[mob][photos] Remove temp logging

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -1,17 +1,26 @@
 name: Report a bug
-description: Things that were working earlier but don't anymore
-labels: []
+description: Let us know if something's not working the way you expected.
+labels: ["triage"]
 body:
     - type: markdown
       attributes:
           value: |
-              **Checklist**
-              1. You've searched existing [issues](https://github.com/search?q=repo%3Aente-io%2Fente+&type=issues) and [discussions](https://github.com/search?q=repo%3Aente-io%2Fente+&type=discussions)
-              2. It was working earlier (otherwise use [enhancements](https://github.com/ente-io/ente/discussions/categories/enhancements))
-              3. It is not about self hosting (for those use [this](https://github.com/ente-io/ente/discussions/categories/q-a))
+              Before opening a new bug report, please ensure
+              1. you are on the latest version (it might've already been fixed),
+              2. you've searched for existing issues (please add your observations as a comment there instead of creating a duplicate).
+
+              If you are self hosting, please create a community [Q&A](https://github.com/ente-io/ente/discussions/categories/q-a) instead.
     - type: textarea
       attributes:
           label: Description
+          description: >
+              Please describe the bug. If possible, also include the steps to
+              reproduce the behaviour, and the expected behaviour (sometimes
+              bugs are just expectation mismatches, in which case this would be
+              a good fit for [feature
+              requests](https://github.com/ente-io/ente/discussions/categories/feature-requests)).
+      validations:
+          required: true
     - type: input
       attributes:
           label: Version

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,5 @@
 blank_issues_enabled: true
 contact_links:
-    - name: Enhacements, feature requests, feedback and questions
+    - name: Feature requests and questions
       url: https://github.com/ente-io/ente/discussions
       about: Please use Discussions for everything apart from the above.

.github/workflows/auth-crowdin-push.yml

@@ -9,10 +9,6 @@ on:
             # Or the workflow itself is changed
             - ".github/workflows/auth-crowdin.yml"
 
-permissions:
-    contents: write
-    pull-requests: write
-
 jobs:
     push-sources-to-crowdin:
         runs-on: ubuntu-latest
@@ -24,8 +20,8 @@ jobs:
             - name: Crowdin's action
               uses: crowdin/github-action@v2
               with:
-                  base_path: "mobile/apps/auth/"
-                  config: "mobile/apps/auth/crowdin.yml"
+                  base_path: "auth/"
+                  config: "auth/crowdin.yml"
                   upload_sources: true
                   upload_translations: false
                   download_translations: false

.github/workflows/auth-crowdin-sync.yml

@@ -8,10 +8,6 @@ on:
     # Also allow manually running the workflow.
     workflow_dispatch:
 
-permissions:
-    contents: write
-    pull-requests: write
-
 jobs:
     synchronize-with-crowdin:
         runs-on: ubuntu-latest
@@ -23,8 +19,8 @@ jobs:
             - name: Crowdin's action
               uses: crowdin/github-action@v2
               with:
-                  base_path: "mobile/apps/auth/"
-                  config: "mobile/apps/auth/crowdin.yml"
+                  base_path: "auth/"
+                  config: "auth/crowdin.yml"
                   upload_sources: true
                   upload_translations: false
                   download_translations: true

.github/workflows/auth-internal-release.yml

@@ -6,16 +6,13 @@ on:
 env:
     FLUTTER_VERSION: "3.24.3"
 
-permissions:
-    contents: write
-
 jobs:
     build:
         runs-on: ubuntu-latest
 
         defaults:
             run:
-                working-directory: mobile/apps/auth
+                working-directory: auth
 
         steps:
             - name: Checkout code and submodules
@@ -43,7 +40,7 @@ jobs:
 
             - name: Build PlayStore AAB
               run: |
-                  flutter build appbundle --dart-define=cronetHttpNoPlay=true --release --flavor playstore
+                  flutter build appbundle --release --flavor playstore --dart-define=app.flavor=playstore
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
                   SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
@@ -55,14 +52,5 @@ jobs:
               with:
                   serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
                   packageName: io.ente.auth
-                  releaseFiles: mobile/apps/auth/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
+                  releaseFiles: auth/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
                   track: internal
-
-            - name: Notify Discord
-              uses: sarisia/actions-status-discord@v1
-              with:
-                  webhook: ${{ secrets.DISCORD_INTERNAL_RELEASE_WEBHOOK }}
-                  nodetail: true
-                  title: "🏆 Internal release available for Auth"
-                  description: "[Download](https://play.google.com/store/apps/details?id=io.ente.auth)"
-                  color: 0x800080

.github/workflows/auth-lint.yml

@@ -10,45 +10,18 @@ on:
 env:
     FLUTTER_VERSION: "3.24.3"
 
-permissions:
-    contents: read
-
 jobs:
     lint:
         runs-on: ubuntu-latest
         defaults:
             run:
-                working-directory: mobile/apps/auth
+                working-directory: auth
         steps:
             - name: Checkout code and submodules
               uses: actions/checkout@v4
               with:
                   submodules: recursive
 
-            - name: Verify custom icons are lowercase including optional understores, and end with .svg
-              run: |
-                  find assets/custom-icons -type f -name "*.svg" | while read -r file; do
-                      if [[ "$(basename "$file")" != "$(basename "$file" | tr '[:upper:]' '[:lower:]' | tr ' ' '_')" ]]; then
-                          echo "File name is not lowercase: $file"
-                          exit 1
-                      fi
-                  done
-
-            - name: Verify all icons are less than 20KB
-              run: |
-                  find assets/custom-icons -type f -name "*.svg" | while read -r file; do
-                      if [[ "$file" == "assets/custom-icons/icons/bbs_nga.svg" ]]; then
-                          continue
-                      fi
-                      if [[ "$(stat --printf="%s" "$file")" -gt 20480 ]]; then
-                          echo "File size is greater than 20KB: $file ($file_size bytes)"
-                          exit 1
-                      fi
-                  done
-
-            - name: Verify custom icon JSON
-              run: cat assets/custom-icons/_data/custom-icons.json | jq empty
-
             - name: Install Flutter ${{ env.FLUTTER_VERSION  }}
               uses: subosito/flutter-action@v2
               with:
@@ -59,3 +32,6 @@ jobs:
             - run: flutter pub get
 
             - run: flutter analyze --no-fatal-infos
+
+            - name: Verify custom icon JSON
+              run: cat assets/custom-icons/_data/custom-icons.json | jq empty

.github/workflows/auth-release.yml

@@ -31,16 +31,13 @@ on:
 env:
     FLUTTER_VERSION: "3.24.3"
 
-permissions:
-    contents: write
-
 jobs:
-    build-linux-latest:
-        runs-on: ubuntu-22.04
+    build-ubuntu:
+        runs-on: ubuntu-20.04
 
         defaults:
             run:
-                working-directory: mobile/apps/auth
+                working-directory: auth
 
         steps:
             - name: Checkout code and submodules
@@ -71,7 +68,7 @@ jobs:
 
