v0.5.4-beta.2

fix: adjust some styles (#2438 )
chore: adjust delete description style (#2437 )
2026-02-05 00:54:56 +00:00 · 2023-05-18 17:36:37 +08:00 · 2023-05-18 17:32:56 +08:00 · 2023-05-18 17:31:04 +08:00 · 2023-05-18 17:23:52 +08:00 · 2023-05-18 00:08:56 -07:00
2431 changed files with 62918 additions and 195014 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -0,0 +1,641 @@
+{
+  "projectName": "AFFiNE",
+  "projectOwner": "toeverything",
+  "repoType": "github",
+  "repoHost": "https://github.com",
+  "files": [
+    "README.md"
+  ],
+  "imageSize": 50,
+  "commit": false,
+  "commitConvention": "angular",
+  "contributorsPerLine": 7,
+  "badgeTemplate": "\n[all-contributors-badge]: https://img.shields.io/badge/all_contributors-<%= contributors.length %>-orange.svg?style=flat-square\n",
+  "contributors": [
+    {
+      "login": "doodlewind",
+      "name": "Yifeng Wang",
+      "avatar_url": "https://avatars.githubusercontent.com/u/7312949?v=4",
+      "profile": "https://github.com/doodlewind",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "darkskygit",
+      "name": "DarkSky",
+      "avatar_url": "https://avatars.githubusercontent.com/u/25152247?v=4",
+      "profile": "https://darksky.eu.org/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "tzhangchi",
+      "name": "Chi Zhang",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5910926?v=4",
+      "profile": "http://zhangchi.page/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "alt1o",
+      "name": "wang xinglong",
+      "avatar_url": "https://avatars.githubusercontent.com/u/21084335?v=4",
+      "profile": "https://github.com/alt1o",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "Brooooooklyn",
+      "name": "LongYinan",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3468483?v=4",
+      "profile": "https://github.com/Brooooooklyn",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "hwangdev97",
+      "name": "Hwang",
+      "avatar_url": "https://avatars.githubusercontent.com/u/24713927?v=4",
+      "profile": "https://github.com/hwangdev97",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "kobeshanks",
+      "name": "kobeshanks",
+      "avatar_url": "https://avatars.githubusercontent.com/u/82570088?v=4",
+      "profile": "https://github.com/kobeshanks",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "pengx17",
+      "name": "Peng Xiao",
+      "avatar_url": "https://avatars.githubusercontent.com/u/584378?v=4",
+      "profile": "https://pengx17.vercel.app/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "Saul-Mirone",
+      "name": "Mirone",
+      "avatar_url": "https://avatars.githubusercontent.com/u/10047788?v=4",
+      "profile": "https://mirone.me/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "zqran",
+      "name": "zqran",
+      "avatar_url": "https://avatars.githubusercontent.com/u/15389209?v=4",
+      "profile": "https://github.com/zqran",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "SuneBear",
+      "name": "Shule Hsiung",
+      "avatar_url": "https://avatars.githubusercontent.com/u/7693264?v=4",
+      "profile": "https://sunebear.com/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "fundon",
+      "name": "Fangdun Tsai",
+      "avatar_url": "https://avatars.githubusercontent.com/u/27926?v=4",
+      "profile": "https://fundon.viz.rs/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "lawvs",
+      "name": "Whitewater",
+      "avatar_url": "https://avatars.githubusercontent.com/u/18554747?v=4",
+      "profile": "https://lawvs.github.io/profile/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "zuoxiaodong0815",
+      "name": "xiaodong zuo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/53252747?v=4",
+      "profile": "https://github.com/zuoxiaodong0815",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "Himself65",
+      "name": "Himself65",
+      "avatar_url": "https://avatars.githubusercontent.com/u/14026360?v=4",
+      "profile": "https://github.com/Himself65",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "DiamondThree",
+      "name": "DiamondThree",
+      "avatar_url": "https://avatars.githubusercontent.com/u/24630517?v=4",
+      "profile": "https://github.com/DiamondThree",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "QiShaoXuan",
+      "name": "Qi",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22772830?v=4",
+      "profile": "https://github.com/QiShaoXuan",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "colelawrence",
+      "name": "Cole Lawrence",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2925395?v=4",
+      "profile": "https://colelawrence.com/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "linonetwo",
+      "name": "lin onetwo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3746270?v=4",
+      "profile": "https://onetwo.ren/wiki",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "thorseraq",
+      "name": "x1a0t",
+      "avatar_url": "https://avatars.githubusercontent.com/u/20554850?v=4",
+      "profile": "https://github.com/thorseraq",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "HeJiachen-PM",
+      "name": "HeJiachen-PM",
+      "avatar_url": "https://avatars.githubusercontent.com/u/79301703?v=4",
+      "profile": "https://github.com/HeJiachen-PM",
+      "contributions": [
+        "research",
+        "doc"
+      ]
+    },
+    {
+      "login": "joebeijing",
+      "name": "houjoe",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22443345?v=4",
+      "profile": "https://www.notion.so/houjoe/Joe-2a85f5be01004cd2b6a5ad26fbb948b1",
+      "contributions": [
+        "research",
+        "doc"
+      ]
+    },
+    {
+      "login": "Yipei-Operation",
+      "name": "Yipei Wei",
+      "avatar_url": "https://avatars.githubusercontent.com/u/79373028?v=4",
+      "profile": "https://github.com/Yipei-Operation",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "VelikaHF",
+      "name": "Velika",
+      "avatar_url": "https://avatars.githubusercontent.com/u/121547898?v=4",
+      "profile": "https://github.com/VelikaHF",
+      "contributions": [
+        "design"
+      ]
+    },
+    {
+      "login": "Svaney-ssman",
+      "name": "Svaney",
+      "avatar_url": "https://avatars.githubusercontent.com/u/110808979?v=4",
+      "profile": "https://github.com/Svaney-ssman",
+      "contributions": [
+        "design"
+      ]
+    },
+    {
+      "login": "xell",
+      "name": "Guozhu Liu",
+      "avatar_url": "https://avatars.githubusercontent.com/u/132558?v=4",
+      "profile": "http://xell.me/",
+      "contributions": [
+        "design"
+      ]
+    },
+    {
+      "login": "fyZheng07",
+      "name": "fyZheng07",
+      "avatar_url": "https://avatars.githubusercontent.com/u/63830919?v=4",
+      "profile": "https://github.com/fyZheng07",
+      "contributions": [
+        "eventOrganizing",
+        "userTesting"
+      ]
+    },
+    {
+      "login": "CJSS",
+      "name": "CJSS",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4605025?v=4",
+      "profile": "https://github.com/CJSS",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "JimmFly",
+      "name": "JimmFly",
+      "avatar_url": "https://avatars.githubusercontent.com/u/102217452?v=4",
+      "profile": "https://github.com/JimmFly",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mitsuhatu",
+      "name": "mitsuhatu",
+      "avatar_url": "https://avatars.githubusercontent.com/u/110213079?v=4",
+      "profile": "https://github.com/mitsuhatu",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "Austaras",
+      "name": "Austaras",
+      "avatar_url": "https://avatars.githubusercontent.com/u/15013925?v=4",
+      "profile": "https://shockwave.me/",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "uptonking",
+      "name": "Jin Yao",
+      "avatar_url": "https://avatars.githubusercontent.com/u/11391549?v=4",
+      "profile": "https://github.com/uptonking",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "CarlosZoft",
+      "name": "Carlos Rafael ",
+      "avatar_url": "https://avatars.githubusercontent.com/u/62192072?v=4",
+      "profile": "https://github.com/CarlosZoft",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "caleboleary",
+      "name": "Caleb OLeary",
+      "avatar_url": "https://avatars.githubusercontent.com/u/12816579?v=4",
+      "profile": "https://github.com/caleboleary",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "westongraham",
+      "name": "Weston Graham",
+      "avatar_url": "https://avatars.githubusercontent.com/u/89493023?v=4",
+      "profile": "https://github.com/westongraham",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "SaikaSakura",
+      "name": "MingLIang Wang",
+      "avatar_url": "https://avatars.githubusercontent.com/u/11530942?v=4",
+      "profile": "https://github.com/SaikaSakura",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "fanjing22",
+      "name": "fanjing22",
+      "avatar_url": "https://avatars.githubusercontent.com/u/109729699?v=4",
+      "profile": "https://github.com/fanjing22",
+      "contributions": [
+        "design"
+      ]
+    },
+    {
+      "login": "pointmax",
+      "name": "pointmax",
+      "avatar_url": "https://avatars.githubusercontent.com/u/49361135?v=4",
+      "profile": "https://github.com/pointmax",
+      "contributions": [
+        "doc",
+        "code"
+      ]
+    },
+    {
+      "login": "liby",
+      "name": "Bryan Lee",
+      "avatar_url": "https://avatars.githubusercontent.com/u/38807139?v=4",
+      "profile": "https://liby.github.io/notes",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "chenmoonmo",
+      "name": "Simon Li",
+      "avatar_url": "https://avatars.githubusercontent.com/u/36295999?v=4",
+      "profile": "https://github.com/chenmoonmo",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "githbq",
+      "name": "Bob Hu",
+      "avatar_url": "https://avatars.githubusercontent.com/u/10009709?v=4",
+      "profile": "https://github.com/githbq",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "lucky-chap",
+      "name": "Quavo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/67266933?v=4",
+      "profile": "https://quavo.vercel.app/",
+      "contributions": [
+        "doc",
+        "code"
+      ]
+    },
+    {
+      "login": "LuciNyan",
+      "name": "子瞻 Luci",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22126563?v=4",
+      "profile": "https://github.com/LuciNyan",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "m1911star",
+      "name": "Horus",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4948120?v=4",
+      "profile": "http://blog.ipili.me/",
+      "contributions": [
+        "code",
+        "platform"
+      ]
+    },
+    {
+      "login": "fanshyiis",
+      "name": "Super.x",
+      "avatar_url": "https://avatars.githubusercontent.com/u/15103283?v=4",
+      "profile": "https://segmentfault.com/u/qzuser_584786517d31a",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "wangyu-1999",
+      "name": "Wang Yu",
+      "avatar_url": "https://avatars.githubusercontent.com/u/80874770?v=4",
+      "profile": "https://wangyu-1999.github.io/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "felixonmars",
+      "name": "Felix Yan",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1006477?v=4",
+      "profile": "https://felixc.at/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "lynettelopez",
+      "name": "Lynette Lopez",
+      "avatar_url": "https://avatars.githubusercontent.com/u/32908859?v=4",
+      "profile": "https://github.com/lynettelopez",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Zheaoli",
+      "name": "Manjusaka",
+      "avatar_url": "https://avatars.githubusercontent.com/u/7054676?v=4",
+      "profile": "http://manjusaka.itscoder.com/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sudongyuer",
+      "name": "Frozen FIsh",
+      "avatar_url": "https://avatars.githubusercontent.com/u/76603360?v=4",
+      "profile": "https://juejin.cn/user/2867982785579102/posts?sort=popular",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "MuhammedFaraz",
+      "name": "Mohammed Faraz",
+      "avatar_url": "https://avatars.githubusercontent.com/u/92734739?v=4",
+      "profile": "https://github.com/MuhammedFaraz",
+      "contributions": [
+        "doc",
+        "code"
+      ]
+    },
+    {
+      "login": "Pranav4399",
+      "name": "Pranav Sriram ",
+      "avatar_url": "https://avatars.githubusercontent.com/u/28348429?v=4",
+      "profile": "https://pranavsriram.dev/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Reson-a",
+      "name": "Reson-a",
+      "avatar_url": "https://avatars.githubusercontent.com/u/20806266?v=4",
+      "profile": "https://github.com/Reson-a",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "hezhizhen",
+      "name": "Zhizhen He",
+      "avatar_url": "https://avatars.githubusercontent.com/u/7611700?v=4",
+      "profile": "https://t.me/littlepoint",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "AkaraChen",
+      "name": "AkaraChen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/85140972?v=4",
+      "profile": "https://akr.moe/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "suyanhanx",
+      "name": "Suyan",
+      "avatar_url": "https://avatars.githubusercontent.com/u/24221472?v=4",
+      "profile": "https://github.com/suyanhanx",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "hehex9",
+      "name": "hehe",
+      "avatar_url": "https://avatars.githubusercontent.com/u/9209882?v=4",
+      "profile": "https://github.com/hehex9",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "albertodlc",
+      "name": "Alberto de la Cruz",
+      "avatar_url": "https://avatars.githubusercontent.com/u/32411964?v=4",
+      "profile": "https://github.com/albertodlc",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "AlessioGr",
+      "name": "Alessio Gravili",
+      "avatar_url": "https://avatars.githubusercontent.com/u/70709113?v=4",
+      "profile": "https://github.com/AlessioGr",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "lzlme",
+      "name": "Zhilin Liu",
+      "avatar_url": "https://avatars.githubusercontent.com/u/117659326?v=4",
+      "profile": "https://github.com/lzlme",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "suica",
+      "name": "Sg",
+      "avatar_url": "https://avatars.githubusercontent.com/u/8041462?v=4",
+      "profile": "https://github.com/suica",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sinchang",
+      "name": "Jeff Wen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3297859?v=4",
+      "profile": "https://sinchang.me/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "m1212e",
+      "name": "m1212e",
+      "avatar_url": "https://avatars.githubusercontent.com/u/14091540?v=4",
+      "profile": "https://m1212e.github.io/portfolio/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "adityash1",
+      "name": "Aditya Sharma",
+      "avatar_url": "https://avatars.githubusercontent.com/u/65771169?v=4",
+      "profile": "https://adityash1.github.io/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sheben404",
+      "name": "Kehan Wang",
+      "avatar_url": "https://avatars.githubusercontent.com/u/61317160?v=4",
+      "profile": "https://github.com/sheben404",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "VictorNanka",
+      "name": "VictorNanka",
+      "avatar_url": "https://avatars.githubusercontent.com/u/30154366?v=4",
+      "profile": "https://github.com/VictorNanka",
+      "contributions": [
+        "code"
+      ]
+    }
+  ]
+}
--- a/.cargo/config.toml
+++ b/.cargo/config.toml
@@ -1,2 +0,0 @@
-[target.x86_64-pc-windows-msvc]
-rustflags = ["-C", "target-feature=+crt-static"]
--- a/.codesandbox/task.json
+++ b/.codesandbox/task.json
@@ -1,20 +0,0 @@
-{
-  "$schema": "https://codesandbox.io/schemas/tasks.json",
-  "setupTasks": [
-    {
-      "name": "Install Dependencies",
-      "command": "yarn install"
-    }
-  ],
-
-  "tasks": {
-    "start-web": {
-      "name": "Start Web",
-      "command": "yarn dev-core",
-      "runAtStart": true,
-      "preview": {
-        "port": 8080
-      }
-    }
-  }
-}
--- a/tools/commitlint/.commitlintrc.json
+++ b/tools/commitlint/.commitlintrc.json
@@ -7,9 +7,8 @@
      [
        "electron",
        "server",
-        "core",
+        "web",
        "docs",
-        "storybook",
        "component",
        "workspace",
        "env",
@@ -17,13 +16,12 @@
        "cli",
        "hooks",
        "i18n",
+        "jotai",
        "native",
        "templates",
        "y-indexeddb",
-        "y-provider",
        "debug",
-        "storage",
-        "infra"
+        "theme"
      ]
    ]
  }
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,9 +0,0 @@
-FROM mcr.microsoft.com/devcontainers/base:bookworm
-
-# Install Homebrew For Linux
-RUN /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" && \
-    eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" && \
-    echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> /home/vscode/.zshrc && \
-    echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> /home/vscode/.bashrc && \
-    # Install Graphite
-    brew install withgraphite/tap/graphite && gt --version
--- a/.devcontainer/build.sh
+++ b/.devcontainer/build.sh
@@ -1,12 +0,0 @@
-#!/bin/bash
-# This is a script used by the devcontainer to build the project
-
-#Enable yarn
-corepack enable
-corepack prepare yarn@stable --activate
-
-# install dependencies
-yarn install
-
-# Create database
-yarn workspace @affine/server prisma db push
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,25 +0,0 @@
-// For format details, see https://aka.ms/devcontainer.json.
-{
-  "name": "Debian",
-  "dockerComposeFile": "docker-compose.yml",
-  "service": "app",
-  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
-  "features": {
-    "ghcr.io/devcontainers/features/node:1": {
-      "version": "18"
-    },
-    "ghcr.io/devcontainers/features/rust:1": {}
-  },
-  // Configure tool-specific properties.
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "ms-playwright.playwright",
-        "esbenp.prettier-vscode",
-        "streetsidesoftware.code-spell-checker"
-      ]
-    }
-  },
-  "updateContentCommand": "bash ./.devcontainer/build.sh",
-  "postCreateCommand": "bash ./.devcontainer/setup-user.sh"
-}
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -1,26 +0,0 @@
-version: '3.8'
-
-services:
-  app:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    volumes:
-      - ../..:/workspaces:cached
-    command: sleep infinity
-    network_mode: service:db
-    environment:
-      DATABASE_URL: postgresql://affine:affine@db:5432/affine
-
-  db:
-    image: postgres:latest
-    restart: unless-stopped
-    volumes:
-      - postgres-data:/var/lib/postgresql/data
-    environment:
-      POSTGRES_PASSWORD: affine
-      POSTGRES_USER: affine
-      POSTGRES_DB: affine
-
-volumes:
-  postgres-data:
--- a/.devcontainer/setup-user.sh
+++ b/.devcontainer/setup-user.sh
@@ -1,7 +0,0 @@
-if [ -v GRAPHITE_TOKEN ];then
-    gt auth --token $GRAPHITE_TOKEN
-fi
-
-git fetch
-git branch canary -t origin/canary
-gt init --trunk canary
--- a/.env.template
+++ b/.env.template
@@ -1,14 +0,0 @@
-ENABLE_PLUGIN=
-ENABLE_TEST_PROPERTIES=
-ENABLE_BC_PROVIDER=
-CHANGELOG_URL=
-ENABLE_PRELOADING=
-ENABLE_NEW_SETTING_MODAL=
-ENABLE_SQLITE_PROVIDER=
-ENABLE_NEW_SETTING_UNSTABLE_API=
-ENABLE_NOTIFICATION_CENTER=
-ENABLE_CLOUD=
-ENABLE_MOVE_DATABASE=
-SHOULD_REPORT_TRACE=
-TRACE_REPORT_ENDPOINT=
-CAPTCHA_SITE_KEY=
--- a/.eslintignore
+++ b/.eslintignore
@@ -5,11 +5,3 @@ out
 storybook-static
 affine-out
 _next
-lib
-.eslintrc.js
-e2e-dist-*
-static
-web-static
-public
-packages/frontend/i18n/src/i18n-generated.ts
-packages/frontend/templates/edgeless-templates.gen.ts
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -1,79 +1,3 @@
-const { resolve } = require('node:path');
-
-const createPattern = packageName => [
-  {
-    group: ['**/dist', '**/dist/**'],
-    message: 'Do not import from dist',
-    allowTypeImports: false,
-  },
-  {
-    group: ['**/src', '**/src/**'],
-    message: 'Do not import from src',
-    allowTypeImports: false,
-  },
-  {
-    group: [`@affine/${packageName}`],
-    message: 'Do not import package itself',
-    allowTypeImports: false,
-  },
-  {
-    group: [`@toeverything/${packageName}`],
-    message: 'Do not import package itself',
-    allowTypeImports: false,
-  },
-  {
-    group: ['@blocksuite/store'],
-    message: "Import from '@blocksuite/global/utils'",
-    importNames: ['assertExists', 'assertEquals'],
-  },
-  {
-    group: ['react-router-dom'],
-    message: 'Use `useNavigateHelper` instead',
-    importNames: ['useNavigate'],
-  },
-  {
-    group: ['next-auth/react'],
-    message: "Import hooks from 'use-current-user.tsx'",
-    // useSession is type unsafe
-    importNames: ['useSession'],
-  },
-  {
-    group: ['next-auth/react'],
-    message: "Import hooks from 'cloud-utils.ts'",
-    importNames: ['signIn', 'signOut'],
-  },
-  {
-    group: ['yjs'],
-    message: 'Do not use this API because it has a bug',
-    importNames: ['mergeUpdates'],
-  },
-  {
-    group: ['@affine/env/constant'],
-    message:
-      'Do not import from @affine/env/constant. Use `environment.isDesktop` instead',
-    importNames: ['isDesktop'],
-  },
-];
-
-const allPackages = [
-  'packages/backend/server',
-  'packages/frontend/component',
-  'packages/frontend/core',
-  'packages/frontend/electron',
-  'packages/frontend/graphql',
-  'packages/frontend/i18n',
-  'packages/frontend/native',
-  'packages/frontend/templates',
-  'packages/frontend/workspace',
-  'packages/common/debug',
-  'packages/common/env',
-  'packages/common/infra',
-  'packages/common/theme',
-  'packages/common/y-indexeddb',
-  'tools/cli',
-  'tests/storybook',
-];
-
 /**
 * @type {import('eslint').Linter.Config}
 */
@@ -84,7 +8,7 @@ const config = {
      version: 'detect',
    },
    next: {
-      rootDir: 'packages/frontend/core',
+      rootDir: 'apps/web',
    },
  },
  extends: [
@@ -93,7 +17,6 @@ const config = {
    'plugin:react/recommended',
    'plugin:react/jsx-runtime',
    'plugin:@typescript-eslint/recommended',
-    'prettier',
  ],
  parser: '@typescript-eslint/parser',
  parserOptions: {
@@ -104,37 +27,25 @@ const config = {
    },
    ecmaVersion: 'latest',
    sourceType: 'module',
-    project: resolve(__dirname, './tsconfig.eslint.json'),
  },
  plugins: [
    'react',
    '@typescript-eslint',
    'simple-import-sort',
-    'sonarjs',
-    'i',
+    'import',
    'unused-imports',
    'unicorn',
  ],
  rules: {
-    'array-callback-return': 'error',
    'no-undef': 'off',
    'no-empty': 'off',
    'no-func-assign': 'off',
    'no-cond-assign': 'off',
-    'no-constant-binary-expression': 'error',
-    'no-constructor-return': 'error',
-    'no-self-compare': 'error',
-    eqeqeq: ['error', 'always', { null: 'ignore' }],
    'react/prop-types': 'off',
-    'react/jsx-no-useless-fragment': 'error',
    '@typescript-eslint/consistent-type-imports': 'error',
-    '@typescript-eslint/no-non-null-assertion': 'error',
+    '@typescript-eslint/no-non-null-assertion': 'off',
    '@typescript-eslint/no-explicit-any': 'off',
    '@typescript-eslint/no-empty-function': 'off',
-    '@typescript-eslint/await-thenable': 'error',
-    '@typescript-eslint/require-array-sort-compare': 'error',
-    '@typescript-eslint/unified-signatures': 'error',
-    '@typescript-eslint/prefer-for-of': 'error',
    '@typescript-eslint/no-unused-vars': [
      'error',
      {
@@ -146,15 +57,7 @@ const config = {
    'unused-imports/no-unused-imports': 'error',
    'simple-import-sort/imports': 'error',
    'simple-import-sort/exports': 'error',
-    '@typescript-eslint/ban-ts-comment': [
-      'error',
-      {
-        'ts-expect-error': 'allow-with-description',
-        'ts-ignore': true,
-        'ts-nocheck': true,
-        'ts-check': false,
-      },
-    ],
+    '@typescript-eslint/ban-ts-comment': 0,
    '@typescript-eslint/no-restricted-imports': [
      'error',
      {
@@ -169,32 +72,6 @@ const config = {
            message: "Don't import from src",
            allowTypeImports: false,
          },
-          {
-            group: ['@blocksuite/store'],
-            message: "Import from '@blocksuite/global/utils'",
-            importNames: ['assertExists', 'assertEquals'],
-          },
-          {
-            group: ['react-router-dom'],
-            message: 'Use `useNavigateHelper` instead',
-            importNames: ['useNavigate'],
-          },
-          {
-            group: ['next-auth/react'],
-            message: "Import hooks from 'use-current-user.tsx'",
-            // useSession is type unsafe
-            importNames: ['useSession'],
-          },
-          {
-            group: ['next-auth/react'],
-            message: "Import hooks from 'cloud-utils.ts'",
-            importNames: ['signIn', 'signOut'],
-          },
-          {
-            group: ['yjs'],
-            message: 'Do not use this API because it has a bug',
-            importNames: ['mergeUpdates'],
-          },
        ],
      },
    ],
@@ -205,39 +82,10 @@ const config = {
        ignore: ['^\\[[a-zA-Z0-9-_]+\\]\\.tsx$'],
      },
    ],
-    'unicorn/no-unnecessary-await': 'error',
-    'unicorn/no-useless-fallback-in-spread': 'error',
-    'unicorn/prefer-dom-node-dataset': 'error',
-    'unicorn/prefer-dom-node-append': 'error',
-    'unicorn/prefer-dom-node-remove': 'error',
-    'unicorn/prefer-array-some': 'error',
-    'unicorn/prefer-date-now': 'error',
-    'unicorn/prefer-blob-reading-methods': 'error',
-    'unicorn/no-typeof-undefined': 'error',
-    'unicorn/no-useless-promise-resolve-reject': 'error',
-    'unicorn/no-new-array': 'error',
-    'unicorn/new-for-builtins': 'error',
-    'unicorn/prefer-node-protocol': 'error',
-    'sonarjs/no-all-duplicated-branches': 'error',
-    'sonarjs/no-element-overwrite': 'error',
-    'sonarjs/no-empty-collection': 'error',
-    'sonarjs/no-extra-arguments': 'error',
-    'sonarjs/no-identical-conditions': 'error',
-    'sonarjs/no-identical-expressions': 'error',
-    'sonarjs/no-ignored-return': 'error',
-    'sonarjs/no-one-iteration-loop': 'error',
-    'sonarjs/no-use-of-empty-return-value': 'error',
-    'sonarjs/non-existent-operator': 'error',
-    'sonarjs/no-collapsible-if': 'error',
-    'sonarjs/no-same-line-conditional': 'error',
-    'sonarjs/no-duplicated-branches': 'error',
-    'sonarjs/no-collection-size-mischeck': 'error',
-    'sonarjs/no-useless-catch': 'error',
-    'sonarjs/no-identical-functions': 'error',
  },
  overrides: [
    {
-      files: 'packages/backend/server/**/*.ts',
+      files: 'apps/server/**/*.ts',
      rules: {
        '@typescript-eslint/consistent-type-imports': 0,
      },
@@ -248,63 +96,6 @@ const config = {
        '@typescript-eslint/no-var-requires': 0,
      },
    },
-    ...allPackages.map(pkg => ({
-      files: [`${pkg}/src/**/*.ts`, `${pkg}/src/**/*.tsx`],
-      parserOptions: {
-        project: resolve(__dirname, './tsconfig.eslint.json'),
-      },
-      rules: {
-        '@typescript-eslint/no-restricted-imports': [
-          'error',
-          {
-            patterns: createPattern(pkg),
-          },
-        ],
-        '@typescript-eslint/no-floating-promises': [
-          'error',
-          {
-            ignoreVoid: false,
-            ignoreIIFE: false,
-          },
-        ],
-        '@typescript-eslint/no-misused-promises': ['error'],
-        '@typescript-eslint/prefer-readonly': 'error',
-        'i/no-extraneous-dependencies': ['error'],
-        'react-hooks/exhaustive-deps': [
-          'warn',
-          {
-            additionalHooks: 'useAsyncCallback',
-          },
-        ],
-      },
-    })),
-    {
-      files: [
-        '**/__tests__/**/*',
-        '**/*.stories.tsx',
-        '**/*.spec.ts',
-        '**/tests/**/*',
-        'scripts/**/*',
-        '**/benchmark/**/*',
-        '**/__debug__/**/*',
-        '**/e2e/**/*',
-      ],
-      rules: {
-        '@typescript-eslint/no-non-null-assertion': 0,
-        '@typescript-eslint/ban-ts-comment': [
-          'error',
-          {
-            'ts-expect-error': false,
-            'ts-ignore': true,
-            'ts-nocheck': true,
-            'ts-check': false,
-          },
-        ],
-        '@typescript-eslint/no-floating-promises': 0,
-        '@typescript-eslint/no-misused-promises': 0,
-        '@typescript-eslint/no-restricted-imports': 0,
-      },
-    },
  ],
 };

