warnings 0 --fix --config ./eslint.config.mjs",
-            "env": {
-                "NODE_OPTIONS": "--max_old_space_size=65536"
-            }
-        },
-        "lint:types": {
-            "command": "tsc --noEmit -p ."
-        },
-        "lint:lockfile": {
-            "command": "lockfile-lint --path package.json --type npm --allowed-hosts npm --validate-https"
-        },
-        "lint:package": {
-            "command": "syncpack format -i '    '"
-        },
-        "lint:precommit": {
-            "command": "${NODE_RUNNER} ./scripts/eslint.mjs --precommit",
-            "env": {
-                "NODE_RUNNER": {
-                    "external": true,
-                    "default": "node"
-                }
-            }
-        },
-        "lint:nightmare": {
-            "command": "${NODE_RUNNER} ./scripts/eslint.mjs --nightmare",
-            "env": {
-                "NODE_RUNNER": {
-                    "external": true,
-                    "default": "node"
-                }
-            }
-        },
-        "prettier": {
-            "command": "prettier --write .",
-            "dependencies": [
-                "lint:package"
-            ]
-        },
-        "format": {
-            "command": "prettier --write .",
-            "dependencies": [
-                "lint:package"
-            ]
-        },
-        "precommit": {
-            "command": "prettier --write .",
-            "dependencies": [
-                "lint:types",
-                "lint:spelling",
-                "lint:lockfile",
-                "lint:package",
-                "lint:precommit"
-            ],
-            "env": {
-                "NODE_RUNNER": {
-                    "external": true,
-                    "default": "node"
-                }
-            }
-        },
-        "lint:spelling": {
-            "command": "node scripts/check-spelling.mjs"
-        }
-    }
-}

web/packages/common/scripts/check-spelling.mjs

@@ -1,15 +0,0 @@
-import { execSync } from "child_process";
-import path from "path";
-
-const projectRoot = execSync("git rev-parse --show-toplevel", { encoding: "utf8" }).replace(
-    "\n",
-    "",
-);
-const cmd = [
-    "codespell -D -",
-    `-D ${path.join(projectRoot, ".github/codespell-dictionary.txt")}`,
-    `-I ${path.join(projectRoot, ".github/codespell-words.txt")}`,
-    "-S './src/locales/**' ./src -s",
-].join(" ");
-
-console.log(execSync(cmd, { encoding: "utf8" }));

web/packages/common/scripts/eslint.mjs

@@ -1,56 +0,0 @@
-import { execFileSync } from "child_process";
-import { ESLint } from "eslint";
-import fs from "fs";
-import path from "path";
-import process from "process";
-import { fileURLToPath } from "url";
-
-const __dirname = fileURLToPath(new URL(".", import.meta.url));
-const projectRoot = path.join(__dirname, "..");
-process.chdir(projectRoot);
-
-function changedFiles() {
-    const gitStatus = execFileSync("git", ["diff", "--name-only", "HEAD"], { encoding: "utf8" });
-    const gitUntracked = execFileSync("git", ["ls-files", "--others", "--exclude-standard"], {
-        encoding: "utf8",
-    });
-
-    const changed = gitStatus
-        .split("\n")
-        .filter((line) => line.trim().substring(0, 4) === "web/")
-        .filter((line) => /\.(m|c)?(t|j)s$/.test(line))
-        .map((line) => line.substring(4))
-        .filter((line) => fs.existsSync(line));
-
-    const untracked = gitUntracked
-        .split("\n")
-        .filter((line) => /\.(m|c)?(t|j)s$/.test(line))
-        .filter((line) => fs.existsSync(line));
-
-    const sourceFiles = [...changed, ...untracked].filter((line) => /^src\//.test(line));
-    const scriptFiles = [...changed, ...untracked].filter(
-        (line) => /^scripts\//.test(line) || !/^src\//.test(line),
-    );
-
-    return [...sourceFiles, ...scriptFiles];
-}
-
-const hasFlag = (flags) => process.argv.length > 1 && flags.includes(process.argv[2]);
-
-const [configFile, files] = hasFlag(["-n", "--nightmare"])
-    ? [path.join(__dirname, "eslint.nightmare.mjs"), changedFiles()]
-    : hasFlag(["-p", "--precommit"])
-      ? [path.join(__dirname, "eslint.precommit.mjs"), changedFiles()]
-      : [path.join(projectRoot, "eslint.config.mjs"), ["."]];
-
-const eslint = new ESLint({
-    overrideConfigFile: configFile,
-    warnIgnored: false,
-});
-
-const results = await eslint.lintFiles(files);
-const formatter = await eslint.loadFormatter("stylish");
-const resultText = formatter.format(results);
-const errors = results.reduce((acc, result) => acc + result.errorCount, 0);
-console.log(resultText);
-process.exit(errors > 1 ? 1 : 0);