             - name: Build independent APK
               run: |
-                  flutter build apk --dart-define=cronetHttpNoPlay=true --release --flavor independent
+                  flutter build apk --release --flavor independent --dart-define=app.flavor=independent
                   mv build/app/outputs/flutter-apk/app-independent-release.apk artifacts/ente-${{ github.ref_name }}.apk
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
@@ -83,7 +80,7 @@ jobs:
               # disable this step if release tag contains nightly or beta
               if: startsWith(github.ref, 'refs/tags/auth-v') && !contains(github.ref, 'nightly') && !contains(github.ref, 'beta')
               run: |
-                  flutter build appbundle --release --flavor playstore --dart-define=app.flavor=playstore --dart-define=cronetHttpNoPlay=true
+                  flutter build appbundle --release --flavor playstore --dart-define=app.flavor=playstore
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
                   SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
@@ -93,38 +90,27 @@ jobs:
             - name: Install dependencies for desktop build
               run: |
                   sudo apt-get update -y
-                  sudo apt-get install -y libsecret-1-dev libsodium-dev libfuse2 ninja-build libgtk-3-dev dpkg-dev pkg-config rpm patchelf libsqlite3-dev locate libayatana-appindicator3-dev libffi-dev libtiff5 xz-utils libarchive-tools libcurl4-openssl-dev
+                  sudo apt-get install -y libsecret-1-dev libsodium-dev libfuse2 ninja-build libgtk-3-dev dpkg-dev pkg-config libsqlite3-dev locate appindicator3-0.1 libappindicator3-dev libffi-dev libtiff5
                   sudo updatedb --localpaths='/usr/lib/x86_64-linux-gnu'
 
-            - name: Install appimagetool
-              run: |
-                  wget -O appimagetool "https://github.com/AppImage/appimagetool/releases/download/continuous/appimagetool-x86_64.AppImage"
-                  chmod +x appimagetool
-                  mv appimagetool /usr/local/bin/
-
             - name: Build desktop app
               run: |
                   flutter config --enable-linux-desktop
-                  dart pub global activate --source git https://github.com/ente-io/flutter_distributor_fork --git-ref develop --git-path packages/flutter_distributor
-                  # RPM
-                  flutter_distributor package --platform=linux --targets=rpm --skip-clean
-                  mv dist/**/*-*-linux.rpm artifacts/ente-${{ github.ref_name }}-x86_64.rpm
-                  # APPIMAGE
-                  flutter_distributor package --platform=linux --targets=appimage --skip-clean
-                  mv dist/**/*-*-linux.AppImage artifacts/ente-${{ github.ref_name }}-x86_64.AppImage
-                  # DEB
+                  # dart pub global activate flutter_distributor
+                  dart pub global activate --source git https://github.com/prateekmedia/flutter_distributor --git-ref develop --git-path packages/flutter_distributor
                   flutter_distributor package --platform=linux --targets=deb --skip-clean
                   mv dist/**/*-*-linux.deb artifacts/ente-${{ github.ref_name }}-x86_64.deb
+              env:
+                  LIBSODIUM_USE_PKGCONFIG: 1
 
-            - name: Generate checksums
+            - name: Generate checksums and push to artifacts
               run: |
-                sha256sum artifacts/ente-auth-*.apk >> artifacts/sha256sum-apk
-                sha256sum artifacts/ente-auth-*.deb artifacts/ente-auth-*.rpm artifacts/ente-auth-*.AppImage >> artifacts/sha256sum-linux
+                  sha256sum artifacts/ente-* > artifacts/sha256sum-apk-deb
 
             - name: Create a draft GitHub release
               uses: ncipollo/release-action@v1
               with:
-                  artifacts: "mobile/apps/auth/artifacts/*"
+                  artifacts: "auth/artifacts/*"
                   draft: true
                   allowUpdates: true
                   updateOnlyUnreleased: true
@@ -136,16 +122,76 @@ jobs:
               with:
                   serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
                   packageName: io.ente.auth
-                  releaseFiles: mobile/apps/auth/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
+                  releaseFiles: auth/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
                   track: internal
 
-    build-windows:
-        runs-on: windows-latest
-        environment: "auth-win-build"
+    build-fedora-etc:
+        runs-on: ubuntu-latest
 
         defaults:
             run:
-                working-directory: mobile/apps/auth
+                working-directory: auth
+
+        steps:
+            - name: Checkout code and submodules
+              uses: actions/checkout@v4
+              with:
+                  submodules: recursive
+
+            - name: Install Flutter ${{ env.FLUTTER_VERSION  }}
+              uses: subosito/flutter-action@v2
+              with:
+                  channel: "stable"
+                  flutter-version: ${{ env.FLUTTER_VERSION  }}
+                  cache: true
+
+            - name: Create artifacts directory
+              run: mkdir artifacts
+
+            - name: Install dependencies for desktop build
+              run: |
+                  sudo apt-get update -y
+                  sudo apt-get install -y libsecret-1-dev libsodium-dev libfuse2 ninja-build libgtk-3-dev dpkg-dev pkg-config rpm patchelf libsqlite3-dev locate libayatana-appindicator3-dev libffi-dev libtiff5 xz-utils libarchive-tools
+                  sudo updatedb --localpaths='/usr/lib/x86_64-linux-gnu'
+
+            - name: Install appimagetool
+              run: |
+                  wget -O appimagetool "https://github.com/AppImage/AppImageKit/releases/download/continuous/appimagetool-x86_64.AppImage"
+                  chmod +x appimagetool
+                  mv appimagetool /usr/local/bin/
+
+            - name: Build desktop app
+              run: |
+                  flutter config --enable-linux-desktop
+                  # dart pub global activate flutter_distributor
+                  dart pub global activate --source git https://github.com/prateekmedia/flutter_distributor --git-ref develop --git-path packages/flutter_distributor
+                  # Run below command if it is a beta or nightly
+                  if [[ ${{ github.ref }} =~ beta|nightly ]]; then
+                    flutter_distributor package --platform=linux --targets=pacman --skip-clean
+                    mv dist/**/*-*-linux.pacman artifacts/ente-${{ github.ref_name }}-x86_64.pacman
+                  fi
+                  flutter_distributor package --platform=linux --targets=rpm --skip-clean
+                  mv dist/**/*-*-linux.rpm artifacts/ente-${{ github.ref_name }}-x86_64.rpm
+                  flutter_distributor package --platform=linux --targets=appimage --skip-clean
+                  mv dist/**/*-*-linux.AppImage artifacts/ente-${{ github.ref_name }}-x86_64.AppImage
+
+            - name: Generate checksums
+              run: sha256sum artifacts/ente-* >> artifacts/sha256sum-rpm-appimage
+
+            - name: Create a draft GitHub release
+              uses: ncipollo/release-action@v1
+              with:
+                  artifacts: "auth/artifacts/*"
+                  draft: true
+                  allowUpdates: true
+                  updateOnlyUnreleased: true
+
+    build-windows:
+        runs-on: windows-latest
+
+        defaults:
+            run:
+                working-directory: auth
 
         steps:
             - name: Checkout code and submodules
@@ -167,7 +213,7 @@ jobs:
               run: |
                   flutter config --enable-windows-desktop
                   # dart pub global activate flutter_distributor
-                  dart pub global activate --source git https://github.com/ente-io/flutter_distributor_fork --git-ref develop --git-path packages/flutter_distributor
+                  dart pub global activate --source git https://github.com/prateekmedia/flutter_distributor --git-ref develop --git-path packages/flutter_distributor
                   make innoinstall
                   flutter_distributor package --platform=windows --targets=exe --skip-clean
                   mv dist/**/*-windows-setup.exe artifacts/ente-${{ github.ref_name }}-installer.exe
@@ -175,22 +221,14 @@ jobs:
             - name: Retain Windows EXE and DLLs
               run: cp -r build/windows/x64/runner/Release ente-${{ github.ref_name }}-windows
 