--- a/.github/CLA.md
+++ b/.github/CLA.md
@@ -33,6 +33,28 @@ You accept and agree to the following terms and conditions for your past, presen

 9. This Agreement will be governed by the laws of Republic of Singapore without reference to conflict of laws principles.

-## How To Sign
+## List of Contributors

-Visit https://cla-assistant.io/toeverything/AFFiNE and sign it.
+The below-signed are contributors to a code repository that is part of the project named "AFFiNE". Each below-signed contributor has read, understand and agrees to the terms above in the section within this document entitled "AFFiNE Contributor License Agreement" as of the date beside their real name (or entity name) and GitHub account name.
+
+---
+
+<!--
+Example:
+
+- Dark Sky, @darkskygit, 2022/07/22
+-->
+
+- Dark Sky, @darkskygit, 2022/07/22
+- Lin Onetwo, @linonetwo, 2022/02/14
+- zqran, @zqran, 2023/02/17
+- Alessio Gravili, @AlessioGr, 2023/03/04
+- Victor Nanka, @victornanka, 2023/03/09
+- Aditya Sharma, @adityash1, 2023/03/21
+- Fangdun Tsai, @fundon, 2023/03/21
+- Zhilin Liu, @lzlme, 2023/04/09
+- Skye Sun, @skyesun, 2023/04/14
+- Jordy Delgado, @Jdelgad8, 2023/04/17
+- Howard Do, @howarddo2208, 2023/04/20
+- 三咲智子 Kevin Deng, @sxzz, 2023/04/21
+- Moeyua, @moeyua, 2023/04/22
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+**/en.json @JimmFly
--- a/.github/ISSUE_TEMPLATE/BUG-REPORT.yml
+++ b/.github/ISSUE_TEMPLATE/BUG-REPORT.yml
@@ -18,22 +18,22 @@ body:
  - type: dropdown
    id: version
    attributes:
-      label: Distribution version
-      description: What version of AFFiNE are you using?
+      label: Version
+      description: What version of our software are you running?
      options:
-        - macOS x64 (Intel)
-        - macOS ARM 64 (Apple Silicon)
+        - app.affine.pro
+        - stage.affine.pro
+        - dev.affine.live
+        - affine-preview.vercel.app
+        - macOS x64
+        - macOS ARM 64
        - Windows x64
-        - Linux
-        - Web (app.affine.pro)
-        - Web (affine.fail)
-        - Web (insider.affine.pro)
    validations:
      required: true
  - type: dropdown
    id: browsers
    attributes:
-      label: What browsers are you seeing the problem on if you're using web version?
+      label: What browsers are you seeing the problem on?
      multiple: true
      options:
        - Chrome
@@ -58,6 +58,6 @@ body:
      label: Are you willing to submit a PR?
      description: >
        (Optional) We encourage you to submit a [Pull Request](https://github.com/toeverything/affine/pulls) (PR) to help improve AFFiNE for everyone, especially if you have a good understanding of how to implement a fix or feature.
-        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/canary/CONTRIBUTING.md) to get started.
+        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/master/CONTRIBUTING.md) to get started.
      options:
        - label: Yes I'd like to help by submitting a PR!
--- a/.github/ISSUE_TEMPLATE/FEATURE-REQUEST.yml
+++ b/.github/ISSUE_TEMPLATE/FEATURE-REQUEST.yml
@@ -31,6 +31,6 @@ body:
      label: Are you willing to submit a PR?
      description: >
        (Optional) We encourage you to submit a [Pull Request](https://github.com/toeverything/affine/pulls) (PR) to help improve AFFiNE for everyone, especially if you have a good understanding of how to implement a fix or feature.
-        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/canary/CONTRIBUTING.md) to get started.
+        See the AFFiNE [Contributing Guide](https://github.com/toeverything/affine/blob/master/CONTRIBUTING.md) to get started.
      options:
        - label: Yes I'd like to help by submitting a PR!
--- a/.github/actions/build-rust/action.yml
+++ b/.github/actions/build-rust/action.yml
@@ -4,52 +4,46 @@ inputs:
  target:
    description: 'Cargo target'
    required: true
-  package:
-    description: 'Package to build'
-    required: true
-  nx_token:
-    description: 'Nx Cloud access token'
-    required: false

 runs:
  using: 'composite'
  steps:
-    - name: Print rustup toolchain version
-      shell: bash
-      id: rustup-version
-      run: |
-        export RUST_TOOLCHAIN_VERSION="$(grep 'channel' rust-toolchain.toml | head -1 | awk -F '"' '{print $2}')"
-        echo "Rust toolchain version: $RUST_TOOLCHAIN_VERSION"
-        echo "RUST_TOOLCHAIN_VERSION=$RUST_TOOLCHAIN_VERSION" >> "$GITHUB_OUTPUT"
    - name: Setup Rust
      uses: dtolnay/rust-toolchain@stable
      with:
-        toolchain: '${{ steps.rustup-version.outputs.RUST_TOOLCHAIN_VERSION }}'
+        toolchain: stable
        targets: ${{ inputs.target }}
-      env:
-        CARGO_INCREMENTAL: '1'
-
-    - name: Set CC
-      if: ${{ contains(inputs.target, 'linux') && inputs.package != '@affine/native' }}
-      shell: bash
-      run: |
-        echo "CC=clang" >> "$GITHUB_ENV"
-        echo "TARGET_CC=clang" >> "$GITHUB_ENV"

    - name: Cache cargo
-      uses: actions/cache@v4
+      uses: actions/cache@v3
      with:
        path: |
          ~/.cargo/registry/index/
          ~/.cargo/registry/cache/
          ~/.cargo/git/db/
-          ~/.napi-rs
+          .cargo-cache
          target/${{ inputs.target }}
        key: stable-${{ inputs.target }}-cargo-cache
+
    - name: Build
+      if: ${{ inputs.target != 'x86_64-unknown-linux-gnu' && inputs.target != 'aarch64-unknown-linux-gnu' }}
      shell: bash
-      run: |
-        yarn workspace ${{ inputs.package }} nx build ${{ inputs.package }} --target ${{ inputs.target }} --use-napi-cross
+      run: yarn workspace @affine/native build --target ${{ inputs.target }}
      env:
-        NX_CLOUD_ACCESS_TOKEN: ${{ inputs.nx_token }}
-        DEBUG: 'napi:*'
+        CARGO_BUILD_INCREMENTAL: 'false'
+
+    - name: Build
+      if: ${{ inputs.target == 'x86_64-unknown-linux-gnu' }}
+      uses: addnab/docker-run-action@v3
+      with:
+        image: ghcr.io/napi-rs/napi-rs/nodejs-rust:lts-debian
+        options: --user 0:0 -e CARGO_BUILD_INCREMENTAL=false -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build
+        run: yarn workspace @affine/native build --target ${{ inputs.target }}
+
+    - name: Build
+      if: ${{ inputs.target == 'aarch64-unknown-linux-gnu' }}
+      uses: addnab/docker-run-action@v3
+      with:
+        image: ghcr.io/napi-rs/napi-rs/nodejs-rust:lts-debian-aarch64
+        options: --user 0:0 -e CARGO_BUILD_INCREMENTAL=false -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build
+        run: yarn workspace @affine/native build --target ${{ inputs.target }}
--- a/.github/actions/deploy/action.yml
+++ b/.github/actions/deploy/action.yml
@@ -1,50 +0,0 @@
-name: 'Deploy to Cluster'
-description: 'Deploy AFFiNE Cloud to cluster'
-inputs:
-  build-type:
-    description: 'Align with App build type, canary|beta|stable|internal'
-    default: 'canary'
-  gcp-project-number:
-    description: 'GCP project number'
-    required: true
-  gcp-project-id:
-    description: 'GCP project id'
-    required: true
-  service-account:
-    description: 'Service account'
-  cluster-name:
-    description: 'Cluster name'
-  cluster-location:
-    description: 'Cluster location'
-
-runs:
-  using: 'composite'
-  steps:
-    - name: Setup Git short hash
-      shell: bash
-      run: |
-        echo "GIT_SHORT_HASH=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
-    - uses: azure/setup-helm@v3
-    - id: auth
-      uses: google-github-actions/auth@v2
-      with:
-        workload_identity_provider: 'projects/${{ inputs.gcp-project-number }}/locations/global/workloadIdentityPools/github-actions/providers/github-actions-helm-deploy'
-        service_account: '${{ inputs.service-account }}'
-        token_format: 'access_token'
-        project_id: '${{ inputs.gcp-project-id }}'
-
-    - name: 'Setup gcloud cli'
-      uses: 'google-github-actions/setup-gcloud@v2'
-      with:
-        install_components: 'gke-gcloud-auth-plugin'
-
-    - id: get-gke-credentials
-      shell: bash
-      run: |
-        gcloud container clusters get-credentials ${{ inputs.cluster-name }} --region ${{ inputs.cluster-location }} --project ${{ inputs.gcp-project-id }}
-
-    - name: Deploy
-      shell: bash
-      run: node ./.github/actions/deploy/deploy.mjs
-      env:
-        BUILD_TYPE: '${{ inputs.build-type }}'
--- a/.github/actions/deploy/deploy.mjs
+++ b/.github/actions/deploy/deploy.mjs
@@ -1,138 +0,0 @@
-import { execSync } from 'node:child_process';
-
-const {
-  APP_VERSION,
-  BUILD_TYPE,
-  DEPLOY_HOST,
-  CANARY_DEPLOY_HOST,
-  GIT_SHORT_HASH,
-  DATABASE_URL,
-  DATABASE_USERNAME,
-  DATABASE_PASSWORD,
-  DATABASE_NAME,
-  R2_ACCOUNT_ID,
-  R2_ACCESS_KEY_ID,
-  R2_SECRET_ACCESS_KEY,
-  ENABLE_CAPTCHA,
-  CAPTCHA_TURNSTILE_SECRET,
-  OAUTH_EMAIL_SENDER,
-  OAUTH_EMAIL_LOGIN,
-  OAUTH_EMAIL_PASSWORD,
-  AFFINE_GOOGLE_CLIENT_ID,
-  AFFINE_GOOGLE_CLIENT_SECRET,
-  CLOUD_SQL_IAM_ACCOUNT,
-  GCLOUD_CONNECTION_NAME,
-  GCLOUD_CLOUD_SQL_INTERNAL_ENDPOINT,
-  REDIS_HOST,
-  REDIS_PASSWORD,
-  STRIPE_API_KEY,
-  STRIPE_WEBHOOK_KEY,
-  STATIC_IP_NAME,
-} = process.env;
-
-// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-const buildType = BUILD_TYPE || 'canary';
-
-const isProduction = buildType === 'stable';
-const isBeta = buildType === 'beta';
-const isInternal = buildType === 'internal';
-
-const createHelmCommand = ({ isDryRun }) => {
-  const flag = isDryRun ? '--dry-run' : '--atomic';
-  const imageTag = `${buildType}-${GIT_SHORT_HASH}`;
-  const redisAndPostgres =
-    isProduction || isBeta || isInternal
-      ? [
-          `--set-string global.database.url=${DATABASE_URL}`,
-          `--set-string global.database.user=${DATABASE_USERNAME}`,
-          `--set-string global.database.password=${DATABASE_PASSWORD}`,
-          `--set-string global.database.name=${DATABASE_NAME}`,
-          `--set        global.database.gcloud.enabled=true`,
-          `--set-string global.database.gcloud.connectionName="${GCLOUD_CONNECTION_NAME}"`,
-          `--set-string global.database.gcloud.cloudSqlInternal="${GCLOUD_CLOUD_SQL_INTERNAL_ENDPOINT}"`,
-          `--set-string global.redis.host="${REDIS_HOST}"`,
-          `--set-string global.redis.password="${REDIS_PASSWORD}"`,
-        ]
-      : [];
-  const serviceAnnotations =
-    isProduction || isBeta || isInternal
-      ? [
-          `--set-json   web.service.annotations=\"{ \\"cloud.google.com/neg\\": \\"{\\\\\\"ingress\\\\\\": true}\\" }\"`,
-          `--set-json   graphql.service.annotations=\"{ \\"cloud.google.com/neg\\": \\"{\\\\\\"ingress\\\\\\": true}\\" }\"`,
-          `--set-json   sync.service.annotations=\"{ \\"cloud.google.com/neg\\": \\"{\\\\\\"ingress\\\\\\": true}\\" }\"`,
-          `--set-json   cloud-sql-proxy.serviceAccount.annotations=\"{ \\"iam.gke.io/gcp-service-account\\": \\"${CLOUD_SQL_IAM_ACCOUNT}\\" }\"`,
-          `--set-json   cloud-sql-proxy.nodeSelector=\"{ \\"iam.gke.io/gke-metadata-server-enabled\\": \\"true\\" }\"`,
-        ]
-      : [];
-  const webReplicaCount = isProduction ? 3 : isBeta ? 2 : 2;
-  const graphqlReplicaCount = isProduction
-    ? Number(process.env.PRODUCTION_GRAPHQL_REPLICA) || 3
-    : isBeta
-      ? Number(process.env.isBeta_GRAPHQL_REPLICA) || 2
-      : 2;
-  const syncReplicaCount = isProduction
-    ? Number(process.env.PRODUCTION_SYNC_REPLICA) || 3
-    : isBeta
-      ? Number(process.env.BETA_SYNC_REPLICA) || 2
-      : 2;
-  const namespace = isProduction
-    ? 'production'
-    : isBeta
-      ? 'beta'
-      : isInternal
-        ? 'internal'
-        : 'dev';
-  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-  const host = DEPLOY_HOST || CANARY_DEPLOY_HOST;
-  const deployCommand = [
-    `helm upgrade --install affine .github/helm/affine`,
-    `--namespace  ${namespace}`,
-    `--set        global.ingress.enabled=true`,
-    `--set-json   global.ingress.annotations=\"{ \\"kubernetes.io/ingress.class\\": \\"gce\\", \\"kubernetes.io/ingress.allow-http\\": \\"true\\", \\"kubernetes.io/ingress.global-static-ip-name\\": \\"${STATIC_IP_NAME}\\" }\"`,
-    `--set-string global.ingress.host="${host}"`,
-    `--set-string global.version="${APP_VERSION}"`,
-    ...redisAndPostgres,
-    `--set        web.replicaCount=${webReplicaCount}`,
-    `--set-string web.image.tag="${imageTag}"`,
-    `--set        graphql.replicaCount=${graphqlReplicaCount}`,
-    `--set-string graphql.image.tag="${imageTag}"`,
-    `--set        graphql.app.host=${host}`,
-    `--set        graphql.app.captcha.enabled=${ENABLE_CAPTCHA}`,
-    `--set-string graphql.app.captcha.turnstile.secret="${CAPTCHA_TURNSTILE_SECRET}"`,
-    `--set        graphql.app.objectStorage.r2.enabled=true`,
-    `--set-string graphql.app.objectStorage.r2.accountId="${R2_ACCOUNT_ID}"`,
-    `--set-string graphql.app.objectStorage.r2.accessKeyId="${R2_ACCESS_KEY_ID}"`,
-    `--set-string graphql.app.objectStorage.r2.secretAccessKey="${R2_SECRET_ACCESS_KEY}"`,
-    `--set-string graphql.app.oauth.email.sender="${OAUTH_EMAIL_SENDER}"`,
-    `--set-string graphql.app.oauth.email.login="${OAUTH_EMAIL_LOGIN}"`,
-    `--set-string graphql.app.oauth.email.password="${OAUTH_EMAIL_PASSWORD}"`,
-    `--set-string graphql.app.oauth.google.enabled=true`,
-    `--set-string graphql.app.oauth.google.clientId="${AFFINE_GOOGLE_CLIENT_ID}"`,
-    `--set-string graphql.app.oauth.google.clientSecret="${AFFINE_GOOGLE_CLIENT_SECRET}"`,
-    `--set-string graphql.app.payment.stripe.apiKey="${STRIPE_API_KEY}"`,
-    `--set-string graphql.app.payment.stripe.webhookKey="${STRIPE_WEBHOOK_KEY}"`,
-    `--set        graphql.app.experimental.enableJwstCodec=true`,
-    `--set        graphql.app.features.earlyAccessPreview=false`,
-    `--set        sync.replicaCount=${syncReplicaCount}`,
-    `--set-string sync.image.tag="${imageTag}"`,
-    ...serviceAnnotations,
-    `--timeout 10m`,
-    flag,
-  ].join(' ');
-  return deployCommand;
-};
-
-const output = execSync(createHelmCommand({ isDryRun: true }), {
-  encoding: 'utf-8',
-  stdio: ['inherit', 'pipe', 'inherit'],
-});
-const templates = output
-  .split('---')
-  .filter(yml => !yml.split('\n').some(line => line.trim() === 'kind: Secret'))
-  .join('---');
-console.log(templates);
-
-execSync(createHelmCommand({ isDryRun: false }), {
-  encoding: 'utf-8',
-  stdio: 'inherit',
-});
--- a/.github/actions/download-core/action.yml
+++ b/.github/actions/download-core/action.yml
@@ -1,22 +0,0 @@
-name: 'Download core artifacts'
-description: 'Download core artifacts and extract to dist'
-inputs:
-  path:
-    description: 'Path to extract'
-    required: true
-
-runs:
-  using: 'composite'
-  steps:
-    - name: Download tar.gz
-      uses: actions/download-artifact@v4
-      with:
-        name: core
-        path: .
-
-    - name: Extract core artifacts
-      shell: bash
-      run: |
-        mkdir -p ${{ inputs.path }}
-        tar -xvf dist.tar.gz --directory ${{ inputs.path }}
-        rm dist.tar.gz
--- a/.github/actions/setup-node/action.yml
+++ b/.github/actions/setup-node/action.yml
@@ -13,120 +13,76 @@ inputs:
    description: 'Run the install step for Playwright.'
    required: false
    default: 'false'
-  electron-install:
-    description: 'Download the Electron binary'
-    required: false
-    default: 'true'
-  hard-link-nm:
-    description: 'set nmMode to hardlinks-local in .yarnrc.yml'
-    required: false
-    default: 'true'
-  nmHoistingLimits:
-    description: 'Set nmHoistingLimits in .yarnrc.yml'
-    required: false
-  enableScripts:
-    description: 'Set enableScripts in .yarnrc.yml'
-    required: false
-    default: 'true'
-  full-cache:
-    description: 'Full installation cache'
+  npm-token:
+    description: 'The NPM token to use for private packages.'
    required: false
+    default: ''

 runs:
  using: 'composite'
  steps:
    - name: Setup Node.js
-      uses: actions/setup-node@v4
+      uses: actions/setup-node@v3
      with:
        node-version-file: '.nvmrc'
        registry-url: https://npm.pkg.github.com
        scope: '@toeverything'
+        cache: 'yarn'