web/packages/common/scripts/eslint.nightmare.mjs

@@ -1,203 +0,0 @@
-import eslint from "@eslint/js";
-import tsparser from "@typescript-eslint/parser";
-import litconf from "eslint-plugin-lit";
-import sonar from "eslint-plugin-sonarjs";
-import wcconf from "eslint-plugin-wc";
-import globals from "globals";
-import tseslint from "typescript-eslint";
-
-export default [
-    // You would not believe how much this change has frustrated users: ["if an ignores key is used
-    // without any other keys in the configuration object, then the patterns act as global
-    // ignores"](https://eslint.org/docs/latest/use/configure/ignore)
-    {
-        ignores: [
-            "dist/",
-            // don't ever lint node_modules
-            "node_modules/",
-            ".storybook/",
-            ".wireit/",
-            // don't lint build output (make sure it's set to your correct build folder name)
-            // don't lint nyc coverage output
-            "coverage/",
-            "src/locale-codes.ts",
-            "storybook-static/",
-            "src/locales/",
-        ],
-    },
-    eslint.configs.recommended,
-    wcconf.configs["flat/recommended"],
-    litconf.configs["flat/recommended"],
-    ...tseslint.configs.recommended,
-    sonar.configs.recommended,
-    {
-        languageOptions: {
-            parser: tsparser,
-            parserOptions: {
-                ecmaVersion: 12,
-                sourceType: "module",
-            },
-            globals: {
-                ...globals.browser,
-                process: "readonly",
-            },
-        },
-        files: ["src/**"],
-        rules: {
-            "accessor-pairs": "error",
-            "array-callback-return": "error",
-            "block-scoped-var": "error",
-            "consistent-return": "error",
-            "consistent-this": ["error", "that"],
-            "curly": ["error", "all"],
-            "dot-notation": [
-                "error",
-                {
-                    allowKeywords: true,
-                },
-            ],
-            "eqeqeq": "error",
-            "func-names": "error",
-            "guard-for-in": "error",
-            "max-depth": ["error", 4],
-            "max-nested-callbacks": ["error", 4],
-            "max-params": ["error", 5],
-            "new-cap": "error",
-            "no-alert": "error",
-            "no-array-constructor": "error",
-            "no-bitwise": "error",
-            "no-caller": "error",
-            "no-case-declarations": "error",
-            "no-class-assign": "error",
-            "no-cond-assign": "error",
-            "no-const-assign": "error",
-            "no-constant-condition": "error",
-            "no-control-regex": "error",
-            "no-debugger": "error",
-            "no-delete-var": "error",
-            "no-div-regex": "error",
-            "no-dupe-args": "error",
-            "no-dupe-keys": "error",
-            "no-duplicate-case": "error",
-            "no-else-return": "error",
-            "no-empty": "error",
-            "no-empty-character-class": "error",
-            "no-empty-function": "error",
-            "no-labels": "error",
-            "no-eq-null": "error",
-            "no-eval": "error",
-            "no-ex-assign": "error",
-            "no-extend-native": "error",
-            "no-extra-bind": "error",
-            "no-extra-boolean-cast": "error",
-            "no-extra-label": "error",
-            "no-fallthrough": "error",
-            "no-func-assign": "error",
-            "no-implied-eval": "error",
-            "no-implicit-coercion": "error",
-            "no-implicit-globals": "error",
-            "no-inner-declarations": ["error", "functions"],
-            "no-invalid-regexp": "error",
-            "no-irregular-whitespace": "error",
-            "no-iterator": "error",
-            "no-invalid-this": "error",
-            "no-label-var": "error",
-            "no-lone-blocks": "error",
-            "no-lonely-if": "error",
-            "no-loop-func": "error",
-            "no-magic-numbers": ["error", { ignore: [0, 1, -1] }],
-            "no-multi-str": "error",
-            "no-negated-condition": "error",
-            "no-nested-ternary": "error",
-            "no-new": "error",
-            "no-new-func": "error",
-            "no-new-wrappers": "error",
-            "no-obj-calls": "error",
-            "no-octal": "error",
-            "no-octal-escape": "error",
-            "no-param-reassign": "error",
-            "no-proto": "error",
-            "no-redeclare": "error",
-            "no-regex-spaces": "error",
-            "no-restricted-syntax": ["error", "WithStatement"],
-            "no-script-url": "error",
-            "no-self-assign": "error",
-            "no-self-compare": "error",
-            "no-sequences": "error",
-            "no-shadow": "warn",
-            "no-shadow-restricted-names": "error",
-            "no-sparse-arrays": "error",
-            "no-this-before-super": "error",
-            "no-throw-literal": "error",
-            "no-trailing-spaces": "error",
-            "no-undef": "error",
-            "no-undef-init": "error",
-            "no-unexpected-multiline": "error",
-            "no-useless-constructor": "error",
-            "no-unmodified-loop-condition": "error",
-            "no-unneeded-ternary": "error",
-            "no-unreachable": "error",
-            "no-unused-expressions": "error",
-            "no-unused-labels": "error",
-            "no-use-before-define": "error",
-            "no-useless-call": "error",
-            "no-dupe-class-members": "error",
-            "no-var": "error",
-            "no-void": "error",
-            "no-with": "error",
-            "prefer-arrow-callback": "error",
-            "prefer-const": "error",
-            "prefer-rest-params": "error",
-            "prefer-spread": "error",
-            "prefer-template": "error",
-            "radix": "error",
-            "require-yield": "error",
-            "strict": ["error", "global"],
-            "use-isnan": "error",
-            "valid-typeof": "error",
-            "vars-on-top": "error",
-            "yoda": ["error", "never"],
-
-            "no-unused-vars": "off",
-            "no-console": ["error", { allow: ["debug", "warn", "error"] }],
-            "sonarjs/cognitive-complexity": ["off", 9],
-            "sonarjs/no-duplicate-string": "off",
-            "sonarjs/no-nested-template-literals": "off",
-            "@typescript-eslint/ban-ts-comment": "off",
-            "@typescript-eslint/no-unused-vars": [
-                "error",
-                {
-                    argsIgnorePattern: "^_",
-                    varsIgnorePattern: "^_",
-                    caughtErrorsIgnorePattern: "^_",
-                },
-            ],
-        },
-    },
-    {
-        languageOptions: {
-            parser: tsparser,
-            parserOptions: {
-                ecmaVersion: 12,
-                sourceType: "module",
-            },
-            globals: {
-                ...globals.nodeBuiltin,
-            },
-        },
-        files: ["scripts/*.mjs", "*.ts", "*.mjs"],
-        rules: {
-            "no-unused-vars": "off",
-            "no-console": "off",
-            "@typescript-eslint/ban-ts-comment": "off",
-            "@typescript-eslint/no-unused-vars": [
-                "error",
-                {
-                    argsIgnorePattern: "^_",
-                    varsIgnorePattern: "^_",
-                    caughtErrorsIgnorePattern: "^_",
-                },
-            ],
-        },
-    },
-];

