fix: use absolute path in gql client (#5454) (#5462)

before

![CleanShot 2023-12-25 at 13.09.26.png](https://graphite-user-uploaded-assets-prod.s3.amazonaws.com/g3jz87HxbjOJpXV3FPT7/4fe08951-67bb-4050-ba14-94391db1cac1.png)

after

![CleanShot 2023-12-25 at 13.09.13.png](https://graphite-user-uploaded-assets-prod.s3.amazonaws.com/g3jz87HxbjOJpXV3FPT7/fbfb17ec-b871-4746-9d3c-d24f850ecca1.png)

.devcontainer/Dockerfile

@@ -0,0 +1,9 @@
+FROM mcr.microsoft.com/devcontainers/base:bookworm
+
+# Install Homebrew For Linux
+RUN /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" && \
+    eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" && \
+    echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> /home/vscode/.zshrc && \
+    echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> /home/vscode/.bashrc && \
+    # Install Graphite
+    brew install withgraphite/tap/graphite && gt --version

.devcontainer/build.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+# This is a script used by the devcontainer to build the project
+
+#Enable yarn
+corepack enable
+corepack prepare yarn@stable --activate
+
+# install dependencies
+yarn install
+
+# Create database
+yarn workspace @affine/server prisma db push

.devcontainer/devcontainer.json

@@ -0,0 +1,25 @@
+// For format details, see https://aka.ms/devcontainer.json.
+{
+  "name": "Debian",
+  "dockerComposeFile": "docker-compose.yml",
+  "service": "app",
+  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
+  "features": {
+    "ghcr.io/devcontainers/features/node:1": {
+      "version": "18"
+    },
+    "ghcr.io/devcontainers/features/rust:1": {}
+  },
+  // Configure tool-specific properties.
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "ms-playwright.playwright",
+        "esbenp.prettier-vscode",
+        "streetsidesoftware.code-spell-checker"
+      ]
+    }
+  },
+  "updateContentCommand": "bash ./.devcontainer/build.sh",
+  "postCreateCommand": "bash ./.devcontainer/setup-user.sh"
+}

.devcontainer/docker-compose.yml

@@ -0,0 +1,26 @@
+version: '3.8'
+
+services:
+  app:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    volumes:
+      - ../..:/workspaces:cached
+    command: sleep infinity
+    network_mode: service:db
+    environment:
+      DATABASE_URL: postgresql://affine:affine@db:5432/affine
+
+  db:
+    image: postgres:latest
+    restart: unless-stopped
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+    environment:
+      POSTGRES_PASSWORD: affine
+      POSTGRES_USER: affine
+      POSTGRES_DB: affine
+
+volumes:
+  postgres-data:

.devcontainer/setup-user.sh

@@ -0,0 +1,7 @@
+if [ -v GRAPHITE_TOKEN ];then
+    gt auth --token $GRAPHITE_TOKEN
+fi
+
+git fetch
+git branch canary -t origin/canary
+gt init --trunk canary

.env.template

@@ -11,3 +11,4 @@ ENABLE_CLOUD=
 ENABLE_MOVE_DATABASE=
 SHOULD_REPORT_TRACE=
 TRACE_REPORT_ENDPOINT=
+CAPTCHA_SITE_KEY=

.eslintignore

@@ -7,10 +7,10 @@ affine-out
 _next
 lib
 .eslintrc.js
-packages/i18n/src/i18n-generated.ts
 e2e-dist-*
 static
 web-static
 public
-packages/sdk/src/*.d.ts
-packages/sdk/src/*.js
+packages/common/sdk/src/*.d.ts
+packages/common/sdk/src/*.js
+packages/frontend/i18n/src/i18n-generated.ts

.eslintrc.js

@@ -56,26 +56,25 @@ const createPattern = packageName => [
 ];
 
 const allPackages = [
-  'packages/cli',
-  'packages/component',
-  'packages/debug',
-  'packages/env',
-  'packages/graphql',
-  'packages/hooks',
-  'packages/i18n',
-  'packages/native',
-  'packages/infra',
-  'packages/sdk',
-  'packages/templates',
-  'packages/theme',
-  'packages/workspace',
-  'packages/y-indexeddb',
-  'apps/web',
-  'apps/server',
-  'apps/electron',
-  'apps/storybook',
-  'plugins/copilot',
-  'plugins/bookmark-block',
+  'packages/backend/server',
+  'packages/frontend/component',
+  'packages/frontend/core',
+  'packages/frontend/electron',
+  'packages/frontend/graphql',
+  'packages/frontend/hooks',
+  'packages/frontend/i18n',
+  'packages/frontend/native',
+  'packages/frontend/templates',
+  'packages/frontend/workspace',
+  'packages/common/debug',
+  'packages/common/env',
+  'packages/common/infra',
+  'packages/common/sdk',
+  'packages/common/theme',
+  'packages/common/y-indexeddb',
+  'packages/plugins/copilot',
+  'tools/cli',
+  'tests/storybook',
 ];
 
 /**
@@ -88,7 +87,7 @@ const config = {
       version: 'detect',
     },
     next: {
-      rootDir: 'apps/web',
+      rootDir: 'packages/frontend/core',
     },
   },
   extends: [
@@ -127,11 +126,18 @@ const config = {
     'no-cond-assign': 'off',
     'no-constant-binary-expression': 'error',
     'no-constructor-return': 'error',
+    'no-self-compare': 'error',
+    eqeqeq: ['error', 'always', { null: 'ignore' }],
     'react/prop-types': 'off',
+    'react/jsx-no-useless-fragment': 'error',
     '@typescript-eslint/consistent-type-imports': 'error',
     '@typescript-eslint/no-non-null-assertion': 'error',
     '@typescript-eslint/no-explicit-any': 'off',
     '@typescript-eslint/no-empty-function': 'off',
+    '@typescript-eslint/await-thenable': 'error',
+    '@typescript-eslint/require-array-sort-compare': 'error',
+    '@typescript-eslint/unified-signatures': 'error',
+    '@typescript-eslint/prefer-for-of': 'error',
     '@typescript-eslint/no-unused-vars': [
       'error',
       {
@@ -202,6 +208,18 @@ const config = {
         ignore: ['^\\[[a-zA-Z0-9-_]+\\]\\.tsx$'],
       },
     ],
+    'unicorn/no-unnecessary-await': 'error',
+    'unicorn/no-useless-fallback-in-spread': 'error',
+    'unicorn/prefer-dom-node-dataset': 'error',
+    'unicorn/prefer-dom-node-append': 'error',
+    'unicorn/prefer-dom-node-remove': 'error',
+    'unicorn/prefer-array-some': 'error',
+    'unicorn/prefer-date-now': 'error',
+    'unicorn/prefer-blob-reading-methods': 'error',
+    'unicorn/no-typeof-undefined': 'error',
+    'unicorn/no-useless-promise-resolve-reject': 'error',
+    'unicorn/no-new-array': 'error',
+    'unicorn/new-for-builtins': 'error',
     'sonarjs/no-all-duplicated-branches': 'error',
     'sonarjs/no-element-overwrite': 'error',
     'sonarjs/no-empty-collection': 'error',
@@ -221,7 +239,7 @@ const config = {
   },
   overrides: [
     {
-      files: 'apps/server/**/*.ts',
+      files: 'packages/backend/server/**/*.ts',
       rules: {
         '@typescript-eslint/consistent-type-imports': 0,
       },
@@ -252,6 +270,14 @@ const config = {
           },
         ],
         '@typescript-eslint/no-misused-promises': ['error'],
+        '@typescript-eslint/prefer-readonly': 'error',
+        'i/no-extraneous-dependencies': ['error'],
+        'react-hooks/exhaustive-deps': [
+          'warn',
+          {
+            additionalHooks: 'useAsyncCallback',
+          },
+        ],
       },
     })),
     {

.github/CLA.md

@@ -61,3 +61,4 @@ Example:
 - Shishu, @shishudesu, 2023/05/19
 - Kushagra Singh, @kush002, 2023/06/28
 - Sarvesh Kumar, @sarvesh521 2023/08/25
+- 微扰理论 Qinghao Huang, @wfnuser 2023/09/29

.github/ISSUE_TEMPLATE/BUG-REPORT.yml

@@ -58,6 +58,6 @@ body:
       label: Are you willing to submit a PR?
       description: >
         (Optional) We encourage you to submit a [Pull Request](https://github.com/toeverything/affine/pulls) (PR) to help improve AFFiNE for everyone, especially if you have a good understanding of how to implement a fix or feature.
-        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/master/CONTRIBUTING.md) to get started.
+        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/canary/CONTRIBUTING.md) to get started.
       options:
         - label: Yes I'd like to help by submitting a PR!

.github/ISSUE_TEMPLATE/FEATURE-REQUEST.yml

@@ -31,6 +31,6 @@ body:
       label: Are you willing to submit a PR?
       description: >
         (Optional) We encourage you to submit a [Pull Request](https://github.com/toeverything/affine/pulls) (PR) to help improve AFFiNE for everyone, especially if you have a good understanding of how to implement a fix or feature.
-        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/master/CONTRIBUTING.md) to get started.
+        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/canary/CONTRIBUTING.md) to get started.
       options:
         - label: Yes I'd like to help by submitting a PR!

.github/actions/build-rust/action.yml

@@ -14,11 +14,27 @@ inputs:
 runs:
   using: 'composite'
   steps:
+    - name: Print rustup toolchain version
+      shell: bash
+      id: rustup-version
+      run: |
+        export RUST_TOOLCHAIN_VERSION="$(grep 'channel' rust-toolchain.toml | head -1 | awk -F '"' '{print $2}')"
+        echo "Rust toolchain version: $RUST_TOOLCHAIN_VERSION"
+        echo "RUST_TOOLCHAIN_VERSION=$RUST_TOOLCHAIN_VERSION" >> "$GITHUB_OUTPUT"
     - name: Setup Rust
       uses: dtolnay/rust-toolchain@stable
       with:
-        toolchain: stable
+        toolchain: '${{ steps.rustup-version.outputs.RUST_TOOLCHAIN_VERSION }}'
         targets: ${{ inputs.target }}
+      env:
+        CARGO_INCREMENTAL: '1'
+
+    - name: Set CC
+      if: ${{ contains(inputs.target, 'linux') && inputs.package != '@affine/native' }}
+      shell: bash
+      run: |
+        echo "CC=clang" >> "$GITHUB_ENV"
+        echo "TARGET_CC=clang" >> "$GITHUB_ENV"
 
     - name: Cache cargo
       uses: actions/cache@v3
@@ -27,39 +43,13 @@ runs:
           ~/.cargo/registry/index/
           ~/.cargo/registry/cache/
           ~/.cargo/git/db/
-          .cargo-cache
+          ~/.napi-rs
           target/${{ inputs.target }}
         key: stable-${{ inputs.target }}-cargo-cache
     - name: Build
-      if: ${{ inputs.target != 'x86_64-unknown-linux-gnu' && inputs.target != 'aarch64-unknown-linux-gnu' }}
       shell: bash
       run: |
-        yarn nx build ${{ inputs.package }} --target ${{ inputs.target }}
+        yarn workspace ${{ inputs.package }} nx build ${{ inputs.package }} --target ${{ inputs.target }} --use-napi-cross
       env:
         NX_CLOUD_ACCESS_TOKEN: ${{ inputs.nx_token }}
-
-    - name: Build
-      if: ${{ inputs.target == 'x86_64-unknown-linux-gnu' }}
-      uses: addnab/docker-run-action@v3
-      with:
-        image: ghcr.io/napi-rs/napi-rs/nodejs-rust:lts-debian
-        options: --user 0:0 -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build -e NX_CLOUD_ACCESS_TOKEN=${{ inputs.nx_token }}
-        run: |
-          export CC=x86_64-unknown-linux-gnu-gcc
-          export CC_x86_64_unknown_linux_gnu=x86_64-unknown-linux-gnu-gcc
-          export RUSTFLAGS="-C debuginfo=1"
-          yarn nx build ${{ inputs.package }} --target ${{ inputs.target }}
-          chmod -R 777 node_modules/.cache
-          chmod -R 777 target
-
-    - name: Build
-      if: ${{ inputs.target == 'aarch64-unknown-linux-gnu' }}
-      uses: addnab/docker-run-action@v3
-      with:
-        image: ghcr.io/napi-rs/napi-rs/nodejs-rust:lts-debian-aarch64
-        options: --user 0:0 -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build -e NX_CLOUD_ACCESS_TOKEN=${{ inputs.nx_token }}
-        run: |
-          export RUSTFLAGS="-C debuginfo=1"
-          yarn nx build ${{ inputs.package }} --target ${{ inputs.target }}
-          chmod -R 777 node_modules/.cache
-          chmod -R 777 target
+        DEBUG: 'napi:*'

.github/actions/deploy/action.yml

@@ -26,7 +26,7 @@ runs:
         echo "GIT_SHORT_HASH=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
     - uses: azure/setup-helm@v3
     - id: auth
-      uses: google-github-actions/auth@v1
+      uses: google-github-actions/auth@v2
       with:
         workload_identity_provider: 'projects/${{ inputs.gcp-project-number }}/locations/global/workloadIdentityPools/github-actions/providers/github-actions-helm-deploy'
         service_account: '${{ inputs.service-account }}'
@@ -34,7 +34,7 @@ runs:
         project_id: '${{ inputs.gcp-project-id }}'
 
     - name: 'Setup gcloud cli'
-      uses: 'google-github-actions/setup-gcloud@v1'
+      uses: 'google-github-actions/setup-gcloud@v2'
       with:
         install_components: 'gke-gcloud-auth-plugin'
 

.github/actions/deploy/deploy.mjs

@@ -1,6 +1,7 @@
 import { execSync } from 'node:child_process';
 
 const {
+  APP_VERSION,
   BUILD_TYPE,
   DEPLOY_HOST,
   CANARY_DEPLOY_HOST,
@@ -13,6 +14,8 @@ const {
   R2_ACCESS_KEY_ID,
   R2_SECRET_ACCESS_KEY,
   R2_BUCKET,
+  ENABLE_CAPTCHA,
+  CAPTCHA_TURNSTILE_SECRET,
   OAUTH_EMAIL_SENDER,
   OAUTH_EMAIL_LOGIN,
   OAUTH_EMAIL_PASSWORD,
@@ -23,6 +26,9 @@ const {
   GCLOUD_CLOUD_SQL_INTERNAL_ENDPOINT,
   REDIS_HOST,
   REDIS_PASSWORD,
+  STRIPE_API_KEY,
+  STRIPE_WEBHOOK_KEY,
+  STATIC_IP_NAME,
 } = process.env;
 
 // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
@@ -30,17 +36,13 @@ const buildType = BUILD_TYPE || 'canary';
 
 const isProduction = buildType === 'stable';
 const isBeta = buildType === 'beta';
+const isInternal = buildType === 'internal';
 