-    - name: Set nmMode
-      if: ${{ inputs.hard-link-nm == 'false' }}
+    - name: Expose yarn config as "$GITHUB_OUTPUT"
+      id: yarn-config
      shell: bash
-      run: yarn config set nmMode classic
+      run: |
+        echo "CACHE_FOLDER=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT

-    - name: Set nmHoistingLimits
-      if: ${{ inputs.nmHoistingLimits }}
-      shell: bash
-      run: yarn config set nmHoistingLimits ${{ inputs.nmHoistingLimits }}
-
-    - name: Set enableScripts
-      if: ${{ inputs.enableScripts == 'false' }}
-      shell: bash
-      run: yarn config set enableScripts false
-
-    - name: Set yarn global cache path
-      shell: bash
-      id: yarn-cache
-      run: node -e "const p = $(yarn config cacheFolder --json).effective; console.log('yarn_global_cache=' + p)" >> $GITHUB_OUTPUT
-
-    - name: Cache non-full yarn cache on Linux
-      uses: actions/cache@v4
-      if: ${{ inputs.full-cache != 'true' && runner.os == 'Linux' }}
+    - name: Restore yarn cache
+      uses: actions/cache@v3
+      id: yarn-download-cache
      with:
-        path: |
-          node_modules
-          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
-        key: node_modules-cache-${{ github.job }}-${{ runner.os }}
+        path: ${{ steps.yarn-config.outputs.CACHE_FOLDER }}
+        key: yarn-download-cache-${{ hashFiles('yarn.lock') }}
+        restore-keys: |
+          yarn-download-cache-

-    # The network performance on macOS is very poor
-    # and the decompression performance on Windows is very terrible
-    # so we reduce the number of cached files on non-Linux systems by remove node_modules from cache path.
-    - name: Cache non-full yarn cache on non-Linux
-      uses: actions/cache@v4
-      if: ${{ inputs.full-cache != 'true' && runner.os != 'Linux' }}
+    - name: Restore node_modules cache
+      uses: actions/cache@v3
      with:
-        path: |
-          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
-        key: node_modules-cache-${{ github.job }}-${{ runner.os }}
+        path: '**/node_modules'
+        key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}

-    - name: Cache full yarn cache on Linux
-      uses: actions/cache@v4
-      if: ${{ inputs.full-cache == 'true' && runner.os == 'Linux' }}
+    - name: Restore yarn install state
+      id: yarn-install-state-cache
+      uses: actions/cache@v3
      with:
-        path: |
-          node_modules
-          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
-        key: node_modules-cache-full-${{ runner.os }}
-
-    - name: Cache full yarn cache on non-Linux
-      uses: actions/cache@v4
-      if: ${{ inputs.full-cache == 'true' && runner.os != 'Linux' }}
-      with:
-        path: |
-          ${{ steps.yarn-cache.outputs.yarn_global_cache }}
-        key: node_modules-cache-full-${{ runner.os }}
+        path: .yarn/ci-cache/
+        key: ${{ runner.os }}-yarn-install-state-cache-${{ hashFiles('yarn.lock', '.yarnrc.yml') }}

    - name: yarn install
      if: ${{ inputs.package-install == 'true' }}
      continue-on-error: true
      shell: bash
-      run: yarn ${{ inputs.extra-flags }}
+      run: yarn install ${{ inputs.extra-flags }}
      env:
+        NODE_AUTH_TOKEN: ${{ inputs.npm-token }}
+        YARN_ENABLE_GLOBAL_CACHE: 'false'
+        YARN_INSTALL_STATE_PATH: .yarn/ci-cache/install-state.gz
        HUSKY: '0'
-        PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: '1'
-        ELECTRON_SKIP_BINARY_DOWNLOAD: '1'
-        SENTRYCLI_SKIP_DOWNLOAD: '1'
-        DEBUG: '*'

    - name: yarn install (try again)
      if: ${{ steps.install.outcome == 'failure' }}
      shell: bash
-      run: yarn ${{ inputs.extra-flags }}
+      run: yarn install ${{ inputs.extra-flags }}
      env:
+        NODE_AUTH_TOKEN: ${{ inputs.npm-token }}
+        YARN_ENABLE_GLOBAL_CACHE: 'false'
+        YARN_INSTALL_STATE_PATH: .yarn/ci-cache/install-state.gz
        HUSKY: '0'
-        PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: '1'
-        ELECTRON_SKIP_BINARY_DOWNLOAD: '1'
-        SENTRYCLI_SKIP_DOWNLOAD: '1'
-        DEBUG: '*'

    - name: Get installed Playwright version
      id: playwright-version
      if: ${{ inputs.playwright-install == 'true' }}
      shell: bash
-      run: echo "version=$(yarn why --json @playwright/test | grep -h 'workspace:.' | jq --raw-output '.children[].locator' | sed -e 's/@playwright\/test@.*://' | head -n 1)" >> $GITHUB_OUTPUT
+      run: echo "version=$(yarn why --json @playwright/test | grep -h 'workspace:.' | jq --raw-output '.children[].locator' | sed -e 's/@playwright\/test@.*://')" >> $GITHUB_OUTPUT

      # Attempt to restore the correct Playwright browser binaries based on the
      # currently installed version of Playwright (The browser binary versions
@@ -134,11 +90,11 @@ runs:
      # Note: Playwright's cache directory is hard coded because that's what it
      # says to do in the docs. There doesn't appear to be a command that prints
      # it out for us.
-    - uses: actions/cache@v4
+    - uses: actions/cache@v3
      id: playwright-cache
      if: ${{ inputs.playwright-install == 'true' }}
      with:
-        path: ${{ github.workspace }}/node_modules/.cache/ms-playwright
+        path: '~/.cache/ms-playwright'
        key: '${{ runner.os }}-playwright-${{ steps.playwright-version.outputs.version }}'
        # As a fallback, if the Playwright version has changed, try use the
        # most recently cached version. There's a good chance that at least one
@@ -152,33 +108,8 @@ runs:
          ${{ runner.os }}-playwright-