web/packages/common/scripts/eslint.precommit.mjs

@@ -1,85 +0,0 @@
-import eslint from "@eslint/js";
-import tsparser from "@typescript-eslint/parser";
-import litconf from "eslint-plugin-lit";
-import sonar from "eslint-plugin-sonarjs";
-import wcconf from "eslint-plugin-wc";
-import globals from "globals";
-import tseslint from "typescript-eslint";
-
-export default [
-    // You would not believe how much this change has frustrated users: ["if an ignores key is used
-    // without any other keys in the configuration object, then the patterns act as global
-    // ignores"](https://eslint.org/docs/latest/use/configure/ignore)
-    {
-        ignores: [
-            "dist/",
-            ".wireit/",
-            // don't ever lint node_modules
-            "node_modules/",
-            ".storybook/*",
-            // don't lint build output (make sure it's set to your correct build folder name)
-            // don't lint nyc coverage output
-            "coverage/",
-            "src/locale-codes.ts",
-            "storybook-static/",
-            "src/locales/",
-        ],
-    },
-    eslint.configs.recommended,
-    wcconf.configs["flat/recommended"],
-    litconf.configs["flat/recommended"],
-    ...tseslint.configs.recommended,
-    sonar.configs.recommended,
-    {
-        languageOptions: {
-            parser: tsparser,
-            parserOptions: {
-                ecmaVersion: 12,
-                sourceType: "module",
-            },
-        },
-        files: ["src/**"],
-        rules: {
-            "no-unused-vars": "off",
-            "no-console": ["error", { allow: ["debug", "warn", "error"] }],
-            "sonarjs/cognitive-complexity": ["off", 9],
-            "sonarjs/no-duplicate-string": "off",
-            "sonarjs/no-nested-template-literals": "off",
-            "@typescript-eslint/ban-ts-comment": "off",
-            "@typescript-eslint/no-unused-vars": [
-                "error",
-                {
-                    argsIgnorePattern: "^_",
-                    varsIgnorePattern: "^_",
-                    caughtErrorsIgnorePattern: "^_",
-                },
-            ],
-        },
-    },
-    {
-        languageOptions: {
-            parser: tsparser,
-            parserOptions: {
-                ecmaVersion: 12,
-                sourceType: "module",
-            },
-            globals: {
-                ...globals.nodeBuiltin,
-            },
-        },
-        files: ["scripts/*.mjs", "*.ts", "*.mjs"],
-        rules: {
-            "no-unused-vars": "off",
-            "no-console": "off",
-            "@typescript-eslint/ban-ts-comment": "off",
-            "@typescript-eslint/no-unused-vars": [
-                "error",
-                {
-                    argsIgnorePattern: "^_",
-                    varsIgnorePattern: "^_",
-                    caughtErrorsIgnorePattern: "^_",
-                },
-            ],
-        },
-    },
-];

web/packages/common/tsconfig.build.json

@@ -1,12 +0,0 @@
-{
-    "extends": "../../tsconfig.base.json",
-    "compilerOptions": {
-        "baseUrl": ".",
-        "outDir": "./dist/",
-        "types": ["webauthn"],
-        "paths": {
-            "@goauthentik/elements/*": ["./src/*"],
-            "@goauthentik/locales/*": ["src/locales/*"]
-        }
-    }
-}