 const createHelmCommand = ({ isDryRun }) => {
   const flag = isDryRun ? '--dry-run' : '--atomic';
   const imageTag = `${buildType}-${GIT_SHORT_HASH}`;
-  const staticIpName = isProduction
-    ? 'affine-cluster-production'
-    : isBeta
-    ? 'affine-cluster-beta'
-    : 'affine-cluster-dev';
   const redisAndPostgres =
-    isProduction || isBeta
+    isProduction || isBeta || isInternal
       ? [
           `--set-string global.database.url=${DATABASE_URL}`,
           `--set-string global.database.user=${DATABASE_USERNAME}`,
@@ -54,33 +56,42 @@ const createHelmCommand = ({ isDryRun }) => {
         ]
       : [];
   const serviceAnnotations =
-    isProduction || isBeta
+    isProduction || isBeta || isInternal
       ? [
           `--set-json   web.service.annotations=\"{ \\"cloud.google.com/neg\\": \\"{\\\\\\"ingress\\\\\\": true}\\" }\"`,
-          `--set-json   graphql.serviceAccount.annotations=\"{ \\"iam.gke.io/gcp-service-account\\": \\"${CLOUD_SQL_IAM_ACCOUNT}\\" }\"`,
           `--set-json   graphql.service.annotations=\"{ \\"cloud.google.com/neg\\": \\"{\\\\\\"ingress\\\\\\": true}\\" }\"`,
-          `--set-json   sync.serviceAccount.annotations=\"{ \\"iam.gke.io/gcp-service-account\\": \\"${CLOUD_SQL_IAM_ACCOUNT}\\" }\"`,
           `--set-json   sync.service.annotations=\"{ \\"cloud.google.com/neg\\": \\"{\\\\\\"ingress\\\\\\": true}\\" }\"`,
+          `--set-json   cloud-sql-proxy.serviceAccount.annotations=\"{ \\"iam.gke.io/gcp-service-account\\": \\"${CLOUD_SQL_IAM_ACCOUNT}\\" }\"`,
+          `--set-json   cloud-sql-proxy.nodeSelector=\"{ \\"iam.gke.io/gke-metadata-server-enabled\\": \\"true\\" }\"`,
         ]
       : [];
   const webReplicaCount = isProduction ? 3 : isBeta ? 2 : 2;
-  const graphqlReplicaCount = isProduction ? 3 : isBeta ? 2 : 2;
-  const syncReplicaCount = isProduction ? 6 : isBeta ? 3 : 2;
-  const namespace = isProduction ? 'production' : isBeta ? 'beta' : 'dev';
+  const graphqlReplicaCount = isProduction ? 10 : isBeta ? 5 : 2;
+  const syncReplicaCount = isProduction ? 10 : isBeta ? 5 : 2;
+  const namespace = isProduction
+    ? 'production'
+    : isBeta
+      ? 'beta'
+      : isInternal
+        ? 'internal'
+        : 'dev';
   // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
   const host = DEPLOY_HOST || CANARY_DEPLOY_HOST;
   const deployCommand = [
     `helm upgrade --install affine .github/helm/affine`,
     `--namespace  ${namespace}`,
     `--set        global.ingress.enabled=true`,
-    `--set-json   global.ingress.annotations=\"{ \\"kubernetes.io/ingress.class\\": \\"gce\\", \\"kubernetes.io/ingress.allow-http\\": \\"true\\", \\"kubernetes.io/ingress.global-static-ip-name\\": \\"${staticIpName}\\" }\"`,
+    `--set-json   global.ingress.annotations=\"{ \\"kubernetes.io/ingress.class\\": \\"gce\\", \\"kubernetes.io/ingress.allow-http\\": \\"true\\", \\"kubernetes.io/ingress.global-static-ip-name\\": \\"${STATIC_IP_NAME}\\" }\"`,
     `--set-string global.ingress.host="${host}"`,
+    `--set-string global.version="${APP_VERSION}"`,
     ...redisAndPostgres,
     `--set        web.replicaCount=${webReplicaCount}`,
     `--set-string web.image.tag="${imageTag}"`,
     `--set        graphql.replicaCount=${graphqlReplicaCount}`,
     `--set-string graphql.image.tag="${imageTag}"`,
     `--set        graphql.app.host=${host}`,
+    `--set        graphql.app.captcha.enabled=${ENABLE_CAPTCHA}`,
+    `--set-string graphql.app.captcha.turnstile.secret="${CAPTCHA_TURNSTILE_SECRET}"`,
     `--set        graphql.app.objectStorage.r2.enabled=true`,
     `--set-string graphql.app.objectStorage.r2.accountId="${R2_ACCOUNT_ID}"`,
     `--set-string graphql.app.objectStorage.r2.accessKeyId="${R2_ACCESS_KEY_ID}"`,
@@ -92,11 +103,14 @@ const createHelmCommand = ({ isDryRun }) => {
     `--set-string graphql.app.oauth.google.enabled=true`,
     `--set-string graphql.app.oauth.google.clientId="${AFFINE_GOOGLE_CLIENT_ID}"`,
     `--set-string graphql.app.oauth.google.clientSecret="${AFFINE_GOOGLE_CLIENT_SECRET}"`,
+    `--set-string graphql.app.payment.stripe.apiKey="${STRIPE_API_KEY}"`,
+    `--set-string graphql.app.payment.stripe.webhookKey="${STRIPE_WEBHOOK_KEY}"`,
     `--set        graphql.app.experimental.enableJwstCodec=true`,
+    `--set        graphql.app.features.earlyAccessPreview=false`,
     `--set        sync.replicaCount=${syncReplicaCount}`,
     `--set-string sync.image.tag="${imageTag}"`,
     ...serviceAnnotations,
-    `--version "0.0.0-${buildType}.${GIT_SHORT_HASH}" --timeout 10m`,
+    `--timeout 10m`,
     flag,
   ].join(' ');
   return deployCommand;

.github/actions/download-core/action.yml

@@ -0,0 +1,22 @@
+name: 'Download core artifacts'
+description: 'Download core artifacts and extract to dist'
+inputs:
+  path:
+    description: 'Path to extract'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Download tar.gz
+      uses: actions/download-artifact@v3
+      with:
+        name: core
+        path: .
+
+    - name: Extract core artifacts
+      shell: bash
+      run: |
+        mkdir -p ${{ inputs.path }}
+        tar -xvf dist.tar.gz --directory ${{ inputs.path }}
+        rm dist.tar.gz

.github/actions/setup-maker/action.yml

@@ -1,16 +0,0 @@
-name: Setup maker
-description: 'Setup maker dmg for electron'
-
-runs:
-  using: 'composite'
-  steps:
-    - name: 'Install @electron-forge/maker-dmg'
-      if: runner.os == 'macos'
-      shell: bash
-      working-directory: ./apps/electron
-      run: yarn add @electron-forge/maker-dmg --dev
-      env:
-        HUSKY: '0'
-        PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: '1'
-        ELECTRON_SKIP_BINARY_DOWNLOAD: '1'
-        SENTRYCLI_SKIP_DOWNLOAD: '1'

.github/actions/setup-node/action.yml

@@ -21,43 +21,114 @@ inputs:
     description: 'set nmMode to hardlinks-local in .yarnrc.yml'
     required: false
     default: 'true'
+  build-infra:
+    description: 'Build infra'
+    required: false
+    default: 'true'
+  build-plugins:
+    description: 'Build plugins'
+    required: false
+    default: 'true'
+  nmHoistingLimits:
+    description: 'Set nmHoistingLimits in .yarnrc.yml'
+    required: false
+  enableScripts:
+    description: 'Set enableScripts in .yarnrc.yml'
+    required: false
+    default: 'true'
+  full-cache:
+    description: 'Full installation cache'
+    required: false
 
 runs:
   using: 'composite'
   steps:
     - name: Setup Node.js
-      uses: actions/setup-node@v3
+      uses: actions/setup-node@v4
       with:
         node-version-file: '.nvmrc'
         registry-url: https://npm.pkg.github.com
         scope: '@toeverything'
-        cache: 'yarn'
 
     - name: Set nmMode
-      if: ${{ inputs.hard-link-nm == 'true' }}
+      if: ${{ inputs.hard-link-nm == 'false' }}
       shell: bash
-      run: yarn config set nmMode hardlinks-local
+      run: yarn config set nmMode classic
+
+    - name: Set nmHoistingLimits
+      if: ${{ inputs.nmHoistingLimits }}
+      shell: bash
+      run: yarn config set nmHoistingLimits ${{ inputs.nmHoistingLimits }}
+
+    - name: Set enableScripts
+      if: ${{ inputs.enableScripts == 'false' }}
+      shell: bash
+      run: yarn config set enableScripts false
+
+    - name: Set yarn global cache path
+      shell: bash
+      id: yarn-cache
+      run: node -e "const p = $(yarn config cacheFolder --json).effective; console.log('yarn_global_cache=' + p)" >> $GITHUB_OUTPUT
+
+    - name: Cache non-full yarn cache on Linux
+      uses: actions/cache@v3
+      if: ${{ inputs.full-cache != 'true' && runner.os == 'Linux' }}
+      with:
+        path: |
+          node_modules
+          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
+        key: node_modules-cache-${{ github.job }}-${{ runner.os }}
+
+    # The network performance on macOS is very poor
+    # and the decompression performance on Windows is very terrible
+    # so we reduce the number of cached files on non-Linux systems by remove node_modules from cache path.
+    - name: Cache non-full yarn cache on non-Linux
+      uses: actions/cache@v3
+      if: ${{ inputs.full-cache != 'true' && runner.os != 'Linux' }}
+      with:
+        path: |
+          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
+        key: node_modules-cache-${{ github.job }}-${{ runner.os }}
+
+    - name: Cache full yarn cache on Linux
+      uses: actions/cache@v3
+      if: ${{ inputs.full-cache == 'true' && runner.os == 'Linux' }}
+      with:
+        path: |
+          node_modules
+          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
+        key: node_modules-cache-full-${{ runner.os }}
+
+    - name: Cache full yarn cache on non-Linux
+      uses: actions/cache@v3
+      if: ${{ inputs.full-cache == 'true' && runner.os != 'Linux' }}
+      with:
+        path: |
+          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
+        key: node_modules-cache-full-${{ runner.os }}
 
     - name: yarn install
       if: ${{ inputs.package-install == 'true' }}
       continue-on-error: true
       shell: bash
-      run: yarn install ${{ inputs.extra-flags }}
+      run: yarn ${{ inputs.extra-flags }}
       env:
         HUSKY: '0'
         PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: '1'
         ELECTRON_SKIP_BINARY_DOWNLOAD: '1'
         SENTRYCLI_SKIP_DOWNLOAD: '1'
+        DEBUG: '*'
 
     - name: yarn install (try again)
       if: ${{ steps.install.outcome == 'failure' }}
       shell: bash
-      run: yarn install ${{ inputs.extra-flags }}
+      run: yarn ${{ inputs.extra-flags }}
       env:
         HUSKY: '0'
         PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: '1'
         ELECTRON_SKIP_BINARY_DOWNLOAD: '1'
         SENTRYCLI_SKIP_DOWNLOAD: '1'
+        DEBUG: '*'
 
     - name: Get installed Playwright version
       id: playwright-version
@@ -75,8 +146,8 @@ runs:
       id: playwright-cache
       if: ${{ inputs.playwright-install == 'true' }}
       with:
-        path: '~/.cache/ms-playwright'
-        key: '${{ runner.os }}-${{ runner.arch }}-playwright-${{ steps.playwright-version.outputs.version }}'
+        path: ${{ github.workspace }}/node_modules/.cache/ms-playwright
+        key: '${{ runner.os }}-playwright-${{ steps.playwright-version.outputs.version }}'
         # As a fallback, if the Playwright version has changed, try use the
         # most recently cached version. There's a good chance that at least one
         # of the browser binary versions haven't been updated, so Playwright can
@@ -86,14 +157,16 @@ runs:
         # date cache, but still let Playwright decide if it needs to download
         # new binaries or not.
         restore-keys: |
-          ${{ runner.os }}-${{ runner.arch }}-playwright-
+          ${{ runner.os }}-playwright-
 
     # If the Playwright browser binaries weren't able to be restored, we tell
-    # paywright to install everything for us.
+    # playwright to install everything for us.
     - name: Install Playwright's dependencies
       shell: bash
-      if: inputs.playwright-install == 'true' && steps.playwright-cache.outputs.cache-hit != 'true'
-      run: yarn playwright install --with-deps
+      if: inputs.playwright-install == 'true'
+      run: yarn playwright install --with-deps chromium
+      env:
+        PLAYWRIGHT_BROWSERS_PATH: ${{ github.workspace }}/node_modules/.cache/ms-playwright
 
     - name: Get installed Electron version
       id: electron-version
@@ -107,21 +180,23 @@ runs:
       if: ${{ inputs.electron-install == 'true' }}
       with:
         path: 'node_modules/.cache/electron'
-        key: '${{ runner.os }}-{{ runner.arch }}-electron-${{ steps.electron-version.outputs.version }}'
+        key: '${{ runner.os }}-electron-${{ steps.electron-version.outputs.version }}'
         restore-keys: |
-          ${{ runner.os }}-{{ runner.arch }}-electron-
+          ${{ runner.os }}-electron-
 
     - name: Install Electron binary
       shell: bash
       if: inputs.electron-install == 'true'
-      run: node apps/electron/node_modules/electron/install.js
+      run: node ./node_modules/electron/install.js
       env:
-        ELECTRON_OVERRIDE_DIST_PATH: ./node_modules/.cache/electron
+        electron_config_cache: ./node_modules/.cache/electron
 
     - name: Build Infra
       shell: bash
+      if: inputs.build-infra == 'true'
       run: yarn run build:infra
 
     - name: Build Plugins
+      if: inputs.build-plugins == 'true'
       shell: bash
       run: yarn run build:plugins

.github/actions/setup-version/action.yml

@@ -0,0 +1,24 @@
+name: Setup Version
+description: 'Setup Version'
+outputs:
+  APP_VERSION:
+    description: 'App Version'
+    value: ${{ steps.version.outputs.APP_VERSION }}
+runs:
+  using: 'composite'
+  steps:
+    - name: 'Write Version'
+      id: version
+      shell: bash
+      run: |
+        if [ "${{ github.ref_type }}" == "tag" ]; then
+          APP_VERSION=$(echo "${{ github.ref_name }}" | sed 's/^v//')
+        else
+          PACKAGE_VERSION=$(node -p "require('./package.json').version")
+          TIME_VERSION=$(date +%Y%m%d%H%M)
+          GIT_SHORT_HASH=$(git rev-parse --short HEAD)
+          APP_VERSION=$PACKAGE_VERSION-nightly-$TIME_VERSION-$GIT_SHORT_HASH
+        fi
+        echo $APP_VERSION
+        echo "APP_VERSION=$APP_VERSION" >> "$GITHUB_OUTPUT"
+        ./scripts/set-version.sh $APP_VERSION

.github/dependabot.yml

@@ -1,9 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: 'npm'
-    directory: '/'
-    schedule:
-      interval: 'weekly'
-    versioning-strategy: increase
-    commit-message:
-      prefix: 'chore'

.github/deployment/front/Dockerfile

@@ -1,6 +1,6 @@
 FROM openresty/openresty:1.21.4.1-0-buster
 WORKDIR /app
-COPY ./apps/core/dist ./dist
+COPY ./packages/frontend/core/dist ./dist
 COPY ./.github/deployment/front/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
 COPY ./.github/deployment/front/affine.nginx.conf /etc/nginx/conf.d/affine.nginx.conf
 

.github/deployment/node/Dockerfile

@@ -1,6 +1,6 @@
 FROM node:18-bookworm-slim
 
-COPY ./apps/server /app
+COPY ./packages/backend/server /app
 WORKDIR /app
 
 RUN apt-get update && \

.github/helm/affine-cloud/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
-  version: 12.5.8
-digest: sha256:c91c0dc1370e879538dc9d6e435e731a726ef99d6a3b081372318483792b48a7
-generated: "2023-06-27T18:34:12.683806+08:00"
+  version: 13.2.23
+digest: sha256:5b64538509bd067bb0f67bf082847a2c5d66dc37d0b9d7948a40405d9c446400
+generated: "2023-12-05T03:04:57.997927753Z"

.github/helm/affine-cloud/Chart.yaml

@@ -8,5 +8,5 @@ appVersion: '0.6.1'
 
 dependencies:
   - name: postgresql
-    version: 12.5.8
+    version: 13.2.23
     repository: https://charts.bitnami.com/bitnami

.github/helm/affine/Chart.yaml

@@ -3,4 +3,4 @@ name: affine
 description: AFFiNE cloud chart
 type: application
 version: 0.0.0
-appVersion: '0.7.0-canary.18'
+appVersion: "0.11.0"

.github/helm/affine/charts/gcloud-sql-proxy/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

.github/helm/affine/charts/gcloud-sql-proxy/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: cloud-sql-proxy
+description: Google Cloud SQL Proxy
+type: application
+version: 0.0.0
+appVersion: "2.8.1"

.github/helm/affine/charts/gcloud-sql-proxy/templates/NOTES.txt

@@ -0,0 +1,18 @@
+{{- if .Values.global.database.gcloud.enabled -}}
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "gcloud-sql-proxy.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "gcloud-sql-proxy.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "gcloud-sql-proxy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "gcloud-sql-proxy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
+{{- end }}

.github/helm/affine/charts/gcloud-sql-proxy/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "gcloud-sql-proxy.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "gcloud-sql-proxy.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "gcloud-sql-proxy.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "gcloud-sql-proxy.labels" -}}
+helm.sh/chart: {{ include "gcloud-sql-proxy.chart" . }}
+{{ include "gcloud-sql-proxy.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "gcloud-sql-proxy.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "gcloud-sql-proxy.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "gcloud-sql-proxy.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "gcloud-sql-proxy.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

.github/helm/affine/charts/gcloud-sql-proxy/templates/deployment.yaml

@@ -0,0 +1,132 @@
+{{- if .Values.global.database.gcloud.enabled -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "gcloud-sql-proxy.fullname" . }}
+  labels:
+    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "gcloud-sql-proxy.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "gcloud-sql-proxy.labels" . | nindent 8 }}
+	{{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "gcloud-sql-proxy.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - "--address"
+            - "0.0.0.0"
+            - "--structured-logs"
+            - "--auto-iam-authn"
+            - "{{ .Values.global.database.gcloud.connectionName }}"
+          env:
+            # Enable HTTP healthchecks on port 9801. This enables /liveness,
+            # /readiness and /startup health check endpoints. Allow connections
+            # listen for connections on any interface (0.0.0.0) so that the
+            # k8s management components can reach these endpoints.
+            - name: CSQL_PROXY_HEALTH_CHECK
+              value: "true"
+            - name: CSQL_PROXY_HTTP_PORT
+              value: "9801"
+            - name: CSQL_PROXY_HTTP_ADDRESS
+              value: 0.0.0.0
+          ports:
+            - name: cloud-sql-proxy
+              containerPort: {{ .Values.global.database.gcloud.proxyPort }}
+              protocol: TCP
+            - containerPort: 9801
+              protocol: TCP
+          # The /startup probe returns OK when the proxy is ready to receive
+          # connections from the application. In this example, k8s will check
+          # once a second for 60 seconds.
+          startupProbe:
+            failureThreshold: 60
+            httpGet:
+              path: /startup
+              port: 9801
+              scheme: HTTP
+            periodSeconds: 1
+            successThreshold: 1
+            timeoutSeconds: 10
+          # The /liveness probe returns OK as soon as the proxy application has
+          # begun its startup process and continues to return OK until the
+          # process stops.
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /liveness
+              port: 9801
+              scheme: HTTP
+            # The probe will be checked every 10 seconds.
+            periodSeconds: 10
+            # Number of times the probe is allowed to fail before the transition
+            # from healthy to failure state.
+            #
+            # If periodSeconds = 60, 5 tries will result in five minutes of
+            # checks. The proxy starts to refresh a certificate five minutes
+            # before its expiration. If those five minutes lapse without a
+            # successful refresh, the liveness probe will fail and the pod will be
+            # restarted.
+            successThreshold: 1
+            # The probe will fail if it does not respond in 10 seconds
+            timeoutSeconds: 10
+          readinessProbe:
+            # The /readiness probe returns OK when the proxy can establish
+            # a new connections to its databases.
+            httpGet:
+              path: /readiness
+              port: 9801
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 10
+            # Number of times the probe must report success to transition from failure to healthy state.
+            # Defaults to 1 for readiness probe.
+            successThreshold: 1
+            failureThreshold: 6
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          {{- with .Values.volumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}