    # If the Playwright browser binaries weren't able to be restored, we tell
-    # playwright to install everything for us.
+    # paywright to install everything for us.
    - name: Install Playwright's dependencies
      shell: bash
-      if: inputs.playwright-install == 'true'
-      run: yarn playwright install --with-deps chromium
-      env:
-        PLAYWRIGHT_BROWSERS_PATH: ${{ github.workspace }}/node_modules/.cache/ms-playwright
-
-    - name: Get installed Electron version
-      id: electron-version
-      if: ${{ inputs.electron-install == 'true' }}
-      shell: bash
-      run: |
-        echo "version=$(yarn why --json electron | grep -h 'workspace:.' | jq --raw-output '.children[].locator' | sed -e 's/@playwright\/test@.*://' | head -n 1)" >> $GITHUB_OUTPUT
-
-    - uses: actions/cache@v4
-      id: electron-cache
-      if: ${{ inputs.electron-install == 'true' }}
-      with:
-        path: 'node_modules/.cache/electron'
-        key: '${{ runner.os }}-electron-${{ steps.electron-version.outputs.version }}'
-        restore-keys: |
-          ${{ runner.os }}-electron-
-
-    - name: Install Electron binary
-      shell: bash
-      if: inputs.electron-install == 'true'
-      run: node ./node_modules/electron/install.js
-      env:
-        electron_config_cache: ./node_modules/.cache/electron
+      if: inputs.playwright-install == 'true' && steps.playwright-cache.outputs.cache-hit != 'true'
+      run: yarn playwright install --with-deps
--- a/.github/actions/setup-sentry/action.yml
+++ b/.github/actions/setup-sentry/action.yml
@@ -1,13 +0,0 @@
-name: Setup @sentry/cli
-description: 'Setup @sentry/cli'
-runs:
-  using: 'composite'
-  steps:
-    - name: 'Install @sentry/cli from brew'
-      if: runner.os == 'macos'
-      shell: bash
-      run: brew install getsentry/tools/sentry-cli
-    - name: 'Install @sentry/cli from npm'
-      if: runner.os != 'macos'
-      shell: bash
-      run: sudo npm install -g @sentry/cli --unsafe-perm
--- a/.github/actions/setup-version/action.yml
+++ b/.github/actions/setup-version/action.yml
@@ -1,24 +0,0 @@
-name: Setup Version
-description: 'Setup Version'
-outputs:
-  APP_VERSION:
-    description: 'App Version'
-    value: ${{ steps.version.outputs.APP_VERSION }}
-runs:
-  using: 'composite'
-  steps:
-    - name: 'Write Version'
-      id: version
-      shell: bash
-      run: |
-        if [ "${{ github.ref_type }}" == "tag" ]; then
-          APP_VERSION=$(echo "${{ github.ref_name }}" | sed 's/^v//')
-        else
-          PACKAGE_VERSION=$(node -p "require('./package.json').version")
-          TIME_VERSION=$(date +%Y%m%d%H%M)
-          GIT_SHORT_HASH=$(git rev-parse --short HEAD)
-          APP_VERSION=$PACKAGE_VERSION-nightly-$TIME_VERSION-$GIT_SHORT_HASH
-        fi
-        echo $APP_VERSION
-        echo "APP_VERSION=$APP_VERSION" >> "$GITHUB_OUTPUT"
-        ./scripts/set-version.sh $APP_VERSION
--- a/.github/deployment/Caddyfile
+++ b/.github/deployment/Caddyfile
@@ -0,0 +1,40 @@
+:80 {
+	root /* ./dist
+
+	file_server {
+		# precompressed br
+	}
+
+	encode {
+		zstd
+		gzip 9
+	}
+
+	header {
+		# 7 days
+		Cache-Control "public, max-age=86400, must-revalidate"
+	}
+
+	handle /api/* {
+		reverse_proxy {$API_SERVER} {
+			health_uri /api/healthz
+			@error status 500 502 503 503
+			handle_response @error {
+				root * /dist
+				rewrite * /50x.html
+				file_server
+			}
+		}
+	}
+
+	@notStatic {
+		not path /_next/static/*
+	}
+
+	handle @notStatic {
+		header {
+			Cache-Control "no-cache, no-store, must-revalidate"
+		}
+		try_files {path} /index.html
+	}
+}
--- a/.github/deployment/Dockerfile
+++ b/.github/deployment/Dockerfile
@@ -0,0 +1,13 @@
+FROM node:16-alpine as relocate
+WORKDIR /app
+COPY ./apps/web/out ./dist
+COPY ./.github/deployment/Caddyfile ./Caddyfile
+
+FROM caddy:2.6.2-alpine
+ARG API_SERVER
+WORKDIR /app
+COPY --from=relocate /app .
+
+EXPOSE 80
+ENV API_SERVER=$API_SERVER
+CMD ["caddy", "run"]
--- a/.github/deployment/front/Dockerfile
+++ b/.github/deployment/front/Dockerfile
@@ -1,11 +0,0 @@
-FROM openresty/openresty:1.21.4.3-0-buster
-WORKDIR /app
-COPY ./packages/frontend/core/dist ./dist
-COPY ./.github/deployment/front/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
-COPY ./.github/deployment/front/affine.nginx.conf /etc/nginx/conf.d/affine.nginx.conf
-
-RUN mkdir -p /var/log/nginx && \
-  rm /etc/nginx/conf.d/default.conf
-
-EXPOSE 8080
-CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"]
--- a/.github/deployment/front/affine.nginx.conf
+++ b/.github/deployment/front/affine.nginx.conf
@@ -1,13 +0,0 @@
-server {
-    listen 8080;
-    root /app/dist;
-
-    location / {
-        try_files $uri $uri/ /index.html;
-    }
-
-    error_page 404 /404.html;
-    location = /404.html {
-        internal;
-    }
-}
--- a/.github/deployment/front/nginx.conf
+++ b/.github/deployment/front/nginx.conf
@@ -1,14 +0,0 @@
-worker_processes  4;
-error_log /var/log/nginx/error.log warn;
-pcre_jit on;
-events {
-    worker_connections 1024;
-}
-http {
-    include       mime.types;
-    log_format    main  '$remote_addr [$time_local] "$request" '
-                        '$status $body_bytes_sent "$http_referer" '
-                        '"$http_user_agent" "$http_x_forwarded_for"';
-    access_log    /var/log/nginx/access.log  main;
-    include /etc/nginx/conf.d/*.conf;
-}
--- a/.github/deployment/node/Dockerfile
+++ b/.github/deployment/node/Dockerfile
@@ -1,11 +0,0 @@
-FROM node:18-bookworm-slim
-
-COPY ./packages/backend/server /app
-COPY ./packages/frontend/core/dist /app/static
-WORKDIR /app
-
-RUN apt-get update && \
-  apt-get install -y --no-install-recommends openssl && \
-  rm -rf /var/lib/apt/lists/*
-
-CMD ["node", "--es-module-specifier-resolution=node", "./dist/index.js"]
--- a/.github/deployment/self-host/compose.yaml
+++ b/.github/deployment/self-host/compose.yaml
@@ -1,59 +0,0 @@
-services:
-  affine:
-    image: ghcr.io/toeverything/affine-graphql:stable
-    container_name: affine_selfhosted
-    command:
-      ['sh', '-c', 'node ./scripts/self-host-predeploy && node ./dist/index.js']
-    ports:
-      - '3010:3010'
-      - '5555:5555'
-    depends_on:
-      redis:
-        condition: service_healthy
-      postgres:
-        condition: service_healthy
-    volumes:
-      # custom configurations
-      - ~/.affine/self-host/config:/root/.affine/config
-      # blob storage
-      - ~/.affine/self-host/storage:/root/.affine/storage
-    logging:
-      driver: 'json-file'
-      options:
-        max-size: '1000m'
-    restart: unless-stopped
-    environment:
-      - NODE_OPTIONS=--es-module-specifier-resolution=node
-      - AFFINE_CONFIG_PATH=/root/.affine/config
-      - REDIS_SERVER_HOST=redis
-      - DATABASE_URL=postgres://affine:affine@postgres:5432/affine
-      - NODE_ENV=production
-      - AFFINE_ADMIN_EMAIL=${AFFINE_ADMIN_EMAIL}
-      - AFFINE_ADMIN_PASSWORD=${AFFINE_ADMIN_PASSWORD}
-  redis:
-    image: redis
-    container_name: affine_redis
-    restart: unless-stopped
-    volumes:
-      - ~/.affine/self-host/redis:/data
-    healthcheck:
-      test: ['CMD', 'redis-cli', '--raw', 'incr', 'ping']
-      interval: 10s
-      timeout: 5s
-      retries: 5
-  postgres:
-    image: postgres
-    container_name: affine_postgres
-    restart: unless-stopped
-    volumes:
-      - ~/.affine/self-host/postgres:/var/lib/postgresql/data
-    healthcheck:
-      test: ['CMD-SHELL', 'pg_isready -U affine']
-      interval: 10s
-      timeout: 5s
-      retries: 5
-    environment:
-      POSTGRES_USER: affine
-      POSTGRES_PASSWORD: affine
-      POSTGRES_DB: affine
-      PGDATA: /var/lib/postgresql/data/pgdata
--- a/.github/helm/affine/.helmignore
+++ b/.github/helm/affine/.helmignore
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
--- a/.github/helm/affine/Chart.yaml
+++ b/.github/helm/affine/Chart.yaml
@@ -1,6 +0,0 @@
-apiVersion: v2
-name: affine
-description: AFFiNE cloud chart
-type: application
-version: 0.0.0
-appVersion: "0.12.0"
--- a/.github/helm/affine/charts/gcloud-sql-proxy/.helmignore
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/.helmignore
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
--- a/.github/helm/affine/charts/gcloud-sql-proxy/Chart.yaml
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/Chart.yaml
@@ -1,6 +0,0 @@
-apiVersion: v2
-name: cloud-sql-proxy
-description: Google Cloud SQL Proxy
-type: application
-version: 0.0.0
-appVersion: "2.8.1"
--- a/.github/helm/affine/charts/gcloud-sql-proxy/templates/NOTES.txt
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/templates/NOTES.txt
@@ -1,18 +0,0 @@
-{{- if .Values.global.database.gcloud.enabled -}}
-1. Get the application URL by running these commands:
-{{- if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "gcloud-sql-proxy.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "gcloud-sql-proxy.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "gcloud-sql-proxy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "gcloud-sql-proxy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-{{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/gcloud-sql-proxy/templates/_helpers.tpl
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/templates/_helpers.tpl
@@ -1,62 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "gcloud-sql-proxy.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "gcloud-sql-proxy.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "gcloud-sql-proxy.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "gcloud-sql-proxy.labels" -}}
-helm.sh/chart: {{ include "gcloud-sql-proxy.chart" . }}
-{{ include "gcloud-sql-proxy.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "gcloud-sql-proxy.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "gcloud-sql-proxy.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "gcloud-sql-proxy.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "gcloud-sql-proxy.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/gcloud-sql-proxy/templates/deployment.yaml
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/templates/deployment.yaml
@@ -1,132 +0,0 @@
-{{- if .Values.global.database.gcloud.enabled -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "gcloud-sql-proxy.fullname" . }}
-  labels:
-    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "gcloud-sql-proxy.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "gcloud-sql-proxy.labels" . | nindent 8 }}
-	{{- with .Values.podLabels }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "gcloud-sql-proxy.serviceAccountName" . }}
-      securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
-      containers:
-        - name: {{ .Chart.Name }}
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          terminationMessagePath: /dev/termination-log
-          terminationMessagePolicy: File
-          image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          args:
-            - "--address"
-            - "0.0.0.0"
-            - "--structured-logs"
-            - "--auto-iam-authn"
-            - "{{ .Values.global.database.gcloud.connectionName }}"
-          env:
-            # Enable HTTP healthchecks on port 9801. This enables /liveness,
-            # /readiness and /startup health check endpoints. Allow connections
-            # listen for connections on any interface (0.0.0.0) so that the
-            # k8s management components can reach these endpoints.
-            - name: CSQL_PROXY_HEALTH_CHECK
-              value: "true"
-            - name: CSQL_PROXY_HTTP_PORT
-              value: "9801"
-            - name: CSQL_PROXY_HTTP_ADDRESS
-              value: 0.0.0.0
-          ports:
-            - name: cloud-sql-proxy
-              containerPort: {{ .Values.global.database.gcloud.proxyPort }}
-              protocol: TCP
-            - containerPort: 9801
-              protocol: TCP
-          # The /startup probe returns OK when the proxy is ready to receive
-          # connections from the application. In this example, k8s will check
-          # once a second for 60 seconds.
-          startupProbe:
-            failureThreshold: 60
-            httpGet:
-              path: /startup
-              port: 9801
-              scheme: HTTP
-            periodSeconds: 1
-            successThreshold: 1
-            timeoutSeconds: 10
-          # The /liveness probe returns OK as soon as the proxy application has
-          # begun its startup process and continues to return OK until the
-          # process stops.
-          livenessProbe:
-            failureThreshold: 3
-            httpGet:
-              path: /liveness
-              port: 9801
-              scheme: HTTP
-            # The probe will be checked every 10 seconds.
-            periodSeconds: 10
-            # Number of times the probe is allowed to fail before the transition
-            # from healthy to failure state.
-            #
-            # If periodSeconds = 60, 5 tries will result in five minutes of
-            # checks. The proxy starts to refresh a certificate five minutes
-            # before its expiration. If those five minutes lapse without a
-            # successful refresh, the liveness probe will fail and the pod will be
-            # restarted.
-            successThreshold: 1
-            # The probe will fail if it does not respond in 10 seconds
-            timeoutSeconds: 10
-          readinessProbe:
-            # The /readiness probe returns OK when the proxy can establish
-            # a new connections to its databases.
-            httpGet:
-              path: /readiness
-              port: 9801
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 10
-            # Number of times the probe must report success to transition from failure to healthy state.
-            # Defaults to 1 for readiness probe.
-            successThreshold: 1
-            failureThreshold: 6
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          {{- with .Values.volumeMounts }}
-          volumeMounts:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-      {{- with .Values.volumes }}
-      volumes:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/gcloud-sql-proxy/templates/service.yaml
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/templates/service.yaml
@@ -1,17 +0,0 @@
-{{- if .Values.global.database.gcloud.enabled -}}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "gcloud-sql-proxy.fullname" . }}
-  labels:
-    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.global.database.port }}
-      targetPort: cloud-sql-proxy
-      protocol: TCP
-      name: cloud-sql-proxy
-  selector:
-    {{- include "gcloud-sql-proxy.selectorLabels" . | nindent 4 }}
-{{- end }}
--- a/.github/helm/affine/charts/gcloud-sql-proxy/templates/serviceaccount.yaml
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/templates/serviceaccount.yaml
@@ -1,15 +0,0 @@
-{{- if .Values.global.database.gcloud.enabled -}}
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "gcloud-sql-proxy.serviceAccountName" . }}
-  labels:
-    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
-{{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/gcloud-sql-proxy/templates/tests/test-connection.yaml
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/templates/tests/test-connection.yaml
@@ -1,17 +0,0 @@
-{{- if .Values.global.database.gcloud.enabled -}}
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "gcloud-sql-proxy.fullname" . }}-test-connection"
-  labels:
-    {{- include "gcloud-sql-proxy.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "gcloud-sql-proxy.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never
-{{- end }}
--- a/.github/helm/affine/charts/gcloud-sql-proxy/values.yaml
+++ b/.github/helm/affine/charts/gcloud-sql-proxy/values.yaml
@@ -1,40 +0,0 @@
-replicaCount: 3
-
-image:
-  # the tag is defined as chart appVersion.
-  repository: gcr.io/cloud-sql-connectors/cloud-sql-proxy
-  pullPolicy: IfNotPresent
-
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-
-serviceAccount:
-  create: true
-  automount: true
-  annotations: {}
-  name: ""
-
-podAnnotations: {}
-podLabels: {}
-
-podSecurityContext:
-  fsGroup: 2000
-
-securityContext:
-  runAsNonRoot: true
-
-service:
-  type: ClusterIP
-  port: 5432
-
-resources:
-  limits:
-    memory: "4Gi"
-    cpu: "2"
-
-volumes: []
-volumeMounts: []
-nodeSelector: {}
-tolerations: []
-affinity: {}
--- a/.github/helm/affine/charts/graphql/Chart.yaml
+++ b/.github/helm/affine/charts/graphql/Chart.yaml
@@ -1,11 +0,0 @@
-apiVersion: v2
-name: graphql
-description: AFFiNE GraphQL server
-type: application
-version: 0.0.0
-appVersion: "0.12.0"
-dependencies:
-  - name: gcloud-sql-proxy
-    version: 0.0.0
-    repository: "file://../gcloud-sql-proxy"
-    condition: .global.database.gcloud.enabled
--- a/.github/helm/affine/charts/graphql/templates/NOTES.txt
+++ b/.github/helm/affine/charts/graphql/templates/NOTES.txt
@@ -1,16 +0,0 @@
-1. Get the application URL by running these commands:
-{{- if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "graphql.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "graphql.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "graphql.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "graphql.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/_helpers.tpl
+++ b/.github/helm/affine/charts/graphql/templates/_helpers.tpl
@@ -1,78 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "graphql.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "graphql.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "graphql.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "graphql.labels" -}}
-helm.sh/chart: {{ include "graphql.chart" . }}
-{{ include "graphql.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-monitoring: enabled
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "graphql.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "graphql.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "graphql.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "graphql.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "jwt.key" -}}
-{{- $secret := lookup "v1" "Secret" .Release.Namespace .Values.app.jwt.secretName -}}
-{{- if and $secret $secret.data.private -}}
-{{/*
-   Reusing existing secret data
-*/}}
-key: {{ $secret.data.private }}
-{{- else -}}
-{{/*
-    Generate new data
-*/}}
-key: {{ genPrivateKey "ecdsa" | b64enc }}
-{{- end -}}
-{{- end -}}
--- a/.github/helm/affine/charts/graphql/templates/captcha-secret.yaml
+++ b/.github/helm/affine/charts/graphql/templates/captcha-secret.yaml
@@ -1,9 +0,0 @@
-{{- if .Values.app.captcha.enabled -}}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.captcha.secretName }}"
-type: Opaque
-data:
-  turnstileSecret: {{ .Values.app.captcha.turnstile.secret | b64enc }}
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/deployment.yaml
+++ b/.github/helm/affine/charts/graphql/templates/deployment.yaml
@@ -1,204 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "graphql.fullname" . }}
-  labels:
-    {{- include "graphql.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "graphql.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "graphql.selectorLabels" . | nindent 8 }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "graphql.serviceAccountName" . }}
-      containers:
-        - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          env:
-          - name: AUTH_PRIVATE_KEY
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.jwt.secretName }}"
-                key: key
-          - name: NODE_ENV
-            value: "{{ .Values.env }}"
-          - name: NODE_OPTIONS
-            value: "--max-old-space-size=4096"
-          - name: NO_COLOR
-            value: "1"
-          - name: DEPLOYMENT_TYPE
-            value: "affine"
-          - name: SERVER_FLAVOR
-            value: "graphql"
-          - name: AFFINE_ENV
-            value: "{{ .Release.Namespace }}"
-          - name: NEXTAUTH_URL
-            value: "{{ .Values.global.ingress.host }}"
-          - name: DATABASE_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: pg-postgresql
-                key: postgres-password
-          - name: DATABASE_URL
-            value: postgres://{{ .Values.global.database.user }}:$(DATABASE_PASSWORD)@{{ .Values.global.database.url }}:{{ .Values.global.database.port }}/{{ .Values.global.database.name }}
-          - name: REDIS_SERVER_ENABLED
-            value: "true"
-          - name: REDIS_SERVER_HOST
-            value: "{{ .Values.global.redis.host }}"
-          - name: REDIS_SERVER_PORT
-            value: "{{ .Values.global.redis.port }}"
-          - name: REDIS_SERVER_USER
-            value: "{{ .Values.global.redis.username }}"
-          - name: REDIS_SERVER_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: redis
-                key: redis-password
-          - name: REDIS_SERVER_DATABASE
-            value: "{{ .Values.global.redis.database }}"
-          - name: AFFINE_SERVER_PORT
-            value: "{{ .Values.service.port }}"
-          - name: AFFINE_SERVER_SUB_PATH
-            value: "{{ .Values.app.path }}"
-          - name: AFFINE_SERVER_HOST
-            value: "{{ .Values.app.host }}"
-          - name: AFFINE_SERVER_HTTPS
-            value: "{{ .Values.app.https }}"
-          - name: ENABLE_R2_OBJECT_STORAGE
-            value: "{{ .Values.app.objectStorage.r2.enabled }}"
-          - name: ENABLE_CAPTCHA
-            value: "{{ .Values.app.captcha.enabled }}"
-          - name: FEATURES_EARLY_ACCESS_PREVIEW
-            value: "{{ .Values.app.features.earlyAccessPreview }}"
-          - name: OAUTH_EMAIL_SENDER
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.email.secretName }}"
-                key: sender
-          - name: OAUTH_EMAIL_LOGIN
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.email.secretName }}"
-                key: login
-          - name: OAUTH_EMAIL_SERVER
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.email.secretName }}"
-                key: server
-          - name: OAUTH_EMAIL_PORT
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.email.secretName }}"
-                key: port
-          - name: OAUTH_EMAIL_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.email.secretName }}"
-                key: password
-          - name: STRIPE_API_KEY
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.payment.stripe.secretName }}"
-                key: stripeAPIKey
-          - name: STRIPE_WEBHOOK_KEY
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.payment.stripe.secretName }}"
-                key: stripeWebhookKey
-          - name: DOC_MERGE_INTERVAL
-            value: "{{ .Values.app.doc.mergeInterval }}"
-          {{ if .Values.app.experimental.enableJwstCodec }}
-          - name: DOC_MERGE_USE_JWST_CODEC
-            value: "true"
-          {{ end }}
-          {{ if .Values.app.objectStorage.r2.enabled }}
-          - name: R2_OBJECT_STORAGE_ACCOUNT_ID
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.objectStorage.r2.secretName }}"
-                key: accountId
-          - name: R2_OBJECT_STORAGE_ACCESS_KEY_ID
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.objectStorage.r2.secretName }}"
-                key: accessKeyId
-          - name: R2_OBJECT_STORAGE_SECRET_ACCESS_KEY
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.objectStorage.r2.secretName }}"
-                key: secretAccessKey
-          {{ end }}
-          {{ if .Values.app.captcha.enabled }}
-          - name: CAPTCHA_TURNSTILE_SECRET
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.captcha.secretName }}"
-                key: turnstileSecret
-          {{ end }}
-          {{ if .Values.app.oauth.google.enabled }}
-          - name: OAUTH_GOOGLE_ENABLED
-            value: "true"
-          - name: OAUTH_GOOGLE_CLIENT_ID
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.google.secretName }}"
-                key: clientId
-          - name: OAUTH_GOOGLE_CLIENT_SECRET
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.google.secretName }}"
-                key: clientSecret
-          {{ end }}
-          {{ if .Values.app.oauth.github.enabled }}
-          - name: OAUTH_GITHUB_CLIENT_ID
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.github.secretName }}"
-                key: clientId
-          - name: OAUTH_GITHUB_CLIENT_SECRET
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.oauth.github.secretName }}"
-                key: clientSecret
-          {{ end }}
-          ports:
-            - name: http
-              containerPort: {{ .Values.service.port }}
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /
-              port: http
-            initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
-          readinessProbe:
-            httpGet:
-              path: /
-              port: http
-            initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
--- a/.github/helm/affine/charts/graphql/templates/jwt-secret.yaml
+++ b/.github/helm/affine/charts/graphql/templates/jwt-secret.yaml
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.jwt.secretName }}"
-type: Opaque
-data:
-{{- ( include "jwt.key" . ) | indent 2 -}}
--- a/.github/helm/affine/charts/graphql/templates/migration.yaml
+++ b/.github/helm/affine/charts/graphql/templates/migration.yaml
@@ -1,60 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ include "graphql.fullname" . }}-database-migration
-  labels:
-    {{- include "graphql.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": post-install,pre-upgrade
-    "helm.sh/hook-weight": "-1"
-    "helm.sh/hook-delete-policy": before-hook-creation
-
-spec:
-  template:
-    spec:
-      serviceAccountName: {{ include "graphql.serviceAccountName" . }}
-      containers:
-      - name: {{ .Chart.Name }}
-        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-        command: ["yarn", "predeploy"]
-        env:
-          - name: NODE_ENV
-            value: "{{ .Values.env }}"
-          - name: AFFINE_ENV
-            value: "{{ .Release.Namespace }}"
-          - name: DATABASE_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: pg-postgresql
-                key: postgres-password
-          {{ if not .Values.global.database.gcloud.enabled }}
-          - name: DATABASE_URL
-            value: postgres://{{ .Values.global.database.user }}:$(DATABASE_PASSWORD)@{{ .Values.global.database.url }}:{{ .Values.global.database.port }}/{{ .Values.global.database.name }}
-          {{ end }}
-          {{ if .Values.global.database.gcloud.enabled }}
-          - name: DATABASE_URL
-            value: postgres://{{ .Values.global.database.user }}:$(DATABASE_PASSWORD)@{{ .Values.global.database.gcloud.cloudSqlInternal }}:{{ .Values.global.database.port }}/{{ .Values.global.database.name }}
-          {{ end }}
-          {{ if .Values.app.objectStorage.r2.enabled }}
-          - name: R2_OBJECT_STORAGE_ACCOUNT_ID
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.objectStorage.r2.secretName }}"
-                key: accountId
-          - name: R2_OBJECT_STORAGE_ACCESS_KEY_ID
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.objectStorage.r2.secretName }}"
-                key: accessKeyId
-          - name: R2_OBJECT_STORAGE_SECRET_ACCESS_KEY
-            valueFrom:
-              secretKeyRef:
-                name: "{{ .Values.app.objectStorage.r2.secretName }}"
-                key: secretAccessKey
-          {{ end }}
-        resources:
-          requests:
-            cpu: '100m'
-            memory: '200Mi'
-      restartPolicy: Never
-  backoffLimit: 1
--- a/.github/helm/affine/charts/graphql/templates/oauth.yaml
+++ b/.github/helm/affine/charts/graphql/templates/oauth.yaml
@@ -1,33 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.oauth.email.secretName }}"
-type: Opaque
-data:
-  sender: "{{ .Values.app.oauth.email.sender | b64enc }}"
-  login: "{{ .Values.app.oauth.email.login | b64enc }}"
-  password: "{{ .Values.app.oauth.email.password | b64enc }}"
-  server: "{{ .Values.app.oauth.email.server | b64enc }}"
-  port: "{{ .Values.app.oauth.email.port | b64enc }}"
---
-{{- if .Values.app.oauth.google.enabled -}}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.oauth.google.secretName }}"
-type: Opaque
-data:
-  clientId: "{{ .Values.app.oauth.google.clientId | b64enc }}"
-  clientSecret: "{{ .Values.app.oauth.google.clientSecret | b64enc }}"
-{{- end }}
---
-{{- if .Values.app.oauth.github.enabled -}}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.oauth.github.secretName }}"
-type: Opaque
-data:
-  clientId: "{{ .Values.app.oauth.github.clientId | b64enc }}"
-  clientSecret: "{{ .Values.app.oauth.github.clientSecret | b64enc }}"
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/payment.yml
+++ b/.github/helm/affine/charts/graphql/templates/payment.yml
@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.payment.stripe.secretName }}"
-type: Opaque
-data:
-  stripeAPIKey: "{{ .Values.app.payment.stripe.apiKey | b64enc }}"
-  stripeWebhookKey: "{{ .Values.app.payment.stripe.webhookKey | b64enc }}"
--- a/.github/helm/affine/charts/graphql/templates/pg-secret.yaml
+++ b/.github/helm/affine/charts/graphql/templates/pg-secret.yaml
@@ -1,9 +0,0 @@
-{{- if .Values.global.database.password -}}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: pg-postgresql
-type: Opaque
-data:
-  postgres-password: {{ .Values.global.database.password | b64enc }}
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/r2-secret.yaml
+++ b/.github/helm/affine/charts/graphql/templates/r2-secret.yaml
@@ -1,11 +0,0 @@
-{{- if .Values.app.objectStorage.r2.enabled -}}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.app.objectStorage.r2.secretName }}"
-type: Opaque
-data:
-  accountId: {{ .Values.app.objectStorage.r2.accountId | b64enc }}
-  accessKeyId: {{ .Values.app.objectStorage.r2.accessKeyId | b64enc }}
-  secretAccessKey: {{ .Values.app.objectStorage.r2.secretAccessKey | b64enc }}
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/redis-secret.yaml
+++ b/.github/helm/affine/charts/graphql/templates/redis-secret.yaml
@@ -1,9 +0,0 @@
-{{- if .Values.global.redis.password -}}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: redis
-type: Opaque
-data:
-  redis-password: {{ .Values.global.redis.password | b64enc }}
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/service.yaml
+++ b/.github/helm/affine/charts/graphql/templates/service.yaml
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "graphql.fullname" . }}
-  labels:
-    {{- include "graphql.labels" . | nindent 4 }}
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.port }}
-      targetPort: http
-      protocol: TCP
-      name: http
-  selector:
-    {{- include "graphql.selectorLabels" . | nindent 4 }}
--- a/.github/helm/affine/charts/graphql/templates/serviceaccount.yaml
+++ b/.github/helm/affine/charts/graphql/templates/serviceaccount.yaml
@@ -1,12 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "graphql.serviceAccountName" . }}
-  labels:
-    {{- include "graphql.labels" . | nindent 4 }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/graphql/templates/tests/test-connection.yaml
+++ b/.github/helm/affine/charts/graphql/templates/tests/test-connection.yaml
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "graphql.fullname" . }}-test-connection"
-  labels:
-    {{- include "graphql.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "graphql.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never
--- a/.github/helm/affine/charts/graphql/values.yaml
+++ b/.github/helm/affine/charts/graphql/values.yaml
@@ -1,84 +0,0 @@
-replicaCount: 1
-image:
-  repository: ghcr.io/toeverything/affine-graphql
-  pullPolicy: IfNotPresent
-  tag: ''
-
-imagePullSecrets: []
-nameOverride: ''
-fullnameOverride: ''
-# map to NODE_ENV environment variable
-env: 'production'
-app:
-  experimental:
-    enableJwstCodec: true
-  # AFFINE_SERVER_SUB_PATH
-  path: ''
-  # AFFINE_SERVER_HOST
-  host: '0.0.0.0'
-  https: true
-  doc:
-    mergeInterval: "3000"
-  jwt:
-    secretName: jwt-private-key
-    # base64 encoded ecdsa private key
-    privateKey: ''
-  captcha:
-    enable: false
-    secretName: captcha
-    turnstile:
-      secret: ''
-  objectStorage:
-    r2:
-      enabled: false
-      secretName: r2
-      accountId: ''
-      accessKeyId: ''
-      secretAccessKey: ''
-  oauth:
-    email:
-      secretName: 'oauth-email'
-      sender: 'noreply@toeverything.info'
-      login: ''
-      password: ''
-      server: 'smtp.gmail.com'
-      port: '465'
-    google:
-      enabled: false
-      secretName: oauth-google
-      clientId: ''
-      clientSecret: ''
-    github:
-      enabled: false
-      secretName: oauth-github
-      clientId: ''
-      clientSecret: ''
-  payment:
-    stripe:
-      secretName: 'stripe'
-      apiKey: ''
-      webhookKey: ''
-  features:
-    earlyAccessPreview: false
-
-serviceAccount:
-  create: true
-  annotations: {}
-  name: 'affine-graphql'
-
-podAnnotations: {}
-
-podSecurityContext:
-  fsGroup: 2000
-
-resources:
-  requests:
-    cpu: '4'
-    memory: 4Gi
-
-probe:
-  initialDelaySeconds: 20
-
-nodeSelector: {}
-tolerations: []
-affinity: {}
--- a/.github/helm/affine/charts/sync/.helmignore
+++ b/.github/helm/affine/charts/sync/.helmignore
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
--- a/.github/helm/affine/charts/sync/Chart.yaml
+++ b/.github/helm/affine/charts/sync/Chart.yaml
@@ -1,11 +0,0 @@
-apiVersion: v2
-name: sync
-description: AFFiNE Sync Server
-type: application
-version: 0.0.0
-appVersion: "0.12.0"
-dependencies:
-  - name: gcloud-sql-proxy
-    version: 0.0.0
-    repository: "file://../gcloud-sql-proxy"
-    condition: .global.database.gcloud.enabled
--- a/.github/helm/affine/charts/sync/templates/NOTES.txt
+++ b/.github/helm/affine/charts/sync/templates/NOTES.txt
@@ -1,16 +0,0 @@
-1. Get the application URL by running these commands:
-{{- if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "sync.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "sync.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "sync.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "sync.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-{{- end }}
--- a/.github/helm/affine/charts/sync/templates/_helpers.tpl
+++ b/.github/helm/affine/charts/sync/templates/_helpers.tpl
@@ -1,63 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sync.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sync.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sync.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sync.labels" -}}
-helm.sh/chart: {{ include "sync.chart" . }}
-{{ include "sync.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-monitoring: enabled
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sync.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sync.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sync.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sync.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/sync/templates/deployment.yaml
+++ b/.github/helm/affine/charts/sync/templates/deployment.yaml
@@ -1,98 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "sync.fullname" . }}
-  labels:
-    {{- include "sync.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "sync.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "sync.selectorLabels" . | nindent 8 }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "sync.serviceAccountName" . }}
-      securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
-      containers:
-        - name: {{ .Chart.Name }}
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          env:
-          - name: NODE_ENV
-            value: "{{ .Values.env }}"
-          - name: NO_COLOR
-            value: "1"
-          - name: DEPLOYMENT_TYPE
-            value: "affine"
-          - name: SERVER_FLAVOR
-            value: "sync"
-          - name: NEXTAUTH_URL
-            value: "{{ .Values.global.ingress.host }}"
-          - name: AFFINE_ENV
-            value: "{{ .Release.Namespace }}"
-          - name: DATABASE_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: pg-postgresql
-                key: postgres-password
-          - name: DATABASE_URL
-            value: postgres://{{ .Values.global.database.user }}:$(DATABASE_PASSWORD)@{{ .Values.global.database.url }}:{{ .Values.global.database.port }}/{{ .Values.global.database.name }}
-          - name: REDIS_SERVER_ENABLED
-            value: "true"
-          - name: REDIS_SERVER_HOST
-            value: "{{ .Values.global.redis.host }}"
-          - name: REDIS_SERVER_PORT
-            value: "{{ .Values.global.redis.port }}"
-          - name: REDIS_SERVER_USER
-            value: "{{ .Values.global.redis.username }}"
-          - name: REDIS_SERVER_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: redis
-                key: redis-password
-          - name: REDIS_SERVER_DATABASE
-            value: "{{ .Values.global.redis.database }}"
-          - name: AFFINE_SERVER_PORT
-            value: "{{ .Values.service.port }}"
-          - name: AFFINE_SERVER_HOST
-            value: "{{ .Values.app.host }}"
-          ports:
-            - name: http
-              containerPort: {{ .Values.service.port }}
-              protocol: TCP
-          livenessProbe:
-            tcpSocket:
-              port: http
-            initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
-          readinessProbe:
-            tcpSocket:
-              port: http
-            initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
--- a/.github/helm/affine/charts/sync/templates/service.yaml
+++ b/.github/helm/affine/charts/sync/templates/service.yaml
@@ -1,19 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "sync.fullname" . }}
-  labels:
-    {{- include "sync.labels" . | nindent 4 }}
-  {{- with .Values.service.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.port }}
-      targetPort: http
-      protocol: TCP
-      name: http
-  selector:
-    {{- include "sync.selectorLabels" . | nindent 4 }}
--- a/.github/helm/affine/charts/sync/templates/serviceaccount.yaml
+++ b/.github/helm/affine/charts/sync/templates/serviceaccount.yaml
@@ -1,12 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "sync.serviceAccountName" . }}
-  labels:
-    {{- include "sync.labels" . | nindent 4 }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/sync/templates/tests/test-connection.yaml
+++ b/.github/helm/affine/charts/sync/templates/tests/test-connection.yaml
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "sync.fullname" . }}-test-connection"
-  labels:
-    {{- include "sync.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "sync.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never
--- a/.github/helm/affine/charts/sync/values.yaml
+++ b/.github/helm/affine/charts/sync/values.yaml
@@ -1,39 +0,0 @@
-replicaCount: 1
-image:
-  repository: ghcr.io/toeverything/affine-graphql
-  pullPolicy: IfNotPresent
-  tag: ''
-
-imagePullSecrets: []
-nameOverride: ''
-fullnameOverride: ''
-# map to NODE_ENV environment variable
-env: 'production'
-app:
-  # AFFINE_SERVER_HOST
-  host: '0.0.0.0'
-
-serviceAccount:
-  create: true
-  annotations: {}
-  name: 'affine-sync'
-
-podAnnotations: {}
-
-podSecurityContext:
-  fsGroup: 2000
-
-resources:
-  limits:
-    cpu: '4'
-    memory: 8Gi
-  requests:
-    cpu: '2'
-    memory: 4Gi
-
-probe:
-  initialDelaySeconds: 20
-
-nodeSelector: {}
-tolerations: []
-affinity: {}
--- a/.github/helm/affine/charts/web/.helmignore
+++ b/.github/helm/affine/charts/web/.helmignore
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
--- a/.github/helm/affine/charts/web/Chart.yaml
+++ b/.github/helm/affine/charts/web/Chart.yaml
@@ -1,6 +0,0 @@
-apiVersion: v2
-name: web
-description: A Helm chart for Kubernetes
-type: application
-version: 0.0.0
-appVersion: "0.7.0-canary.18"
--- a/.github/helm/affine/charts/web/templates/NOTES.txt
+++ b/.github/helm/affine/charts/web/templates/NOTES.txt
@@ -1,16 +0,0 @@
-1. Get the application URL by running these commands:
-{{- if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "web.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "web.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "web.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "web.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-{{- end }}
--- a/.github/helm/affine/charts/web/templates/_helpers.tpl
+++ b/.github/helm/affine/charts/web/templates/_helpers.tpl
@@ -1,63 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "web.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "web.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "web.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "web.labels" -}}
-helm.sh/chart: {{ include "web.chart" . }}
-{{ include "web.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-monitoring: enabled
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "web.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "web.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "web.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "web.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/web/templates/deployment.yaml
+++ b/.github/helm/affine/charts/web/templates/deployment.yaml
@@ -1,57 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "web.fullname" . }}
-  labels:
-    {{- include "web.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "web.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "web.selectorLabels" . | nindent 8 }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "web.serviceAccountName" . }}
-      containers:
-        - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          ports:
-            - name: http
-              containerPort: {{ .Values.service.port }}
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /
-              port: http
-            initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
-          readinessProbe:
-            httpGet:
-              path: /
-              port: http
-            initialDelaySeconds: {{ .Values.probe.initialDelaySeconds }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
--- a/.github/helm/affine/charts/web/templates/service.yaml
+++ b/.github/helm/affine/charts/web/templates/service.yaml
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "web.fullname" . }}
-  labels:
-    {{- include "web.labels" . | nindent 4 }}
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.port }}
-      targetPort: http
-      protocol: TCP
-      name: http
-  selector:
-    {{- include "web.selectorLabels" . | nindent 4 }}
--- a/.github/helm/affine/charts/web/templates/serviceaccount.yaml
+++ b/.github/helm/affine/charts/web/templates/serviceaccount.yaml
@@ -1,12 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "web.serviceAccountName" . }}
-  labels:
-    {{- include "web.labels" . | nindent 4 }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-{{- end }}
--- a/.github/helm/affine/charts/web/templates/tests/test-connection.yaml
+++ b/.github/helm/affine/charts/web/templates/tests/test-connection.yaml
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "web.fullname" . }}-test-connection"
-  labels:
-    {{- include "web.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "web.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never
--- a/.github/helm/affine/charts/web/values.yaml
+++ b/.github/helm/affine/charts/web/values.yaml
@@ -1,37 +0,0 @@
-replicaCount: 1
-
-image:
-  repository: ghcr.io/toeverything/affine-front
-  pullPolicy: IfNotPresent
-  tag: ""
-
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-
-serviceAccount:
-  create: true
-  annotations: {}
-  name: "affine-web"
-
-podAnnotations: {}
-
-podSecurityContext:
-  fsGroup: 2000
-
-resources:
-  limits:
-    cpu: '500m'
-    memory: 2Gi
-  requests:
-    cpu: '500m'
-    memory: 2Gi
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}
-
-probe:
-  initialDelaySeconds: 1
--- a/.github/helm/affine/templates/_helpers.tpl
+++ b/.github/helm/affine/templates/_helpers.tpl
@@ -1,62 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "affine.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "affine.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "affine.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "affine.labels" -}}
-helm.sh/chart: {{ include "affine.chart" . }}
-{{ include "affine.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "affine.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "affine.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "affine.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "affine.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
--- a/.github/helm/affine/templates/ingress.yaml
+++ b/.github/helm/affine/templates/ingress.yaml
@@ -1,70 +0,0 @@
-{{- if .Values.global.ingress.enabled -}}
-{{- $fullName := include "affine.fullname" . -}}
-{{- if and .Values.global.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
-  {{- if not (hasKey .Values.global.ingress.annotations "kubernetes.io/ingress.class") }}
-  {{- $_ := set .Values.global.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
-  {{- end }}
-{{- end }}
-{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1
-{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
-  name: {{ $fullName }}
-  labels:
-    {{- include "affine.labels" . | nindent 4 }}
-  {{- with .Values.global.ingress.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-spec:
-  {{- if and .Values.global.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
-  ingressClassName: {{ .Values.global.ingress.className }}
-  {{- end }}
-  {{- if .Values.global.ingress.tls }}
-  tls:
-    {{- range .Values.global.ingress.tls }}
-    - hosts:
-        {{- range .hosts }}
-        - {{ . | quote }}
-        {{- end }}
-      secretName: {{ .secretName }}
-    {{- end }}
-  {{- end }}
-  rules:
-    - host: "{{ .Values.global.ingress.host }}"
-      http:
-        paths:
-          - path: /socket.io
-            pathType: Prefix
-            backend:
-              service:
-                name: affine-sync
-                port:
-                  number: {{ .Values.sync.service.port }}
-          - path: /graphql
-            pathType: Prefix
-            backend:
-              service:
-                name: affine-graphql
-                port:
-                  number: {{ .Values.graphql.service.port }}
-          - path: /api
-            pathType: Prefix
-            backend:
-              service:
-                name: affine-graphql
-                port:
-                  number: {{ .Values.graphql.service.port }}
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: affine-web
-                port:
-                  number: {{ .Values.web.service.port }}
-{{- end }}
--- a/.github/helm/affine/values.yaml
+++ b/.github/helm/affine/values.yaml
@@ -1,46 +0,0 @@
-global:
-  ingress:
-    enabled: false
-    className: ''
-    host: affine.pro
-    tls: []
-  database:
-    user: 'postgres'
-    url: 'pg-postgresql'
-    port: '5432'
-    name: 'affine'
-    password: ''
-    gcloud:
-      enabled: false
-      # use for migration
-      cloudSqlInternal: ''
-      connectionName: ''
-      serviceAccount: ''
-      cloudProxyReplicas: 3
-      proxyPort: '5432'
-  redis:
-    enabled: true
-    host: 'redis-master'
-    port: '6379'
-    username: ''
-    password: ''
-    database: 0
-  gke:
-    enabled: true
-
-graphql:
-  service:
-    type: ClusterIP
-    port: 3000
-
-sync:
-  service:
-    type: ClusterIP
-    port: 3010
-    annotations:
-      cloud.google.com/backend-config: '{"default": "affine-backendconfig"}'
-
-web:
-  service:
-    type: ClusterIP
-    port: 8080
--- a/.github/helm/releaser.yaml
+++ b/.github/helm/releaser.yaml
@@ -1,2 +0,0 @@
-owner: toeverything
-git-repo: helm-charts
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -1,100 +1,44 @@
 docs:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'docs/**/*'
-          - '**/README.md'
-          - 'packages/frontend/templates/**/*'
+  - 'docs/**/*'
+  - '**/README.md'
+  - 'packages/templates/**/*'