web/packages/common/tsconfig.json

@@ -1,44 +0,0 @@
-{
-    "compilerOptions": {
-        "strict": true,
-        "baseUrl": ".",
-        "outDir": "./dist/",
-        "esModuleInterop": true,
-        "paths": {
-            "@goauthentik/common/*": ["./src/*"],
-            "@goauthentik/locales/*": ["src/locales/*"]
-        },
-        "skipLibCheck": true,
-        "forceConsistentCasingInFileNames": true,
-        "experimentalDecorators": true,
-        "sourceMap": true,
-        "target": "esnext",
-        "module": "esnext",
-        "moduleResolution": "bundler",
-        "lib": [
-            "ES5",
-            "ES2015",
-            "ES2016",
-            "ES2017",
-            "ES2018",
-            "ES2019",
-            "ES2020",
-            "ESNext",
-            "DOM",
-            "DOM.Iterable",
-            "WebWorker"
-        ],
-        "noUnusedLocals": true,
-        "noImplicitReturns": true,
-        "noFallthroughCasesInSwitch": true,
-        "strictBindCallApply": true,
-        "strictFunctionTypes": true,
-        "strictNullChecks": true,
-        "allowUnreachableCode": false,
-        "allowUnusedLabels": false,
-        "useDefineForClassFields": false,
-        "alwaysStrict": true,
-        "noImplicitAny": true,
-    },
-    "exclude": ["node_modules", "dist"]
-}

web/scripts/eslint.mjs

@@ -48,11 +48,6 @@ const eslint = new ESLint({
     warnIgnored: false,
 });
 
-if (files.length < 1) {
-    console.log("eslint: change set contains no lintable files");
-    process.exit(0);
-}
-
 const results = await eslint.lintFiles(files);
 const formatter = await eslint.loadFormatter("stylish");
 const resultText = formatter.format(results);

web/scripts/eslint.nightmare.mjs

@@ -13,8 +13,6 @@ export default [
     {
         ignores: [
             "dist/",
-            ".wireit/",
-            "packages/",
             // don't ever lint node_modules
             "node_modules/",
             ".storybook/*",

web/scripts/eslint.precommit.mjs

@@ -13,8 +13,6 @@ export default [
     {
         ignores: [
             "dist/",
-            ".wireit/",
-            "packages/",
             // don't ever lint node_modules
             "node_modules/",
             ".storybook/*",

web/sfe/package.json

@@ -0,0 +1,28 @@
+{
+    "name": "@goauthentik/web-sfe",
+    "version": "0.0.0",
+    "private": true,
+    "license": "MIT",
+    "dependencies": {
+        "@goauthentik/api": "^2024.6.3-1723109801",
+        "base64-js": "^1.5.1",
+        "bootstrap": "^4.6.1",
+        "formdata-polyfill": "^4.0.10",
+        "jquery": "^3.7.1",
+        "weakmap-polyfill": "^2.0.4"
+    },
+    "scripts": {
+        "build": "rollup -c rollup.config.js --bundleConfigAsCjs",
+        "watch": "rollup -w -c rollup.config.js --bundleConfigAsCjs"
+    },
+    "devDependencies": {
+        "@rollup/plugin-commonjs": "^26.0.1",
+        "@rollup/plugin-node-resolve": "^15.2.3",
+        "@rollup/plugin-swc": "^0.3.1",
+        "@swc/cli": "^0.4.0",
+        "@swc/core": "^1.7.6",
+        "@types/jquery": "^3.5.30",
+        "rollup": "^4.20.0",
+        "rollup-plugin-copy": "^3.5.0"
+    }
+}

web/src/admin/AdminInterface/AdminInterface.ts

@@ -1,12 +1,12 @@
 import { ROUTES } from "@goauthentik/admin/Routes";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import {
     EVENT_API_DRAWER_TOGGLE,
     EVENT_NOTIFICATION_DRAWER_TOGGLE,
-} from "@goauthentik/common/constants.js";
-import { configureSentry } from "@goauthentik/common/sentry.js";
-import { me } from "@goauthentik/common/users.js";
-import { WebsocketClient } from "@goauthentik/common/ws.js";
+} from "@goauthentik/common/constants";
+import { configureSentry } from "@goauthentik/common/sentry";
+import { me } from "@goauthentik/common/users";
+import { WebsocketClient } from "@goauthentik/common/ws";
 import { EnterpriseAwareInterface } from "@goauthentik/elements/Interface";
 import "@goauthentik/elements/ak-locale-context";
 import "@goauthentik/elements/enterprise/EnterpriseStatusBanner";
@@ -71,6 +71,12 @@ export class AdminInterface extends EnterpriseAwareInterface {
                 :host([theme="dark"]) .pf-c-page {
                     --pf-c-page--BackgroundColor: var(--ak-dark-background);
                 }
+                ak-enterprise-status {
+                    grid-area: header;
+                }
+                ak-admin-sidebar {
+                    grid-area: nav;
+                }
             `,
         ];
     }
@@ -118,6 +124,7 @@ export class AdminInterface extends EnterpriseAwareInterface {
 
         return html` <ak-locale-context>
             <div class="pf-c-page">
+                <ak-enterprise-status interface="admin"></ak-enterprise-status>
                 <ak-admin-sidebar
                     class="pf-c-page__sidebar ${classMap(sidebarClasses)}"
                 ></ak-admin-sidebar>

web/src/admin/AdminInterface/AdminSidebar.ts

@@ -1,6 +1,6 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EVENT_SIDEBAR_TOGGLE, VERSION } from "@goauthentik/common/constants.js";
-import { me } from "@goauthentik/common/users.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EVENT_SIDEBAR_TOGGLE, VERSION } from "@goauthentik/common/constants";
+import { me } from "@goauthentik/common/users";
 import { AKElement } from "@goauthentik/elements/Base";
 import {
     CapabilitiesEnum,