.github/helm/affine/charts/gcloud-sql-proxy/templates/service.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.global.database.gcloud.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "gcloud-sql-proxy.fullname" . }}
+  labels:
+    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.global.database.port }}
+      targetPort: cloud-sql-proxy
+      protocol: TCP
+      name: cloud-sql-proxy
+  selector:
+    {{- include "gcloud-sql-proxy.selectorLabels" . | nindent 4 }}
+{{- end }}

.github/helm/affine/charts/gcloud-sql-proxy/templates/serviceaccount.yaml

@@ -0,0 +1,15 @@
+{{- if .Values.global.database.gcloud.enabled -}}
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "gcloud-sql-proxy.serviceAccountName" . }}
+  labels:
+    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}
+{{- end }}

.github/helm/affine/charts/gcloud-sql-proxy/templates/tests/test-connection.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.global.database.gcloud.enabled -}}
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "gcloud-sql-proxy.fullname" . }}-test-connection"
+  labels:
+    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "gcloud-sql-proxy.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
+{{- end }}

.github/helm/affine/charts/gcloud-sql-proxy/values.yaml

@@ -0,0 +1,40 @@
+replicaCount: 3
+
+image:
+  # the tag is defined as chart appVersion.
+  repository: gcr.io/cloud-sql-connectors/cloud-sql-proxy
+  pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  create: true
+  automount: true
+  annotations: {}
+  name: ""
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext:
+  fsGroup: 2000
+
+securityContext:
+  runAsNonRoot: true
+
+service:
+  type: ClusterIP
+  port: 5432
+
+resources:
+  limits:
+    memory: "4Gi"
+    cpu: "2"
+
+volumes: []
+volumeMounts: []
+nodeSelector: {}
+tolerations: []
+affinity: {}

.github/helm/affine/charts/graphql/Chart.yaml

@@ -3,4 +3,9 @@ name: graphql
 description: AFFiNE GraphQL server
 type: application
 version: 0.0.0
-appVersion: '0.7.0-canary.18'
+appVersion: "0.11.0"
+dependencies:
+  - name: gcloud-sql-proxy
+    version: 0.0.0
+    repository: "file://../gcloud-sql-proxy"
+    condition: .global.database.gcloud.enabled

.github/helm/affine/charts/graphql/templates/captcha-secret.yaml

@@ -0,0 +1,9 @@
+{{- if .Values.app.captcha.enabled -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ .Values.app.captcha.secretName }}"
+type: Opaque
+data:
+  turnstileSecret: {{ .Values.app.captcha.turnstile.secret | b64enc }}
+{{- end }}

.github/helm/affine/charts/graphql/templates/deployment.yaml

@@ -35,6 +35,8 @@ spec:
                 key: key
           - name: NODE_ENV
             value: "{{ .Values.env }}"
+          - name: NODE_OPTIONS
+            value: "--max-old-space-size=4096"
           - name: NO_COLOR
             value: "1"
           - name: SERVER_FLAVOR
@@ -73,6 +75,10 @@ spec:
             value: "{{ .Values.app.host }}"
           - name: ENABLE_R2_OBJECT_STORAGE
             value: "{{ .Values.app.objectStorage.r2.enabled }}"
+          - name: ENABLE_CAPTCHA
+            value: "{{ .Values.app.captcha.enabled }}"
+          - name: FEATURES_EARLY_ACCESS_PREVIEW
+            value: "{{ .Values.app.features.earlyAccessPreview }}"
           - name: OAUTH_EMAIL_SENDER
             valueFrom:
               secretKeyRef:
@@ -98,6 +104,16 @@ spec:
               secretKeyRef:
                 name: "{{ .Values.app.oauth.email.secretName }}"
                 key: password
+          - name: STRIPE_API_KEY
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.app.payment.stripe.secretName }}"
+                key: stripeAPIKey
+          - name: STRIPE_WEBHOOK_KEY
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.app.payment.stripe.secretName }}"
+                key: stripeWebhookKey
           - name: DOC_MERGE_INTERVAL
             value: "{{ .Values.app.doc.mergeInterval }}"
           {{ if .Values.app.experimental.enableJwstCodec }}
@@ -126,6 +142,13 @@ spec:
                 name: "{{ .Values.app.objectStorage.r2.secretName }}"
                 key: bucket
           {{ end }}
+          {{ if .Values.app.captcha.enabled }}
+          - name: CAPTCHA_TURNSTILE_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.app.captcha.secretName }}"
+                key: turnstileSecret
+          {{ end }}
           {{ if .Values.app.oauth.google.enabled }}
           - name: OAUTH_GOOGLE_CLIENT_ID
             valueFrom:
@@ -166,20 +189,6 @@ spec:
             initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
-        {{ if .Values.global.database.gcloud.enabled }}
-        - name: cloud-sql-proxy
-          image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.6.0
-          args:
-            - "--structured-logs"
-            - "--auto-iam-authn"
-            - "{{ .Values.global.database.gcloud.connectionName }}"
-          securityContext:
-            runAsNonRoot: true
-          resources:
-            requests:
-              memory: "2Gi"
-              cpu: "1"
-        {{ end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

.github/helm/affine/charts/graphql/templates/migration.yaml

@@ -16,7 +16,7 @@ spec:
       containers:
       - name: {{ .Chart.Name }}
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-        command: ["yarn", "prisma", "migrate", "deploy"]
+        command: ["yarn", "predeploy"]
         env:
           - name: NODE_ENV
             value: "{{ .Values.env }}"

.github/helm/affine/charts/graphql/templates/monitoring.yaml

@@ -1,13 +0,0 @@
-{{- if .Values.global.gke.enabled -}}
-apiVersion: monitoring.googleapis.com/v1
-kind: PodMonitoring
-metadata:
-  name: "{{ .Chart.Name }}-monitoring"
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: "{{ include "graphql.name" . }}"
-  endpoints:
-    - port: {{ .Values.service.port }}
-      interval: 30s
-{{- end }}

.github/helm/affine/charts/graphql/templates/payment.yml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ .Values.app.payment.stripe.secretName }}"
+type: Opaque
+data:
+  stripeAPIKey: "{{ .Values.app.payment.stripe.apiKey | b64enc }}"
+  stripeWebhookKey: "{{ .Values.app.payment.stripe.webhookKey | b64enc }}"

.github/helm/affine/charts/graphql/values.yaml

@@ -22,6 +22,11 @@ app:
     secretName: jwt-private-key
     # base64 encoded ecdsa private key
     privateKey: ''
+  captcha:
+    enable: false
+    secretName: captcha
+    turnstile:
+      secret: ''
   objectStorage:
     r2:
       enabled: false
@@ -48,6 +53,13 @@ app:
       secretName: oauth-github
       clientId: ''
       clientSecret: ''
+  payment:
+    stripe:
+      secretName: 'stripe'
+      apiKey: ''
+      webhookKey: ''
+  features:
+    earlyAccessPreview: false
 
 serviceAccount:
   create: true
@@ -60,11 +72,8 @@ podSecurityContext:
   fsGroup: 2000
 
 resources:
-  limits:
-    cpu: '4'
-    memory: 8Gi
   requests:
-    cpu: '2'
+    cpu: '4'
     memory: 4Gi
 
 probe:

.github/helm/affine/charts/sync/Chart.yaml

@@ -1,6 +1,11 @@
 apiVersion: v2
 name: sync
-description: A Helm chart for Kubernetes
+description: AFFiNE Sync Server
 type: application
 version: 0.0.0
-appVersion: "0.7.0-canary.18"
+appVersion: "0.11.0"
+dependencies:
+  - name: gcloud-sql-proxy
+    version: 0.0.0
+    repository: "file://../gcloud-sql-proxy"
+    condition: .global.database.gcloud.enabled

.github/helm/affine/charts/sync/templates/deployment.yaml

@@ -82,20 +82,6 @@ spec:
             initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
-        {{ if .Values.global.database.gcloud.enabled }}
-        - name: cloud-sql-proxy
-          image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.6.0
-          args:
-            - "--structured-logs"
-            - "--auto-iam-authn"
-            - "{{ .Values.global.database.gcloud.connectionName }}"
-          securityContext:
-            runAsNonRoot: true
-          resources:
-            requests:
-              memory: "2Gi"
-              cpu:    "1"
-        {{ end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

.github/helm/affine/charts/sync/templates/monitoring.yaml

@@ -1,13 +0,0 @@
-{{- if .Values.global.gke.enabled -}}
-apiVersion: monitoring.googleapis.com/v1
-kind: PodMonitoring
-metadata:
-  name: "{{ .Chart.Name }}-monitoring"
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: "{{ include "sync.name" . }}"
-  endpoints:
-    - port: {{ .Values.service.port }}
-      interval: 30s
-{{- end }}

.github/helm/affine/values.yaml

@@ -16,6 +16,8 @@ global:
       cloudSqlInternal: ''
       connectionName: ''
       serviceAccount: ''
+      cloudProxyReplicas: 3
+      proxyPort: '5432'
   redis:
     enabled: true
     host: 'redis-master'

.github/labeler.yml

@@ -1,67 +1,115 @@
 docs:
-  - 'docs/**/*'
-  - '**/README.md'
-  - 'packages/templates/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'docs/**/*'
+          - '**/README.md'
+          - 'packages/frontend/templates/**/*'
 
 test:
-  - 'tests/**/*'
-  - '**/tests/**/*'
-  - '**/__tests__/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'tests/**/*'
+          - '**/tests/**/*'
+          - '**/__tests__/**/*'
 
 mod:dev:
-  - 'scripts/**/*'
-  - 'packages/cli/**/*'
-  - 'packages/debug/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'scripts/**/*'
+          - 'tools/cli/**/*'
+          - 'packages/common/debug/**/*'
 
 mod:plugin:
-  - 'plugins/**/*'
-
-plugin:bookmark-block:
-  - 'plugins/bookmark-block/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/plugins/**/*'
 
 plugin:copilot:
-  - 'plugins/copilot/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/plugins/copilot/**/*'
 
 mod:infra:
-  - 'packages/infra/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/common/infra/**/*'
 
 mod:sdk:
-  - 'packages/sdk/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/common/sdk/**/*'
 
 mod:plugin-cli:
-  - 'packages/plugin-cli/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'tools/plugin-cli/**/*'
 
-mod:workspace: 'packages/workspace/**/*'
+mod:workspace:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/workspace/**/*'
 
-mod:i18n: 'packages/i18n/**/*'
+mod:i18n:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/i18n/**/*'
 
-mod:env: 'packages/env/**/*'
+mod:env:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/common/env/**/*'
 
-mod:hooks: 'packages/hooks/**/*'
+mod:hooks:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/hooks/**/*'
 
-mod:component: 'packages/component/**/*'
+mod:component:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/component/**/*'
 
-mod:storage: 'packages/storage/**/*'
+mod:storage:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/backend/storage/**/*'
 
-mod:native: 'packages/native/**/*'
+mod:native:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/native/**/*'
 
 mod:store:
-  - '**/atoms/**/*'
+  - changed-files:
+      - any-glob-to-any-file:
+          - '**/atoms/**/*'
 
 rust:
-  - '**/*.rs'
-  - '**/Cargo.toml'
-  - '**/Cargo.lock'
-  - '**/rust-toolchain'
-  - '**/rust-toolchain.toml'
-  - '**/rustfmt.toml'
+  - changed-files:
+      - any-glob-to-any-file:
+          - '**/*.rs'
+          - '**/Cargo.toml'
+          - '**/Cargo.lock'
+          - '**/rust-toolchain'
+          - '**/rust-toolchain.toml'
+          - '**/rustfmt.toml'
 
-package:y-indexeddb: 'packages/y-indexeddb/**/*'
+package:y-indexeddb:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/common/y-indexeddb/**/*'
 
-app:core: 'apps/core/**/*'
+app:core:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/core/**/*'
 
-app:electron: 'apps/electron/**/*'
+app:electron:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/frontend/electron/**/*'
 
-app:server: 'apps/server/**/*'
-
-app:docs: 'apps/docs/**/*'
+app:server:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'packages/backend/server/**/*'

.github/renovate.json

@@ -0,0 +1,53 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base",
+    "group:allNonMajor",
+    ":preserveSemverRanges",
+    ":disablePeerDependencies"
+  ],
+  "labels": ["dependencies"],
+  "packageRules": [
+    {
+      "matchPackageNames": ["napi", "napi-build", "napi-derive"],
+      "groupName": "napi-rs"
+    },
+    {
+      "matchPackagePatterns": ["^eslint", "^@typescript-eslint"],
+      "groupName": "linter"
+    },
+    {
+      "matchPackagePatterns": ["^@nestjs"],
+      "groupName": "nestjs"
+    },
+    {
+      "matchPackagePatterns": ["^@opentelemetry"],
+      "groupName": "opentelemetry"
+    },
+    {
+      "matchPackageNames": [
+        "@prisma/client",
+        "@prisma/instrumentation",
+        "prisma"
+      ],
+      "groupName": "prisma"
+    },
+    {
+      "matchPackagePatterns": ["^@electron-forge"],
+      "groupName": "electron-forge"
+    },
+    {
+      "matchPackagePatterns": ["^@blocksuite"],
+      "excludePackageNames": ["@blocksuite/icons"],
+      "followTag": "nightly"
+    }
+  ],
+  "commitMessagePrefix": "chore: ",
+  "commitMessageAction": "bump up",
+  "commitMessageTopic": "{{depName}} version",
+  "ignoreDeps": [],
+  "lockFileMaintenance": {
+    "enabled": true,
+    "extends": ["schedule:weekly"]
+  }
+}

.github/workflows/auto-labeler.yml

@@ -9,4 +9,5 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/labeler@v4
+      - uses: actions/checkout@v4
+      - uses: actions/labeler@v5

.github/workflows/build-desktop.yml

@@ -1,173 +0,0 @@
-name: Build(Desktop) & Test
-
-on:
-  push:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/build-desktop.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-  pull_request:
-  merge_group:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/build-desktop.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-
-env:
-  DEBUG: napi:*
-  BUILD_TYPE: canary
-  APP_NAME: affine
-  COVERAGE: true
-  DISTRIBUTION: desktop
-  MACOSX_DEPLOYMENT_TARGET: '10.13'
-  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-jobs:
-  build-core:
-    name: Build @affine/core
-    runs-on: ubuntu-latest
-    environment: development
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Build Plugins
-        run: yarn run build:plugins
-      - name: Build Core
-        run: yarn nx build @affine/core
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: core
-          path: ./apps/core/dist
-          if-no-files-found: error
-
-  desktop-test:
-    name: Desktop Test
-    runs-on: ${{ matrix.spec.os }}
-    environment: development
-    strategy:
-      fail-fast: false
-      # all combinations: macos-latest x64, macos-latest arm64, windows-latest x64, ubuntu-latest x64
-      matrix:
-        spec:
-          - {
-              os: macos-latest,
-              platform: macos,
-              arch: x64,
-              target: x86_64-apple-darwin,
-              test: true,
-            }
-          - {
-              os: macos-latest,
-              platform: macos,
-              arch: arm64,
-              target: aarch64-apple-darwin,
-              test: false,
-            }
-          - {
-              os: ubuntu-latest,
-              platform: linux,
-              arch: x64,
-              target: x86_64-unknown-linux-gnu,
-              test: true,
-            }
-          - {
-              os: windows-latest,
-              platform: windows,
-              arch: x64,
-              target: x86_64-pc-windows-msvc,
-              test: true,
-            }
-    needs: build-core
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        timeout-minutes: 10
-        with:
-          playwright-install: true
-          hard-link-nm: false
-
-      - name: Build AFFiNE native
-        uses: ./.github/actions/build-rust
-        with:
-          target: ${{ matrix.spec.target }}
-          package: '@affine/native'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Run unit tests
-        if: ${{ matrix.spec.test }}
-        shell: bash
-        run: yarn vitest
-        working-directory: ./apps/electron
-
-      - name: Download core artifact
-        uses: actions/download-artifact@v3
-        with:
-          name: core
-          path: apps/electron/resources/web-static
-
-      - name: Build Plugins
-        run: yarn run build:plugins
-
-      - name: Build Desktop Layers
-        run: yarn workspace @affine/electron build
-
-      - name: Run desktop tests
-        if: ${{ matrix.spec.test && matrix.spec.os == 'ubuntu-latest' }}
-        run: xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine-test/affine-desktop e2e
-        env:
-          COVERAGE: true
-
-      - name: Run desktop tests
-        if: ${{ matrix.spec.test && matrix.spec.os != 'ubuntu-latest' }}
-        run: yarn workspace @affine-test/affine-desktop e2e
-        env:
-          COVERAGE: true
-
-      - name: Make bundle
-        if: ${{ matrix.spec.os == 'macos-latest' && matrix.spec.arch == 'arm64' }}
-        env:
-          SKIP_BUNDLE: true
-        run: yarn workspace @affine/electron make --platform=darwin --arch=arm64
-
-      - name: Output check
-        if: ${{ matrix.spec.os == 'macos-latest' && matrix.spec.arch == 'arm64' }}
-        run: |
-          yarn ts-node-esm ./scripts/macos-arm64-output-check.mts
-        working-directory: apps/electron
-
-      - name: Collect code coverage report
-        if: ${{ matrix.spec.test }}
-        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
-
-      - name: Upload e2e test coverage results
-        if: ${{ matrix.spec.test }}
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/lcov.info
-          flags: e2etest-${{ matrix.spec.os }}-${{ matrix.spec.arch }}
-          name: affine
-          fail_ci_if_error: false
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-${{ matrix.spec.os }}-${{ matrix.spec.arch }}
-          path: ./test-results
-          if-no-files-found: ignore