 test:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'tests/**/*'
-          - '**/tests/**/*'
-          - '**/__tests__/**/*'
+  - 'tests/**/*'
+  - '**/tests/**/*'
+  - '**/__tests__/**/*'

 mod:dev:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'scripts/**/*'
-          - 'tools/cli/**/*'
-          - 'packages/common/debug/**/*'
+  - 'scripts/**/*'
+  - 'packages/cli/**/*'
+  - 'packages/debug/**/*'

-mod:infra:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/common/infra/**/*'
+mod:workspace: 'packages/workspace/**/*'

-mod:plugin-cli:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'tools/plugin-cli/**/*'
+mod:i18n: 'packages/i18n/**/*'

-mod:workspace:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/common/workspace/**/*'
+mod:env: 'packages/env/**/*'

-mod:workspace-impl:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/frontend/workspace-impl/**/*'
+mod:hooks: 'packages/hooks/**/*'

-mod:i18n:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/frontend/i18n/**/*'
-
-mod:env:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/common/env/**/*'
-
-mod:component:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/frontend/component/**/*'
-
-mod:storage:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/backend/storage/**/*'
-
-mod:native:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/frontend/native/**/*'
+mod:component: 'packages/component/**/*'

 mod:store:
-  - changed-files:
-      - any-glob-to-any-file:
-          - '**/atoms/**/*'
+  - 'packages/jotai/**/*'
+  - '**/atoms/**/*'

 rust:
-  - changed-files:
-      - any-glob-to-any-file:
-          - '**/*.rs'
-          - '**/Cargo.toml'
-          - '**/Cargo.lock'
-          - '**/rust-toolchain'
-          - '**/rust-toolchain.toml'
-          - '**/rustfmt.toml'
+  - '**/*.rs'
+  - '**/Cargo.toml'
+  - '**/Cargo.lock'
+  - '**/rust-toolchain'
+  - '**/rust-toolchain.toml'
+  - '**/rustfmt.toml'

-package:y-indexeddb:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/common/y-indexeddb/**/*'
+package:y-indexeddb: 'packages/y-indexeddb/**/*'

-app:core:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/frontend/core/**/*'
+app:web: 'apps/web/**/*'

-app:electron:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/frontend/electron/**/*'
+app:electron: 'apps/electron/**/*'