web/src/admin/DebugPage.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { MessageLevel } from "@goauthentik/common/messages.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { MessageLevel } from "@goauthentik/common/messages";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/PageHeader";
 import { showMessage } from "@goauthentik/elements/messages/MessageContainer";

web/src/admin/admin-overview/AdminOverviewPage.ts

@@ -8,8 +8,8 @@ import "@goauthentik/admin/admin-overview/cards/WorkerStatusCard";
 import "@goauthentik/admin/admin-overview/charts/AdminLoginAuthorizeChart";
 import "@goauthentik/admin/admin-overview/charts/OutpostStatusChart";
 import "@goauthentik/admin/admin-overview/charts/SyncStatusChart";
-import { VERSION } from "@goauthentik/common/constants.js";
-import { me } from "@goauthentik/common/users.js";
+import { VERSION } from "@goauthentik/common/constants";
+import { me } from "@goauthentik/common/users";
 import { AKElement } from "@goauthentik/elements/Base";
 import { WithLicenseSummary } from "@goauthentik/elements/Interface/licenseSummaryProvider.js";
 import "@goauthentik/elements/PageHeader";

web/src/admin/admin-overview/TopApplicationsTable.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/Spinner";
 

web/src/admin/admin-overview/cards/AdminStatusCard.ts

@@ -1,4 +1,4 @@
-import { EVENT_REFRESH } from "@goauthentik/common/constants.js";
+import { EVENT_REFRESH } from "@goauthentik/common/constants";
 import { PFSize } from "@goauthentik/common/enums.js";
 import { AggregateCard } from "@goauthentik/elements/cards/AggregateCard";
 

web/src/admin/admin-overview/cards/FipsStatusCard.ts

@@ -2,7 +2,7 @@ import {
     AdminStatus,
     AdminStatusCard,
 } from "@goauthentik/admin/admin-overview/cards/AdminStatusCard";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";

web/src/admin/admin-overview/cards/RecentEventsCard.ts

@@ -1,8 +1,8 @@
 import { EventGeo, EventUser } from "@goauthentik/admin/events/utils";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EventWithContext } from "@goauthentik/common/events.js";
-import { actionToLabel } from "@goauthentik/common/labels.js";
-import { getRelativeTime } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EventWithContext } from "@goauthentik/common/events";
+import { actionToLabel } from "@goauthentik/common/labels";
+import { getRelativeTime } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-event-info";
 import "@goauthentik/elements/Tabs";
 import "@goauthentik/elements/buttons/Dropdown";

web/src/admin/admin-overview/cards/SystemStatusCard.ts

@@ -2,7 +2,7 @@ import {
     AdminStatus,
     AdminStatusCard,
 } from "@goauthentik/admin/admin-overview/cards/AdminStatusCard";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";

web/src/admin/admin-overview/cards/VersionStatusCard.ts

@@ -2,7 +2,7 @@ import {
     AdminStatus,
     AdminStatusCard,
 } from "@goauthentik/admin/admin-overview/cards/AdminStatusCard";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 
 import { msg, str } from "@lit/localize";
 import { TemplateResult, html } from "lit";

web/src/admin/admin-overview/cards/WorkerStatusCard.ts

@@ -2,7 +2,7 @@ import {
     AdminStatus,
     AdminStatusCard,
 } from "@goauthentik/admin/admin-overview/cards/AdminStatusCard";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";

web/src/admin/admin-overview/charts/AdminLoginAuthorizeChart.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKChart, RGBAColor } from "@goauthentik/elements/charts/Chart";
 import { ChartData } from "chart.js";
 

web/src/admin/admin-overview/charts/AdminModelPerDay.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKChart } from "@goauthentik/elements/charts/Chart";
 import { ChartData, Tick } from "chart.js";
 

web/src/admin/admin-overview/charts/OutpostStatusChart.ts

@@ -1,5 +1,5 @@
 import { SummarizedSyncStatus } from "@goauthentik/admin/admin-overview/charts/SyncStatusChart";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKChart } from "@goauthentik/elements/charts/Chart";
 import "@goauthentik/elements/forms/ConfirmationForm";
 import { ChartData, ChartOptions } from "chart.js";

web/src/admin/admin-overview/charts/SyncStatusChart.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKChart } from "@goauthentik/elements/charts/Chart";
 import "@goauthentik/elements/forms/ConfirmationForm";
 import { PaginatedResponse } from "@goauthentik/elements/table/Table";

web/src/admin/admin-settings/AdminSettingsForm.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-number-input";
 import "@goauthentik/components/ak-switch-input";
 import "@goauthentik/components/ak-text-input";

web/src/admin/admin-settings/AdminSettingsPage.ts

@@ -1,6 +1,6 @@
 import "@goauthentik/admin/admin-settings/AdminSettingsForm";
 import { AdminSettingsForm } from "@goauthentik/admin/admin-settings/AdminSettingsForm";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/components/events/ObjectChangelog";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/CodeMirror";