.github/workflows/build-server.yml

@@ -1,310 +0,0 @@
-name: Build(Server) & Test
-
-on:
-  push:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/build-server.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-  pull_request:
-  merge_group:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/build-server.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-
-env:
-  DEBUG: napi:*
-  BUILD_TYPE: canary
-  APP_NAME: affine
-  COVERAGE: true
-  DISTRIBUTION: browser
-  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-jobs:
-  build-storage:
-    name: Build Storage
-    runs-on: ubuntu-latest
-    env:
-      RUSTFLAGS: '-C debuginfo=1'
-    environment: development
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Setup Rust
-        uses: ./.github/actions/build-rust
-        with:
-          target: 'x86_64-unknown-linux-gnu'
-          package: '@affine/storage'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Upload storage.node
-        uses: actions/upload-artifact@v3
-        with:
-          name: storage.node
-          path: ./packages/storage/storage.node
-          if-no-files-found: error
-
-  server-test:
-    name: Server Test
-    runs-on: ubuntu-latest
-    environment: development
-    needs: build-storage
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_PASSWORD: affine
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-      mailer:
-        image: mailhog/mailhog
-        ports:
-          - 1025:1025
-          - 8025:8025
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-
-      - name: Initialize database
-        run: |
-          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
-          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
-          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
-        env:
-          PGPASSWORD: affine
-
-      - name: Generate prisma client
-        run: |
-          yarn workspace @affine/server exec prisma generate
-          yarn workspace @affine/server exec prisma db push
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Run init-db script
-        run: yarn workspace @affine/server exec ts-node-esm ./scripts/init-db.ts
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Download storage.node
-        uses: actions/download-artifact@v3
-        with:
-          name: storage.node
-          path: ./apps/server
-
-      - name: Run server tests
-        run: yarn workspace @affine/server test:coverage
-        env:
-          CARGO_TARGET_DIR: '${{ github.workspace }}/target'
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Upload server test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./apps/server/.coverage/lcov.info
-          flags: server-test
-          name: affine
-          fail_ci_if_error: false
-
-  server-e2e-test:
-    name: Server E2E Test
-    runs-on: ubuntu-latest
-    environment: development
-    needs: build-storage
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_PASSWORD: affine
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-      mailer:
-        image: mailhog/mailhog
-        ports:
-          - 1025:1025
-          - 8025:8025
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-
-      - name: Initialize database
-        run: |
-          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
-          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
-          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
-        env:
-          PGPASSWORD: affine
-
-      - name: Generate prisma client
-        run: |
-          yarn workspace @affine/server exec prisma generate
-          yarn workspace @affine/server exec prisma db push
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Run init-db script
-        run: yarn workspace @affine/server exec ts-node-esm ./scripts/init-db.ts
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Download storage.node
-        uses: actions/download-artifact@v3
-        with:
-          name: storage.node
-          path: ./apps/server
-
-      - name: Run playwright tests
-        run: xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine-test/affine-cloud e2e --forbid-only
-        env:
-          COVERAGE: true
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Collect code coverage report
-        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
-
-      - name: Upload e2e test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/lcov.info
-          flags: server-e2etest
-          name: affine
-          fail_ci_if_error: false
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-server
-          path: ./tests/affine-cloud/test-results
-          if-no-files-found: ignore
-
-  server-desktop-e2e-test:
-    name: Server Desktop E2E Test
-    runs-on: ubuntu-latest
-    environment: development
-    needs: build-storage
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_PASSWORD: affine
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-      mailer:
-        image: mailhog/mailhog
-        ports:
-          - 1025:1025
-          - 8025:8025
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          hard-link-nm: false
-
-      - name: Build AFFiNE native
-        uses: ./.github/actions/build-rust
-        with:
-          target: x86_64-unknown-linux-gnu
-          package: '@affine/native'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-      - name: Initialize database
-        run: |
-          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
-          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
-          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
-        env:
-          PGPASSWORD: affine
-
-      - name: Generate prisma client
-        run: |
-          yarn exec prisma generate
-          yarn exec prisma db push
-        working-directory: apps/server
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Run init-db script
-        run: yarn exec ts-node-esm ./scripts/init-db.ts
-        working-directory: apps/server
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Download storage.node
-        uses: actions/download-artifact@v3
-        with:
-          name: storage.node
-          path: ./apps/server
-
-      - name: Build Plugins
-        run: yarn run build:plugins
-
-      - name: Build Desktop Layers
-        run: yarn workspace @affine/electron build:dev
-
-      - name: Run playwright tests
-        run: xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" yarn workspace @affine-test/affine-desktop-cloud e2e
-        env:
-          COVERAGE: true
-          DEV_SERVER_URL: http://localhost:8080
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-          ENABLE_LOCAL_EMAIL: true
-
-      - name: Collect code coverage report
-        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
-
-      - name: Upload e2e test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/lcov.info
-          flags: server-e2etest
-          name: affine
-          fail_ci_if_error: false
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-server
-          path: ./tests/affine-cloud/test-results
-          if-no-files-found: ignore

.github/workflows/build-test.yml

@@ -0,0 +1,603 @@
+name: Build & Test
+
+on:
+  push:
+    branches:
+      - canary
+      - v[0-9]+.[0-9]+.x-staging
+      - v[0-9]+.[0-9]+.x
+    paths-ignore:
+      - README.md
+  pull_request:
+
+env:
+  DEBUG: napi:*
+  BUILD_TYPE: canary
+  APP_NAME: affine
+  AFFINE_ENV: dev
+  COVERAGE: true
+  MACOSX_DEPLOYMENT_TARGET: '10.13'
+  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+  PLAYWRIGHT_BROWSERS_PATH: ${{ github.workspace }}/node_modules/.cache/ms-playwright
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript', 'typescript']
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+
+          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+      #   If the Autobuild fails above, remove it and uncomment the following three lines.
+      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+      # - run: |
+      #   echo "Run, Build Application using script"
+      #   ./location_of_script_within_repo/buildscript.sh
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run oxlint
+        # oxlint is fast, so wrong code will fail quickly
+        run: yarn dlx $(node -e "console.log(require('./package.json').scripts['lint:ox'].replace('oxlint', 'oxlint@' + require('./package.json').devDependencies.oxlint))")
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          electron-install: false
+          full-cache: true
+      - name: Run i18n codegen
+        run: yarn i18n-codegen gen
+      - name: Run ESLint
+        run: yarn lint:eslint --max-warnings=0
+      - name: Run Prettier
+        # Set nmMode in `actions/setup-node` will modify the .yarnrc.yml
+        run: |
+          git checkout .yarnrc.yml
+          yarn lint:prettier
+      - name: Run Type Check
+        run: yarn typecheck
+
+  check-yarn-binary:
+    name: Check yarn binary
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run check
+        run: |
+          yarn set version $(node -e "console.log(require('./package.json').packageManager.split('@')[1])")
+          git diff --exit-code
+
+  e2e-plugin-test:
+    name: E2E Plugin Test
+    runs-on: ubuntu-latest
+    env:
+      DISTRIBUTION: browser
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+          electron-install: false
+          full-cache: true
+      - name: Run playwright tests
+        run: yarn e2e --forbid-only
+        working-directory: tests/affine-plugin
+        env:
+          COVERAGE: true
+      - name: Collect code coverage report
+        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
+
+      - name: Upload e2e test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./.coverage/lcov.info
+          flags: e2e-plugin-test
+          name: affine
+          fail_ci_if_error: false
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-plugin
+          path: ./test-results
+          if-no-files-found: ignore
+
+  e2e-test:
+    name: E2E Test
+    runs-on: ubuntu-latest
+    env:
+      DISTRIBUTION: browser
+    strategy:
+      fail-fast: false
+      matrix:
+        shard: [1, 2, 3, 4, 5]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+          electron-install: false
+          full-cache: true
+
+      - name: Run playwright tests
+        run: yarn workspace @affine-test/affine-local e2e --forbid-only --shard=${{ matrix.shard }}/${{ strategy.job-total }}
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-${{ matrix.shard }}
+          path: ./test-results
+          if-no-files-found: ignore
+
+  e2e-migration-test:
+    name: E2E Migration Test
+    runs-on: ubuntu-latest
+    env:
+      DISTRIBUTION: browser
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+          electron-install: false
+          full-cache: true
+
+      - name: Run playwright tests
+        run: yarn workspace @affine-test/affine-migration e2e --forbid-only
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-migration
+          path: ./tests/affine-migration/test-results
+          if-no-files-found: ignore
+
+  unit-test:
+    name: Unit Test
+    runs-on: ubuntu-latest
+    needs:
+      - build-native
+    env:
+      DISTRIBUTION: browser
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          electron-install: false
+          full-cache: true
+
+      - name: Download affine.linux-x64-gnu.node
+        uses: actions/download-artifact@v3
+        with:
+          name: affine.linux-x64-gnu.node
+          path: ./packages/frontend/native
+
+      - name: Unit Test
+        run: yarn nx test:coverage @affine/monorepo
+
+      - name: Upload unit test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./.coverage/store/lcov.info
+          flags: unittest
+          name: affine
+          fail_ci_if_error: false
+
+  build-native:
+    name: Build AFFiNE native (${{ matrix.spec.target }})
+    runs-on: ${{ matrix.spec.os }}
+    env:
+      CARGO_PROFILE_RELEASE_DEBUG: '1'
+    strategy:
+      fail-fast: false
+      matrix:
+        spec:
+          - { os: ubuntu-latest, target: x86_64-unknown-linux-gnu }
+          - { os: windows-latest, target: x86_64-pc-windows-msvc }
+          - { os: macos-latest, target: x86_64-apple-darwin }
+          - { os: macos-latest, target: aarch64-apple-darwin }
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          extra-flags: workspaces focus @affine/native
+          electron-install: false
+          build-infra: false
+          build-plugins: false
+      - name: Setup filename
+        id: filename
+        shell: bash
+        run: |
+          export PLATFORM_ARCH_ABI=$(node -e "console.log(require('@napi-rs/cli').parseTriple('${{ matrix.spec.target }}').platformArchABI)")
+          echo "filename=affine.$PLATFORM_ARCH_ABI.node" >> "$GITHUB_OUTPUT"
+      - name: Build AFFiNE native
+        uses: ./.github/actions/build-rust
+        with:
+          target: ${{ matrix.spec.target }}
+          package: '@affine/native'
+          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+      - name: Upload ${{ steps.filename.outputs.filename }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ steps.filename.outputs.filename }}
+          path: ./packages/frontend/native/${{ steps.filename.outputs.filename }}
+          if-no-files-found: error
+
+  build-storage:
+    name: Build Storage
+    runs-on: ubuntu-latest
+    env:
+      CARGO_PROFILE_RELEASE_DEBUG: '1'
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          extra-flags: workspaces focus @affine/storage
+          electron-install: false
+          build-infra: false
+          build-plugins: false
+      - name: Build Rust
+        uses: ./.github/actions/build-rust
+        with:
+          target: 'x86_64-unknown-linux-gnu'
+          package: '@affine/storage'
+          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+      - name: Upload storage.node
+        uses: actions/upload-artifact@v3
+        with:
+          name: storage.node
+          path: ./packages/backend/storage/storage.node
+          if-no-files-found: error
+
+  build-core:
+    name: Build @affine/core
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          electron-install: false
+          build-plugins: false
+          full-cache: true
+      - name: Build Core
+        # always skip cache because its fast, and cache configuration is always changing
+        run: yarn nx build @affine/core --skip-nx-cache
+      - name: zip core
+        run: tar -czf dist.tar.gz --directory=packages/frontend/core/dist .
+      - name: Upload core artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: core
+          path: dist.tar.gz
+          if-no-files-found: error
+
+  server-test:
+    name: Server Test
+    runs-on: ubuntu-latest
+    needs: build-storage
+    env:
+      DISTRIBUTION: browser
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_PASSWORD: affine
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+      mailer:
+        image: mailhog/mailhog
+        ports:
+          - 1025:1025
+          - 8025:8025
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          electron-install: false
+          full-cache: true
+
+      - name: Initialize database
+        run: |
+          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
+          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
+          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
+        env:
+          PGPASSWORD: affine
+
+      - name: Generate prisma client
+        run: |
+          yarn workspace @affine/server exec prisma generate
+          yarn workspace @affine/server exec prisma db push
+        env:
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+
+      - name: Run init-db script
+        run: |
+          yarn workspace @affine/server data-migration run
+          yarn workspace @affine/server exec node --loader ts-node/esm/transpile-only ./scripts/init-db.ts
+        env:
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+
+      - name: Download storage.node
+        uses: actions/download-artifact@v3
+        with:
+          name: storage.node
+          path: ./packages/backend/server
+
+      - name: Run server tests
+        run: yarn workspace @affine/server test:coverage
+        env:
+          CARGO_TARGET_DIR: '${{ github.workspace }}/target'
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+
+      - name: Upload server test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./packages/backend/server/.coverage/lcov.info
+          flags: server-test
+          name: affine
+          fail_ci_if_error: false
+
+  server-e2e-test:
+    name: ${{ matrix.tests.name }}
+    runs-on: ubuntu-latest
+    env:
+      DISTRIBUTION: browser
+      DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+    strategy:
+      fail-fast: false
+      matrix:
+        tests:
+          - name: 'Server E2E Test 1/3'
+            script: yarn workspace @affine-test/affine-cloud e2e --forbid-only --shard=1/3
+          - name: 'Server E2E Test 2/3'
+            script: yarn workspace @affine-test/affine-cloud e2e --forbid-only --shard=2/3
+          - name: 'Server E2E Test 3/3'
+            script: yarn workspace @affine-test/affine-cloud e2e --forbid-only --shard=3/3
+          - name: 'Server Desktop E2E Test'
+            script: |
+              yarn workspace @affine/electron build:dev
+              xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine-test/affine-desktop-cloud e2e
+    needs:
+      - build-storage
+      - build-native
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_PASSWORD: affine
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+      mailer:
+        image: mailhog/mailhog
+        ports:
+          - 1025:1025
+          - 8025:8025
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+          hard-link-nm: false
+
+      - name: Initialize database
+        run: |
+          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
+          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
+          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
+        env:
+          PGPASSWORD: affine
+
+      - name: Generate prisma client
+        run: |
+          yarn workspace @affine/server exec prisma generate
+          yarn workspace @affine/server exec prisma db push
+        env:
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+
+      - name: Run init-db script
+        run: |
+          yarn workspace @affine/server data-migration run
+          yarn workspace @affine/server exec node --loader ts-node/esm/transpile-only ./scripts/init-db.ts
+      - name: Download storage.node
+        uses: actions/download-artifact@v3
+        with:
+          name: storage.node
+          path: ./packages/backend/server
+
+      - name: Download affine.linux-x64-gnu.node
+        uses: actions/download-artifact@v3
+        with:
+          name: affine.linux-x64-gnu.node
+          path: ./packages/frontend/native
+
+      - name: ${{ matrix.tests.name }}
+        run: |
+          ${{ matrix.tests.script }}
+        env:
+          DEV_SERVER_URL: http://localhost:8080
+          ENABLE_LOCAL_EMAIL: true
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-server
+          path: ./tests/affine-cloud/test-results
+          if-no-files-found: ignore
+
+  desktop-test:
+    name: Desktop Test (${{ matrix.spec.os }}, ${{ matrix.spec.platform }}, ${{ matrix.spec.arch }}, ${{ matrix.spec.target }}, ${{ matrix.spec.test }})
+    runs-on: ${{ matrix.spec.os }}
+    strategy:
+      fail-fast: false
+      # all combinations: macos-latest x64, macos-latest arm64, windows-latest x64, ubuntu-latest x64
+      matrix:
+        spec:
+          - {
+              os: macos-latest,
+              platform: macos,
+              arch: x64,
+              target: x86_64-apple-darwin,
+              test: true,
+            }
+          - {
+              os: macos-latest,
+              platform: macos,
+              arch: arm64,
+              target: aarch64-apple-darwin,
+              test: false,
+            }
+          - {
+              os: ubuntu-latest,
+              platform: linux,
+              arch: x64,
+              target: x86_64-unknown-linux-gnu,
+              test: true,
+            }
+          - {
+              os: windows-latest,
+              platform: windows,
+              arch: x64,
+              target: x86_64-pc-windows-msvc,
+              test: true,
+            }
+    needs:
+      - build-core
+      - build-native
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        timeout-minutes: 10
+        with:
+          extra-flags: workspaces focus @affine/electron @affine/monorepo @affine-test/affine-desktop
+          playwright-install: true
+          hard-link-nm: false
+          enableScripts: false
+
+      - name: Setup filename
+        id: filename
+        shell: bash
+        run: |
+          export PLATFORM_ARCH_ABI=$(node -e "console.log(require('@napi-rs/cli').parseTriple('${{ matrix.spec.target }}').platformArchABI)")
+          echo "filename=affine.$PLATFORM_ARCH_ABI.node" >> "$GITHUB_OUTPUT"
+
+      - name: Download ${{ steps.filename.outputs.filename }}
+        uses: actions/download-artifact@v3
+        with:
+          name: ${{ steps.filename.outputs.filename }}
+          path: ./packages/frontend/native
+
+      - name: Run unit tests
+        if: ${{ matrix.spec.test }}
+        shell: bash
+        run: yarn vitest
+        working-directory: packages/frontend/electron
+
+      - name: Download core artifact
+        uses: ./.github/actions/download-core
+        with:
+          path: packages/frontend/electron/resources/web-static
+
+      - name: Build Desktop Layers
+        run: yarn workspace @affine/electron build
+
+      - name: Run desktop tests
+        if: ${{ matrix.spec.test && matrix.spec.os == 'ubuntu-latest' }}
+        run: xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine-test/affine-desktop e2e
+
+      - name: Run desktop tests
+        if: ${{ matrix.spec.test && matrix.spec.os != 'ubuntu-latest' }}
+        run: yarn workspace @affine-test/affine-desktop e2e
+
+      - name: Make bundle
+        if: ${{ matrix.spec.os == 'macos-latest' && matrix.spec.arch == 'arm64' }}
+        env:
+          SKIP_BUNDLE: true
+          SKIP_WEB_BUILD: true
+          HOIST_NODE_MODULES: 1
+        run: yarn workspace @affine/electron package --platform=darwin --arch=arm64
+
+      - name: Output check
+        if: ${{ matrix.spec.os == 'macos-latest' && matrix.spec.arch == 'arm64' }}
+        run: |
+          yarn workspace @affine/electron exec node --loader ts-node/esm/transpile-only ./scripts/macos-arm64-output-check.ts
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-${{ matrix.spec.os }}-${{ matrix.spec.arch }}
+          path: ./test-results
+          if-no-files-found: ignore