-app:server:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'packages/backend/server/**/*'
+app:server: 'apps/server/**/*'
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,78 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["config:recommended", ":disablePeerDependencies"],
-  "labels": ["dependencies"],
-  "ignorePaths": [
-    "**/node_modules/**",
-    "**/bower_components/**",
-    "**/vendor/**",
-    "**/examples/**",
-    "**/__tests__/**",
-    "**/test/**",
-    "**/__fixtures__/**"
-  ],
-  "packageRules": [
-    {
-      "matchPackageNames": ["napi", "napi-build", "napi-derive"],
-      "rangeStrategy": "replace",
-      "groupName": "napi-rs"
-    },
-    {
-      "matchPackagePatterns": ["^eslint", "^@typescript-eslint"],
-      "rangeStrategy": "replace",
-      "groupName": "linter"
-    },
-    {
-      "matchPackagePatterns": ["^@nestjs"],
-      "rangeStrategy": "replace",
-      "groupName": "nestjs"
-    },
-    {
-      "matchPackagePatterns": ["^@opentelemetry"],
-      "rangeStrategy": "replace",
-      "groupName": "opentelemetry"
-    },
-    {
-      "matchPackageNames": [
-        "@prisma/client",
-        "@prisma/instrumentation",
-        "prisma"
-      ],
-      "rangeStrategy": "replace",
-      "groupName": "prisma"
-    },
-    {
-      "matchPackagePatterns": ["^@electron-forge"],
-      "rangeStrategy": "replace",
-      "groupName": "electron-forge"
-    },
-    {
-      "groupName": "blocksuite-canary",
-      "matchPackagePatterns": ["^@blocksuite"],
-      "excludePackageNames": ["@blocksuite/icons"],
-      "rangeStrategy": "replace",
-      "followTag": "canary"
-    },
-    {
-      "groupName": "all non-major dependencies",
-      "groupSlug": "all-minor-patch",
-      "matchPackagePatterns": ["*"],
-      "excludePackagePatterns": ["^@blocksuite/"],
-      "matchUpdateTypes": ["minor", "patch"]
-    },
-    {
-      "matchPackagePatterns": ["*"],
-      "rangeStrategy": "replace",
-      "excludePackagePatterns": ["^@blocksuite/"]
-    }
-  ],
-  "commitMessagePrefix": "chore: ",
-  "commitMessageAction": "bump up",
-  "commitMessageTopic": "{{depName}} version",
-  "ignoreDeps": [],
-  "postUpdateOptions": ["yarnDedupeHighest"],
-  "lockFileMaintenance": {
-    "enabled": true,
-    "extends": ["schedule:weekly"]
-  }
-}
--- a/.github/workflows/add-to-project.yml
+++ b/.github/workflows/add-to-project.yml
@@ -0,0 +1,24 @@
+name: Add to GitHub projects
+
+on:
+  issues:
+    types:
+      - opened
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+
+jobs:
+  add-to-project:
+    name: Add issues and pull requests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.4.0
+        with:
+          # You can target a repository in a different organization
+          # to the issue
+          project-url: https://github.com/orgs/toeverything/projects/10
+          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
+          # labeled: bug, needs-triage
+          # label-operator: OR
--- a/.github/workflows/auto-labeler.yml
+++ b/.github/workflows/auto-labeler.yml
@@ -9,5 +9,4 @@ jobs:
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/labeler@v5
+      - uses: actions/labeler@v4
--- a/.github/workflows/build-test.yml
+++ b/.github/workflows/build-test.yml
@@ -1,564 +0,0 @@
-name: Build & Test
-
-on:
-  push:
-    branches:
-      - canary
-      - v[0-9]+.[0-9]+.x-staging
-      - v[0-9]+.[0-9]+.x
-    paths-ignore:
-      - README.md
-  pull_request:
-
-env:
-  DEBUG: napi:*
-  BUILD_TYPE: canary
-  APP_NAME: affine
-  AFFINE_ENV: dev
-  COVERAGE: true
-  MACOSX_DEPLOYMENT_TARGET: '10.13'
-  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-  PLAYWRIGHT_BROWSERS_PATH: ${{ github.workspace }}/node_modules/.cache/ms-playwright
-  DEPLOYMENT_TYPE: affine
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: ['javascript', 'typescript']
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      # Initializes the CodeQL tools for scanning.
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
-        with:
-          languages: ${{ matrix.language }}
-          # If you wish to specify custom queries, you can do so here or in a config file.
-          # By default, queries listed here will override any specified in a config file.
-          # Prefix the list here with "+" to use these queries and those in the config file.
-
-          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-          # queries: security-extended,security-and-quality
-
-      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
-
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
-      #   If the Autobuild fails above, remove it and uncomment the following three lines.
-      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
-      # - run: |
-      #   echo "Run, Build Application using script"
-      #   ./location_of_script_within_repo/buildscript.sh
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
-  lint:
-    name: Lint
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Run oxlint
-        # oxlint is fast, so wrong code will fail quickly
-        run: yarn dlx $(node -e "console.log(require('./package.json').scripts['lint:ox'].replace('oxlint', 'oxlint@' + require('./package.json').devDependencies.oxlint))")
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-          full-cache: true
-      - name: Run i18n codegen
-        run: yarn i18n-codegen gen
-      - name: Run ESLint
-        run: yarn lint:eslint --max-warnings=0
-      - name: Run Prettier
-        # Set nmMode in `actions/setup-node` will modify the .yarnrc.yml
-        run: |
-          git checkout .yarnrc.yml
-          yarn lint:prettier
-      - name: Yarn Dedupe
-        run: yarn dedupe --check
-      - name: Run Type Check
-        run: yarn typecheck
-
-  check-yarn-binary:
-    name: Check yarn binary
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Run check
-        run: |
-          yarn set version $(node -e "console.log(require('./package.json').packageManager.split('@')[1])")
-          git diff --exit-code
-
-  e2e-test:
-    name: E2E Test
-    runs-on: ubuntu-latest
-    env:
-      DISTRIBUTION: browser
-    strategy:
-      fail-fast: false
-      matrix:
-        shard: [1, 2, 3, 4, 5]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          electron-install: false
-          full-cache: true
-
-      - name: Run playwright tests
-        run: yarn workspace @affine-test/affine-local e2e --forbid-only --shard=${{ matrix.shard }}/${{ strategy.job-total }}
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: test-results-e2e-${{ matrix.shard }}
-          path: ./test-results
-          if-no-files-found: ignore
-
-  e2e-migration-test:
-    name: E2E Migration Test
-    runs-on: ubuntu-latest
-    env:
-      DISTRIBUTION: browser
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          electron-install: false
-          full-cache: true
-
-      - name: Run playwright tests
-        run: yarn workspace @affine-test/affine-migration e2e --forbid-only
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: test-results-e2e-migration
-          path: ./tests/affine-migration/test-results
-          if-no-files-found: ignore
-
-  unit-test:
-    name: Unit Test
-    runs-on: ubuntu-latest
-    needs:
-      - build-native
-    env:
-      DISTRIBUTION: browser
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-          full-cache: true
-
-      - name: Download affine.linux-x64-gnu.node
-        uses: actions/download-artifact@v4
-        with:
-          name: affine.linux-x64-gnu.node
-          path: ./packages/frontend/native
-
-      - name: Unit Test
-        run: yarn nx test:coverage @affine/monorepo
-
-      - name: Upload unit test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./.coverage/store/lcov.info
-          flags: unittest
-          name: affine
-          fail_ci_if_error: false
-
-  build-native:
-    name: Build AFFiNE native (${{ matrix.spec.target }})
-    runs-on: ${{ matrix.spec.os }}
-    env:
-      CARGO_PROFILE_RELEASE_DEBUG: '1'
-    strategy:
-      fail-fast: false
-      matrix:
-        spec:
-          - { os: ubuntu-latest, target: x86_64-unknown-linux-gnu }
-          - { os: windows-latest, target: x86_64-pc-windows-msvc }
-          - { os: macos-latest, target: x86_64-apple-darwin }
-          - { os: macos-latest, target: aarch64-apple-darwin }
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          extra-flags: workspaces focus @affine/native
-          electron-install: false
-      - name: Setup filename
-        id: filename
-        shell: bash
-        run: |
-          export PLATFORM_ARCH_ABI=$(node -e "console.log(require('@napi-rs/cli').parseTriple('${{ matrix.spec.target }}').platformArchABI)")
-          echo "filename=affine.$PLATFORM_ARCH_ABI.node" >> "$GITHUB_OUTPUT"
-      - name: Build AFFiNE native
-        uses: ./.github/actions/build-rust
-        with:
-          target: ${{ matrix.spec.target }}
-          package: '@affine/native'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Upload ${{ steps.filename.outputs.filename }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: ${{ steps.filename.outputs.filename }}
-          path: ./packages/frontend/native/${{ steps.filename.outputs.filename }}
-          if-no-files-found: error
-
-  build-storage:
-    name: Build Storage
-    runs-on: ubuntu-latest
-    env:
-      CARGO_PROFILE_RELEASE_DEBUG: '1'
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          extra-flags: workspaces focus @affine/storage
-          electron-install: false
-      - name: Build Rust
-        uses: ./.github/actions/build-rust
-        with:
-          target: 'x86_64-unknown-linux-gnu'
-          package: '@affine/storage'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Upload storage.node
-        uses: actions/upload-artifact@v4
-        with:
-          name: storage.node
-          path: ./packages/backend/storage/storage.node
-          if-no-files-found: error
-
-  build-core:
-    name: Build @affine/core
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-          full-cache: true
-      - name: Build Core
-        # always skip cache because its fast, and cache configuration is always changing
-        run: yarn nx build @affine/core --skip-nx-cache
-      - name: zip core
-        run: tar -czf dist.tar.gz --directory=packages/frontend/core/dist .
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: core
-          path: dist.tar.gz
-          if-no-files-found: error
-
-  server-test:
-    name: Server Test
-    runs-on: ubuntu-latest
-    needs: build-storage
-    env:
-      NODE_ENV: test
-      DISTRIBUTION: browser
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_PASSWORD: affine
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-      mailer:
-        image: mailhog/mailhog
-        ports:
-          - 1025:1025
-          - 8025:8025
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-          full-cache: true
-
-      - name: Download storage.node
-        uses: actions/download-artifact@v4
-        with:
-          name: storage.node
-          path: ./packages/backend/server
-
-      - name: Initialize database
-        run: |
-          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
-          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
-          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
-        env:
-          PGPASSWORD: affine
-
-      - name: Generate prisma client
-        run: |
-          yarn workspace @affine/server exec prisma generate
-          yarn workspace @affine/server exec prisma db push
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Run init-db script
-        run: |
-          yarn workspace @affine/server data-migration run
-          yarn workspace @affine/server exec node --loader ts-node/esm/transpile-only ./scripts/init-db.ts
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Run server tests
-        run: yarn workspace @affine/server test:coverage
-        env:
-          CARGO_TARGET_DIR: '${{ github.workspace }}/target'
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Upload server test coverage results
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./packages/backend/server/.coverage/lcov.info
-          flags: server-test
-          name: affine
-          fail_ci_if_error: false
-
-  server-e2e-test:
-    name: ${{ matrix.tests.name }}
-    runs-on: ubuntu-latest
-    env:
-      DISTRIBUTION: browser
-      DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-    strategy:
-      fail-fast: false
-      matrix:
-        tests:
-          - name: 'Server E2E Test 1/3'
-            script: yarn workspace @affine-test/affine-cloud e2e --forbid-only --shard=1/3
-          - name: 'Server E2E Test 2/3'
-            script: yarn workspace @affine-test/affine-cloud e2e --forbid-only --shard=2/3
-          - name: 'Server E2E Test 3/3'
-            script: yarn workspace @affine-test/affine-cloud e2e --forbid-only --shard=3/3
-          - name: 'Server Desktop E2E Test'
-            script: |
-              yarn workspace @affine/electron build:dev
-              xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine-test/affine-desktop-cloud e2e
-    needs:
-      - build-storage
-      - build-native
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_PASSWORD: affine
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-      mailer:
-        image: mailhog/mailhog
-        ports:
-          - 1025:1025
-          - 8025:8025
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          playwright-install: true
-          hard-link-nm: false
-
-      - name: Download storage.node
-        uses: actions/download-artifact@v4
-        with:
-          name: storage.node
-          path: ./packages/backend/server
-
-      - name: Download affine.linux-x64-gnu.node
-        uses: actions/download-artifact@v4
-        with:
-          name: affine.linux-x64-gnu.node
-          path: ./packages/frontend/native
-
-      - name: Initialize database
-        run: |
-          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
-          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
-          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
-        env:
-          PGPASSWORD: affine
-
-      - name: Generate prisma client
-        run: |
-          yarn workspace @affine/server exec prisma generate
-          yarn workspace @affine/server exec prisma db push
-        env:
-          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
-
-      - name: Run init-db script
-        run: |
-          yarn workspace @affine/server data-migration run
-          yarn workspace @affine/server exec node --loader ts-node/esm/transpile-only ./scripts/init-db.ts
-
-      - name: ${{ matrix.tests.name }}
-        run: |
-          ${{ matrix.tests.script }}
-        env:
-          DEV_SERVER_URL: http://localhost:8080
-          ENABLE_LOCAL_EMAIL: true
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: test-results-e2e-server
-          path: ./tests/affine-cloud/test-results
-          if-no-files-found: ignore
-
-  desktop-test:
-    name: Desktop Test (${{ matrix.spec.os }}, ${{ matrix.spec.platform }}, ${{ matrix.spec.arch }}, ${{ matrix.spec.target }}, ${{ matrix.spec.test }})
-    runs-on: ${{ matrix.spec.os }}
-    strategy:
-      fail-fast: false
-      # all combinations: macos-latest x64, macos-latest arm64, windows-latest x64, ubuntu-latest x64
-      matrix:
-        spec:
-          - {
-              os: macos-latest,
-              platform: macos,
-              arch: x64,
-              target: x86_64-apple-darwin,
-              test: true,
-            }
-          - {
-              os: macos-latest,
-              platform: macos,
-              arch: arm64,
-              target: aarch64-apple-darwin,
-              test: false,
-            }
-          - {
-              os: ubuntu-latest,
-              platform: linux,
-              arch: x64,
-              target: x86_64-unknown-linux-gnu,
-              test: true,
-            }
-          - {
-              os: windows-latest,
-              platform: windows,
-              arch: x64,
-              target: x86_64-pc-windows-msvc,
-              test: true,
-            }
-    needs:
-      - build-core
-      - build-native
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        timeout-minutes: 10
-        with:
-          extra-flags: workspaces focus @affine/electron @affine/monorepo @affine-test/affine-desktop
-          playwright-install: true
-          hard-link-nm: false
-          enableScripts: false
-
-      - name: Setup filename
-        id: filename
-        shell: bash
-        run: |
-          export PLATFORM_ARCH_ABI=$(node -e "console.log(require('@napi-rs/cli').parseTriple('${{ matrix.spec.target }}').platformArchABI)")
-          echo "filename=affine.$PLATFORM_ARCH_ABI.node" >> "$GITHUB_OUTPUT"
-
-      - name: Download ${{ steps.filename.outputs.filename }}
-        uses: actions/download-artifact@v4
-        with:
-          name: ${{ steps.filename.outputs.filename }}
-          path: ./packages/frontend/native
-
-      - name: Run unit tests
-        if: ${{ matrix.spec.test }}
-        shell: bash
-        run: yarn workspace @affine/electron vitest
-
-      - name: Download core artifact
-        uses: ./.github/actions/download-core
-        with:
-          path: packages/frontend/electron/resources/web-static
-
-      - name: Build Desktop Layers
-        run: yarn workspace @affine/electron build
-
-      - name: Run desktop tests
-        if: ${{ matrix.spec.test && matrix.spec.os == 'ubuntu-latest' }}
-        run: xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine-test/affine-desktop e2e
-
-      - name: Run desktop tests
-        if: ${{ matrix.spec.test && matrix.spec.os != 'ubuntu-latest' }}
-        run: yarn workspace @affine-test/affine-desktop e2e
-
-      - name: Make bundle
-        if: ${{ matrix.spec.os == 'macos-latest' && matrix.spec.arch == 'arm64' }}
-        env:
-          SKIP_BUNDLE: true
-          SKIP_WEB_BUILD: true
-          HOIST_NODE_MODULES: 1
-        run: yarn workspace @affine/electron package --platform=darwin --arch=arm64
-
-      - name: Output check
-        if: ${{ matrix.spec.os == 'macos-latest' && matrix.spec.arch == 'arm64' }}
-        run: |
-          yarn workspace @affine/electron exec node --loader ts-node/esm/transpile-only ./scripts/macos-arm64-output-check.ts
-
-      - name: Upload test results
-        if: ${{ failure() }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: test-results-e2e-${{ matrix.spec.os }}-${{ matrix.spec.arch }}
-          path: ./test-results
-          if-no-files-found: ignore
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -0,0 +1,410 @@
+name: Build & Test
+
+on:
+  push:
+    branches:
+      - master
+      - v[0-9]+.[0-9]+.x-staging
+      - v[0-9]+.[0-9]+.x
+    paths-ignore:
+      - README.md
+      - .github/**
+      - '!.github/workflows/build.yml'
+  pull_request:
+    branches:
+      - master
+      - v[0-9]+.[0-9]+.x-staging
+      - v[0-9]+.[0-9]+.x
+    paths-ignore:
+      - README.md
+      - .github/**
+      - '!.github/workflows/build.yml'
+
+env:
+  DEBUG: napi:*
+  APP_NAME: affine
+  MACOSX_DEPLOYMENT_TARGET: '10.13'
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    environment: development
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - run: yarn lint --max-warnings=0
+
+  build-storybook:
+    name: Build Storybook
+    runs-on: ubuntu-latest
+    environment: development
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - run: yarn build:storybook
+      - name: Upload storybook artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: storybook
+          path: ./packages/component/storybook-static
+          if-no-files-found: error
+
+  build:
+    name: Build @affine/web
+    runs-on: ubuntu-latest
+    environment: development
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: Cache Next.js
+        uses: actions/cache@v3
+        with:
+          path: |
+            ${{ github.workspace }}/apps/web/.next/cache
+          key: ${{ runner.os }}-nextjs-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }}
+          restore-keys: |
+            ${{ runner.os }}-nextjs-${{ hashFiles('**/yarn.lock') }}-
+      - name: Build
+        run: yarn build
+        env:
+          NEXT_PUBLIC_FIREBASE_API_KEY: ${{ secrets.NEXT_PUBLIC_FIREBASE_API_KEY }}
+          NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN: ${{ secrets.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN }}
+          NEXT_PUBLIC_FIREBASE_PROJECT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_PROJECT_ID }}
+          NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET: ${{ secrets.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET }}
+          NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID }}
+          NEXT_PUBLIC_FIREBASE_APP_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_APP_ID }}
+          NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID }}
+          API_SERVER_PROFILE: local
+          ENABLE_DEBUG_PAGE: true
+          ENABLE_LEGACY_PROVIDER: true
+          COVERAGE: true
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: next-js
+          path: ./apps/web/.next
+          if-no-files-found: error
+
+      - name: Build @affine/web for desktop
+        run: yarn build
+        env:
+          NEXT_PUBLIC_FIREBASE_API_KEY: ${{ secrets.NEXT_PUBLIC_FIREBASE_API_KEY }}
+          NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN: ${{ secrets.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN }}
+          NEXT_PUBLIC_FIREBASE_PROJECT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_PROJECT_ID }}
+          NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET: ${{ secrets.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET }}
+          NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID }}
+          NEXT_PUBLIC_FIREBASE_APP_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_APP_ID }}
+          NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID }}
+          API_SERVER_PROFILE: affine
+          ENABLE_DEBUG_PAGE: true
+          ENABLE_LEGACY_PROVIDER: false
+          COVERAGE: true
+
+      - name: Export static resources
+        run: yarn export
+        working-directory: apps/web
+
+      - name: Upload static resources artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: next-js-static
+          path: ./apps/web/out
+          if-no-files-found: error
+
+  server-test:
+    name: Server Test
+    runs-on: ubuntu-latest
+    environment: development
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_PASSWORD: affine
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: Initialize database
+        run: |
+          psql -h localhost -U postgres -c "CREATE DATABASE affine;"
+          psql -h localhost -U postgres -c "CREATE USER affine WITH PASSWORD 'affine';"
+          psql -h localhost -U postgres -c "ALTER USER affine WITH SUPERUSER;"
+        env:
+          PGPASSWORD: affine
+      - name: Generate prisma client
+        run: |
+          yarn exec prisma generate
+          yarn exec prisma db push
+        working-directory: apps/server
+        env:
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+      - name: Run init-db script
+        run: yarn exec ts-node-esm ./scripts/init-db.ts
+        working-directory: apps/server
+        env:
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+      - name: Run server tests
+        run: yarn test:coverage
+        working-directory: apps/server
+        env:
+          DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
+      - name: Upload server test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./apps/server/.coverage/lcov.info
+          flags: server-test
+          name: affine
+          fail_ci_if_error: true
+
+  storybook-test:
+    name: Storybook Test
+    runs-on: ubuntu-latest
+    environment: development
+    needs: [build-storybook]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+      - name: Download storybook artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: storybook
+          path: ./packages/component/storybook-static
+      - name: Run storybook tests
+        working-directory: ./packages/component
+        run: |
+          yarn exec concurrently -k -s first -n "SB,TEST" -c "magenta,blue" "yarn exec serve ./storybook-static -l 6006" "yarn exec wait-on tcp:6006 && yarn test-storybook --coverage"
+      - name: Upload storybook test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./packages/component/coverage/storybook/coverage-storybook.json
+          flags: storybook-test
+          name: affine
+          fail_ci_if_error: true
+
+  e2e-test:
+    name: E2E Test
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        shard: [1, 2, 3, 4]
+    environment: development
+    needs: [build, build-storybook]
+    services:
+      octobase:
+        image: ghcr.io/toeverything/cloud-self-hosted:nightly-latest
+        ports:
+          - 3000:3000
+        env:
+          SIGN_KEY: 'test123'
+          RUST_LOG: 'debug'
+          JWST_DEV: '1'
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: next-js
+          path: ./apps/web/.next
+
+      - name: Download storybook artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: storybook
+          path: ./packages/component/storybook-static
+
+      - name: Wait for Octobase Ready
+        run: |
+          node ./scripts/wait-3000-healthz.mjs
+
+      - name: Run playwright tests
+        run: yarn test --forbid-only --shard=${{ matrix.shard }}/${{ strategy.job-total }}
+        env:
+          COVERAGE: true
+
+      - name: Collect code coverage report
+        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
+
+      - name: Upload e2e test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./.coverage/lcov.info
+          flags: e2etest
+          name: affine
+          fail_ci_if_error: true
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-${{ matrix.shard }}
+          path: ./test-results
+          if-no-files-found: ignore
+
+  dekstop-test:
+    name: Desktop Test
+    runs-on: ${{ matrix.spec.os }}
+    environment: development
+    strategy:
+      fail-fast: false
+      # all combinations: macos-latest x64, macos-latest arm64, windows-latest x64, ubuntu-latest x64
+      matrix:
+        spec:
+          - {
+              os: macos-latest,
+              platform: macos,
+              arch: x64,
+              target: x86_64-apple-darwin,
+              test: true,
+            }
+          - {
+              os: macos-latest,
+              platform: macos,
+              arch: arm64,
+              target: aarch64-apple-darwin,
+              test: false,
+            }
+          - {
+              os: ubuntu-latest,
+              platform: linux,
+              arch: x64,
+              target: x86_64-unknown-linux-gnu,
+              test: true,
+            }
+          - {
+              os: windows-latest,
+              platform: windows,
+              arch: x64,
+              target: x86_64-pc-windows-msvc,
+              test: true,
+            }
+    needs: [build]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          playwright-install: true
+      - name: Build AFFiNE native
+        uses: ./.github/actions/build-rust
+        with:
+          target: ${{ matrix.spec.target }}
+      - name: Run unit tests
+        if: ${{ matrix.spec.test }}
+        shell: bash
+        run: |
+          rm -rf apps/electron/node_modules/better-sqlite3/build
+          yarn --cwd apps/electron/node_modules/better-sqlite3 run install
+          yarn test:unit
+        env:
+          NATIVE_TEST: 'true'
+      - name: Build layers
+        run: yarn workspace @affine/electron build-layers
+
+      - name: Download static resource artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: next-js-static
+          path: ./apps/electron/resources/web-static
+
+      - name: Rebuild Electron dependences
+        shell: bash
+        run: |
+          rm -rf apps/electron/node_modules/better-sqlite3/build
+          yarn workspace @affine/electron rebuild:for-electron --arch=${{ matrix.spec.arch }}
+
+      - name: Run desktop tests
+        if: ${{ matrix.spec.test && matrix.spec.os == 'ubuntu-latest' }}
+        run: xvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" -- yarn workspace @affine/electron test
+        env:
+          COVERAGE: true
+
+      - name: Run desktop tests
+        if: ${{ matrix.spec.test && matrix.spec.os != 'ubuntu-latest' }}
+        run: yarn workspace @affine/electron test
+        env:
+          COVERAGE: true
+
+      - name: Collect code coverage report
+        if: ${{ matrix.spec.test }}
+        run: yarn exec nyc report -t .nyc_output --report-dir .coverage --reporter=lcov
+
+      - name: Upload e2e test coverage results
+        if: ${{ matrix.spec.test }}
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./.coverage/lcov.info
+          flags: e2etest-${{ matrix.spec.os }}-${{ matrix.spec.arch }}
+          name: affine
+          fail_ci_if_error: true
+
+      - name: Run desktop tests
+        if: ${{ matrix.spec.test && matrix.spec.os != 'ubuntu-latest' }}
+        run: yarn test
+        working-directory: apps/electron
+
+      - name: Upload test results
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: test-results-e2e-${{ matrix.spec.os }}-${{ matrix.spec.arch }}
+          path: ./test-results
+          if-no-files-found: ignore
+
+  unit-test:
+    name: Unit Test
+    runs-on: ubuntu-latest
+    environment: development
+    services:
+      octobase:
+        image: ghcr.io/toeverything/cloud-self-hosted:nightly-latest
+        ports:
+          - 3000:3000
+        env:
+          SIGN_KEY: 'test123'
+          RUST_LOG: 'debug'
+          JWST_DEV: '1'
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+
+      - name: Unit Test
+        run: yarn run test:unit:coverage
+
+      - name: Upload unit test coverage results
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./.coverage/store/lcov.info
+          flags: unittest
+          name: affine
+          fail_ci_if_error: true
--- a/.github/workflows/cache-cleanup.yml
+++ b/.github/workflows/cache-cleanup.yml
@@ -0,0 +1,36 @@
+# https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#force-deleting-cache-entries
+name: Cleanup caches for closed branches
+
+on:
+  pull_request:
+    types:
+      - closed
+  workflow_dispatch:
+
+jobs:
+  cleanup:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Cleanup
+        run: |
+          gh extension install actions/gh-actions-cache
+
+          REPO=${{ github.repository }}
+          BRANCH="refs/pull/${{ github.event.pull_request.number }}/merge"
+
+          echo "Fetching list of cache key"
+          cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 )
+
+          ## Setting this to not fail the workflow while deleting cache keys.
+          set +e
+          echo "Deleting caches..."
+          for cacheKey in $cacheKeysForPR
+          do
+              gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
+          done
+          echo "Done"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,69 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: 'CodeQL'
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript']
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+
+          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+      #   If the Autobuild fails above, remove it and uncomment the following three lines.
+      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+      # - run: |
+      #   echo "Run, Build Application using script"
+      #   ./location_of_script_within_repo/buildscript.sh
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
--- a/.github/workflows/deploy-automatically.yml
+++ b/.github/workflows/deploy-automatically.yml
@@ -1,27 +0,0 @@
-name: Deploy Automatically
-
-on:
-  push:
-    tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+-canary.[0-9]+'
-  schedule:
-    - cron: '0 9 * * *'
-
-jobs:
-  dispatch-deploy:
-    runs-on: ubuntu-latest
-    name: Setup Deploy
-    steps:
-      - name: dispatch deploy by tag
-        if: ${{ github.event_name == 'push' }}
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: deploy.yml
-          inputs: '{ "flavor": "canary" }'
-      - name: dispatch deploy by schedule
-        if: ${{ github.event_name == 'schedule' }}
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: deploy.yml
-          inputs: '{ "flavor": "canary" }'
-          ref: canary
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,295 +0,0 @@
-name: Deploy
-
-on:
-  workflow_dispatch:
-    inputs:
-      flavor:
-        description: 'Select what enverionment to deploy to'
-        type: choice
-        default: canary
-        options:
-          - canary
-          - beta
-          - stable
-          - internal
-env:
-  APP_NAME: affine
-  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-
-jobs:
-  build-server:
-    name: Build Server
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-          extra-flags: workspaces focus @affine/server
-      - name: Build Server
-        run: yarn workspace @affine/server build
-      - name: Upload server dist
-        uses: actions/upload-artifact@v4
-        with:
-          name: server-dist
-          path: ./packages/backend/server/dist
-          if-no-files-found: error
-  build-core:
-    name: Build @affine/core
-    runs-on: ubuntu-latest
-    environment: ${{ github.event.inputs.flavor }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Build Core
-        run: yarn nx build @affine/core --skip-nx-cache
-        env:
-          R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }}
-          R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
-          R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
-          BUILD_TYPE: ${{ github.event.inputs.flavor }}
-          SHOULD_REPORT_TRACE: true
-          TRACE_REPORT_ENDPOINT: ${{ secrets.TRACE_REPORT_ENDPOINT }}
-          CAPTCHA_SITE_KEY: ${{ secrets.CAPTCHA_SITE_KEY }}
-          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
-          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
-          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
-          PERFSEE_TOKEN: ${{ secrets.PERFSEE_TOKEN }}
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: core
-          path: ./packages/frontend/core/dist
-          if-no-files-found: error
-
-  build-core-selfhost:
-    name: Build @affine/core
-    runs-on: ubuntu-latest
-    environment: ${{ github.event.inputs.flavor }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Build Core
-        run: yarn nx build @affine/core --skip-nx-cache
-        env:
-          BUILD_TYPE: ${{ github.event.inputs.flavor }}
-          SHOULD_REPORT_TRACE: false
-          PUBLIC_PATH: '/'
-      - name: Download selfhost fonts
-        run: node ./scripts/download-blocksuite-fonts.mjs
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: selfhost-core
-          path: ./packages/frontend/core/dist
-          if-no-files-found: error
-
-  build-storage:
-    name: Build Storage - ${{ matrix.targets.name }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        targets:
-          - name: x86_64-unknown-linux-gnu
-            file: storage.node
-          - name: aarch64-unknown-linux-gnu
-            file: storage.arm64.node
-          - name: armv7-unknown-linux-gnueabihf
-            file: storage.armv7.node
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-          extra-flags: workspaces focus @affine/storage
-      - name: Build Rust
-        uses: ./.github/actions/build-rust
-        with:
-          target: ${{ matrix.targets.name }}
-          package: '@affine/storage'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - name: Upload ${{ matrix.targets.file }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: ${{ matrix.targets.file }}
-          path: ./packages/backend/storage/storage.node
-          if-no-files-found: error
-
-  build-docker:
-    name: Build Docker
-    runs-on: ubuntu-latest
-    needs:
-      - build-server
-      - build-core
-      - build-core-selfhost
-      - build-storage
-    steps:
-      - uses: actions/checkout@v4
-      - name: Download core artifact
-        uses: actions/download-artifact@v4
-        with:
-          name: core
-          path: ./packages/frontend/core/dist
-      - name: Download server dist
-        uses: actions/download-artifact@v4
-        with:
-          name: server-dist
-          path: ./packages/backend/server/dist
-      - name: Download storage.node
-        uses: actions/download-artifact@v4
-        with:
-          name: storage.node
-          path: ./packages/backend/server
-      - name: Download storage.node arm64
-        uses: actions/download-artifact@v4
-        with:
-          name: storage.arm64.node
-          path: ./packages/backend/storage
-      - name: Download storage.node arm64
-        uses: actions/download-artifact@v4
-        with:
-          name: storage.armv7.node
-          path: .
-      - name: move storage files
-        run: |
-          mv ./packages/backend/storage/storage.node ./packages/backend/server/storage.arm64.node
-          mv storage.node ./packages/backend/server/storage.armv7.node
-      - name: Setup env
-        run: |
-          echo "GIT_SHORT_HASH=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
-          if [ -z "${{ inputs.flavor }}" ]
-          then
-            echo "RELEASE_FLAVOR=canary" >> "$GITHUB_ENV"
-          else
-            echo "RELEASE_FLAVOR=${{ inputs.flavor }}" >> "$GITHUB_ENV"
-          fi
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          logout: false
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Build front Dockerfile
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: true
-          pull: true
-          platforms: linux/amd64,linux/arm64
-          provenance: true
-          file: .github/deployment/front/Dockerfile
-          tags: ghcr.io/toeverything/affine-front:${{env.RELEASE_FLAVOR}}-${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-front:${{env.RELEASE_FLAVOR}}
-
-      # setup node without cache configuration
-      # Prisma cache is not compatible with docker build cache
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: '.nvmrc'
-          registry-url: https://npm.pkg.github.com
-          scope: '@toeverything'
-
-      - name: Remove core dist
-        run: rm -rf ./packages/frontend/core/dist
-
-      - name: Download selfhost core artifact
-        uses: actions/download-artifact@v4
-        with:
-          name: selfhost-core
-          path: ./packages/frontend/core/dist
-
-      - name: Install Node.js dependencies
-        run: |
-          yarn config set --json supportedArchitectures.cpu '["x64", "arm64", "arm"]'
-          yarn config set --json supportedArchitectures.libc '["glibc"]'
-          yarn workspaces focus @affine/server --production
-
-      - name: Generate Prisma client
-        run: yarn workspace @affine/server prisma generate
-
-      - name: Build graphql Dockerfile
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: true
-          pull: true
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
-          provenance: true
-          file: .github/deployment/node/Dockerfile
-          tags: ghcr.io/toeverything/affine-graphql:${{env.RELEASE_FLAVOR}}-${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-graphql:${{env.RELEASE_FLAVOR}}
-
-  deploy:
-    name: Deploy to cluster
-    if: ${{ github.event_name == 'workflow_dispatch' }}
-    environment: ${{ github.event.inputs.flavor }}
-    permissions:
-      contents: 'write'
-      id-token: 'write'
-    needs:
-      - build-docker
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Deploy to ${{ github.event.inputs.flavor }}
-        uses: ./.github/actions/deploy
-        with:
-          build-type: ${{ github.event.inputs.flavor }}
-          gcp-project-number: ${{ secrets.GCP_PROJECT_NUMBER }}
-          gcp-project-id: ${{ secrets.GCP_PROJECT_ID }}
-          service-account: ${{ secrets.GCP_HELM_DEPLOY_SERVICE_ACCOUNT }}
-          cluster-name: ${{ secrets.GCP_CLUSTER_NAME }}
-          cluster-location: ${{ secrets.GCP_CLUSTER_LOCATION }}
-        env:
-          APP_VERSION: ${{ steps.version.outputs.APP_VERSION }}
-          DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
-          CANARY_DEPLOY_HOST: ${{ secrets.CANARY_DEPLOY_HOST }}
-          R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }}
-          R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
-          R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
-          ENABLE_CAPTCHA: true
-          CAPTCHA_TURNSTILE_SECRET: ${{ secrets.CAPTCHA_TURNSTILE_SECRET }}
-          OAUTH_EMAIL_SENDER: ${{ secrets.OAUTH_EMAIL_SENDER }}
-          OAUTH_EMAIL_LOGIN: ${{ secrets.OAUTH_EMAIL_LOGIN }}
-          OAUTH_EMAIL_PASSWORD: ${{ secrets.OAUTH_EMAIL_PASSWORD }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          AFFINE_GOOGLE_CLIENT_ID: ${{ secrets.AFFINE_GOOGLE_CLIENT_ID }}
-          AFFINE_GOOGLE_CLIENT_SECRET: ${{ secrets.AFFINE_GOOGLE_CLIENT_SECRET }}
-          DATABASE_URL: ${{ secrets.DATABASE_URL }}
-          DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }}
-          DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
-          DATABASE_NAME: ${{ secrets.DATABASE_NAME }}
-          GCLOUD_CONNECTION_NAME: ${{ secrets.GCLOUD_CONNECTION_NAME }}
-          GCLOUD_CLOUD_SQL_INTERNAL_ENDPOINT: ${{ secrets.GCLOUD_CLOUD_SQL_INTERNAL_ENDPOINT }}
-          REDIS_HOST: ${{ secrets.REDIS_HOST }}
-          REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }}
-          CLOUD_SQL_IAM_ACCOUNT: ${{ secrets.CLOUD_SQL_IAM_ACCOUNT }}
-          STRIPE_API_KEY: ${{ secrets.STRIPE_API_KEY }}
-          STRIPE_WEBHOOK_KEY: ${{ secrets.STRIPE_WEBHOOK_KEY }}
-          STATIC_IP_NAME: ${{ secrets.STATIC_IP_NAME }}
--- a/.github/workflows/helm-releaser.yml
+++ b/.github/workflows/helm-releaser.yml
@@ -1,66 +0,0 @@
-name: Release Charts
-
-on:
-  push:
-    branches: [canary]
-    paths:
-      - '.github/helm/**/Chart.yml'
-
-jobs:
-  release:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Checkout Helm chart repo
-        uses: actions/checkout@v4
-        with:
-          repository: toeverything/helm-charts
-          path: .helm-chart-repo
-          ref: gh-pages
-          token: ${{ secrets.HELM_RELEASER_TOKEN }}
-
-      - name: Install Helm
-        uses: azure/setup-helm@v3
-
-      - name: Install chart releaser
-        run: |
-          set -e
-          arch="$(dpkg --print-architecture)"
-          curl -s https://api.github.com/repos/helm/chart-releaser/releases/latest \
-          | yq --indent 0 --no-colors --input-format json --unwrapScalar \
-            ".assets[] | select(.name | test("\""^chart-releaser_.+_linux_${arch}\.tar\.gz$"\"")) | .browser_download_url" \
-          | xargs curl -SsL \
-          | tar zxf - -C /usr/local/bin
-
-      - name: Package charts
-        working-directory: .helm-chart-repo
-        run: |
-          mkdir -p .cr-index
-          helm repo add bitnami https://charts.bitnami.com/bitnami
-          helm repo update
-
-          helm dependencies build ../.github/helm/affine
-          helm dependencies build ../.github/helm/affine-cloud
-          cr package ../.github/helm/affine
-          cr package ../.github/helm/affine-cloud
-
-      - name: Publish charts
-        working-directory: .helm-chart-repo
-        run: |
-          set -ex
-          git config --local user.name "$GITHUB_ACTOR"
-          git config --local user.email "$GITHUB_ACTOR@users.noreply.github.com"
-          owner=$(cut -d '/' -f 1 <<< '${{ github.repository }}')
-          repo=helm-charts
-          git_hash=$(git rev-parse HEAD)
-          cr upload --commit "$git_hash" \
-            --git-repo "$repo" --owner "$owner" \
-            --token '${{ secrets.HELM_RELEASER_TOKEN }}' \
-            --skip-existing
-          cr index --git-repo "$repo" --owner "$owner" \
-            --token '${{ secrets.HELM_RELEASER_TOKEN }}' \
-            --index-path .cr-index --push
--- a/.github/workflows/label-checker.yml
+++ b/.github/workflows/label-checker.yml
@@ -6,7 +6,7 @@ on:
      - labeled
      - unlabeled
    branches:
-      - canary
+      - master

 jobs:
  check_labels:
--- a/.github/workflows/languages-sync.yml
+++ b/.github/workflows/languages-sync.yml
@@ -2,34 +2,42 @@ name: Languages Sync

 on:
  push:
-    branches: ['canary']
+    branches: ['master']
    paths:
-      - 'packages/frontend/i18n/**'
+      - 'packages/i18n/**'
      - '.github/workflows/languages-sync.yml'
-      - '!.github/actions/setup-node/action.yml'
  pull_request_target:
-    branches: ['canary']
+    branches: ['master']
    paths:
-      - 'packages/frontend/i18n/**'
+      - 'packages/i18n/**'
      - '.github/workflows/languages-sync.yml'
-      - '!.github/actions/setup-node/action.yml'
  workflow_dispatch:

+# Cancels all previous workflow runs for pull requests that have not completed.
+# See https://docs.github.com/en/actions/using-jobs/using-concurrency
+concurrency:
+  # The concurrency group contains the workflow name and the branch name for
+  # pull requests or the commit hash for any other events.
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
+  cancel-in-progress: true
+
 jobs:
  main:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
      - name: Setup Node.js
        uses: ./.github/actions/setup-node
      - name: Check Language Key
-        if: github.ref != 'refs/heads/canary'
-        run: yarn workspace @affine/i18n run sync-languages:check
+        if: github.ref != 'refs/heads/master'
+        working-directory: ./packages/i18n
+        run: yarn run sync-languages:check
        env:
          TOLGEE_API_KEY: ${{ secrets.TOLGEE_API_KEY }}

      - name: Sync Languages
-        if: github.ref == 'refs/heads/canary'
-        run: yarn workspace @affine/i18n run sync-languages
+        if: github.ref == 'refs/heads/master'
+        working-directory: ./packages/i18n
+        run: yarn run sync-languages
        env:
          TOLGEE_API_KEY: ${{ secrets.TOLGEE_API_KEY }}
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@@ -0,0 +1,232 @@
+name: Build Canary Desktop App on Staging Branch
+
+on:
+  push:
+    branches:
+      - v[0-9]+.[0-9]+.x-staging
+    paths-ignore:
+      - README.md
+      - .github/**
+      - '!.github/workflows/nightly-build.yml'
+
+permissions:
+  actions: write
+  contents: write
+  security-events: write
+
+concurrency:
+  # The concurrency group contains the workflow name and the branch name for
+  # pull requests or the commit hash for any other events.
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
+  cancel-in-progress: true
+
+env:
+  BUILD_TYPE: internal
+
+jobs:
+  set-build-version:
+    runs-on: ubuntu-latest
+    environment: production
+    outputs:
+      version: 0.0.0-${{ steps.version.outputs.version }}
+    steps:
+      - uses: actions/checkout@v3
+      - uses: toeverything/set-build-version@latest
+      - id: version
+        run: echo ::set-output name=version::${{ env.BUILD_VERSION }}
+
+  before-make:
+    runs-on: ubuntu-latest
+    environment: production
+    needs:
+      - set-build-version
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: Replace Version
+        run: ./scripts/set-version.sh ${{ needs.set-build-version.outputs.version }}
+      - name: generate-assets
+        working-directory: apps/electron
+        run: yarn generate-assets
+        env:
+          NEXT_PUBLIC_FIREBASE_API_KEY: ${{ secrets.NEXT_PUBLIC_FIREBASE_API_KEY }}
+          NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN: ${{ secrets.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN }}
+          NEXT_PUBLIC_FIREBASE_PROJECT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_PROJECT_ID }}
+          NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET: ${{ secrets.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET }}
+          NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID }}
+          NEXT_PUBLIC_FIREBASE_APP_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_APP_ID }}
+          NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID }}
+          AFFINE_GOOGLE_CLIENT_ID: ${{ secrets.AFFINE_GOOGLE_CLIENT_ID }}
+          AFFINE_GOOGLE_CLIENT_SECRET: ${{ secrets.AFFINE_GOOGLE_CLIENT_SECRET }}
+          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
+          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
+          NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }}
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          API_SERVER_PROFILE: prod
+          ENABLE_TEST_PROPERTIES: false
+          ENABLE_IMAGE_PREVIEW_MODAL: false
+          RELEASE_VERSION: ${{ needs.set-build-version.outputs.version }}
+
+      - name: Upload Artifact (web-static)
+        uses: actions/upload-artifact@v3
+        with:
+          name: before-make-web-static
+          path: apps/electron/resources/web-static
+
+  make-distribution:
+    environment: production
+    strategy:
+      # all combinations: macos-latest x64, macos-latest arm64, windows-latest x64, ubuntu-latest x64
+      matrix:
+        spec:
+          - {
+              os: macos-latest,
+              platform: darwin,
+              arch: x64,
+              target: x86_64-apple-darwin,
+            }
+          - {
+              os: macos-latest,
+              platform: darwin,
+              arch: arm64,
+              target: aarch64-apple-darwin,
+            }
+          - {
+              os: ubuntu-latest,
+              platform: linux,
+              arch: x64,
+              target: x86_64-unknown-linux-gnu,
+            }
+          - {
+              os: windows-latest,
+              platform: win32,
+              arch: x64,
+              target: x86_64-pc-windows-msvc,
+            }
+    runs-on: ${{ matrix.spec.os }}
+    needs:
+      - before-make
+      - set-build-version
+    env:
+      APPLE_ID: ${{ secrets.APPLE_ID }}
+      APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
+      APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+      SKIP_GENERATE_ASSETS: 1
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: Build AFFiNE native
+        uses: ./.github/actions/build-rust
+        with:
+          target: ${{ matrix.spec.target }}
+      - name: Replace Version
+        run: ./scripts/set-version.sh ${{ needs.set-build-version.outputs.version }}
+      - uses: actions/download-artifact@v3
+        with:
+          name: before-make-web-static
+          path: apps/electron/resources/web-static
+      - name: Rebuild Electron dependences
+        shell: bash
+        run: |
+          rm -rf apps/electron/node_modules/better-sqlite3/build
+          yarn workspace @affine/electron rebuild:for-electron --arch=${{ matrix.spec.arch }}
+
+      - name: Build layers
+        run: yarn workspace @affine/electron build-layers
+
+      - name: Signing By Apple Developer ID
+        if: ${{ matrix.spec.platform == 'darwin' }}
+        uses: apple-actions/import-codesign-certs@v2
+        with:
+          p12-file-base64: ${{ secrets.CERTIFICATES_P12 }}
+          p12-password: ${{ secrets.CERTIFICATES_P12_PASSWORD }}
+
+      - name: make
+        run: yarn workspace @affine/electron make --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
+
+      - name: Save artifacts (mac)
+        if: ${{ matrix.spec.platform == 'darwin' }}
+        run: |
+          mkdir -p builds
+          mv apps/electron/out/*/make/*.dmg ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.dmg
+          mv apps/electron/out/*/make/zip/darwin/${{ matrix.spec.arch }}/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.zip
+      - name: Save artifacts (windows)
+        if: ${{ matrix.spec.platform == 'win32' }}
+        run: |
+          mkdir -p builds
+          mv apps/electron/out/*/make/zip/win32/x64/AFFiNE*-win32-x64-*.zip ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.zip
+          mv apps/electron/out/*/make/squirrel.windows/x64/*.exe ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.exe
+          mv apps/electron/out/*/make/squirrel.windows/x64/*.msi ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.msi
+          mv apps/electron/out/*/make/squirrel.windows/x64/*.nupkg ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.nupkg
+
+      - name: Save artifacts (linux)
+        if: ${{ matrix.spec.platform == 'linux' }}
+        run: |
+          mkdir -p builds
+          mv apps/electron/out/*/make/zip/linux/x64/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.zip
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: affine-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}-builds
+          path: builds
+
+  release:
+    needs:
+      - make-distribution
+      - set-build-version
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Download Artifacts (macos-x64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-darwin-x64-builds
+          path: ./
+      - name: Download Artifacts (macos-arm64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-darwin-arm64-builds
+          path: ./
+      - name: Download Artifacts (windows-x64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-win32-x64-builds
+          path: ./
+      - name: Download Artifacts (linux-x64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-linux-x64-builds
+          path: ./
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18
+      - name: Generate Release yml
+        run: |
+          cp ./apps/electron/scripts/generate-yml.js .
+          node generate-yml.js
+        env:
+          RELEASE_VERSION: ${{ needs.set-build-version.outputs.version }}
+      - name: Create Release Draft
+        uses: softprops/action-gh-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
+        with:
+          repository: 'toeverything/AFFiNE-Releases'
+          name: ${{ needs.set-build-version.outputs.version }}
+          tag_name: ${{ needs.set-build-version.outputs.version }}
+          prerelease: true
+          files: |
+            ./VERSION
+            ./*.zip
+            ./*.dmg
+            ./*.exe
+            ./*.nupkg
+            ./RELEASES
+            ./*.AppImage
+            ./*.apk
+            ./*.yml
--- a/.github/workflows/pr-auto-assign.yml
+++ b/.github/workflows/pr-auto-assign.yml
@@ -9,4 +9,4 @@ jobs:
  add-reviews:
    runs-on: ubuntu-latest
    steps:
-      - uses: kentaro-m/auto-assign-action@v1.2.5
+      - uses: kentaro-m/auto-assign-action@v1.2.4
--- a/.github/workflows/pr-title-lint.yml
+++ b/.github/workflows/pr-title-lint.yml
@@ -7,7 +7,7 @@ on:
      - edited
      - synchronize
    branches:
-      - canary
+      - master