web/src/admin/applications/ApplicationAuthorizeChart.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKChart } from "@goauthentik/elements/charts/Chart";
 import { ChartData, Tick } from "chart.js";
 

web/src/admin/applications/ApplicationCheckAccessForm.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/components/ak-status-label";
 import "@goauthentik/elements/events/LogViewer";
 import { Form } from "@goauthentik/elements/forms/Form";

web/src/admin/applications/ApplicationForm.ts

@@ -1,7 +1,7 @@
 import "@goauthentik/admin/applications/ProviderSelectModal";
 import { iconHelperText } from "@goauthentik/admin/helperText";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-file-input";
 import "@goauthentik/components/ak-radio-input";
 import "@goauthentik/components/ak-switch-input";

web/src/admin/applications/ApplicationListPage.ts

@@ -1,5 +1,5 @@
 import "@goauthentik/admin/applications/ApplicationForm";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { PFSize } from "@goauthentik/common/enums.js";
 import "@goauthentik/components/ak-app-icon";
 import MDApplication from "@goauthentik/docs/applications/index.md";

web/src/admin/applications/ApplicationViewPage.ts

@@ -3,7 +3,7 @@ import "@goauthentik/admin/applications/ApplicationCheckAccessForm";
 import "@goauthentik/admin/applications/ApplicationForm";
 import "@goauthentik/admin/policies/BoundPoliciesList";
 import "@goauthentik/admin/rbac/ObjectPermissionsPage";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { PFSize } from "@goauthentik/common/enums.js";
 import "@goauthentik/components/ak-app-icon";
 import "@goauthentik/components/events/ObjectChangelog";

web/src/admin/applications/ProviderSelectModal.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/buttons/SpinnerButton";
 import { PaginatedResponse } from "@goauthentik/elements/table/Table";
 import { TableColumn } from "@goauthentik/elements/table/Table";

web/src/admin/applications/components/ak-provider-search-input.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { groupBy } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { groupBy } from "@goauthentik/common/utils";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/forms/SearchSelect";
 

web/src/admin/applications/wizard/application/ak-application-wizard-application-details.ts

@@ -1,5 +1,5 @@
 import { policyOptions } from "@goauthentik/admin/applications/ApplicationForm";
-import { first } from "@goauthentik/common/utils.js";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-radio-input";
 import "@goauthentik/components/ak-slug-input";
 import "@goauthentik/components/ak-switch-input";

web/src/admin/applications/wizard/commit/ak-application-wizard-commit-application.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EVENT_REFRESH } from "@goauthentik/common/constants.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EVENT_REFRESH } from "@goauthentik/common/constants";
 import "@goauthentik/components/ak-radio-input";
 import "@goauthentik/components/ak-switch-input";
 import "@goauthentik/components/ak-text-input";

web/src/admin/applications/wizard/methods/ldap/ak-application-wizard-authentication-by-ldap.ts

@@ -2,7 +2,7 @@ import "@goauthentik/admin/applications/wizard/ak-wizard-title";
 import "@goauthentik/admin/common/ak-core-group-search";
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-branded-flow-search";
-import { first } from "@goauthentik/common/utils.js";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-number-input";
 import "@goauthentik/components/ak-radio-input";
 import "@goauthentik/components/ak-switch-input";

web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts

@@ -11,8 +11,8 @@ import {
     makeOAuth2PropertyMappingsSelector,
     oauth2PropertyMappingsProvider,
 } from "@goauthentik/admin/providers/oauth2/Oauth2PropertyMappings.js";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-number-input";
 import "@goauthentik/components/ak-radio-input";
 import "@goauthentik/components/ak-switch-input";

web/src/admin/applications/wizard/methods/proxy/AuthenticationByProxyPage.ts

@@ -3,8 +3,8 @@ import {
     makeProxyPropertyMappingsSelector,
     proxyPropertyMappingsProvider,
 } from "@goauthentik/admin/providers/proxy/ProxyProviderPropertyMappings.js";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-switch-input";
 import "@goauthentik/components/ak-text-input";
 import "@goauthentik/components/ak-textarea-input";

web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-reverse-proxy.ts

@@ -1,4 +1,4 @@
-import { first } from "@goauthentik/common/utils.js";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-switch-input";
 import "@goauthentik/components/ak-text-input";
 

web/src/admin/applications/wizard/methods/radius/ak-application-wizard-authentication-by-radius.ts

@@ -1,7 +1,7 @@
 import "@goauthentik/admin/applications/wizard/ak-wizard-title";
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-branded-flow-search";
-import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils.js";
+import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-text-input";
 import { WithBrandConfig } from "@goauthentik/elements/Interface/brandProvider";
 import "@goauthentik/elements/forms/FormGroup";

web/src/admin/applications/wizard/methods/saml/ak-application-wizard-authentication-by-saml-configuration.ts