.github/workflows/build.yml

@@ -1,285 +0,0 @@
-name: Build & Test
-
-on:
-  push:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/build.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-  pull_request:
-  merge_group:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/build.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-
-env:
-  DEBUG: napi:*
-  BUILD_TYPE: canary
-  APP_NAME: affine
-  AFFINE_ENV: dev
-  COVERAGE: true
-  DISTRIBUTION: browser
-  MACOSX_DEPLOYMENT_TARGET: '10.13'
-  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-jobs:
-  lint:
-    name: Lint
-    runs-on: ubuntu-latest
-    environment: development
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-      - name: Run i18n codegen
-        run: yarn i18n-codegen gen
-      - name: Run ESLint
-        run: yarn lint:eslint --max-warnings=0
-      - name: Run Prettier
-        # Set nmMode in `actions/setup-node` will modify the .yarnrc.yml
-        run: |
-          git checkout .yarnrc.yml
-          yarn lint:prettier
-      - name: Run circular
-        run: yarn circular
-      - name: Run Type Check
-        run: yarn typecheck
-
-  check-yarn-binary:
-    name: Check yarn binary
-    runs-on: ubuntu-latest
-    environment: development
-    steps:
-      - uses: actions/checkout@v3
-      - name: Run check
-        run: |
-          yarn set version $(node -e "console.log(require('./package.json').packageManager.split('@')[1])")
-          git diff --exit-code
-
-  build-prototype:
-    name: Build Prototype
-    runs-on: ubuntu-latest
-    environment: development
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-      - name: Build Prototype
-        run: yarn nx build prototype
-      - name: Upload prototype artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: prototype
-          path: ./apps/prototype/dist
-          if-no-files-found: error
-
-  build-docs:
-    name: Build Docs
-    runs-on: ubuntu-latest
-    environment: development
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-      - run: yarn nx build @affine/docs
-        env:
-          NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-  e2e-plugin-test:
-    name: E2E Plugin Test
-    runs-on: ubuntu-latest
-    environment: development
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          electron-install: false
-      - name: Run playwright tests
-        run: yarn e2e --forbid-only
-        working-directory: tests/affine-plugin
-        env:
-          COVERAGE: true
-      - name: Collect code coverage report
-        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
-
-      - name: Upload e2e test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/lcov.info
-          flags: e2e-plugin-test
-          name: affine
-          fail_ci_if_error: false
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-plugin
-          path: ./test-results
-          if-no-files-found: ignore
-
-  e2e-prototype-test:
-    name: E2E Prototype Test
-    runs-on: ubuntu-latest
-    environment: development
-    needs: build-prototype
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          electron-install: false
-      - name: Download prototype artifact
-        uses: actions/download-artifact@v3
-        with:
-          name: prototype
-          path: ./apps/prototype/dist
-      - name: Run playwright tests
-        run: yarn e2e --forbid-only
-        working-directory: tests/affine-prototype
-        env:
-          COVERAGE: true
-
-      #      - name: Collect code coverage report
-      #        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
-
-      #      - name: Upload e2e test coverage results
-      #        uses: codecov/codecov-action@v3
-      #        with:
-      #          token: ${{ secrets.CODECOV_TOKEN }}
-      #          files: ./.coverage/lcov.info
-      #          flags: e2etest-prototype
-      #          name: affine
-      #          fail_ci_if_error: false
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-prototype
-          path: ./test-results
-          if-no-files-found: ignore
-
-  e2e-test:
-    name: E2E Test
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        shard: [1, 2, 3, 4, 5]
-    environment: development
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          electron-install: false
-
-      - name: Run playwright tests
-        run: yarn e2e --forbid-only --shard=${{ matrix.shard }}/${{ strategy.job-total }}
-        working-directory: tests/affine-local
-        env:
-          COVERAGE: true
-
-      - name: Collect code coverage report
-        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
-
-      - name: Upload e2e test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/lcov.info
-          flags: e2etest
-          name: affine
-          fail_ci_if_error: false
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-${{ matrix.shard }}
-          path: ./test-results
-          if-no-files-found: ignore
-
-  e2e-migration-test:
-    name: E2E Migration Test
-    runs-on: ubuntu-latest
-    environment: development
-    strategy:
-      matrix:
-        spec:
-          - { package: 0.7.0-canary.18 }
-          - { package: 0.8.0-canary.7 }
-          - { package: 0.8.3 }
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          electron-install: false
-
-      - name: Unzip
-        run: yarn unzip
-        working-directory: ./tests/affine-legacy/${{ matrix.spec.package }}
-
-      - name: Run playwright tests
-        run: yarn e2e --forbid-only
-        working-directory: ./tests/affine-legacy/${{ matrix.spec.package }}
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
-        with:
-          name: test-results-e2e-migration-${{ matrix.spec.package }}
-          path: ./tests/affine-legacy/${{ matrix.spec.package }}/test-results
-          if-no-files-found: ignore
-
-  unit-test:
-    name: Unit Test
-    runs-on: ubuntu-latest
-    environment: development
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-
-      - name: Unit Test
-        run: yarn nx test:coverage @affine/monorepo
-
-      - name: Upload unit test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/store/lcov.info
-          flags: unittest
-          name: affine
-          fail_ci_if_error: false

.github/workflows/cache-cleanup.yml

@@ -1,36 +0,0 @@
-# https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#force-deleting-cache-entries
-name: Cleanup caches for closed branches
-
-on:
-  pull_request:
-    types:
-      - closed
-  workflow_dispatch:
-
-jobs:
-  cleanup:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v3
-
-      - name: Cleanup
-        run: |
-          gh extension install actions/gh-actions-cache
-
-          REPO=${{ github.repository }}
-          BRANCH="refs/pull/${{ github.event.pull_request.number }}/merge"
-
-          echo "Fetching list of cache key"
-          cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 )
-
-          ## Setting this to not fail the workflow while deleting cache keys.
-          set +e
-          echo "Deleting caches..."
-          for cacheKey in $cacheKeysForPR
-          do
-              gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
-          done
-          echo "Done"
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/cancel.yml

@@ -1,18 +0,0 @@
-name: Cancel
-on:
-  pull_request_target:
-    types:
-      - edited
-      - synchronize
-
-jobs:
-  cancel:
-    name: 'Cancel Previous Runs'
-    runs-on: ubuntu-latest
-    timeout-minutes: 2
-    steps:
-      - uses: styfle/cancel-workflow-action@0.11.0
-        with:
-          # See https://api.github.com/repos/toeverything/AFFiNE/actions/workflows
-          workflow_id: 44038251, 61883931, 65188160, 66789140
-          access_token: ${{ github.token }}

.github/workflows/codeql.yml

@@ -1,70 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: 'CodeQL'
-
-on:
-  push:
-    branches: [master]
-  pull_request:
-  merge_group:
-    # The branches below must be a subset of the branches above
-    branches: [master]
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: ['javascript']
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-
-      # Initializes the CodeQL tools for scanning.
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
-        with:
-          languages: ${{ matrix.language }}
-          # If you wish to specify custom queries, you can do so here or in a config file.
-          # By default, queries listed here will override any specified in a config file.
-          # Prefix the list here with "+" to use these queries and those in the config file.
-
-          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-          # queries: security-extended,security-and-quality
-
-      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
-
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
-      #   If the Autobuild fails above, remove it and uncomment the following three lines.
-      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
-      # - run: |
-      #   echo "Run, Build Application using script"
-      #   ./location_of_script_within_repo/buildscript.sh
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2

.github/workflows/deploy-automatically.yml

@@ -0,0 +1,27 @@
+name: Deploy Automatically
+
+on:
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+-canary.[0-9]+'
+  schedule:
+    - cron: '0 9 * * *'
+
+jobs:
+  dispatch-deploy:
+    runs-on: ubuntu-latest
+    name: Setup Deploy
+    steps:
+      - name: dispatch deploy by tag
+        if: ${{ github.event_name == 'push' }}
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: deploy.yml
+          inputs: '{ "flavor": "canary" }'
+      - name: dispatch deploy by schedule
+        if: ${{ github.event_name == 'schedule' }}
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: deploy.yml
+          inputs: '{ "flavor": "canary" }'
+          ref: canary

.github/workflows/deploy.yml

@@ -1,20 +1,18 @@
 name: Deploy
 
 on:
-  push:
-    branches:
-      - master
-    tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+-canary.[0-9]+'
   workflow_dispatch:
     inputs:
       flavor:
-        description: 'Build type (canary, beta, internal or stable)'
-        type: string
+        description: 'Select what enverionment to deploy to'
+        type: choice
         default: canary
-
+        options:
+          - canary
+          - beta
+          - stable
+          - internal
 env:
-  BUILD_TYPE: canary
   APP_NAME: affine
   NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
 
@@ -22,9 +20,11 @@ jobs:
   build-server:
     name: Build Server
     runs-on: ubuntu-latest
-    environment: ${{ github.event.inputs.flavor }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
       - name: Setup Node.js
         uses: ./.github/actions/setup-node
         with:
@@ -35,45 +35,54 @@ jobs:
         uses: actions/upload-artifact@v3
         with:
           name: server-dist
-          path: ./apps/server/dist
+          path: ./packages/backend/server/dist
           if-no-files-found: error
   build-core:
     name: Build @affine/core
     runs-on: ubuntu-latest
-    environment: production
-
+    environment: ${{ github.event.inputs.flavor }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
       - name: Setup Node.js
         uses: ./.github/actions/setup-node
       - name: Build Plugins
         run: yarn run build:plugins
       - name: Build Core
-        run: yarn nx build @affine/core
+        run: yarn nx build @affine/core --skip-nx-cache
         env:
           R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }}
           R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
           R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
-          BUILD_TYPE_OVERRIDE: ${{ github.event.inputs.flavor }}
+          BUILD_TYPE: ${{ github.event.inputs.flavor }}
           SHOULD_REPORT_TRACE: true
           TRACE_REPORT_ENDPOINT: ${{ secrets.TRACE_REPORT_ENDPOINT }}
+          CAPTCHA_SITE_KEY: ${{ secrets.CAPTCHA_SITE_KEY }}
+          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
+          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
       - name: Upload core artifact
         uses: actions/upload-artifact@v3
         with:
           name: core
-          path: ./apps/core/dist
+          path: ./packages/frontend/core/dist
           if-no-files-found: error
 
   build-storage:
     name: Build Storage
     runs-on: ubuntu-latest
-    environment: ${{ github.event.inputs.flavor }}
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
       - name: Setup Node.js
         uses: ./.github/actions/setup-node
-      - name: Setup Rust
+      - name: Build Rust
         uses: ./.github/actions/build-rust
         with:
           target: 'x86_64-unknown-linux-gnu'
@@ -83,34 +92,65 @@ jobs:
         uses: actions/upload-artifact@v3
         with:
           name: storage.node
-          path: ./packages/storage/storage.node
+          path: ./packages/backend/storage/storage.node
+          if-no-files-found: error
+
+  build-storage-arm64:
+    name: Build Storage arm64
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: Build Rust
+        uses: ./.github/actions/build-rust
+        with:
+          target: 'aarch64-unknown-linux-gnu'
+          package: '@affine/storage'
+          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+      - name: Upload storage.node
+        uses: actions/upload-artifact@v3
+        with:
+          name: storage.arm64.node
+          path: ./packages/backend/storage/storage.node
           if-no-files-found: error
 
   build-docker:
     name: Build Docker
     runs-on: ubuntu-latest
-    environment: ${{ github.event.inputs.flavor }}
     needs:
       - build-server
       - build-core
       - build-storage
+      - build-storage-arm64
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Download core artifact
         uses: actions/download-artifact@v3
         with:
           name: core
-          path: ./apps/core/dist
+          path: ./packages/frontend/core/dist
       - name: Download server dist
         uses: actions/download-artifact@v3
         with:
           name: server-dist
-          path: ./apps/server/dist
+          path: ./packages/backend/server/dist
       - name: Download storage.node
         uses: actions/download-artifact@v3
         with:
           name: storage.node
-          path: ./apps/server
+          path: ./packages/backend/server
+      - name: Download storage.node arm64
+        uses: actions/download-artifact@v3
+        with:
+          name: storage.arm64.node
+          path: ./packages/backend/storage
+      - name: move storage.arm64.node
+        run: mv ./packages/backend/storage/storage.node ./packages/backend/server/storage.arm64.node
       - name: Setup env
         run: |
           echo "GIT_SHORT_HASH=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
@@ -122,18 +162,18 @@ jobs:
           fi
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           logout: false
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
       - name: Build front Dockerfile
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           push: true
@@ -146,20 +186,22 @@ jobs:
       # setup node without cache configuration
       # Prisma cache is not compatible with docker build cache
       - name: Setup Node.js
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version-file: '.nvmrc'
           registry-url: https://npm.pkg.github.com
           scope: '@toeverything'
 
       - name: Install Node.js dependencies
-        run: yarn workspaces focus @affine/server --production
+        run: |
+          yarn config set --json supportedArchitectures.cpu '["x64", "arm64"]'
+          yarn workspaces focus @affine/server --production
 
       - name: Generate Prisma client
         run: yarn workspace @affine/server prisma generate
 
       - name: Build graphql Dockerfile
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           push: true
@@ -167,11 +209,11 @@ jobs:
           platforms: linux/amd64,linux/arm64
           provenance: true
           file: .github/deployment/node/Dockerfile
-          tags: ghcr.io/toeverything/affine-graphql:${{env.RELEASE_FLAVOR}}-${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-front:${{env.RELEASE_FLAVOR}}
+          tags: ghcr.io/toeverything/affine-graphql:${{env.RELEASE_FLAVOR}}-${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-graphql:${{env.RELEASE_FLAVOR}}
 
   deploy:
     name: Deploy to cluster
-    if: ${{ github.event_name == 'workflow_dispatch' || github.ref_type == 'tag' }}
+    if: ${{ github.event_name == 'workflow_dispatch' }}
     environment: ${{ github.event.inputs.flavor }}
     permissions:
       contents: 'write'
@@ -180,8 +222,11 @@ jobs:
       - build-docker
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - name: Deploy to dev
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
+      - name: Deploy to ${{ github.event.inputs.flavor }}
         uses: ./.github/actions/deploy
         with:
           build-type: ${{ github.event.inputs.flavor }}
@@ -191,12 +236,15 @@ jobs:
           cluster-name: ${{ secrets.GCP_CLUSTER_NAME }}
           cluster-location: ${{ secrets.GCP_CLUSTER_LOCATION }}
         env:
+          APP_VERSION: ${{ steps.version.outputs.APP_VERSION }}
           DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
           CANARY_DEPLOY_HOST: ${{ secrets.CANARY_DEPLOY_HOST }}
           R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }}
           R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
           R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
           R2_BUCKET: ${{ secrets.R2_BUCKET }}
+          ENABLE_CAPTCHA: true
+          CAPTCHA_TURNSTILE_SECRET: ${{ secrets.CAPTCHA_TURNSTILE_SECRET }}
           OAUTH_EMAIL_SENDER: ${{ secrets.OAUTH_EMAIL_SENDER }}
           OAUTH_EMAIL_LOGIN: ${{ secrets.OAUTH_EMAIL_LOGIN }}
           OAUTH_EMAIL_PASSWORD: ${{ secrets.OAUTH_EMAIL_PASSWORD }}
@@ -212,3 +260,6 @@ jobs:
           REDIS_HOST: ${{ secrets.REDIS_HOST }}
           REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }}
           CLOUD_SQL_IAM_ACCOUNT: ${{ secrets.CLOUD_SQL_IAM_ACCOUNT }}
+          STRIPE_API_KEY: ${{ secrets.STRIPE_API_KEY }}
+          STRIPE_WEBHOOK_KEY: ${{ secrets.STRIPE_WEBHOOK_KEY }}
+          STATIC_IP_NAME: ${{ secrets.STATIC_IP_NAME }}