 permissions:
  contents: read
@@ -17,12 +17,7 @@ jobs:
    name: Check pull request title
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          cache: 'yarn'
-          node-version-file: '.nvmrc'
-      - name: Install dependencies
-        run: yarn workspaces focus @affine/commitlint-config
-      - run: echo "${{ github.event.pull_request.title }}" | yarn workspace @affine/commitlint-config commitlint -g ./.commitlintrc.json
+        uses: ./.github/actions/setup-node
+      - run: echo "${{ github.event.pull_request.title }}" | npx commitlint -g ./.commitlintrc.json
--- a/.github/workflows/publish-storybook.yml
+++ b/.github/workflows/publish-storybook.yml
@@ -1,51 +0,0 @@
-name: Publish Storybook
-
-env:
-  NODE_OPTIONS: --max-old-space-size=4096
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - canary
-  pull_request:
-    branches:
-      - canary
-    paths-ignore:
-      - README.md
-      - .github/**
-      - packages/backend/server
-      - packages/frontend/electron
-      - '!.github/workflows/publish-storybook.yml'
-
-jobs:
-  publish-storybook:
-    name: Publish Storybook
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.merge_commit_sha }}
-          # This is required to fetch all commits for chromatic
-          fetch-depth: 0
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-      - uses: chromaui/action-next@v1
-        with:
-          workingDir: tests/storybook
-          buildScriptName: build
-          exitOnceUploaded: true
-          onlyChanged: false
-          diagnostics: true
-        env:
-          CHROMATIC_PROJECT_TOKEN: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
-          NODE_OPTIONS: ${{ env.NODE_OPTIONS }}
-      - uses: actions/upload-artifact@v4
-        if: always()
-        with:
-          name: chromatic-build-artifacts-${{ github.run_id }}
-          path: |
-            chromatic-diagnostics.json
-            **/build-storybook.log
--- a/.github/workflows/publish-ui-storybook.yml
+++ b/.github/workflows/publish-ui-storybook.yml
@@ -1,51 +0,0 @@
-name: Publish UI Storybook
-
-env:
-  NODE_OPTIONS: --max-old-space-size=4096
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - canary
-  pull_request:
-    branches:
-      - canary
-    paths-ignore:
-      - README.md
-      - .github/**
-      - packages/backend/server
-      - packages/frontend/electron
-      - '!.github/workflows/publish-storybook.yml'
-
-jobs:
-  publish-ui-storybook:
-    name: Publish UI Storybook
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.merge_commit_sha }}
-          # This is required to fetch all commits for chromatic
-          fetch-depth: 0
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-        with:
-          electron-install: false
-      - uses: chromaui/action-next@v1
-        with:
-          workingDir: packages/frontend/component
-          buildScriptName: build:storybook
-          exitOnceUploaded: true
-          onlyChanged: false
-          diagnostics: true
-        env:
-          CHROMATIC_PROJECT_TOKEN: ${{ secrets.CHROMATIC_UI_PROJECT_TOKEN }}
-          NODE_OPTIONS: ${{ env.NODE_OPTIONS }}
-      - uses: actions/upload-artifact@v4
-        if: always()
-        with:
-          name: chromatic-build-artifacts-${{ github.run_id }}
-          path: |
-            chromatic-diagnostics.json
-            **/build-storybook.log
--- a/.github/workflows/release-desktop-app.yml
+++ b/.github/workflows/release-desktop-app.yml
@@ -0,0 +1,227 @@
+name: Release Desktop App
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: App Version
+        required: true
+        default: 0.0.0
+      is-draft:
+        description: 'Draft Release?'
+        type: boolean
+        required: true
+        default: true
+      is-pre-release:
+        description: 'Pre Release? (labeled as "PreRelease")'
+        type: boolean
+        required: true
+        default: true
+      build-type:
+        description: 'Build Type (canary, beta or stable)'
+        type: string
+        required: true
+        default: canary
+
+permissions:
+  actions: write
+  contents: write
+  security-events: write
+
+concurrency:
+  # The concurrency group contains the workflow name and the branch name for
+  # pull requests or the commit hash for any other events.
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
+  cancel-in-progress: true
+
+env:
+  BUILD_TYPE: ${{ github.event.inputs.build-type }}
+  DEBUG: napi:*
+  APP_NAME: affine
+  MACOSX_DEPLOYMENT_TARGET: '10.13'
+
+jobs:
+  before-make:
+    runs-on: ubuntu-latest
+    environment: ${{ github.ref_name == 'master' && 'production' || 'development' }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: generate-assets
+        run: yarn workspace @affine/electron generate-assets
+        env:
+          NEXT_PUBLIC_FIREBASE_API_KEY: ${{ secrets.NEXT_PUBLIC_FIREBASE_API_KEY }}
+          NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN: ${{ secrets.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN }}
+          NEXT_PUBLIC_FIREBASE_PROJECT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_PROJECT_ID }}
+          NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET: ${{ secrets.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET }}
+          NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID }}
+          NEXT_PUBLIC_FIREBASE_APP_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_APP_ID }}
+          NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID: ${{ secrets.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID }}
+          AFFINE_GOOGLE_CLIENT_ID: ${{ secrets.AFFINE_GOOGLE_CLIENT_ID }}
+          AFFINE_GOOGLE_CLIENT_SECRET: ${{ secrets.AFFINE_GOOGLE_CLIENT_SECRET }}
+          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
+          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
+          NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }}
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          API_SERVER_PROFILE: prod
+          ENABLE_TEST_PROPERTIES: false
+          ENABLE_IMAGE_PREVIEW_MODAL: false
+          RELEASE_VERSION: ${{ github.event.inputs.version }}
+
+      - name: Upload Artifact (web-static)
+        uses: actions/upload-artifact@v3
+        with:
+          name: before-make-web-static
+          path: apps/electron/resources/web-static
+
+  make-distribution:
+    environment: ${{ github.ref_name == 'master' && 'production' || 'development' }}
+    strategy:
+      # all combinations: macos-latest x64, macos-latest arm64, windows-latest x64, ubuntu-latest x64
+      matrix:
+        spec:
+          - {
+              os: macos-latest,
+              platform: darwin,
+              arch: x64,
+              target: x86_64-apple-darwin,
+            }
+          - {
+              os: macos-latest,
+              platform: darwin,
+              arch: arm64,
+              target: aarch64-apple-darwin,
+            }
+          - {
+              os: ubuntu-latest,
+              platform: linux,
+              arch: x64,
+              target: x86_64-unknown-linux-gnu,
+            }
+          - {
+              os: windows-latest,
+              platform: win32,
+              arch: x64,
+              target: x86_64-pc-windows-msvc,
+            }
+    runs-on: ${{ matrix.spec.os }}
+    needs: before-make
+    env:
+      APPLE_ID: ${{ secrets.APPLE_ID }}
+      APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
+      APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+      SKIP_GENERATE_ASSETS: 1
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+      - name: Build AFFiNE native
+        uses: ./.github/actions/build-rust
+        with:
+          target: ${{ matrix.spec.target }}
+      - uses: actions/download-artifact@v3
+        with:
+          name: before-make-web-static
+          path: apps/electron/resources/web-static
+
+      - name: Rebuild Electron dependences
+        shell: bash
+        run: |
+          rm -rf apps/electron/node_modules/better-sqlite3/build
+          yarn workspace @affine/electron rebuild:for-electron --arch=${{ matrix.spec.arch }}
+
+      - name: Build layers
+        run: yarn workspace @affine/electron build-layers
+
+      - name: Signing By Apple Developer ID
+        if: ${{ matrix.spec.platform == 'darwin' }}
+        uses: apple-actions/import-codesign-certs@v2
+        with:
+          p12-file-base64: ${{ secrets.CERTIFICATES_P12 }}
+          p12-password: ${{ secrets.CERTIFICATES_P12_PASSWORD }}
+
+      - name: make
+        run: yarn workspace @affine/electron make --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
+
+      - name: Save artifacts (mac)
+        if: ${{ matrix.spec.platform == 'darwin' }}
+        run: |
+          mkdir -p builds
+          mv apps/electron/out/*/make/*.dmg ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.dmg
+          mv apps/electron/out/*/make/zip/darwin/${{ matrix.spec.arch }}/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.zip
+      - name: Save artifacts (windows)
+        if: ${{ matrix.spec.platform == 'win32' }}
+        run: |
+          mkdir -p builds
+          mv apps/electron/out/*/make/zip/win32/x64/AFFiNE*-win32-x64-*.zip ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.zip
+          mv apps/electron/out/*/make/squirrel.windows/x64/*.exe ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.exe
+          mv apps/electron/out/*/make/squirrel.windows/x64/*.msi ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.msi
+          mv apps/electron/out/*/make/squirrel.windows/x64/*.nupkg ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.nupkg
+
+      - name: Save artifacts (linux)
+        if: ${{ matrix.spec.platform == 'linux' }}
+        run: |
+          mkdir -p builds
+          mv apps/electron/out/*/make/zip/linux/x64/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.zip
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: affine-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}-builds
+          path: builds
+
+  release:
+    needs: make-distribution
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Download Artifacts (macos-x64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-darwin-x64-builds
+          path: ./
+      - name: Download Artifacts (macos-arm64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-darwin-arm64-builds
+          path: ./
+      - name: Download Artifacts (windows-x64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-win32-x64-builds
+          path: ./
+      - name: Download Artifacts (linux-x64)
+        uses: actions/download-artifact@v3
+        with:
+          name: affine-linux-x64-builds
+          path: ./
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+      - name: Generate Release yml
+        run: |
+          cp ./apps/electron/scripts/generate-yml.js .
+          node generate-yml.js
+        env:
+          RELEASE_VERSION: ${{ github.event.inputs.version }}
+      - name: Create Release Draft
+        uses: softprops/action-gh-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
+        with:
+          name: Desktop APP ${{ github.event.inputs.version }}
+          body: 'TODO: Add release notes here'
+          draft: ${{ github.event.inputs.is-draft }}
+          prerelease: ${{ github.event.inputs.is-pre-release }}
+          files: |
+            ./VERSION
+            ./*.zip
+            ./*.dmg
+            ./*.exe
+            ./*.nupkg
+            ./RELEASES
+            ./*.AppImage
+            ./*.apk
+            ./*.yml
--- a/.github/workflows/release-desktop-automatically.yml
+++ b/.github/workflows/release-desktop-automatically.yml
@@ -1,27 +0,0 @@
-name: Release Desktop Automatically
-
-on:
-  push:
-    tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+-canary.[0-9]+'
-  schedule:
-    - cron: '0 9 * * *'
-
-jobs:
-  dispatch-release-desktop:
-    runs-on: ubuntu-latest
-    name: Setup Release Desktop
-    steps:
-      - name: dispatch desktop release by tag
-        if: ${{ github.event_name == 'push' }}
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: release-desktop.yml
-          inputs: '{ "build-type": "canary", "is-draft": false, "is-pre-release": true }'
-      - name: dispatch desktop release by schedule
-        if: ${{ github.event_name == 'schedule' }}
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: release-desktop.yml
-          inputs: '{ "build-type": "canary", "is-draft": false, "is-pre-release": true }'
-          ref: canary
--- a/.github/workflows/release-desktop.yml
+++ b/.github/workflows/release-desktop.yml
@@ -1,392 +0,0 @@
-name: Release Desktop App
-
-on:
-  workflow_dispatch:
-    inputs:
-      build-type:
-        description: 'Build Type'
-        type: choice
-        required: true
-        default: canary
-        options:
-          - canary
-          - beta
-          - stable
-      is-draft:
-        description: 'Draft Release?'
-        type: boolean
-        required: true
-        default: true
-      is-pre-release:
-        description: 'Pre Release? (labeled as "PreRelease")'
-        type: boolean
-        required: true
-        default: true
-
-permissions:
-  actions: write
-  contents: write
-  security-events: write
-
-env:
-  BUILD_TYPE: ${{ github.event.inputs.build-type }}
-  DEBUG: napi:*
-  APP_NAME: affine
-  MACOSX_DEPLOYMENT_TARGET: '10.13'
-
-jobs:
-  before-make:
-    runs-on: ubuntu-latest
-    environment: ${{ github.event.inputs.build-type }}
-    outputs:
-      RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        uses: ./.github/actions/setup-node
-      - name: Setup @sentry/cli
-        uses: ./.github/actions/setup-sentry
-      - name: generate-assets
-        run: yarn workspace @affine/electron generate-assets
-        env:
-          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
-          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
-          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
-          RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }}
-          SKIP_PLUGIN_BUILD: 'true'
-          SKIP_NX_CACHE: 'true'
-
-      - name: Upload core artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: core
-          path: packages/frontend/electron/resources/web-static
-
-  make-distribution:
-    strategy:
-      # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
-      # For windows, we need a separate approach
-      matrix:
-        spec:
-          - runner: macos-latest
-            platform: darwin
-            arch: x64
-            target: x86_64-apple-darwin
-          - runner: macos-latest
-            platform: darwin
-            arch: arm64
-            target: aarch64-apple-darwin
-          - runner: ubuntu-latest
-            platform: linux
-            arch: x64
-            target: x86_64-unknown-linux-gnu
-    runs-on: ${{ matrix.spec.runner }}
-    needs: before-make
-    env:
-      APPLE_ID: ${{ secrets.APPLE_ID }}
-      APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
-      APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
-      SKIP_GENERATE_ASSETS: 1
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-node
-        with:
-          extra-flags: workspaces focus @affine/electron @affine/monorepo
-          hard-link-nm: false
-          nmHoistingLimits: workspaces
-          enableScripts: false
-      - name: Build AFFiNE native
-        uses: ./.github/actions/build-rust
-        with:
-          target: ${{ matrix.spec.target }}
-          package: '@affine/native'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - uses: actions/download-artifact@v4
-        with:
-          name: core
-          path: packages/frontend/electron/resources/web-static
-
-      - name: Build Desktop Layers
-        run: yarn workspace @affine/electron build
-
-      - name: Signing By Apple Developer ID
-        if: ${{ matrix.spec.platform == 'darwin' }}
-        uses: apple-actions/import-codesign-certs@v2
-        with:
-          p12-file-base64: ${{ secrets.CERTIFICATES_P12 }}
-          p12-password: ${{ secrets.CERTIFICATES_P12_PASSWORD }}
-
-      - name: make
-        run: yarn workspace @affine/electron make --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
-        env:
-          SKIP_PLUGIN_BUILD: 1
-          SKIP_WEB_BUILD: 1
-          HOIST_NODE_MODULES: 1
-
-      - name: Save artifacts (mac)
-        if: ${{ matrix.spec.platform == 'darwin' }}
-        run: |
-          mkdir -p builds
-          mv packages/frontend/electron/out/*/make/*.dmg ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.dmg
-          mv packages/frontend/electron/out/*/make/zip/darwin/${{ matrix.spec.arch }}/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-macos-${{ matrix.spec.arch }}.zip
-      - name: Save artifacts (linux)
-        if: ${{ matrix.spec.platform == 'linux' }}
-        run: |
-          mkdir -p builds
-          mv packages/frontend/electron/out/*/make/zip/linux/x64/*.zip ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.zip
-          mv packages/frontend/electron/out/*/make/*.AppImage ./builds/affine-${{ env.BUILD_TYPE }}-linux-x64.AppImage
-
-      - name: Upload Artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: affine-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}-builds
-          path: builds
-
-  package-distribution-windows:
-    strategy:
-      # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
-      # For windows, we need a separate approach
-      matrix:
-        spec:
-          - runner: windows-latest
-            platform: win32
-            arch: x64
-            target: x86_64-pc-windows-msvc
-    runs-on: ${{ matrix.spec.runner }}
-    needs: before-make
-    outputs:
-      FILES_TO_BE_SIGNED: ${{ steps.get_files_to_be_signed.outputs.FILES_TO_BE_SIGNED }}
-    env:
-      SKIP_GENERATE_ASSETS: 1
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Version
-        id: version
-        uses: ./.github/actions/setup-version
-      - name: Setup Node.js
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-node
-        with:
-          extra-flags: workspaces focus @affine/electron @affine/monorepo
-          hard-link-nm: false
-          nmHoistingLimits: workspaces
-      - name: Build AFFiNE native
-        uses: ./.github/actions/build-rust
-        with:
-          target: ${{ matrix.spec.target }}
-          package: '@affine/native'
-          nx_token: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-      - uses: actions/download-artifact@v4
-        with:
-          name: core
-          path: packages/frontend/electron/resources/web-static
-
-      - name: Build Desktop Layers
-        run: yarn workspace @affine/electron build
-
-      - name: package
-        run: yarn workspace @affine/electron package --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
-        env:
-          SKIP_PLUGIN_BUILD: 1
-          SKIP_WEB_BUILD: 1
-          HOIST_NODE_MODULES: 1
-
-      - name: get all files to be signed
-        id: get_files_to_be_signed
-        run: |
-          Set-Variable -Name FILES_TO_BE_SIGNED -Value ((Get-ChildItem -Path packages/frontend/electron/out -Recurse -File | Where-Object { $_.Extension -in @(".exe", ".node", ".dll", ".msi") } | ForEach-Object { '"' + $_.FullName.Replace((Get-Location).Path + '\packages\frontend\electron\out\', '') + '"' }) -join ' ')
-          "FILES_TO_BE_SIGNED=$FILES_TO_BE_SIGNED" >> $env:GITHUB_OUTPUT
-          echo $FILES_TO_BE_SIGNED
-
-      - name: Zip artifacts for faster upload
-        run: Compress-Archive -CompressionLevel Fastest -Path packages/frontend/electron/out/* -DestinationPath archive.zip
-
-      - name: Save packaged artifacts for signing
-        uses: actions/upload-artifact@v4
-        with:
-          name: packaged-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}
-          path: |
-            archive.zip
-            !**/*.map
-
-  sign-packaged-artifacts-windows:
-    needs: package-distribution-windows
-    uses: ./.github/workflows/windows-signer.yml
-    with:
-      files: ${{ needs.package-distribution-windows.outputs.FILES_TO_BE_SIGNED }}
-      artifact-name: packaged-win32-x64
-
-  make-windows-installer:
-    needs: sign-packaged-artifacts-windows
-    strategy:
-      # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
-      # For windows, we need a separate approach
-      matrix:
-        spec:
-          - runner: windows-latest
-            platform: win32
-            arch: x64
-            target: x86_64-pc-windows-msvc
-    runs-on: ${{ matrix.spec.runner }}
-    outputs:
-      FILES_TO_BE_SIGNED: ${{ steps.get_files_to_be_signed.outputs.FILES_TO_BE_SIGNED }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        timeout-minutes: 10
-        uses: ./.github/actions/setup-node
-      - name: Download and overwrite packaged artifacts
-        uses: actions/download-artifact@v4
-        with:
-          name: signed-packaged-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}
-          path: .
-      - name: unzip file
-        run: Expand-Archive -Path signed.zip -DestinationPath packages/frontend/electron/out
-
-      - name: Make squirrel.windows installer
-        run: yarn workspace @affine/electron make-squirrel --platform=${{ matrix.spec.platform }} --arch=${{ matrix.spec.arch }}
-
-      - name: Zip artifacts for faster upload
-        run: Compress-Archive -CompressionLevel Fastest -Path packages/frontend/electron/out/${{ env.BUILD_TYPE }}/make/* -DestinationPath archive.zip
-
-      - name: get all files to be signed
-        id: get_files_to_be_signed
-        run: |
-          Set-Variable -Name FILES_TO_BE_SIGNED -Value ((Get-ChildItem -Path packages/frontend/electron/out/${{ env.BUILD_TYPE }}/make -Recurse -File | Where-Object { $_.Extension -in @(".exe", ".node", ".dll", ".msi") } | ForEach-Object { '"' + $_.FullName.Replace((Get-Location).Path + '\packages\frontend\electron\out\${{ env.BUILD_TYPE }}\make\', '') + '"' }) -join ' ')
-          "FILES_TO_BE_SIGNED=$FILES_TO_BE_SIGNED" >> $env:GITHUB_OUTPUT
-          echo $FILES_TO_BE_SIGNED
-
-      - name: Save installer for signing
-        uses: actions/upload-artifact@v4
-        with:
-          name: installer-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}
-          path: archive.zip
-
-  sign-installer-artifacts-windows:
-    needs: make-windows-installer
-    uses: ./.github/workflows/windows-signer.yml
-    with:
-      files: ${{ needs.make-windows-installer.outputs.FILES_TO_BE_SIGNED }}
-      artifact-name: installer-win32-x64
-
-  finalize-installer-windows:
-    needs: sign-installer-artifacts-windows
-    strategy:
-      # all combinations: macos-latest x64, macos-latest arm64, ubuntu-latest x64
-      # For windows, we need a separate approach
-      matrix:
-        spec:
-          - runner: windows-latest
-            platform: win32
-            arch: x64
-            target: x86_64-pc-windows-msvc
-    runs-on: ${{ matrix.spec.runner }}
-    steps:
-      - name: Download and overwrite installer artifacts
-        uses: actions/download-artifact@v4
-        with:
-          name: signed-installer-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}
-          path: .
-      - name: unzip file
-        run: Expand-Archive -Path signed.zip -DestinationPath packages/frontend/electron/out/${{ env.BUILD_TYPE }}/make
-
-      - name: Save artifacts
-        run: |
-          mkdir -p builds
-          mv packages/frontend/electron/out/*/make/zip/win32/x64/AFFiNE*-win32-x64-*.zip ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.zip
-          mv packages/frontend/electron/out/*/make/squirrel.windows/x64/*.exe ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.exe
-          mv packages/frontend/electron/out/*/make/squirrel.windows/x64/*.msi ./builds/affine-${{ env.BUILD_TYPE }}-windows-x64.msi
-
-      - name: Upload Artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: affine-${{ matrix.spec.platform }}-${{ matrix.spec.arch }}-builds
-          path: builds
-
-  release:
-    needs: [before-make, make-distribution, finalize-installer-windows]
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/download-artifact@v4
-        with:
-          name: core
-          path: web-static
-      - name: Zip web-static
-        run: zip -r web-static.zip web-static
-      - name: Download Artifacts (macos-x64)
-        uses: actions/download-artifact@v4
-        with:
-          name: affine-darwin-x64-builds
-          path: ./
-      - name: Download Artifacts (macos-arm64)
-        uses: actions/download-artifact@v4
-        with:
-          name: affine-darwin-arm64-builds
-          path: ./
-      - name: Download Artifacts (windows-x64)
-        uses: actions/download-artifact@v4
-        with:
-          name: affine-win32-x64-builds
-          path: ./
-      - name: Download Artifacts (linux-x64)
-        uses: actions/download-artifact@v4
-        with:
-          name: affine-linux-x64-builds
-          path: ./
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 18
-      - name: Generate Release yml
-        run: |
-          node ./packages/frontend/electron/scripts/generate-yml.js
-        env:
-          RELEASE_VERSION: ${{ needs.before-make.outputs.RELEASE_VERSION }}
-      - name: Create Release Draft
-        if: ${{ github.ref_type == 'tag' }}
-        uses: softprops/action-gh-release@v1
-        with:
-          name: ${{ needs.before-make.outputs.RELEASE_VERSION }}
-          body: ''
-          draft: ${{ github.event.inputs.is-draft }}
-          prerelease: ${{ github.event.inputs.is-pre-release }}
-          files: |
-            ./VERSION
-            ./*.zip
-            ./*.dmg
-            ./*.exe
-            ./*.AppImage
-            ./*.apk
-            ./*.yml
-      - name: Create Nightly Release Draft
-        if: ${{ github.ref_type == 'branch' }}
-        uses: softprops/action-gh-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-        with:
-          # Temporarily, treat release from branch as nightly release, artifact saved to AFFiNE-Releases.
-          # Need to improve internal build and nightly release logic.
-          repository: 'toeverything/AFFiNE-Releases'
-          name: ${{ needs.before-make.outputs.RELEASE_VERSION }}
-          tag_name: ${{ needs.before-make.outputs.RELEASE_VERSION }}
-          body: ''
-          draft: false
-          prerelease: true
-          files: |
-            ./VERSION
-            ./*.zip
-            ./*.dmg
-            ./*.exe
-            ./*.AppImage
-            ./*.apk
-            ./*.yml
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
LongYinan	b48a7814a6	v0.5.4-beta.2	2023-05-18 17:36:37 +08:00
Peng Xiao	8d34de3e9e	fix: adjust some styles (#2438 )	2023-05-18 17:32:56 +08:00
JimmFly	f435377757	chore: adjust delete description style (#2437 )	2023-05-18 17:31:04 +08:00
JimmFly	9a81896563	fix: create workspace card responsive (#2435 )	2023-05-18 17:23:52 +08:00
himself65	f2f5128783	v0.5.4-beta.1	2023-05-18 00:08:56 -07:00
ShortCipher5	1363094ce6	chore: update pre-load content (#2432 )	2023-05-18 00:08:56 -07:00
Peng Xiao	75c54f0af5	feat: fav page references (#2422 ) Co-authored-by: Himself65 <himself65@outlook.com>	2023-05-17 23:23:05 -07:00
himself65	ec142a7189	fix: open non-trash page when open (#2431 )	2023-05-17 23:23:04 -07:00
Himself65	6f859967a9	chore: bump `blocksuite` to `0.0.0-20230518051344-45970a96-nightly` (#2430 )	2023-05-17 22:32:06 -07:00
ShortCipher5	bcee63175c	chore: update pre-loading page (#2429 )	2023-05-17 22:31:56 -07:00
JimmFly	f62ca1822d	chore: adjust copywriting for onboarding (#2428 )	2023-05-17 22:31:52 -07:00
himself65	684bbafbcf	fix: version check	2023-05-17 17:36:59 -07:00
Himself65	6cd0053b0c	refactor: remove unused code (#2425 )	2023-05-17 17:30:37 -07:00
Peng Xiao	ccd3fb4925	fix: configurable changelog url (#2418 )	2023-05-17 17:30:37 -07:00
Himself65	d5c3d1b86a	fix: sidebar fallback ui position (#2424 )	2023-05-17 17:30:37 -07:00
himself65	31e1575b5d	chore: bump version (#2423 )	2023-05-17 17:30:36 -07:00
Horus	403479996d	fix: add workflow to check release version match with package.json (#2420 )	2023-05-17 17:28:42 -07:00
Peng Xiao	19f7f591ce	chore: bump blocksuite to `0.0.0-20230517102216-36bda4ab-nightly` (#2411 )	2023-05-17 10:11:22 -07:00
LongYinan	76289838d2	build: missing build native step in nightly build	2023-05-17 09:45:41 -07:00
JimmFly	bb65262217	chore: update translation	2023-05-17 18:24:40 +08:00
LongYinan	877b87aae0	build: fix electron release build process (#2408 )	2023-05-17 18:03:10 +08:00
JimmFly	0c5c1a5511	chore: update preloading page (#2409 )	2023-05-17 18:03:10 +08:00
Peng Xiao	edda79c448	feat: update button enhancements (#2401 )	2023-05-17 17:33:19 +08:00
Peng Xiao	a4111f5550	chore: disable image modal by default (#2400 )	2023-05-17 14:26:16 +08:00
Himself65	e099734cc7	fix: infinite reloading (#2405 )	2023-05-17 14:26:16 +08:00
Himself65	26f3380c1a	fix: hydration error (#2404 )	2023-05-17 14:26:16 +08:00
LongYinan	4874adbf3f	feat(electron): use affine native (#2329 )	2023-05-17 14:26:16 +08:00
Whitewater	943e6c59e3	fix: unexpected undefined class in popup (#2394 )	2023-05-17 14:26:15 +08:00
Peng Xiao	c0d6b8c458	fix: some style updates (#2396 )	2023-05-17 14:26:15 +08:00
Whitewater	26f5461f9a	chore: disable confused storybook backgrounds addon (#2395 )	2023-05-17 14:26:15 +08:00
JimmFly	66303e5fd6	fix: text overflows in the header option menu (#2393 )	2023-05-17 14:26:15 +08:00
JimmFly	337fe18d4c	chore: add responsive styles for workspace card (#2390 )	2023-05-17 14:26:15 +08:00
xiaodong zuo	cbcf8140e4	Update jobs.md Added a job posting for a full-time or internship engineer.	2023-05-17 14:26:15 +08:00
DiamondThree	a998dc808a	docs: update jobs.md (#2389 )	2023-05-17 14:26:14 +08:00
m1911star	23f51a7ecc	fix: fix app updater not working for internal release	2023-05-17 14:16:32 +08:00
Whitewater	ab8cdb4222	feat: supports sort all page (#2356 )	2023-05-17 14:16:32 +08:00
JimmFly	5c6655ab0e	chore: remove favorite page (#2372 )	2023-05-17 14:16:32 +08:00
JimmFly	9c6e687113	chore: remove quick search tips (#2375 )	2023-05-17 14:16:32 +08:00
JimmFly	25cf2e9ba0	chore: add animation for tour modal (#2365 )	2023-05-17 14:16:32 +08:00
himself65	31bea47545	ci: use samver	2023-05-17 14:16:32 +08:00
Himself65	a34e2eb57d	feat(electron): track router history (#2336 ) Co-authored-by: Peng Xiao <pengxiao@outlook.com>	2023-05-17 14:16:31 +08:00
himself65	8527c5bfac	build: add app bundle id for internal	2023-05-17 14:16:31 +08:00
Peng Xiao	599bf92c08	fix: some style updates (#2348 )	2023-05-17 14:16:31 +08:00
Doma	e8f70c6e45	feat(electron): app menu item and hotkey for creating new page (#2267 ) Co-authored-by: Peng Xiao <pengxiao@outlook.com>	2023-05-17 14:16:31 +08:00
himself65	c01f2d5eea	chore: update `blocksuite` to `0.0.0-20230514141009-705c0fac-nightly`	2023-05-17 14:16:29 +08:00
Ikko Eltociear Ashimine	581726ecc5	fix: typo in AFFiNE-Docs.md (#2355 )	2023-05-17 14:15:37 +08:00
Himself65	b15eae11cf	chore: update `blocksuite` to `0.0.0-20230512192655-e61e272b-nightly` (#2352 )	2023-05-17 14:14:40 +08:00
LongYinan	1aef8862ad	chore(server): remove bcrypt to avoid node-gyp usage (#2349 )	2023-05-17 14:14:40 +08:00
Himself65	5fcaf7eef9	chore: bump version (#2331 )	2023-05-17 14:14:39 +08:00
himself65	fac93b0328	chore: update icons	2023-05-17 14:14:39 +08:00
Himself65	54b8b36618	fix: correct router logic (#2342 )	2023-05-17 14:14:39 +08:00
Peng Xiao	683343ad82	feat: new sidebar (app shell) styles (#2303 )	2023-05-17 14:14:39 +08:00
himself65	add5deae0f	ci: collect test coverage on electron (#2335 )	2023-05-17 14:14:39 +08:00
Himself65	ec66b229fe	fix: remove `useEffect` on router sync with atoms (#2241 )	2023-05-17 14:14:38 +08:00
Himself65	5008958e84	refactor: rename `WorkspacePlugin` to `WorkspaceAdapter` (#2330 )	2023-05-17 14:14:38 +08:00
Himself65	5516c215cd	fix: delay setAom on `rootWorkspacesMetadataAtom` (#2271 )	2023-05-17 14:14:38 +08:00
Peng Xiao	7c90417b2b	fix: updater issue	2023-05-17 14:14:38 +08:00
LongYinan	1922c07c00	fix(electron): close db before move db file	2023-05-17 14:14:38 +08:00
LongYinan	c61c1e10a0	chore(native): license	2023-05-17 14:14:37 +08:00
LongYinan	df93a870af	ci: rust build config	2023-05-17 14:14:37 +08:00
LongYinan	6ab51b6d54	feat(native): NotifyEvent types	2023-05-17 14:14:37 +08:00
LongYinan	f25b75c0d8	feat(native): provide FSWatcher	2023-05-17 14:14:37 +08:00
LongYinan	93521f434f	refactor(native): rename folder name	2023-05-17 14:14:36 +08:00
Peng Xiao	20fb801ecd	fix: should not show open folder if it is not moved (#2299 )	2023-05-11 14:44:32 +08:00
Himself65	9902892615	feat(component): improve fallback skeleton (#2323 )	2023-05-11 00:36:24 -05:00
JimmFly	f8e184a6c0	fix: delete modal on confirm does not close (#2322 )	2023-05-11 00:36:21 -05:00
JimmFly	66e1b5c537	chore: update AFFiNE Cloud prompt (#2321 )	2023-05-11 00:36:19 -05:00
himself65	37512bc18f	ci: fix set version scripts	2023-05-10 23:00:49 -05:00
himself65	5ba4fb8d7c	build: replace version	2023-05-10 22:24:45 -05:00
Himself65	5f28afa5fe	chore: bump version (#2310 )	2023-05-10 21:45:30 -05:00
Himself65	270c00f021	build(electron): add internal release channel (#2309 )	2023-05-10 21:45:27 -05:00
himself65	e69831636a	fix(electron): remove unused code	2023-05-10 21:45:22 -05:00
JimmFly	df60392c31	refactor: tour modal (#2297 )	2023-05-10 21:45:19 -05:00
himself65	58fa9d1fb8	v0.5.4-canary.31	2023-05-10 21:45:15 -05:00
Himself65	b4981abe4f	fix(component): toast too many times when switch page mode (#2296 )	2023-05-10 00:54:38 -05:00
Peng Xiao	4c230843ed	fix: try to fix updater not working (#2294 ) Co-authored-by: Himself65 <himself65@outlook.com>	2023-05-10 00:54:35 -05:00
Himself65	c76bc34c6f	feat: enhance root div styles (#2295 )	2023-05-10 00:54:32 -05:00
himself65	8bbb9ca304	ci: remove master branch build	2023-05-09 23:23:15 -05:00
himself65	d9dbe64d9b	ci: add nightly-build.yml	2023-05-09 23:04:47 -05:00
Himself65	d389e2bc43	feat(component): add skeleton in page detail (#2292 )	2023-05-09 23:04:45 -05:00
Peng Xiao	64f4e634e8	fix: theme not being persisted issue (#2283 )	2023-05-09 22:05:56 -05:00
Chi Zhang	cf6341d00b	docs: update README.md (#2291 )	2023-05-09 21:59:14 -05:00
himself65	aad711c115	ci: disable fall-test in desktop-test	2023-05-09 21:59:11 -05:00
himself65	f787d19696	ci: build staging and release branches	2023-05-09 20:27:55 -05:00
Himself65	a0a22f417a	chore: bump version (#2287 )	2023-05-09 20:20:40 -05:00