-            - name: Sign files with Trusted Signing
-              uses: azure/trusted-signing-action@v0
+            - name: Code sign Windows installer and EXE
+              uses: dlemstra/code-sign-action@v1
               with:
-                azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-                azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
-                azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }}
-                endpoint: ${{ secrets.AZURE_ENDPOINT }}
-                trusted-signing-account-name: ${{ secrets.AZURE_CODE_SIGNING_NAME }}
-                certificate-profile-name: ${{ secrets.AZURE_CERT_PROFILE_NAME }}
-                files: |
-                      ${{ github.workspace }}/mobile/apps/auth/artifacts/ente-${{ github.ref_name }}-installer.exe
-                      ${{ github.workspace }}/mobile/apps/auth/ente-${{ github.ref_name }}-windows/auth.exe
-                file-digest: SHA256
-                timestamp-rfc3161: http://timestamp.acs.microsoft.com
-                timestamp-digest: SHA256  
-
+                  certificate: "${{ secrets.WINDOWS_CERTIFICATE }}"
+                  password: "${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}"
+                  files: |
+                      auth/artifacts/ente-${{ github.ref_name }}-installer.exe
+                      auth/ente-${{ github.ref_name }}-windows/auth.exe
 
             - name: Zip Windows EXE and DLLs
               run: tar.exe -a -c -f artifacts/ente-${{ github.ref_name }}-windows.zip ente-${{ github.ref_name }}-windows
@@ -201,7 +239,7 @@ jobs:
             - name: Create a draft GitHub release
               uses: ncipollo/release-action@v1
               with:
-                  artifacts: "mobile/apps/auth/artifacts/*"
+                  artifacts: "auth/artifacts/*"
                   draft: true
                   allowUpdates: true
                   updateOnlyUnreleased: true
@@ -211,7 +249,7 @@ jobs:
 
         defaults:
             run:
-                working-directory: mobile/apps/auth
+                working-directory: auth
 
         steps:
             - name: Checkout code and submodules
@@ -298,7 +336,7 @@ jobs:
             - name: Create a draft GitHub release
               uses: ncipollo/release-action@v1
               with:
-                  artifacts: "mobile/apps/auth/artifacts/*"
+                  artifacts: "auth/artifacts/*"
                   draft: true
                   allowUpdates: true
                   updateOnlyUnreleased: true

.github/workflows/cli-release.yml

@@ -12,10 +12,6 @@ on:
         tags:
             - "cli-v*"
 
-permissions:
-    contents: write
-    packages: write
-
 jobs:
     draft-release:
         runs-on: ubuntu-latest
@@ -49,7 +45,7 @@ jobs:
                   goarch: ${{ matrix.goarch }}
                   asset_name: ente-${{ github.ref_name }}-${{ matrix.goos }}-${{ matrix.goarch }}
                   release_name: ${{ github.ref_name }}
-                  goversion: "1.23"
+                  goversion: "1.20"
                   project_path: "./cli"
                   pre_command: export CGO_ENABLED=0
                   build_flags: "-trimpath"

.github/workflows/codeql.yml

@@ -1,53 +0,0 @@
-# The only reason we're making a custom CodeQL configuration is because the
-# default setup does not have an option to run daily / weekly instead of per
-# push, which is too slow.
-#
-# In the future, it might become faster. Then just delete this file, and revert
-# to the default configuration.
-#
-# References:
-# https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/
-
-name: "CodeQL"
-
-on:
-    workflow_dispatch: # Allow running manually
-    schedule:
-        - cron: "22 1 * * 1"
-
-jobs:
-    analyze:
-        name: Analyze (${{ matrix.language }})
-        runs-on: 'ubuntu-latest'
-        permissions:
-            contents: read
-            # Required for all workflows.
-            security-events: write
-            # Required to fetch internal or private CodeQL packs.
-            packages: read
-
-        strategy:
-            fail-fast: false
-            matrix:
-                include:
-                    - language: actions
-                      build-mode: none
-                    - language: go
-                      build-mode: autobuild
-                    - language: javascript-typescript
-                      build-mode: none
-
-        steps:
-            - name: Checkout repository
-              uses: actions/checkout@v4
-
-            - name: Initialize CodeQL
-              uses: github/codeql-action/init@v3
-              with:
-                  languages: ${{ matrix.language }}
-                  build-mode: ${{ matrix.build-mode }}
-
-            - name: Perform CodeQL Analysis
-              uses: github/codeql-action/analyze@v3
-              with:
-                  category: "/language:${{matrix.language}}"

.github/workflows/copycat-db-release.yml

@@ -3,9 +3,6 @@ name: "Release (copycat-db)"
 on:
     workflow_dispatch: # Run manually
 
-permissions:
-    contents: read
-
 jobs:
     build:
         runs-on: ubuntu-latest

.github/workflows/desktop-lint.yml

@@ -7,9 +7,6 @@ on:
             - "desktop/**"
             - ".github/workflows/desktop-lint.yml"
 
-permissions:
-    contents: read
-
 jobs:
     lint:
         runs-on: ubuntu-latest
@@ -23,7 +20,7 @@ jobs:
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "desktop/yarn.lock"
 

.github/workflows/docs-deploy.yml

@@ -10,9 +10,6 @@ on:
     # Also allow manually running the workflow
     workflow_dispatch:
 
-permissions:
-    contents: read
-
 jobs:
     deploy:
         runs-on: ubuntu-latest
@@ -28,7 +25,7 @@ jobs:
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "docs/yarn.lock"
 

.github/workflows/docs-lint.yml

@@ -1,32 +0,0 @@
-name: "Lint (docs)"
-
-on:
-    # Run on every pull request (open or push to it) that changes docs/
-    pull_request:
-        paths:
-            - "docs/**"
-            - ".github/workflows/docs-lint.yml"
-
-permissions:
-    contents: read
-
-jobs:
-    lint:
-        runs-on: ubuntu-latest
-        defaults:
-            run:
-                working-directory: docs
-        steps:
-            - name: Checkout code
-              uses: actions/checkout@v4
-
-            - name: Setup node and enable yarn caching
-              uses: actions/setup-node@v4
-              with:
-                  node-version: 22
-                  cache: "yarn"
-                  cache-dependency-path: "web/yarn.lock"
-
-            - run: yarn install
-
-            - run: yarn pretty:check

.github/workflows/docs-verify-build.yml

@@ -10,9 +10,6 @@ on:
             - "docs/**"
             - ".github/workflows/docs-verify-build.yml"
 
-permissions:
-    contents: read
-
 jobs:
     verify-build:
         runs-on: ubuntu-latest
@@ -28,7 +25,7 @@ jobs:
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "docs/yarn.lock"
 

.github/workflows/infra-deploy-staff.yml

@@ -10,9 +10,6 @@ on:
     # Also allow manually running the workflow
     workflow_dispatch:
 
-permissions:
-    contents: read
-
 jobs:
     lint:
         runs-on: ubuntu-latest
@@ -28,7 +25,7 @@ jobs:
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "infra/staff/yarn.lock"
 

.github/workflows/infra-lint-staff.yml

@@ -7,9 +7,6 @@ on:
             - "infra/staff/**"
             - ".github/workflows/infra-deploy-staff.yml"
 
-permissions:
-    contents: read
-
 jobs:
     deploy:
         runs-on: ubuntu-latest
@@ -25,7 +22,7 @@ jobs:
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "infra/staff/yarn.lock"
 

.github/workflows/mobile-crowdin-push.yml

@@ -5,14 +5,10 @@ on:
         branches: [main]
         paths:
             # Run workflow when mobiles's intl_en.arb is changed
-            - "mobile/apps/photos/lib/l10n/intl_en.arb"
+            - "mobile/lib/l10n/intl_en.arb"
             # Or the workflow itself is changed
             - ".github/workflows/mobile-crowdin.yml"
 