.github/workflows/helm-releaser.yml

@@ -2,7 +2,7 @@ name: Release Charts
 
 on:
   push:
-    branches: [master]
+    branches: [canary]
     paths:
       - '.github/helm/**/Chart.yml'
 
@@ -11,12 +11,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Checkout Helm chart repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: toeverything/helm-charts
           path: .helm-chart-repo

.github/workflows/label-checker.yml

@@ -6,7 +6,7 @@ on:
       - labeled
       - unlabeled
     branches:
-      - master
+      - canary
 
 jobs:
   check_labels:

.github/workflows/languages-sync.yml

@@ -2,15 +2,15 @@ name: Languages Sync
 
 on:
   push:
-    branches: ['master']
+    branches: ['canary']
     paths:
-      - 'packages/i18n/**'
+      - 'packages/frontend/i18n/**'
       - '.github/workflows/languages-sync.yml'
       - '!.github/actions/setup-node/action.yml'
   pull_request_target:
-    branches: ['master']
+    branches: ['canary']
     paths:
-      - 'packages/i18n/**'
+      - 'packages/frontend/i18n/**'
       - '.github/workflows/languages-sync.yml'
       - '!.github/actions/setup-node/action.yml'
   workflow_dispatch:
@@ -19,17 +19,17 @@ jobs:
   main:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Node.js
         uses: ./.github/actions/setup-node
       - name: Check Language Key
-        if: github.ref != 'refs/heads/master'
+        if: github.ref != 'refs/heads/canary'
         run: yarn workspace @affine/i18n run sync-languages:check
         env:
           TOLGEE_API_KEY: ${{ secrets.TOLGEE_API_KEY }}
 
       - name: Sync Languages
-        if: github.ref == 'refs/heads/master'
+        if: github.ref == 'refs/heads/canary'
         run: yarn workspace @affine/i18n run sync-languages
         env:
           TOLGEE_API_KEY: ${{ secrets.TOLGEE_API_KEY }}

.github/workflows/nightly-build.yml

@@ -1,226 +0,0 @@
-name: Build Canary Desktop App on Staging Branch
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      # 0.6.x-staging
-      - v[0-9]+.[0-9]+.x-staging
-      # 0.6.1-staging
-      - v[0-9]+.[0-9]+.[0-9]+-staging
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/nightly-build.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-
-permissions:
-  actions: write
-  contents: write
-  security-events: write
-
-concurrency:
-  # The concurrency group contains the workflow name and the branch name for
-  # pull requests or the commit hash for any other events.
-  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
-  cancel-in-progress: true
-
-env:
-  BUILD_TYPE: internal
-
-jobs:
-  set-build-version:
-    runs-on: ubuntu-latest
-    environment: production
-    outputs:
-      version: 0.0.0-internal.${{ steps.version.outputs.version }}
-    steps:
-      - uses: actions/checkout@v3
-      - uses: toeverything/set-build-version@latest
-      - id: version
-        run: echo ::set-output name=version::${{ env.BUILD_VERSION }}
-
-  before-make:
-    runs-on: ubuntu-latest
-    environment: production
-    needs:
-      - set-build-version
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Setup @sentry/cli
-        uses: ./.github/actions/setup-sentry
-      - name: Replace Version
-        run: ./scripts/set-version.sh ${{ needs.set-build-version.outputs.version }}
-      - name: generate-assets
-        working-directory: apps/electron
-        run: yarn generate-assets
-        env:
-          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
-          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
-          NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }}
-          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-          RELEASE_VERSION: ${{ needs.set-build-version.outputs.version }}
-
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: core
-          path: apps/electron/resources/web-static
-
-  make-distribution:
-    environment: production
-    strategy:
-      # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
-      # For windows, we need a separate approach
-      matrix:
-        spec:
-          - runner: macos-latest
-            platform: darwin
-            arch: x64
-            target: x86_64-apple-darwin
-          - runner: macos-latest
-            platform: darwin
-            arch: arm64
-            target: aarch64-apple-darwin
-          - runner: ubuntu-latest
-            platform: linux
-            arch: x64
-            target: x86_64-unknown-linux-gnu
-          - runner: windows-latest
-            platform: win32
-            arch: x64
-            target: x86_64-pc-windows-msvc
-    runs-on: ${{ matrix.spec.runner }}
-    needs:
-      - before-make
-      - set-build-version
-    env:
-      APPLE_ID: ${{ secrets.APPLE_ID }}
-      APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
-      APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
-      SKIP_GENERATE_ASSETS: 1
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-node
-      - name: Setup Maker
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-maker
-      - name: Build AFFiNE native
-        uses: ./.github/actions/build-rust
-        with:
-          target: ${{ matrix.spec.target }}
-          package: '@affine/native'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Replace Version
-        run: ./scripts/set-version.sh ${{ needs.set-build-version.outputs.version }}
-      - uses: actions/download-artifact@v3
-        with:
-          name: core
-          path: apps/electron/resources/web-static
-
-      - name: Build Plugins
-        run: yarn run build:plugins
-
-      - name: Build Desktop Layers
-        run: yarn workspace @affine/electron build
-
-      - name: Signing By Apple Developer ID
-        if: ${{ matrix.spec.platform == 'darwin' }}
-        uses: apple-actions/import-codesign-certs@v2
-        with:
-          p12-file-base64: ${{ secrets.CERTIFICATES_P12 }}
-          p12-password: ${{ secrets.CERTIFICATES_P12_PASSWORD }}
-
-      - name: make
-        run: yarn workspace @affine/electron make --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
-
-      - name: Save artifacts (mac)
-        if: ${{ matrix.spec.platform == 'darwin' }}
-        run: |
-          mkdir -p builds
-          mv apps/electron/out/*/make/*.dmg ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.dmg
-          mv apps/electron/out/*/make/zip/darwin/${{ matrix.spec.arch }}/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.zip
-      - name: Save artifacts (windows)
-        if: ${{ matrix.spec.platform == 'win32' }}
-        run: |
-          mkdir -p builds
-          mv apps/electron/out/*/make/zip/win32/x64/AFFiNE*-win32-x64-*.zip ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.zip
-          mv apps/electron/out/*/make/squirrel.windows/x64/*.exe ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.exe
-          mv apps/electron/out/*/make/squirrel.windows/x64/*.msi ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.msi
-          mv apps/electron/out/*/make/squirrel.windows/x64/*.nupkg ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.nupkg
-
-      - name: Save artifacts (linux)
-        if: ${{ matrix.spec.platform == 'linux' }}
-        run: |
-          mkdir -p builds
-          mv apps/electron/out/*/make/zip/linux/x64/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.zip
-          mv apps/electron/out/*/make/AppImage/x64/*.AppImage ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.AppImage
-
-      - name: Upload Artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: affine-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}-builds
-          path: builds
-
-  release:
-    needs:
-      - make-distribution
-      - set-build-version
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Download Artifacts (macos-x64)
-        uses: actions/download-artifact@v3
-        with:
-          name: affine-darwin-x64-builds
-          path: ./
-      - name: Download Artifacts (macos-arm64)
-        uses: actions/download-artifact@v3
-        with:
-          name: affine-darwin-arm64-builds
-          path: ./
-      - name: Download Artifacts (windows-x64)
-        uses: actions/download-artifact@v3
-        with:
-          name: affine-win32-x64-builds
-          path: ./
-      - name: Download Artifacts (linux-x64)
-        uses: actions/download-artifact@v3
-        with:
-          name: affine-linux-x64-builds
-          path: ./
-      - name: Setup Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 18
-      - name: Generate Release yml
-        run: |
-          cp ./apps/electron/scripts/generate-yml.js .
-          node generate-yml.js
-        env:
-          RELEASE_VERSION: ${{ needs.set-build-version.outputs.version }}
-      - name: Create Release Draft
-        uses: softprops/action-gh-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-        with:
-          repository: 'toeverything/AFFiNE-Releases'
-          name: ${{ needs.set-build-version.outputs.version }}
-          tag_name: ${{ needs.set-build-version.outputs.version }}
-          prerelease: true
-          files: |
-            ./VERSION
-            ./*.zip
-            ./*.dmg
-            ./*.exe
-            ./*.nupkg
-            ./RELEASES
-            ./*.AppImage
-            ./*.apk
-            ./*.yml

.github/workflows/nx.yml

@@ -1,54 +0,0 @@
-name: NX
-
-on:
-  push:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/nx.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-  pull_request:
-  merge_group:
-    branches:
-      - master
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-      - .github/**
-      - '!.github/workflows/nx.yml'
-      - '!.github/actions/build-rust/action.yml'
-      - '!.github/actions/setup-node/action.yml'
-
-jobs:
-  main:
-    name: Nx Cloud - Main Job
-    uses: nrwl/ci/.github/workflows/nx-cloud-main.yml@v0.13.0
-    with:
-      runs-on: macos-latest
-      main-branch-name: master
-      number-of-agents: 5
-      init-commands: |
-        yarn exec nx-cloud start-ci-run --stop-agents-after="build" --agent-count=5
-      environment-variables: |
-        BUILD_TYPE=canary
-      #      parallel-commands: |
-      #        yarn exec nx-cloud record -- yarn exec nx format:check
-      parallel-commands-on-agents: |
-        yarn exec nx affected --target=build --parallel=5
-      timeout: 60
-
-  agents:
-    name: Nx Cloud - Agents
-    uses: nrwl/ci/.github/workflows/nx-cloud-agents.yml@v0.13.0
-    with:
-      runs-on: macos-latest
-      number-of-agents: 5
-      environment-variables: |
-        BUILD_TYPE=canary
-      timeout: 60

.github/workflows/pr-auto-assign.yml

@@ -9,4 +9,4 @@ jobs:
   add-reviews:
     runs-on: ubuntu-latest
     steps:
-      - uses: kentaro-m/auto-assign-action@v1.2.4
+      - uses: kentaro-m/auto-assign-action@v1.2.5

.github/workflows/pr-title-lint.yml

@@ -7,7 +7,7 @@ on:
       - edited
       - synchronize
     branches:
-      - master
+      - canary
 
 permissions:
   contents: read
@@ -17,7 +17,12 @@ jobs:
     name: Check pull request title
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - run: echo "${{ github.event.pull_request.title }}" | npx commitlint -g ./.commitlintrc.json
+        uses: actions/setup-node@v4
+        with:
+          cache: 'yarn'
+          node-version-file: '.nvmrc'
+      - name: Install dependencies
+        run: yarn workspaces focus @affine/commitlint-config
+      - run: echo "${{ github.event.pull_request.title }}" | yarn workspace @affine/commitlint-config commitlint -g ./.commitlintrc.json

.github/workflows/publish-storybook.yml

@@ -7,25 +7,23 @@ on:
   workflow_dispatch:
   push:
     branches:
-      - master
+      - canary
   pull_request:
     branches:
-      - master
+      - canary
     paths-ignore:
       - README.md
       - .github/**
-      - apps/server
-      - apps/docs
-      - apps/electron
+      - packages/backend/server
+      - packages/frontend/electron
       - '!.github/workflows/publish-storybook.yml'
 
 jobs:
   publish-storybook:
     name: Publish Storybook
     runs-on: ubuntu-latest
-    environment: development
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.merge_commit_sha }}
           # This is required to fetch all commits for chromatic
@@ -38,7 +36,7 @@ jobs:
         run: yarn run build:plugins
       - uses: chromaui/action-next@v1
         with:
-          workingDir: apps/storybook
+          workingDir: tests/storybook
           buildScriptName: build
           exitOnceUploaded: true
           onlyChanged: false
@@ -46,7 +44,7 @@ jobs:
         env:
           CHROMATIC_PROJECT_TOKEN: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
           NODE_OPTIONS: ${{ env.NODE_OPTIONS }}
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v3
         if: always()
         with:
           name: chromatic-build-artifacts-${{ github.run_id }}

.github/workflows/release-desktop-automatically.yml

@@ -0,0 +1,27 @@
+name: Release Desktop Automatically
+
+on:
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+-canary.[0-9]+'
+  schedule:
+    - cron: '0 9 * * *'
+
+jobs:
+  dispatch-release-desktop:
+    runs-on: ubuntu-latest
+    name: Setup Release Desktop
+    steps:
+      - name: dispatch desktop release by tag
+        if: ${{ github.event_name == 'push' }}
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: release-desktop.yml
+          inputs: '{ "build-type": "canary", "is-draft": false, "is-pre-release": true }'
+      - name: dispatch desktop release by schedule
+        if: ${{ github.event_name == 'schedule' }}
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: release-desktop.yml
+          inputs: '{ "build-type": "canary", "is-draft": false, "is-pre-release": true }'
+          ref: canary

.github/workflows/release-desktop.yml

@@ -1,15 +1,17 @@
 name: Release Desktop App
 
 on:
-  push:
-    tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+-canary.[0-9]+'
   workflow_dispatch:
     inputs:
-      version:
-        description: App Version
+      build-type:
+        description: 'Build Type'
+        type: choice
         required: true
-        default: 0.0.0
+        default: canary
+        options:
+          - canary
+          - beta
+          - stable
       is-draft:
         description: 'Draft Release?'
         type: boolean
@@ -20,11 +22,6 @@ on:
         type: boolean
         required: true
         default: true
-      build-type:
-        description: 'Build Type (canary, beta or stable)'
-        type: string
-        required: true
-        default: canary
 
 permissions:
   actions: write
@@ -32,7 +29,7 @@ permissions:
   security-events: write
 
 env:
-  BUILD_TYPE: ${{ github.event.inputs.build-type || (github.ref_type == 'tag' && contains(github.ref, 'canary') && 'canary') }}
+  BUILD_TYPE: ${{ github.event.inputs.build-type }}
   DEBUG: napi:*
   APP_NAME: affine
   MACOSX_DEPLOYMENT_TARGET: '10.13'
@@ -40,42 +37,36 @@ env:
 jobs:
   before-make:
     runs-on: ubuntu-latest
-    environment: production
+    environment: ${{ github.event.inputs.build-type }}
     outputs:
-      RELEASE_VERSION: ${{ steps.get-canary-version.outputs.RELEASE_VERSION }}
+      RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
       - name: Setup Node.js
         uses: ./.github/actions/setup-node
       - name: Setup @sentry/cli
         uses: ./.github/actions/setup-sentry
-      - name: Get canary version
-        id: get-canary-version
-        if: ${{ github.ref_type == 'tag' }}
-        run: |
-          TAG_VERSION=${GITHUB_REF#refs/tags/v}
-          PACKAGE_VERSION=$(node -p "require('./apps/electron/package.json').version")
-          if [ "$TAG_VERSION" != "$PACKAGE_VERSION" ]; then
-            echo "Tag version ($TAG_VERSION) does not match package.json version ($PACKAGE_VERSION)"
-            exit 1
-          fi
-          echo "RELEASE_VERSION=$(node -p "require('./apps/electron/package.json').version")" >> $GITHUB_OUTPUT
       - name: generate-assets
         run: yarn workspace @affine/electron generate-assets
         env:
           SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
           SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
           SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-          RELEASE_VERSION: ${{ github.event.inputs.version || steps.get-canary-version.outputs.RELEASE_VERSION }}
+          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+          RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }}
+          SKIP_PLUGIN_BUILD: 'true'
+          SKIP_NX_CACHE: 'true'
 
       - name: Upload core artifact
         uses: actions/upload-artifact@v3
         with:
           name: core
-          path: apps/electron/resources/web-static
+          path: packages/frontend/electron/resources/web-static
 
   make-distribution:
-    environment: production
     strategy:
       # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
       # For windows, we need a separate approach
@@ -101,13 +92,19 @@ jobs:
       APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
       SKIP_GENERATE_ASSETS: 1
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
       - name: Setup Node.js
         timeout-minutes: 10
         uses: ./.github/actions/setup-node
-      - name: Setup Maker
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-maker
+        with:
+          extra-flags: workspaces focus @affine/electron @affine/monorepo
+          hard-link-nm: false
+          build-plugins: false
+          nmHoistingLimits: workspaces
+          enableScripts: false
       - name: Build AFFiNE native
         uses: ./.github/actions/build-rust
         with:
@@ -117,10 +114,7 @@ jobs:
       - uses: actions/download-artifact@v3
         with:
           name: core
-          path: apps/electron/resources/web-static
-
-      - name: Build Plugins
-        run: yarn run build:plugins
+          path: packages/frontend/electron/resources/web-static
 
       - name: Build Desktop Layers
         run: yarn workspace @affine/electron build
@@ -134,19 +128,23 @@ jobs:
 
       - name: make
         run: yarn workspace @affine/electron make --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
+        env:
+          SKIP_PLUGIN_BUILD: 1
+          SKIP_WEB_BUILD: 1
+          HOIST_NODE_MODULES: 1
 