@@ -3,7 +3,7 @@ import "@goauthentik/admin/applications/wizard/ak-wizard-title";
 import "@goauthentik/admin/common/ak-core-group-search";
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-branded-flow-search";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/components/ak-multi-select";
 import "@goauthentik/components/ak-number-input";
 import "@goauthentik/components/ak-radio-input";

web/src/admin/applications/wizard/methods/saml/saml-property-mappings-search.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKElement } from "@goauthentik/elements/Base";
 import { SearchSelect } from "@goauthentik/elements/forms/SearchSelect";
 import { CustomListenerElement } from "@goauthentik/elements/utils/eventEmitter";

web/src/admin/applications/wizard/methods/scim/ak-application-wizard-authentication-by-scim.ts

@@ -2,8 +2,8 @@ import "@goauthentik/admin/applications/wizard/ak-wizard-title";
 import "@goauthentik/admin/common/ak-core-group-search";
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-branded-flow-search";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-multi-select";
 import "@goauthentik/components/ak-switch-input";
 import "@goauthentik/components/ak-text-input";

web/src/admin/blueprints/BlueprintForm.ts

@@ -1,6 +1,6 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { docLink } from "@goauthentik/common/global.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { docLink } from "@goauthentik/common/global";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-toggle-group";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";

web/src/admin/blueprints/BlueprintListPage.ts

@@ -1,8 +1,8 @@
 import "@goauthentik/admin/blueprints/BlueprintForm";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EVENT_REFRESH } from "@goauthentik/common/constants.js";
-import { getRelativeTime } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EVENT_REFRESH } from "@goauthentik/common/constants";
+import { getRelativeTime } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-status-label";
 import "@goauthentik/elements/buttons/ActionButton";
 import "@goauthentik/elements/buttons/SpinnerButton";

web/src/admin/brands/BrandForm.ts

@@ -1,7 +1,7 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/FormGroup";

web/src/admin/brands/BrandListPage.ts

@@ -1,6 +1,6 @@
 import "@goauthentik/admin/brands/BrandForm";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/components/ak-status-label";
 import "@goauthentik/components/ak-status-label";
 import "@goauthentik/elements/buttons/SpinnerButton";

web/src/admin/common/ak-core-group-search.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKElement } from "@goauthentik/elements/Base";
 import { SearchSelect } from "@goauthentik/elements/forms/SearchSelect";
 import { CustomListenerElement } from "@goauthentik/elements/utils/eventEmitter";

web/src/admin/common/ak-crypto-certificate-search.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKElement } from "@goauthentik/elements/Base";
 import { SearchSelect } from "@goauthentik/elements/forms/SearchSelect";
 import "@goauthentik/elements/forms/SearchSelect";

web/src/admin/common/ak-flow-search/FlowSearch.ts

@@ -1,5 +1,5 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKElement } from "@goauthentik/elements/Base";
 import { SearchSelect } from "@goauthentik/elements/forms/SearchSelect";
 import "@goauthentik/elements/forms/SearchSelect";

web/src/admin/crypto/CertificateGenerateForm.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { Form } from "@goauthentik/elements/forms/Form";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 

web/src/admin/crypto/CertificateKeyPairForm.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import { ModelForm } from "@goauthentik/elements/forms/ModelForm";

web/src/admin/crypto/CertificateKeyPairListPage.ts

@@ -1,7 +1,7 @@
 import "@goauthentik/admin/crypto/CertificateGenerateForm";
 import "@goauthentik/admin/crypto/CertificateKeyPairForm";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/components/ak-status-label";
 import { PFColor } from "@goauthentik/elements/Label";
 import "@goauthentik/elements/buttons/SpinnerButton";

web/src/admin/enterprise/EnterpriseLicenseForm.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EVENT_REFRESH_ENTERPRISE } from "@goauthentik/common/constants.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EVENT_REFRESH_ENTERPRISE } from "@goauthentik/common/constants";
 import "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import { ModelForm } from "@goauthentik/elements/forms/ModelForm";

web/src/admin/enterprise/EnterpriseLicenseListPage.ts

@@ -1,7 +1,7 @@
 import "@goauthentik/admin/enterprise/EnterpriseLicenseForm";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { getRelativeTime } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { getRelativeTime } from "@goauthentik/common/utils";
 import { PFColor } from "@goauthentik/elements/Label";
 import "@goauthentik/elements/Spinner";
 import "@goauthentik/elements/buttons/SpinnerButton";
@@ -29,6 +29,7 @@ import {
     License,
     LicenseForecast,
     LicenseSummary,
+    LicenseSummaryStatusEnum,
     RbacPermissionsAssignedByUsersListModelEnum,
 } from "@goauthentik/api";
 
@@ -182,7 +183,7 @@ export class EnterpriseLicenseListPage extends TablePage<License> {
                         header=${msg("Expiry")}
                         subtext=${msg("Cumulative license expiry")}
                     >
-                        ${this.summary?.hasLicense
+                        ${this.summary?.status === LicenseSummaryStatusEnum.Unlicensed
                             ? html`<div>${getRelativeTime(this.summary.latestValid)}</div>
                                   <small>${this.summary.latestValid.toLocaleString()}</small>`
                             : "-"}

web/src/admin/events/EventListPage.ts

@@ -1,9 +1,9 @@
 import "@goauthentik/admin/events/EventVolumeChart";
 import { EventGeo, EventUser } from "@goauthentik/admin/events/utils";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EventWithContext } from "@goauthentik/common/events.js";
-import { actionToLabel } from "@goauthentik/common/labels.js";
-import { getRelativeTime } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EventWithContext } from "@goauthentik/common/events";
+import { actionToLabel } from "@goauthentik/common/labels";
+import { getRelativeTime } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-event-info";
 import { PaginatedResponse } from "@goauthentik/elements/table/Table";
 import { TableColumn } from "@goauthentik/elements/table/Table";