-permissions:
-    contents: write
-    pull-requests: write
-
 jobs:
     push-sources-to-crowdin:
         runs-on: ubuntu-latest
@@ -24,8 +20,8 @@ jobs:
             - name: Crowdin's action
               uses: crowdin/github-action@v2
               with:
-                  base_path: "mobile/apps/photos/"
-                  config: "mobile/apps/photos/crowdin.yml"
+                  base_path: "mobile/"
+                  config: "mobile/crowdin.yml"
                   upload_sources: true
                   upload_translations: false
                   download_translations: false

.github/workflows/mobile-crowdin-sync.yml

@@ -1,4 +1,4 @@
-name: "Sync Crowdin translations (mobile/photos)"
+name: "Sync Crowdin translations (mobile)"
 
 on:
     schedule:
@@ -8,10 +8,6 @@ on:
     # Also allow manually running the workflow.
     workflow_dispatch:
 
-permissions:
-    contents: write
-    pull-requests: write
-
 jobs:
     synchronize-with-crowdin:
         runs-on: ubuntu-latest
@@ -23,14 +19,14 @@ jobs:
             - name: Crowdin's action
               uses: crowdin/github-action@v2
               with:
-                  base_path: "mobile/apps/photos/"
-                  config: "mobile/apps/photos/crowdin.yml"
+                  base_path: "mobile/"
+                  config: "mobile/crowdin.yml"
                   upload_sources: true
                   upload_translations: false
                   download_translations: true
                   localization_branch_name: translations/mobile
                   create_pull_request: true
-                  pull_request_title: "[mobile/photos] New translations"
+                  pull_request_title: "[mobile] New translations"
                   pull_request_body: "New translations from [Crowdin](https://crowdin.com/project/ente-photos-app)"
                   pull_request_base_branch_name: "main"
                   project_id: 574741

.github/workflows/mobile-internal-release-rust.yml

@@ -1,77 +0,0 @@
-name: "Internal release (photos)"
-
-on:
-    workflow_dispatch: # Allow manually running the action
-
-env:
-    FLUTTER_VERSION: "3.24.3"
-    RUST_VERSION: "1.85.1"
-
-permissions:
-    contents: write
-
-jobs:
-    build:
-        runs-on: ubuntu-latest
-
-        defaults:
-            run:
-                working-directory: mobile/apps/photos
-
-        steps:
-            - name: Checkout code and submodules
-              uses: actions/checkout@v4
-              with:
-                  submodules: recursive
-
-            - name: Setup JDK 17
-              uses: actions/setup-java@v1
-              with:
-                  java-version: 17
-
-            - name: Install Flutter ${{ env.FLUTTER_VERSION  }}
-              uses: subosito/flutter-action@v2
-              with:
-                  channel: "stable"
-                  flutter-version: ${{ env.FLUTTER_VERSION  }}
-                  cache: true
-            
-            - name: Install Rust ${{ env.RUST_VERSION }}
-              uses: dtolnay/rust-toolchain@master
-              with:
-                toolchain: ${{ env.RUST_VERSION }}
-
-            - name: Install Flutter Rust Bridge
-              run: cargo install flutter_rust_bridge_codegen
-
-            - name: Setup keys
-              uses: timheuer/base64-to-file@v1
-              with:
-                  fileName: "keystore/ente_photos_key.jks"
-                  encodedString: ${{ secrets.SIGNING_KEY_PHOTOS }}
-
-            - name: Build PlayStore AAB
-              run: |
-                  flutter build appbundle --dart-define=cronetHttpNoPlay=true --release --flavor playstore
-              env:
-                  SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_photos_key.jks"
-                  SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS_PHOTOS }}
-                  SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD_PHOTOS }}
-                  SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD_PHOTOS }}
-
-            - name: Upload AAB to PlayStore
-              uses: r0adkll/upload-google-play@v1
-              with:
-                  serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
-                  packageName: io.ente.photos
-                  releaseFiles: mobile/apps/photos/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
-                  track: internal
-
-            - name: Notify Discord
-              uses: sarisia/actions-status-discord@v1
-              with:
-                  webhook: ${{ secrets.DISCORD_INTERNAL_RELEASE_WEBHOOK }}
-                  nodetail: true
-                  title: "🏆 Internal release available for Photos"
-                  description: "[Download](https://play.google.com/store/apps/details?id=io.ente.photos)"
-                  color: 0x00ff00

.github/workflows/mobile-internal-release.yml

@@ -6,16 +6,13 @@ on:
 env:
     FLUTTER_VERSION: "3.24.3"
 
-permissions:
-    contents: write
-
 jobs:
     build:
         runs-on: ubuntu-latest
 
         defaults:
             run:
-                working-directory: mobile/apps/photos
+                working-directory: mobile
 
         steps:
             - name: Checkout code and submodules
@@ -43,7 +40,7 @@ jobs:
 
             - name: Build PlayStore AAB
               run: |
-                  flutter build appbundle --dart-define=cronetHttpNoPlay=true --release --flavor playstore
+                  flutter build appbundle --release --flavor playstore
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_photos_key.jks"
                   SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS_PHOTOS }}
@@ -55,14 +52,5 @@ jobs:
               with:
                   serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
                   packageName: io.ente.photos
-                  releaseFiles: mobile/apps/photos/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
+                  releaseFiles: mobile/build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
                   track: internal
-
-            - name: Notify Discord
-              uses: sarisia/actions-status-discord@v1
-              with:
-                  webhook: ${{ secrets.DISCORD_INTERNAL_RELEASE_WEBHOOK }}
-                  nodetail: true
-                  title: "🏆 Internal release Photos (Branch: ${{ github.ref_name }})"
-                  description: "[Download](https://play.google.com/store/apps/details?id=io.ente.photos)"
-                  color: 0x00ff00

.github/workflows/mobile-lint.yml

@@ -4,21 +4,19 @@ on:
     # Run on every pull request (open or push to it) that changes mobile/
     pull_request:
         paths:
-            - "mobile/apps/photos/**"
+            - "mobile/**"
             - ".github/workflows/mobile-lint.yml"
 
 env:
-    FLUTTER_VERSION: "3.24.3"
 
-permissions:
-    contents: read
+    FLUTTER_VERSION: "3.24.3"
 
 jobs:
     lint:
         runs-on: ubuntu-latest
         defaults:
             run:
-                working-directory: mobile/apps/photos
+                working-directory: mobile
         steps:
             - name: Checkout code and submodules
               uses: actions/checkout@v4

.github/workflows/mobile-release.yml

@@ -11,16 +11,13 @@ on:
 env:
     FLUTTER_VERSION: "3.24.3"
 
-permissions:
-    contents: write
-
 jobs:
     build:
         runs-on: ubuntu-latest
 
         defaults:
             run:
-                working-directory: mobile/apps/photos
+                working-directory: mobile
 
         steps:
             - name: Checkout code and submodules
@@ -48,7 +45,7 @@ jobs:
 
             - name: Build independent APK
               run: |
-                flutter build apk --dart-define=cronetHttpNoPlay=true --release --flavor independent
+                flutter build apk --release --flavor independent
                 mv build/app/outputs/flutter-apk/app-independent-release.apk build/app/outputs/flutter-apk/ente-${{ github.ref_name }}.apk
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_photos_key.jks"
@@ -62,5 +59,5 @@ jobs:
             - name: Create a draft GitHub release
               uses: ncipollo/release-action@v1
               with:
-                  artifacts: "mobile/apps/photos/build/app/outputs/flutter-apk/ente-${{ github.ref_name }}.apk,mobile/apps/photos/build/app/outputs/flutter-apk/sha256sum"
+                  artifacts: "mobile/build/app/outputs/flutter-apk/ente-${{ github.ref_name }}.apk,mobile/build/app/outputs/flutter-apk/sha256sum"
                   draft: true