       - name: Save artifacts (mac)
         if: ${{ matrix.spec.platform == 'darwin' }}
         run: |
           mkdir -p builds
-          mv apps/electron/out/*/make/*.dmg ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.dmg
-          mv apps/electron/out/*/make/zip/darwin/${{ matrix.spec.arch }}/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.zip
+          mv packages/frontend/electron/out/*/make/*.dmg ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.dmg
+          mv packages/frontend/electron/out/*/make/zip/darwin/${{ matrix.spec.arch }}/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.zip
       - name: Save artifacts (linux)
         if: ${{ matrix.spec.platform == 'linux' }}
         run: |
           mkdir -p builds
-          mv apps/electron/out/*/make/zip/linux/x64/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.zip
-          mv apps/electron/out/*/make/AppImage/x64/*.AppImage ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.AppImage
+          mv packages/frontend/electron/out/*/make/zip/linux/x64/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.zip
+          mv packages/frontend/electron/out/*/make/AppImage/x64/*.AppImage ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.AppImage
 
       - name: Upload Artifact
         uses: actions/upload-artifact@v3
@@ -155,7 +153,6 @@ jobs:
           path: builds
 
   package-distribution-windows:
-    environment: production
     strategy:
       # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
       # For windows, we need a separate approach
@@ -172,13 +169,18 @@ jobs:
     env:
       SKIP_GENERATE_ASSETS: 1
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - name: Setup Version
+        id: version
+        uses: ./.github/actions/setup-version
       - name: Setup Node.js
         timeout-minutes: 10
         uses: ./.github/actions/setup-node
-      - name: Setup Maker
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-maker
+        with:
+          extra-flags: workspaces focus @affine/electron @affine/monorepo
+          hard-link-nm: false
+          build-plugins: false
+          nmHoistingLimits: workspaces
       - name: Build AFFiNE native
         uses: ./.github/actions/build-rust
         with:
@@ -188,7 +190,7 @@ jobs:
       - uses: actions/download-artifact@v3
         with:
           name: core
-          path: apps/electron/resources/web-static
+          path: packages/frontend/electron/resources/web-static
 
       - name: Build Plugins
         run: yarn run build:plugins
@@ -198,16 +200,20 @@ jobs:
 
       - name: package
         run: yarn workspace @affine/electron package --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
+        env:
+          SKIP_PLUGIN_BUILD: 1
+          SKIP_WEB_BUILD: 1
+          HOIST_NODE_MODULES: 1
 
       - name: get all files to be signed
         id: get_files_to_be_signed
         run: |
-          Set-Variable -Name FILES_TO_BE_SIGNED -Value ((Get-ChildItem -Path apps/electron/out -Recurse -File | Where-Object { $_.Extension -in @(".exe", ".node", ".dll", ".msi") } | ForEach-Object { '"' + $_.FullName.Replace((Get-Location).Path + '\apps\electron\out\', '') + '"' }) -join ' ')
+          Set-Variable -Name FILES_TO_BE_SIGNED -Value ((Get-ChildItem -Path packages/frontend/electron/out -Recurse -File | Where-Object { $_.Extension -in @(".exe", ".node", ".dll", ".msi") } | ForEach-Object { '"' + $_.FullName.Replace((Get-Location).Path + '\packages\frontend\electron\out\', '') + '"' }) -join ' ')
           "FILES_TO_BE_SIGNED=$FILES_TO_BE_SIGNED" >> $env:GITHUB_OUTPUT
           echo $FILES_TO_BE_SIGNED
 
       - name: Zip artifacts for faster upload
-        run: Compress-Archive -CompressionLevel Fastest -Path apps/electron/out/* -DestinationPath archive.zip
+        run: Compress-Archive -CompressionLevel Fastest -Path packages/frontend/electron/out/* -DestinationPath archive.zip
 
       - name: Save packaged artifacts for signing
         uses: actions/upload-artifact@v3
@@ -225,7 +231,6 @@ jobs:
       artifact-name: packaged-win32-x64
 
   make-windows-installer:
-    environment: production
     needs: sign-packaged-artifacts-windows
     strategy:
       # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
@@ -240,7 +245,7 @@ jobs:
     outputs:
       FILES_TO_BE_SIGNED: ${{ steps.get_files_to_be_signed.outputs.FILES_TO_BE_SIGNED }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Node.js
         timeout-minutes: 10
         uses: ./.github/actions/setup-node
@@ -250,18 +255,18 @@ jobs:
           name: signed-packaged-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}
           path: .
       - name: unzip file
-        run: Expand-Archive -Path signed.zip -DestinationPath apps/electron/out
+        run: Expand-Archive -Path signed.zip -DestinationPath packages/frontend/electron/out
 
       - name: Make squirrel.windows installer
         run: yarn workspace @affine/electron make-squirrel --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
 
       - name: Zip artifacts for faster upload
-        run: Compress-Archive -CompressionLevel Fastest -Path apps/electron/out/${{ env.BUILD_TYPE }}/make/* -DestinationPath archive.zip
+        run: Compress-Archive -CompressionLevel Fastest -Path packages/frontend/electron/out/${{ env.BUILD_TYPE }}/make/* -DestinationPath archive.zip
 
       - name: get all files to be signed
         id: get_files_to_be_signed
         run: |
-          Set-Variable -Name FILES_TO_BE_SIGNED -Value ((Get-ChildItem -Path apps/electron/out/${{ env.BUILD_TYPE }}/make -Recurse -File | Where-Object { $_.Extension -in @(".exe", ".node", ".dll", ".msi") } | ForEach-Object { '"' + $_.FullName.Replace((Get-Location).Path + '\apps\electron\out\${{ env.BUILD_TYPE }}\make\', '') + '"' }) -join ' ')
+          Set-Variable -Name FILES_TO_BE_SIGNED -Value ((Get-ChildItem -Path packages/frontend/electron/out/${{ env.BUILD_TYPE }}/make -Recurse -File | Where-Object { $_.Extension -in @(".exe", ".node", ".dll", ".msi") } | ForEach-Object { '"' + $_.FullName.Replace((Get-Location).Path + '\packages\frontend\electron\out\${{ env.BUILD_TYPE }}\make\', '') + '"' }) -join ' ')
           "FILES_TO_BE_SIGNED=$FILES_TO_BE_SIGNED" >> $env:GITHUB_OUTPUT
           echo $FILES_TO_BE_SIGNED
 
@@ -279,7 +284,6 @@ jobs:
       artifact-name: installer-win32-x64
 
   finalize-installer-windows:
-    environment: production
     needs: sign-installer-artifacts-windows
     strategy:
       # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
@@ -298,14 +302,14 @@ jobs:
           name: signed-installer-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}
           path: .
       - name: unzip file
-        run: Expand-Archive -Path signed.zip -DestinationPath apps/electron/out/${{ env.BUILD_TYPE }}/make
+        run: Expand-Archive -Path signed.zip -DestinationPath packages/frontend/electron/out/${{ env.BUILD_TYPE }}/make
 
       - name: Save artifacts
         run: |
           mkdir -p builds
-          mv apps/electron/out/*/make/zip/win32/x64/AFFiNE*-win32-x64-*.zip ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.zip
-          mv apps/electron/out/*/make/squirrel.windows/x64/*.exe ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.exe
-          mv apps/electron/out/*/make/squirrel.windows/x64/*.msi ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.msi
+          mv packages/frontend/electron/out/*/make/zip/win32/x64/AFFiNE*-win32-x64-*.zip ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.zip
+          mv packages/frontend/electron/out/*/make/squirrel.windows/x64/*.exe ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.exe
+          mv packages/frontend/electron/out/*/make/squirrel.windows/x64/*.msi ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.msi
 
       - name: Upload Artifact
         uses: actions/upload-artifact@v3
@@ -318,7 +322,13 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v3
+        with:
+          name: core
+          path: web-static
+      - name: Zip web-static
+        run: zip -r web-static.zip web-static
       - name: Download Artifacts (macos-x64)
         uses: actions/download-artifact@v3
         with:
@@ -339,24 +349,21 @@ jobs:
         with:
           name: affine-linux-x64-builds
           path: ./
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version: 18
       - name: Generate Release yml
         run: |
-          cp ./apps/electron/scripts/generate-yml.js .
-          node generate-yml.js
+          node ./packages/frontend/electron/scripts/generate-yml.js
         env:
-          RELEASE_VERSION: ${{ github.event.inputs.version || needs.before-make.outputs.RELEASE_VERSION }}
+          RELEASE_VERSION: ${{ needs.before-make.outputs.RELEASE_VERSION }}
       - name: Create Release Draft
         uses: softprops/action-gh-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
         with:
-          name: ${{ github.event.inputs.version || needs.before-make.outputs.RELEASE_VERSION }}
+          name: ${{ needs.before-make.outputs.RELEASE_VERSION }}
           body: ''
-          draft: ${{ github.event.inputs.is-draft || true }}
-          prerelease: ${{ github.event.inputs.is-pre-release || needs.before-make.outputs.version }}
+          draft: ${{ github.event.inputs.is-draft }}
+          prerelease: ${{ github.event.inputs.is-pre-release }}
           files: |
             ./VERSION
             ./*.zip

.github/workflows/release.yml

@@ -1,165 +0,0 @@
-name: Release
-
-on:
-  push:
-    branches:
-      - master
-
-env:
-  BUILD_TYPE: stable
-  APP_NAME: affine
-  COVERAGE: false
-  DISTRIBUTION: browser
-  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-jobs:
-  release:
-    name: Try publishing npm@latest release
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Try publishing to NPM
-        run: ./scripts/publish.sh
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-  build-core:
-    name: Build @affine/core
-    runs-on: ubuntu-latest
-    environment: development
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Build Plugins
-        run: yarn run build:plugins
-      - name: Build Core
-        run: yarn nx build @affine/core
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: core
-          path: ./apps/core/dist
-          if-no-files-found: error
-
-  build-server:
-    name: Build Server
-    runs-on: ubuntu-latest
-    environment: development
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-      - name: Build Server
-        run: yarn nx build @affine/server
-      - name: Upload server dist
-        uses: actions/upload-artifact@v3
-        with:
-          name: server-dist
-          path: ./apps/server/dist
-          if-no-files-found: error
-
-  build-storage:
-    name: Build Storage
-    runs-on: ubuntu-latest
-    env:
-      RUSTFLAGS: '-C debuginfo=1'
-    environment: development
-
-    steps:
-      - uses: actions/checkout@v3
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Setup Rust
-        uses: ./.github/actions/build-rust
-        with:
-          target: 'x86_64-unknown-linux-gnu'
-          package: '@affine/storage'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Upload storage.node
-        uses: actions/upload-artifact@v3
-        with:
-          name: storage.node
-          path: ./packages/storage/storage.node
-          if-no-files-found: error
-
-  build-docker:
-    if: github.ref == 'refs/heads/master'
-    name: Build Docker
-    runs-on: ubuntu-latest
-    needs:
-      - build-server
-      - build-core
-      - build-storage
-    steps:
-      - uses: actions/checkout@v3
-      - name: Download core artifact
-        uses: actions/download-artifact@v3
-        with:
-          name: core
-          path: ./apps/core/dist
-      - name: Download server dist
-        uses: actions/download-artifact@v3
-        with:
-          name: server-dist
-          path: ./apps/server/dist
-      - name: Download storage.node
-        uses: actions/download-artifact@v3
-        with:
-          name: storage.node
-          path: ./apps/server
-      - name: Setup Git short hash
-        run: |
-          echo "GIT_SHORT_HASH=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          logout: false
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      - name: Build front Dockerfile
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          push: true
-          pull: true
-          platforms: linux/amd64,linux/arm64
-          provenance: true
-          file: .github/deployment/front/Dockerfile
-          tags: ghcr.io/toeverything/affine-front:${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-front:latest
-
-      # setup node without cache configuration
-      # Prisma cache is not compatible with docker build cache
-      - name: Setup Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version-file: '.nvmrc'
-          registry-url: https://npm.pkg.github.com
-          scope: '@toeverything'
-
-      - name: Install Node.js dependencies
-        run: yarn workspaces focus @affine/server --production
-
-      - name: Generate Prisma client
-        run: yarn workspace @affine/server prisma generate
-
-      - name: Build graphql Dockerfile
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          push: true
-          pull: true
-          platforms: linux/amd64,linux/arm64
-          provenance: true
-          file: .github/deployment/node/Dockerfile
-          tags: ghcr.io/toeverything/affine-graphql:${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-graphql:latest

.github/workflows/workers.yml

@@ -3,20 +3,21 @@ name: Deploy Cloudflare Worker
 on:
   push:
     branches:
-      - master
+      - canary
     paths:
-      - packages/workers/**
+      - tools/workers/**
 
 jobs:
   deploy:
     runs-on: ubuntu-latest
     name: Deploy
-    environment: production
+    environment: stable
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Publish
-        uses: cloudflare/wrangler-action@2.0.0
+        uses: cloudflare/wrangler-action@v3.3.2
         with:
           apiToken: ${{ secrets.CF_API_TOKEN }}
           accountId: ${{ secrets.CF_ACCOUNT_ID }}
-          workingDirectory: 'packages/workers'
+          workingDirectory: 'tools/workers'
+          packageManager: 'yarn'

.gitignore

@@ -78,3 +78,4 @@ tsconfig.node.tsbuildinfo
 lib
 affine.db
 apps/web/next-routes.conf
+.nx

.husky/pre-commit

@@ -1,23 +1,4 @@
 #!/usr/bin/env sh
 . "$(dirname -- "$0")/_/husky.sh"
 
-# check lockfile is up to date
-yarn install --mode=skip-build --inline-builds --immutable
-
-# build infra code
-yarn -T run build:infra
-
-# generate prisma client type
-yarn workspace @affine/server prisma generate
-
-# generate i18n
-yarn i18n-codegen gen
-
-# lint staged files
-yarn exec lint-staged
-
-# type check
-yarn typecheck
-
-# circular dependency check
-yarn circular
+yarn lint-staged && yarn lint:ox

.i18n-codegen.json

@@ -3,8 +3,8 @@
   "version": 1,
   "list": [
     {
-      "input": "./packages/i18n/src/resources/en.json",
-      "output": "./packages/i18n/src/i18n-generated",
+      "input": "./packages/frontend/i18n/src/resources/en.json",
+      "output": "./packages/frontend/i18n/src/i18n-generated",
       "parser": {
         "type": "i18next",
         "contextSeparator": "$",

.prettierignore

@@ -2,16 +2,23 @@ yarn.lock
 target
 lib
 test-results
-packages/i18n/src/i18n-generated.ts
-packages/graphql/src/graphql/index.ts
 .next
 out
 dist
 .yarn
-tests/affine-legacy/**/static
 .github/helm
 _next
 storybook-static
 web-static
 public
-apps/server/src/schema.gql
+packages/backend/server/src/schema.gql
+packages/frontend/i18n/src/i18n-generated.ts
+packages/frontend/graphql/src/graphql/index.ts
+tests/affine-legacy/**/static
+.yarnrc.yml
+
+# auto-generated by NAPI-RS
+# fixme(@joooye34): need script to check and generate ignore list here
+packages/backend/storage/index.d.ts
+packages/frontend/native/index.d.ts
+packages/frontend/native/index.js

.vscode/settings.template.json

@@ -29,15 +29,7 @@
   "[typescriptreact]": {
     "editor.defaultFormatter": "esbenp.prettier-vscode"
   },
-  "vitest.include": [
-    "packages/**/*.spec.ts",
-    "packages/**/*.spec.tsx",
-    "apps/web/**/*.spec.ts",
-    "apps/web/**/*.spec.tsx",
-    "apps/electron/src/**/*.spec.ts",
-    "tests/unit/**/*.spec.ts",
-    "tests/unit/**/*.spec.tsx"
-  ],
+  "vitest.include": ["packages/**/*.spec.ts", "packages/**/*.spec.tsx"],
   "rust-analyzer.check.extraEnv": {
     "DATABASE_URL": "sqlite:affine.db"
   }

.yarn/patches/next-auth-npm-4.24.5-8428e11927.patch

@@ -0,0 +1,15 @@
+diff --git a/package.json b/package.json
+index ca30bca63196b923fa5a27eb85ce2ee890222d36..39e9d08dea40f25568a39bfbc0154458d32c8a66 100644
+--- a/package.json
++++ b/package.json
+@@ -31,6 +31,10 @@
+       "types": "./index.d.ts",
+       "default": "./index.js"
+     },
++    "./core": {
++      "types": "./core/index.d.ts",
++      "default": "./core/index.js"
++    },
+     "./adapters": {
+       "types": "./adapters.d.ts"
+     },

.yarnrc.yml

@@ -1,19 +1,15 @@
+compressionLevel: mixed
+
+enableGlobalCache: true
+
 nmMode: hardlinks-local
 
 nodeLinker: node-modules
 
-npmAuthToken: '${NPM_TOKEN:-NONE}'
+npmAuthToken: "${NPM_TOKEN:-NONE}"
 
 npmPublishAccess: public
 
-npmPublishRegistry: 'https://registry.npmjs.org'
+npmPublishRegistry: "https://registry.npmjs.org"
 
-plugins:
-  - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
-    spec: '@yarnpkg/plugin-interactive-tools'
-  - path: .yarn/plugins/@yarnpkg/plugin-version.cjs
-    spec: '@yarnpkg/plugin-version'
-  - path: .yarn/plugins/@yarnpkg/plugin-workspace-tools.cjs
-    spec: '@yarnpkg/plugin-workspace-tools'
-
-yarnPath: .yarn/releases/yarn-3.6.3.cjs
+yarnPath: .yarn/releases/yarn-4.0.2.cjs

Cargo.toml

@@ -1,9 +1,9 @@
 [workspace]
 resolver = "2"
 members = [
-  "./packages/native",
-  "./packages/native/schema",
-  "./packages/storage",
+  "./packages/frontend/native",
+  "./packages/frontend/native/schema",
+  "./packages/backend/storage",
 ]
 
 [profile.dev.package.sqlx-macros]

LICENSE

@@ -2,7 +2,7 @@ Copyright (c) 2022-present TOEVERYTHING PTE. LTD. and its affiliates.
 