web/src/admin/events/EventViewPage.ts

@@ -1,8 +1,8 @@
 import { EventGeo, EventUser } from "@goauthentik/admin/events/utils";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { EventWithContext } from "@goauthentik/common/events.js";
-import { actionToLabel } from "@goauthentik/common/labels.js";
-import { getRelativeTime } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EventWithContext } from "@goauthentik/common/events";
+import { actionToLabel } from "@goauthentik/common/labels";
+import { getRelativeTime } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-event-info";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/PageHeader";

web/src/admin/events/EventVolumeChart.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { AKChart } from "@goauthentik/elements/charts/Chart";
 import { ChartData } from "chart.js";
 

web/src/admin/events/RuleForm.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { severityToLabel } from "@goauthentik/common/labels.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { severityToLabel } from "@goauthentik/common/labels";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";

web/src/admin/events/RuleListPage.ts

@@ -1,8 +1,8 @@
 import "@goauthentik/admin/events/RuleForm";
 import "@goauthentik/admin/policies/BoundPoliciesList";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { severityToLabel } from "@goauthentik/common/labels.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { severityToLabel } from "@goauthentik/common/labels";
 import "@goauthentik/elements/buttons/SpinnerButton";
 import "@goauthentik/elements/forms/DeleteBulkForm";
 import "@goauthentik/elements/forms/ModalForm";

web/src/admin/events/TransportForm.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";

web/src/admin/events/TransportListPage.ts

@@ -1,6 +1,6 @@
 import "@goauthentik/admin/events/TransportForm";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/buttons/ActionButton";
 import "@goauthentik/elements/buttons/SpinnerButton";
 import "@goauthentik/elements/forms/DeleteBulkForm";

web/src/admin/events/utils.ts

@@ -1,5 +1,5 @@
-import { EventWithContext } from "@goauthentik/common/events.js";
-import { truncate } from "@goauthentik/common/utils.js";
+import { EventWithContext } from "@goauthentik/common/events";
+import { truncate } from "@goauthentik/common/utils";
 import { KeyUnknown } from "@goauthentik/elements/forms/Form";
 
 import { msg, str } from "@lit/localize";

web/src/admin/flows/BoundStagesList.ts

@@ -1,7 +1,7 @@
 import "@goauthentik/admin/flows/StageBindingForm";
 import "@goauthentik/admin/policies/BoundPoliciesList";
 import "@goauthentik/admin/stages/StageWizard";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/Tabs";
 import "@goauthentik/elements/forms/DeleteBulkForm";
 import "@goauthentik/elements/forms/ModalForm";

web/src/admin/flows/FlowDiagram.ts

@@ -1,4 +1,4 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { Diagram } from "@goauthentik/elements/Diagram";
 import "@goauthentik/elements/EmptyState";
 

web/src/admin/flows/FlowForm.ts

@@ -1,7 +1,7 @@
 import { DesignationToLabel, LayoutToLabel } from "@goauthentik/admin/flows/utils";
 import { AuthenticationEnum } from "@goauthentik/api/dist/models/AuthenticationEnum";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { first } from "@goauthentik/common/utils.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { first } from "@goauthentik/common/utils";
 import {
     CapabilitiesEnum,
     WithCapabilitiesConfig,

web/src/admin/flows/FlowImportForm.ts

@@ -1,5 +1,5 @@
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { SentryIgnoredError } from "@goauthentik/common/errors.js";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { SentryIgnoredError } from "@goauthentik/common/errors";
 import "@goauthentik/components/ak-status-label";
 import "@goauthentik/elements/events/LogViewer";
 import { Form } from "@goauthentik/elements/forms/Form";

web/src/admin/flows/FlowListPage.ts

@@ -1,8 +1,8 @@
 import "@goauthentik/admin/flows/FlowForm";
 import "@goauthentik/admin/flows/FlowImportForm";
 import { DesignationToLabel } from "@goauthentik/admin/flows/utils";
-import { AndNext, DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
-import { groupBy } from "@goauthentik/common/utils.js";
+import { AndNext, DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { groupBy } from "@goauthentik/common/utils";
 import "@goauthentik/elements/buttons/SpinnerButton";
 import "@goauthentik/elements/forms/ConfirmationForm";
 import "@goauthentik/elements/forms/DeleteBulkForm";

web/src/admin/flows/FlowViewPage.ts

@@ -4,7 +4,7 @@ import "@goauthentik/admin/flows/FlowForm";
 import { DesignationToLabel } from "@goauthentik/admin/flows/utils";
 import "@goauthentik/admin/policies/BoundPoliciesList";
 import "@goauthentik/admin/rbac/ObjectPermissionsPage";
-import { AndNext, DEFAULT_CONFIG } from "@goauthentik/common/api/config.js";
+import { AndNext, DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/components/events/ObjectChangelog";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/PageHeader";