.github/workflows/photos-internal-release.yml

@@ -1,126 +0,0 @@
-name: "Internal Release V2 (photos)"
-
-on:
-  workflow_dispatch: # Manual trigger only
-
-env:
-  FLUTTER_VERSION: "3.27.4"
-  ANDROID_KEYSTORE_PATH: "keystore/ente_photos_key.jks"
-
-jobs:
-  build:
-    runs-on: macos-latest # Required for iOS builds
-    environment: "ios-build"
-    permissions:
-      contents: write
-
-    defaults:
-      run:
-        working-directory: mobile/apps/photos
-
-    steps:
-      # Common Setup
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          submodules: recursive
-
-      - name: Setup JDK 17
-        uses: actions/setup-java@v1
-        with:
-          java-version: 17
-
-      - name: Install Flutter
-        uses: subosito/flutter-action@v2
-        with:
-          flutter-version: ${{ env.FLUTTER_VERSION }}
-          cache: true
-
-      # Android Build 
-      - name: Setup Android signing key
-        uses: timheuer/base64-to-file@v1
-        with:
-          fileName: ${{ env.ANDROID_KEYSTORE_PATH }}
-          encodedString: ${{ secrets.SIGNING_KEY_PHOTOS }}
-
-      # - name: Build Android AAB
-      #   run: |
-      #     flutter build appbundle \
-      #       --dart-define=cronetHttpNoPlay=true \
-      #       --release \
-      #       --flavor playstore
-      #   env:
-      #     SIGNING_KEY_PATH: ${{ env.ANDROID_KEYSTORE_PATH }}
-      #     SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS_PHOTOS }}
-      #     SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD_PHOTOS }}
-      #     SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD_PHOTOS }}
-
-      # iOS Build (new secure implementation)
-      - name: Install fastlane
-        run: gem install fastlane
-      
-      - name: Create ExportOptions.plist
-        run: |
-          cat <<EOF > ios/ExportOptions.plist
-          <?xml version="1.0" encoding="UTF-8"?>
-          <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-          <plist version="1.0">
-          <dict>
-              <key>method</key>
-              <string>app-store</string>
-              <key>teamID</key>
-              <string>${{ secrets.IOS_TEAM_ID }}</string>
-          </dict>
-          </plist>
-          EOF
-
-      - name: Setup App Store Connect API Key
-        run: |
-          echo '${{ secrets.IOS_API_KEY }}' > api_key.json
-          chmod 600 api_key.json
-
-      - name: Build iOS IPA
-        run: |
-          flutter build ipa \
-            --release \
-            --export-options-plist=ios/ExportOptions.plist \
-            --dart-define=cronetHttpNoPlay=true
-        env:
-          SIGNING_TEAM_ID: ${{ secrets.IOS_TEAM_ID }}
-
-      # Uploads
-      # - name: Upload to Play Store
-      #   uses: r0adkll/upload-google-play@v1
-      #   with:
-      #     serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
-      #     packageName: io.ente.photos
-      #     releaseFiles: build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
-      #     track: internal
-
-      - name: Upload to TestFlight
-        run: |
-          fastlane pilot upload \
-            --api_key_path api_key.json \
-            --ipa "build/ios/ipa/Ente Photos.ipa" \
-            --skip_waiting_for_build_processing \
-            --apple_id ${{ secrets.IOS_APPLE_ID }} \
-            --app_identifier "io.ente.photos"
-        env:
-          APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.IOS_API_KEY_ID }}
-          APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.IOS_ISSUER_ID }}
-          FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD: ${{ secrets.IOS_APP_SPECIFIC_PASSWORD }}
-
-      - name: Clean sensitive files
-        run: |
-          rm -f api_key.json
-          rm -f ${{ env.ANDROID_KEYSTORE_PATH }}
-
-      - name: Notify Discord
-        uses: sarisia/actions-status-discord@v1
-        with:
-          webhook: ${{ secrets.DISCORD_INTERNAL_RELEASE_WEBHOOK }}
-          title: "🚀 Dual Platform Release Uploaded"
-          description: |
-            **Android**: [Play Store Internal](https://play.google.com/store/apps/details?id=io.ente.photos)
-            **iOS**: TestFlight build processing
-          color: 0x00ff00

.github/workflows/server-lint.yml

@@ -7,9 +7,6 @@ on:
             - "server/**"
             - ".github/workflows/server-lint.yml"
 
-permissions:
-    contents: read
-
 jobs:
     lint:
         runs-on: ubuntu-latest

.github/workflows/server-publish-ghcr.yml

@@ -1,45 +0,0 @@
-name: "Publish ghcr (server)"
-
-on:
-    # Run automatically on 15th of every month, at 05:00 UTC.
-    schedule:
-        - cron: '0 5 15 * *'
-    # Run manually if needed to publish out of schedule.
-    workflow_dispatch:
-
-permissions:
-    contents: write  # for pushing the `ghcr/server` branch
-    packages: write
-
-jobs:
-    publish:
-        runs-on: ubuntu-latest
-        steps:
-            - name: Determine commit from prod museum
-              run: |
-                  echo "museum_commit=$(curl -s https://api.ente.io/ping | jq -r .id)" >> $GITHUB_ENV
-
-            - name: Checkout code
-              uses: actions/checkout@v4
-              with:
-                  ref: ${{ env.museum_commit }}
-
-            - name: Build and push
-              uses: mr-smithers-excellent/docker-build-push@v6
-              with:
-                  dockerfile: server/Dockerfile
-                  directory: server
-                  # Resultant package name will be ghcr.io/ente-io/server
-                  image: server
-                  registry: ghcr.io
-                  enableBuildKit: true
-                  multiPlatform: true
-                  platform: linux/amd64,linux/arm64
-                  buildArgs: GIT_COMMIT=${{ env.museum_commit }}
-                  tags: ${{ env.museum_commit }}, latest
-                  username: ${{ github.actor }}
-                  password: ${{ secrets.GITHUB_TOKEN }}
-
-            - name: Update branch ghcr/server to point to source commit
-              run: |
-                  git push -f origin HEAD:refs/heads/ghcr/server

.github/workflows/server-publish.yml

@@ -0,0 +1,45 @@
+name: "Publish (server)"
+
+on:
+    # Run manually, providing it the commit.
+    #
+    # To obtain the commit from the currently deployed museum, do:
+    # curl -s https://api.ente.io/ping | jq -r '.id'
+    #
+    # See server/docs/publish.md for more details.
+    workflow_dispatch:
+        inputs:
+            commit:
+                description: "Commit to publish the image from"
+                type: string
+                required: true
+
+jobs:
+    publish:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v4
+              with:
+                  ref: ${{ inputs.commit }}
+
+            - name: Build and push
+              uses: mr-smithers-excellent/docker-build-push@v6
+              with:
+                  dockerfile: server/Dockerfile
+                  directory: server
+                  # Resultant package name will be ghcr.io/ente-io/server
+                  image: server
+                  registry: ghcr.io
+                  enableBuildKit: true
+                  multiPlatform: true
+                  platform: linux/amd64,linux/arm64
+                  buildArgs: GIT_COMMIT=${{ inputs.commit }}
+                  tags: ${{ inputs.commit }}, latest
+                  username: ${{ github.actor }}
+                  password: ${{ secrets.GITHUB_TOKEN }}
+
+            - name: Tag as server/ghcr
+              run: |
+                  git tag -f server/ghcr
+                  git push -f origin server/ghcr

.github/workflows/server-release.yml

@@ -3,9 +3,6 @@ name: "Release (server)"
 on:
     workflow_dispatch: # Run manually
 
-permissions:
-    contents: read
-
 jobs:
     build:
         runs-on: ubuntu-latest