 Portions of this software are licensed as follows:
 
-- All content that resides under the "apps/server" directory of this repository, if that directory exists, is licensed under the license defined in "apps/server/LICENSE".
+- All content that resides under the "packages/backend/server" directory of this repository, if that directory exists, is licensed under the license defined in "packages/backend/server/LICENSE".
 - All third party components incorporated into the AFFiNE Software are licensed under the original license provided by the owner of the applicable component.
 - Content outside of the above mentioned directories or restrictions above is available under the "MIT" license as defined in "LICENSE-MIT".
 

README.md

@@ -107,12 +107,11 @@ If you have questions, you are welcome to contact us. One of the best places to
 
 ## Ecosystem
 
-| Name                                                                                            |                                         |                                                                                                                                                     |
-| ----------------------------------------------------------------------------------------------- | --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [@toeverything/component](https://github.com/toeverything/design/tree/main/packages/components) | Toeverything Shared Component Resources |                                                                                                                                                     |
-| [@affine/component](packages/component)                                                         | AFFiNE Component Resources              | [![](https://img.shields.io/codecov/c/github/toeverything/affine?style=flat-square)](https://affine-storybook.vercel.app/)                          |
-| [@toeverything/y-indexeddb](packages/y-indexeddb)                                               | IndexedDB database adapter for Yjs      | [![](https://img.shields.io/npm/dm/@toeverything/y-indexeddb?style=flat-square&color=eee)](https://www.npmjs.com/package/@toeverything/y-indexeddb) |
-| [@toeverything/theme](packages/theme)                                                           | AFFiNE theme                            | [![](https://img.shields.io/npm/dm/@toeverything/theme?style=flat-square&color=eee)](https://www.npmjs.com/package/@toeverything/theme)             |
+| Name                                                     |                                    |                                                                                                                                                     |
+| -------------------------------------------------------- | ---------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [@affine/component](packages/frontend/component)         | AFFiNE Component Resources         | [![](https://img.shields.io/codecov/c/github/toeverything/affine?style=flat-square)](https://affine-storybook.vercel.app/)                          |
+| [@toeverything/y-indexeddb](packages/common/y-indexeddb) | IndexedDB database adapter for Yjs | [![](https://img.shields.io/npm/dm/@toeverything/y-indexeddb?style=flat-square&color=eee)](https://www.npmjs.com/package/@toeverything/y-indexeddb) |
+| [@toeverything/theme](packages/common/theme)             | AFFiNE theme                       | [![](https://img.shields.io/npm/dm/@toeverything/theme?style=flat-square&color=eee)](https://www.npmjs.com/package/@toeverything/theme)             |
 
 ## Plugins
 
@@ -120,15 +119,14 @@ If you have questions, you are welcome to contact us. One of the best places to
 >
 > (Currently, the plugin system is under heavy development. You will see the plugin system in the canary release.)
 
-- [@affine/sdk](./packages/sdk) - SDK for developing plugins
-- [@affine/plugin-cli](./packages/plugin-cli) - CLI for developing plugins
+- [@affine/sdk](./packages/common/sdk) - SDK for developing plugins
+- [@affine/plugin-cli](./tools/plugin-cli) - CLI for developing plugins
 
-| Official Plugin                                       | Description                               | Status |
-| ----------------------------------------------------- | ----------------------------------------- | ------ |
-| [@affine/bookmark-plugin](plugins/bookmark)           | A block for bookmarking a website         | ✅     |
-| [@affine/copilot-plugin](plugins/copilot)             | AI Copilot that help you document writing | 🚧     |
-| [@affine/image-preview-plugin](plugins/image-preview) | Component for previewing an image         | ✅     |
-| [@affine/outline](plugins/outline)                    | Outline for your document                 | ✅     |
+| Official Plugin                                                  | Description                               | Status |
+| ---------------------------------------------------------------- | ----------------------------------------- | ------ |
+| [@affine/copilot-plugin](./packages/plugins/copilot)             | AI Copilot that help you document writing | 🚧     |
+| [@affine/image-preview-plugin](./packages/plugins/image-preview) | Component for previewing an image         | ✅     |
+| [@affine/outline](./packages/plugins/outline)                    | Outline for your document                 | ✅     |
 
 ## Upstreams
 
@@ -147,18 +145,7 @@ We would also like to give thanks to open-source projects that make AFFiNE possi
 
 Thanks a lot to the community for providing such powerful and simple libraries, so that we can focus more on the implementation of the product logic, and we hope that in the future our projects will also provide a more easy-to-use knowledge base for everyone.
 
-# Contributors
-
-## Current Core members
-
-Team members who are currently maintaining the project:
-
-- [JimmFly](https://github.com/JimmFly) - Jinfei Yang <yangjinfei001@gmail.com> (he/him)
-- [pengx17](https://github.com/pengx17) - Peng Xiao <pengxiao@outlook.com> (he/him)
-- [QiShaoXuan](https://github.com/QiSHaoXuan) - Shaoxuan Qi <qishaoxuan777@gmail.com> (he/him)
-- [himself65](https://github.com/himself65) - Zeyu "Alex" Yang <himself65@outlook.com> (he/him)
-
-## All Contributors
+## Contributors
 
 We would like to express our gratitude to all the individuals who have already contributed to AFFiNE! If you have any AFFiNE-related project, documentation, tool or template, please feel free to contribute it by submitting a pull request to our curated list on GitHub: [awesome-affine](https://github.com/toeverything/awesome-affine).
 
@@ -207,6 +194,13 @@ For feature request, please see [community.affine.pro](https://community.affine.
 
 ## Building
 
+### Codespaces
+
+From the GitHub repo main page, click the green "Code" button and select "Create codespace on master". This will open a new Codespace with the (supposedly auto-forked
+AFFiNE repo cloned, built, and ready to go.
+
+### Local
+
 See [BUILDING.md] for instructions on how to build AFFiNE from source code.
 
 ## Contributing
@@ -232,11 +226,11 @@ See [LICENSE] for details.
 [update page]: https://affine.pro/blog?tag=Release%20Note
 [jobs available]: ./docs/jobs.md
 [latest packages]: https://github.com/toeverything/AFFiNE/pkgs/container/affine-self-hosted
-[contributor license agreement]: https://github.com/toeverything/affine/edit/master/.github/CLA.md
-[rust-version-icon]: https://img.shields.io/badge/Rust-1.71.0-dea584
+[contributor license agreement]: https://github.com/toeverything/affine/edit/canary/.github/CLA.md
+[rust-version-icon]: https://img.shields.io/badge/Rust-1.74.1-dea584
 [stars-icon]: https://img.shields.io/github/stars/toeverything/AFFiNE.svg?style=flat&logo=github&colorB=red&label=stars
-[codecov]: https://codecov.io/gh/toeverything/affine/branch/master/graphs/badge.svg?branch=master
+[codecov]: https://codecov.io/gh/toeverything/affine/branch/canary/graphs/badge.svg?branch=canary
 [node-version-icon]: https://img.shields.io/badge/node-%3E=18.16.1-success
 [typescript-version-icon]: https://img.shields.io/github/package-json/dependency-version/toeverything/affine/dev/typescript
-[react-version-icon]: https://img.shields.io/github/package-json/dependency-version/toeverything/AFFiNE/react?filename=apps%2Fcore%2Fpackage.json&color=rgb(97%2C228%2C251)
-[blocksuite-icon]: https://img.shields.io/github/package-json/dependency-version/toeverything/AFFiNE/@blocksuite/store?color=6880ff&filename=apps%2Fcore%2Fpackage.json&label=blocksuite
+[react-version-icon]: https://img.shields.io/github/package-json/dependency-version/toeverything/AFFiNE/react?filename=packages%2Ffrontend%2Fcore%2Fpackage.json&color=rgb(97%2C228%2C251)
+[blocksuite-icon]: https://img.shields.io/github/package-json/dependency-version/toeverything/AFFiNE/@blocksuite/store?color=6880ff&filename=packages%2Ffrontend%2Fcore%2Fpackage.json&label=blocksuite

apps/README.md

@@ -1,29 +0,0 @@
-# Apps structure
-
-> This is the structure of the `apps` directory.
-
-## docs
-
-AFFiNE Developer Documentation using [waku](https://github.com/dai-shi/waku).
-
-## electron
-
-> `core` needs to be built before electron.
-
-AFFiNE Desktop (macOS, Linux and Windows Distribution) using [Electron](https://www.electronjs.org/).
-
-## server
-
-Server using [Nest.js](https://nestjs.com/).
-
-## storybook
-
-Storybook using [Storybook](https://storybook.js.org/).
-
-## prototype
-
-AFFiNE Prototype using [React.js](https://reactjs.org/) + [Vite](https://vitejs.dev/).
-
-## core
-
-AFFiNE Core Application using [React.js](https://reactjs.org/) + [Webpack](https://webpack.js.org/).

apps/core/.webpack/utils.ts

@@ -1,12 +0,0 @@
-import type { BuildFlags } from '@affine/cli/config';
-
-export function computeCacheKey(buildFlags: BuildFlags) {
-  return [
-    '1',
-    'node' + process.version,
-    buildFlags.mode,
-    buildFlags.distribution,
-    buildFlags.channel,
-    ...(buildFlags.localBlockSuite ? [buildFlags.localBlockSuite] : []),
-  ].join('-');
-}

apps/core/package.json

@@ -1,96 +0,0 @@
-{
-  "name": "@affine/core",
-  "type": "module",
-  "private": true,
-  "version": "0.9.0-canary.13",
-  "scripts": {
-    "build": "yarn -T run build-core",
-    "dev": "yarn -T run dev-core",
-    "static-server": "yarn -T run dev-core --static"
-  },
-  "exports": {
-    "./app": "./src/app.tsx",
-    "./router": "./src/router.ts",
-    "./bootstrap/setup": "./src/bootstrap/setup.ts",
-    "./bootstrap/register-plugins": "./src/bootstrap/register-plugins.ts"
-  },
-  "dependencies": {
-    "@affine-test/fixtures": "workspace:*",
-    "@affine/component": "workspace:*",
-    "@affine/debug": "workspace:*",
-    "@affine/env": "workspace:*",
-    "@affine/graphql": "workspace:*",
-    "@affine/i18n": "workspace:*",
-    "@affine/templates": "workspace:*",
-    "@affine/workspace": "workspace:*",
-    "@blocksuite/block-std": "0.0.0-20230921103931-38d8f07a-nightly",
-    "@blocksuite/blocks": "0.0.0-20230921103931-38d8f07a-nightly",
-    "@blocksuite/editor": "0.0.0-20230921103931-38d8f07a-nightly",
-    "@blocksuite/global": "0.0.0-20230921103931-38d8f07a-nightly",
-    "@blocksuite/icons": "^2.1.33",
-    "@blocksuite/lit": "0.0.0-20230921103931-38d8f07a-nightly",
-    "@blocksuite/store": "0.0.0-20230921103931-38d8f07a-nightly",
-    "@dnd-kit/core": "^6.0.8",
-    "@dnd-kit/sortable": "^7.0.2",
-    "@emotion/cache": "^11.11.0",
-    "@emotion/react": "^11.11.1",
-    "@emotion/server": "^11.11.0",
-    "@emotion/styled": "^11.11.0",
-    "@mui/material": "^5.14.7",
-    "@radix-ui/react-select": "^1.2.2",
-    "@react-hookz/web": "^23.1.0",
-    "@toeverything/components": "^0.0.42",
-    "async-call-rpc": "^6.3.1",
-    "cmdk": "^0.2.0",
-    "css-spring": "^4.1.0",
-    "cssnano": "^6.0.1",
-    "graphql": "^16.8.0",
-    "intl-segmenter-polyfill-rs": "^0.1.6",
-    "jotai": "^2.4.1",
-    "jotai-devtools": "^0.6.2",
-    "lit": "^2.8.0",
-    "lottie-web": "^5.12.2",
-    "mini-css-extract-plugin": "^2.7.6",
-    "next-auth": "^4.22.1",
-    "next-themes": "^0.2.1",
-    "postcss-loader": "^7.3.3",
-    "react": "18.2.0",
-    "react-dom": "18.2.0",
-    "react-is": "18.2.0",
-    "react-resizable-panels": "^0.0.55",
-    "react-router-dom": "^6.15.0",
-    "rxjs": "^7.8.1",
-    "ses": "^0.18.8",
-    "swr": "2.2.0",
-    "valtio": "^1.11.2",
-    "y-protocols": "^1.0.5",
-    "yjs": "^13.6.8",
-    "zod": "^3.22.2"
-  },
-  "devDependencies": {
-    "@aws-sdk/client-s3": "3.400.0",
-    "@perfsee/webpack": "^1.8.4",
-    "@pmmmwh/react-refresh-webpack-plugin": "^0.5.11",
-    "@sentry/webpack-plugin": "^2.7.0",
-    "@svgr/webpack": "^8.1.0",
-    "@swc/core": "^1.3.81",
-    "@types/lodash-es": "^4.17.9",
-    "@types/webpack-env": "^1.18.1",
-    "copy-webpack-plugin": "^11.0.0",
-    "css-loader": "^6.8.1",
-    "express": "^4.18.2",
-    "html-webpack-plugin": "^5.5.3",
-    "lodash-es": "^4.17.21",
-    "mime-types": "^2.1.35",
-    "raw-loader": "^4.0.2",
-    "source-map-loader": "^4.0.1",
-    "style-loader": "^3.3.3",
-    "swc-loader": "^0.2.3",
-    "swc-plugin-coverage-instrument": "^0.0.20",
-    "thread-loader": "^4.0.2",
-    "webpack": "^5.88.2",
-    "webpack-cli": "^5.1.4",
-    "webpack-dev-server": "^4.15.1",
-    "webpack-merge": "^5.9.0"
-  }
-}

apps/core/src/adapters/cloud/ui.tsx

@@ -1,93 +0,0 @@
-import { PageNotFoundError } from '@affine/env/constant';
-import type {
-  WorkspaceFlavour,
-  WorkspaceUISchema,
-} from '@affine/env/workspace';
-import { initEmptyPage } from '@toeverything/infra/blocksuite';
-import { lazy, useCallback } from 'react';
-
-import type { OnLoadEditor } from '../../components/page-detail-editor';
-import { useCurrentUser } from '../../hooks/affine/use-current-user';
-import { useIsWorkspaceOwner } from '../../hooks/affine/use-is-workspace-owner';
-import { useWorkspace } from '../../hooks/use-workspace';
-import {
-  BlockSuitePageList,
-  NewWorkspaceSettingDetail,
-  PageDetailEditor,
-  Provider,
-  WorkspaceHeader,
-} from '../shared';
-
-const LoginCard = lazy(() =>
-  import('../../components/cloud/login-card').then(({ LoginCard }) => ({
-    default: LoginCard,
-  }))
-);
-
-export const UI = {
-  Provider,
-  LoginCard,
-  Header: WorkspaceHeader,
-  PageDetail: ({ currentWorkspaceId, currentPageId, onLoadEditor }) => {
-    const workspace = useWorkspace(currentWorkspaceId);
-    const page = workspace.blockSuiteWorkspace.getPage(currentPageId);
-    if (!page) {
-      throw new PageNotFoundError(workspace.blockSuiteWorkspace, currentPageId);
-    }
-    // this should be safe because we are under cloud workspace adapter
-    const currentUser = useCurrentUser();
-    const onLoad = useCallback<OnLoadEditor>(
-      (...args) => {
-        const dispose = onLoadEditor(...args);
-        workspace.blockSuiteWorkspace.awarenessStore.awareness.setLocalStateField(
-          'user',
-          {
-            name: currentUser.name,
-          }
-        );
-        return dispose;
-      },
-      [currentUser, workspace, onLoadEditor]
-    );
-
-    return (
-      <>
-        <PageDetailEditor
-          pageId={currentPageId}
-          onInit={useCallback(async page => initEmptyPage(page), [])}
-          onLoad={onLoad}
-          workspace={workspace.blockSuiteWorkspace}
-        />
-      </>
-    );
-  },
-  PageList: ({ blockSuiteWorkspace, onOpenPage, collection }) => {
-    return (
-      <BlockSuitePageList
-        listType="all"
-        collection={collection}
-        onOpenPage={onOpenPage}
-        blockSuiteWorkspace={blockSuiteWorkspace}
-      />
-    );
-  },
-  NewSettingsDetail: ({
-    currentWorkspaceId,
-    onTransformWorkspace,
-    onDeleteLocalWorkspace,
-    onDeleteCloudWorkspace,
-    onLeaveWorkspace,
-  }) => {
-    const isOwner = useIsWorkspaceOwner(currentWorkspaceId);
-    return (
-      <NewWorkspaceSettingDetail
-        onDeleteLocalWorkspace={onDeleteLocalWorkspace}
-        onDeleteCloudWorkspace={onDeleteCloudWorkspace}
-        onLeaveWorkspace={onLeaveWorkspace}
-        workspaceId={currentWorkspaceId}
-        onTransferWorkspace={onTransformWorkspace}
-        isOwner={isOwner}
-      />
-    );
-  },
-} satisfies WorkspaceUISchema<WorkspaceFlavour.AFFINE_CLOUD>;