.github/workflows/web-crowdin-push-both.yml

@@ -12,10 +12,6 @@ on:
     # `gh workflow run web-crowdin-push-both.yml --ref <my-branch>`
     workflow_dispatch:
 
-permissions:
-    contents: write
-    pull-requests: write
-
 jobs:
     push-both-to-crowdin:
         runs-on: ubuntu-latest

.github/workflows/web-crowdin-sync.yml

@@ -22,15 +22,6 @@ on:
     # Also allow manually running the workflow.
     workflow_dispatch:
 
-# "In order to push translations and create pull requests, the Crowdin GitHub
-#  action requires the `GITHUB_TOKEN` to have write permission on the `contents`
-#  and `pull-requests`.
-#
-# - https://github.com/crowdin/github-action?tab=readme-ov-file#permissions
-permissions:
-    contents: write
-    pull-requests: write
-
 jobs:
     synchronize-with-crowdin:
         runs-on: ubuntu-latest

.github/workflows/web-deploy-one.yml

@@ -15,9 +15,6 @@ on:
                     - "payments"
                     - "photos"
 
-permissions:
-    contents: read
-
 jobs:
     deploy:
         runs-on: ubuntu-latest
@@ -29,11 +26,13 @@ jobs:
         steps:
             - name: Checkout code
               uses: actions/checkout@v4
+              with:
+                  submodules: recursive
 
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "web/yarn.lock"
 

.github/workflows/web-deploy-preview.yml

@@ -15,9 +15,6 @@ on:
                     - "payments"
                     - "photos"
 
-permissions:
-    contents: read
-
 jobs:
     deploy:
         runs-on: ubuntu-latest
@@ -29,11 +26,13 @@ jobs:
         steps:
             - name: Checkout code
               uses: actions/checkout@v4
+              with:
+                  submodules: recursive
 
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "web/yarn.lock"
 

.github/workflows/web-deploy-staging.yml

@@ -11,9 +11,6 @@ on:
     # Also allow manually running the workflow
     workflow_dispatch:
 
-permissions:
-    contents: read
-
 jobs:
     deploy:
         runs-on: ubuntu-latest
@@ -37,11 +34,12 @@ jobs:
               uses: actions/checkout@v4
               with:
                   ref: ${{ steps.select-branch.outputs.branch }}
+                  submodules: recursive
 
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "web/yarn.lock"
 

.github/workflows/web-deploy.yml

@@ -4,7 +4,7 @@ on:
     schedule:
         # [Note: Run workflow every 24 hours]
         #
-        # Run every weekday at ~8:00 AM IST.
+        # Run everyday at ~8:00 AM IST (except Sundays).
         #
         # First field is minute, second is hour of the day. Last is day of week,
         # 0 being Sunday.
@@ -15,13 +15,10 @@ on:
         # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule
         # https://crontab.guru/
         #
-        - cron: "25 2 * * 1-5"
+        - cron: "25 2 * * 1-6"
     # Also allow manually running the workflow
     workflow_dispatch:
 
-permissions:
-    contents: read
-
 jobs:
     deploy:
         runs-on: ubuntu-latest
@@ -33,11 +30,13 @@ jobs:
         steps:
             - name: Checkout code
               uses: actions/checkout@v4
+              with:
+                  submodules: recursive
 
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "web/yarn.lock"
 
@@ -93,13 +92,3 @@ jobs:
                   accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
                   apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
                   command: pages deploy --project-name=ente --commit-dirty=true --branch=deploy/payments web/apps/payments/dist
-
-            - name: Build locker
-              run: yarn build:locker
-
-            - name: Publish locker
-              uses: cloudflare/wrangler-action@v3
-              with:
-                  accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-                  apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-                  command: pages deploy --project-name=ente --commit-dirty=true --branch=deploy/locker web/apps/locker/out

.github/workflows/web-lint.yml

@@ -7,9 +7,6 @@ on:
             - "web/**"
             - ".github/workflows/web-lint.yml"
 
-permissions:
-    contents: read
-
 # Cancel in-progress lint runs when a new commit is pushed.
 concurrency:
     group: ${{ github.workflow }}-${{ github.ref }}
@@ -28,7 +25,7 @@ jobs:
             - name: Setup node and enable yarn caching
               uses: actions/setup-node@v4
               with:
-                  node-version: 22
+                  node-version: 20
                   cache: "yarn"
                   cache-dependency-path: "web/yarn.lock"
 

.github/workflows/web-publish-ghcr.yml

@@ -1,38 +0,0 @@
-name: "Publish ghcr (web)"
-
-on:
-    # Run automatically every Wednesday, at 07:00 UTC.
-    schedule:
-        - cron: '0 7 * * 3'
-    # Run manually if needed to publish out of schedule.
-    workflow_dispatch:
-
-permissions:
-    contents: write  # for pushing the `ghcr/web` branch
-    packages: write
-
-jobs:
-    publish:
-        runs-on: ubuntu-latest
-        steps:
-            - name: Checkout code
-              uses: actions/checkout@v4
-
-            - name: Build and push
-              uses: mr-smithers-excellent/docker-build-push@v6
-              with:
-                  dockerfile: web/Dockerfile
-                  directory: web
-                  # Resultant package name will be ghcr.io/ente-io/web
-                  image: web
-                  registry: ghcr.io
-                  enableBuildKit: true
-                  multiPlatform: true
-                  platform: linux/amd64,linux/arm64
-                  tags: ${{ github.sha }}, latest
-                  username: ${{ github.actor }}
-                  password: ${{ secrets.GITHUB_TOKEN }}
-
-            - name: Update branch ghcr/web to point to source commit
-              run: |
-                  git push -f origin HEAD:refs/heads/ghcr/web

.gitmodules

@@ -3,9 +3,17 @@
 	url = https://github.com/ente-io/sentry-dart.git
 	branch = sentry_flutter_ente
 [submodule "auth/flutter"]
-	path = mobile/apps/auth/flutter
+	path = auth/flutter
 	url = https://github.com/flutter/flutter.git
 	branch = stable
 [submodule "auth/assets/simple-icons"]
-	path = mobile/apps/auth/assets/simple-icons
+	path = auth/assets/simple-icons
 	url = https://github.com/simple-icons/simple-icons.git
+[submodule "web/apps/photos/thirdparty/ffmpeg-wasm"]
+	path = web/apps/photos/thirdparty/ffmpeg-wasm
+	url = https://github.com/abhinavkgrd/ffmpeg.wasm.git
+	branch = master
+[submodule "web/apps/photos/thirdparty/photoswipe"]
+	path = web/apps/photos/thirdparty/photoswipe
+	url = https://github.com/ente-io/PhotoSwipe.git
+	branch = single-thread

CONTRIBUTING.md

@@ -1,42 +1,54 @@
 # Contributing
 
-- [Spread the word](#spread-the-word)
-- [Engage with the community](#engage-with-the-community)
-- [Translate](#translate)
-- [Document](#document)
+First and foremost, thank you for your interest in contributing to Ente 🙏
+
+There are many ways to contribute, and most of them don't require writing code.
+
+* [Spread the word](#spread-the-word)
+* [Engage with the community](#engage-with-the-community)
+* [Translate](#translate)
+* [Document](#document)
+
 
 ## Spread the word
 
-**This is the most impactful contribution you can make**.
-
-[Spread the word](https://help.ente.io/photos/features/referral-program/). Online on your favorite social media channels. Offline to your friends and family who are looking for a privacy-friendly alternative to big tech.
+This is perhaps the most impactful contribution you can make. [Spread the
+word](https://help.ente.io/photos/features/referral-program/). Online on your
+favorite social media channels. Offline to your friends and family who are
+looking for a privacy-friendly alternative to big tech.
 
 ## Engage with the community
 
-Just hang around, enjoy the vibe. The Ente community — the people who are building Ente, and the people who are using Ente — hang out at various places depending on their proclivity:
+Just hang around, enjoy the vibe. Answer someone's query on our
+[Discord](https://discord.gg/z2YVKkycX3), or pile on in the sporadic #off-topic
+rants there. Chuckle (or wince!) at our [Twitter](https://twitter.com/enteio)
+memes. Suggest a new feature in our [Github
+Discussions](https://github.com/ente-io/ente/discussions/new?category=feature-requests),
+or upvote the existing ones that you feel we should focus on first. Provide your
+opinion on existing threads.
 
-- [Discord](https://discord.ente.io)
-- [Mastodon](https://fosstodon.org/@ente)
-- [X / Twitter](https://twitter.com/enteio)
-- [Github Discussions](https://github.com/ente-io/ente/discussions)
-
-Just being around might seem a small thing, but it provides us energy. Knowing that there is a community of people who care for what we are building, **who want us to do better**.
+These might seem like small things, but it provides us energy. Knowing that
+there is a community of people who care for what we are building.
 
 ## Translate
 
-Visit our Crowdin projects to help with translations:
+If you're interested in helping out with translation, please visit our Crowdin
+projects to get started:
+
+| Project  |  |
+| ------------- | ------------- |
+| [Auth](https://crowdin.com/project/ente-authenticator-app)  | [![Crowdin](https://badges.crowdin.net/ente-authenticator-app/localized.svg)](https://crowdin.com/project/ente-authenticator-app)  |
+| [Photos](https://crowdin.com/project/ente-photos-app)  | [![Crowdin](https://badges.crowdin.net/ente-photos-app/localized.svg)](https://crowdin.com/project/ente-photos-app)  |
+| [Photos Web / Desktop](https://crowdin.com/project/ente-photos-web)  | [![Crowdin](https://badges.crowdin.net/ente-photos-web/localized.svg)](https://crowdin.com/project/ente-photos-web)  |
 
-| Project                                                             |                                                                                                                                   |
-| ------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- |
-| [Auth](https://crowdin.com/project/ente-authenticator-app)          | [![Crowdin](https://badges.crowdin.net/ente-authenticator-app/localized.svg)](https://crowdin.com/project/ente-authenticator-app) |
-| [Photos](https://crowdin.com/project/ente-photos-app)               | [![Crowdin](https://badges.crowdin.net/ente-photos-app/localized.svg)](https://crowdin.com/project/ente-photos-app)               |
-| [Photos Web / Desktop](https://crowdin.com/project/ente-photos-web) | [![Crowdin](https://badges.crowdin.net/ente-photos-web/localized.svg)](https://crowdin.com/project/ente-photos-web)               |
 
 If your language is not listed for translation, please [create a GitHub
 issue](https://github.com/ente-io/ente/issues/new?title=Request+for+New+Language+Translation&body=Language+name%3A+%0AProject%3A+auth%2Fphotos%2Fboth)
 to have it added. It is okay to have partial translations. Once ~90% of the
 strings in a language get translated, we will start surfacing it in the apps.
 
+Thank you for your support.
+
 ## Document
 
 The help guides and FAQs for users of Ente products are also open source, and
@@ -48,9 +60,22 @@ See [docs/](docs/README.md) for how to edit these documents.
 
 ## Code contributions
 
-If you'd like to contribute code, it is best to start small. Consider some well-scoped changes, say like adding more [custom icons to auth](auth/docs/adding-icons.md), or fixing a specific bug.
+Code is a small aspect of community, and the ways mentioned above are more
+important in helping us. But if you'd _really_ like to contribute code, it is
+best to start small. Consider some well-scoped changes, say like adding more
+[custom icons to auth](auth/docs/adding-icons.md).
 
-Code that changes the behaviour of the product might not get merged, at least not initially. The PR can serve as a discussion bed, but you might find it easier to just start a discussion instead, or post your perspective in the (likely) existing thread about the behaviour change or new feature you wish for.
+Each of the individual product/platform specific directories in this repository
+have instructions on setting up a dev environment and making changes. The issues
+and discussions (feature requests) labelled "good first issues" should be good
+starting points. Once you have a bearing, you can head on to issues or
+discussions labelled "help wanted".
+
+If you're planning on adding a new feature or making any other substantial
+change, please [discuss it with
+us](https://github.com/ente-io/ente/discussions). Discussing your idea with us
+first ensures that everyone is on the same page before you start working on your
+change.
 
 ## Leave a review or star
 

README.md

@@ -30,12 +30,12 @@ Learn more at [ente.io](https://ente.io).
 
 ![Screenshots of Ente Photos](.github/assets/photos.png)
 
-Our flagship product. 3x data replication. Face detection. Semantic search.
-Private sharing. Collaborative albums. Family plans. Easy import, easier export.
-Background uploads. The list goes on. And of course, all of this, while being
-fully end-to-end encrypted across platforms.
+Our flagship product. 3x data replication. On device machine learning. Cross
+platform. Private sharing. Collaborative albums. Family plans. Easy import,
+easier export. Background uploads. The list goes on. And of course, all of this,
+while being fully end-to-end encrypted.
 
-Ente Photos is a paid service, but we offer 10GB of free storage.
+Ente Photos is a paid service, but we offer 5GB of free storage.
 You can also clone this repository and choose to self-host.
 
 <br />
@@ -95,8 +95,8 @@ please see our [support guide](SUPPORT.md).
 <img src=".github/assets/ente-ducky.png" width=200 alt="Ente's Mascot, Ducky,
     inviting people to Ente's source code repository" />
 
-Please visit the [community section](https://ente.io/about#community) for all the ways to
-connect with our community.
+Please visit our [community page](https://ente.io/community) for all the ways to
+connect with the community.
 
 [![Discord](https://img.shields.io/discord/948937918347608085?style=for-the-badge&logo=Discord&logoColor=white&label=Discord)](https://discord.gg/z2YVKkycX3)
 [![Ente's Blog RSS](https://img.shields.io/badge/blog-rss-F88900?style=for-the-badge&logo=rss&logoColor=white)](https://ente.io/blog/rss.xml)

auth/.gitignore

@@ -0,0 +1,43 @@
+# Miscellaneous
+*.class
+*.log
+*.pyc
+*.swp
+.DS_Store
+.atom/
+.buildlog/
+.history
+.svn/
+
+# Editors
+.vscode/
+
+# IntelliJ related
+*.iml
+*.ipr
+*.iws
+.idea/
+
+# The .vscode folder contains launch configuration and tasks you configure in
+# VS Code which you may wish to be included in version control, so this line
+# is commented out by default.
+#.vscode/
+
+# Flutter/Dart/Pub related
+**/doc/api/
+.dart_tool/
+.flutter-plugins
+.flutter-plugins-dependencies
+.packages
+.pub-cache/
+.pub/
+/build/
+
+# Web related
+lib/generated_plugin_registrant.dart
+
+# Exceptions to above rules.
+!/packages/flutter_tools/test/data/dart_dependencies_test/**/.packages
+
+android/key.properties
+dist/

auth/README.md

@@ -0,0 +1,106 @@
+# Ente Auth
+
+Ente's 2FA app. An end-to-end encrypted, cross platform and free app for
+storing your 2FA codes with cloud backups. Works offline. You can even use it
+without signing up for an account if you don't want the cloud backups or
+multi-device sync.
+
+![App Screenshots](./screenshots/screenshots.png)
+
+## 📲 Download
+
+### Android
+
+This repository's [GitHub
+releases](https://github.com/ente-io/ente/releases?q=tag%3Aauth-v4)
+contains APKs, built straight from source. These builds keep themselves updated,
+without relying on third party stores.
+
+You can alternatively install the build from PlayStore or F-Droid.
+
+<a href="https://play.google.com/store/apps/details?id=io.ente.auth">
+  <img height="59" src="../.github/assets/play-store-badge.png">
+</a>
+<a href="https://f-droid.org/packages/io.ente.auth/">
+  <img height="59" src="../.github/assets/f-droid-badge.png">
+</a>
+
+### iOS / Apple Silicon macOS
+
+<a href="https://apps.apple.com/us/app/ente-authenticator/id6444121398">
+  <img height="59" src="../.github/assets/app-store-badge.svg">
+</a>
+
+### Desktop
+
+You can [**download**](https://github.com/ente-io/ente/releases?q=tag%3Aauth-v4)
+a native desktop app from this repository's GitHub releases. The desktop app
+works on Windows, Linux and macOS.
+
+### Web
+
+You can view your 2FA codes at [auth.ente.io](https://auth.ente.io). For adding
+or managing your secrets, please use our mobile or desktop app.
+
+## 🧑‍💻 Build from source
+
+1. [Install Flutter](https://flutter.dev/docs/get-started/install)
+
+2. Pull in all submodules with `git submodule update --init --recursive`
+
+3. For Android, [setup your
+   keystore](https://docs.flutter.dev/deployment/android#create-an-upload-keystore)
+   and run `flutter build apk --release --flavor independent`
+
+4. For iOS, run `flutter build ios`
+
+## ⚙️ Develop
+
+For Android, use
+
+```sh
+flutter run -t lib/main.dart --flavor independent
+```
+
+For iOS, use `flutter run`
+
+VSCode users might find it useful to copy [docs/vscode](docs/vscode) into a top
+level `.vscode`.
+
+If the code you're working needs to modify user facing strings, see
+[docs/localization](docs/localization.md).
+
+## 🔩 Architecture
+
+The architecture that powers end-to-end encrypted storage and sync of your
+tokens has been documented [here](../architecture/README.md).
+
+## 🌍 Translate
+
+[![Crowdin](https://badges.crowdin.net/ente-authenticator-app/localized.svg)](https://crowdin.com/project/ente-authenticator-app)
+
+If you're interested in helping out with translation, please visit our [Crowdin
+project](https://crowdin.com/project/ente-photos-app) to get started. Thank you
+for your support.
+
+If your language is not listed for translation, please [create a GitHub
+issue](https://github.com/ente-io/ente/issues/new?title=Request+for+New+Language+Translation&body=Language+name%3A)
+to have it added.
+
+## 🧑‍🎨 Icons
+
+Ente Auth supports the icon pack provided by
+[simple-icons](https://github.com/simple-icons/simple-icons). If you wish to add
+more, see [docs/adding-icons](docs/adding-icons.md).
+
+## 💚 Contribute
+
+The best way to support this project is by checking out [Ente
+Photos](../mobile/README.md) or spreading the word.
+
+For more ways to contribute, see [../CONTRIBUTING.md](../CONTRIBUTING.md).
+
+## ⭐️ About
+
+To know more about Ente and the ways to get in touch or seek help, see [our main
+README](../README.md) or visit [ente.io](https://ente.io).

auth/android/.gitignore

@@ -0,0 +1,13 @@
+gradle-wrapper.jar
+/.gradle
+/captures/
+/gradlew
+/gradlew.bat
+/local.properties
+GeneratedPluginRegistrant.java
+
+# Remember to never publicly share your keystore.
+# See https://flutter.dev/docs/deployment/android#reference-the-keystore-from-the-app
+key.properties
+**/*.keystore
+**/*.jks

auth/android/app/src/main/AndroidManifest.xml

@@ -0,0 +1,70 @@
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+          xmlns:tools="http://schemas.android.com/tools">
+    <application android:name="${applicationName}"
+                 android:label="Ente Auth"
+                 android:icon="@mipmap/launcher_icon"
+                 android:usesCleartextTraffic="true"
+                 android:requestLegacyExternalStorage="true"
+                 android:allowBackup="false"
+                 android:fullBackupContent="false"
+                 android:largeHeap="true">
+
+        <activity android:name=".MainActivity" android:launchMode="singleTop"
+                  android:theme="@style/LaunchTheme"
+                  android:exported="true"
+                  android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"
+                  android:hardwareAccelerated="true"
+                  android:windowSoftInputMode="adjustResize">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN"/>
+                <category android:name="android.intent.category.LAUNCHER"/>
+            </intent-filter>
+
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW"/>
+                <category android:name="android.intent.category.DEFAULT"/>
+                <category android:name="android.intent.category.BROWSABLE"/>
+                <data android:scheme="ente-auth"/>
+            </intent-filter>
+
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="otpauth" />
+            </intent-filter>
+
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="enteauth" />
+            </intent-filter>
+
+        </activity>
+
+        <!-- Don't delete the meta-data below.
+             This is used by the Flutter tool to generate GeneratedPluginRegistrant.java -->
+        <meta-data android:name="flutterEmbedding" android:value="2"/>
+
+        <meta-data android:name="io.sentry.dsn"
+                   android:value="https://ed4ddd6309b847ba8849935e26e9b648@sentry.ente.io/9"/>
+    </application>
+
+    <queries>
+        <intent>
+            <action android:name="android.intent.action.SENDTO"/>
+            <data android:scheme="mailto"/>
+        </intent>
+    </queries>
+    <uses-permission android:name="android.permission.INTERNET"/>
+    <uses-permission
+            android:name="android.permission.READ_EXTERNAL_STORAGE"
+            android:maxSdkVersion="32"/>
+    <uses-permission
+            android:name="android.permission.WRITE_EXTERNAL_STORAGE"
+            android:maxSdkVersion="29"
+            tools:ignore="ScopedStorage"/>
+    <uses-permission android:name="android.permission.USE_BIOMETRIC"/>
+
+</manifest>

auth/android/app/src/main/play/listings/en-US/full-description.txt

@@ -1,19 +1,24 @@
-Ente Auth helps you generate and store 2 step verification (2FA) tokens on your mobile devices.
+Ente Auth helps you generate and store 2 step verification (2FA)
+tokens on your mobile devices.
 
 
 FEATURES
 
 - Secure Backups
-Auth provides end-to-end encrypted cloud backups so that you don't have to worry about losing your tokens. We use the same protocols Ente Photos uses to encrypt and preserve your data.
+Auth provides end-to-end encrypted cloud backups so that you don't have to worry
+about losing your tokens. We use the same protocols Ente Photos uses to encrypt
+and preserve your data.
 
 - Multi Device Synchronization
-Auth will automatically sync the 2FA tokens you add to your account, across all your devices. Every new device you sign into will have access to these tokens.
+Auth will automatically sync the 2FA tokens you add to your account, across all
+your devices. Every new device you sign into will have access to these tokens.
 
 - Web access
 You can access your 2FA code from any web browser by visiting https://auth.ente.io .
 
 - Offline Mode
-Auth generates 2FA tokens offline, so your network connectivity will not get in the way of your workflow.
+Auth generates 2FA tokens offline, so your network connectivity will not get in
+the way of your workflow.
 
 - Import and Export Tokens
 You can add tokens to Auth by one of the following methods: 
@@ -25,7 +30,8 @@ otpauth://totp/provider.com:you@email.com?secret=YOUR_SECRET
 
 The codes maybe separated by new lines or commas.
 
-You can also export the codes you have added to Auth, to an **unencrypted** text file, that adheres to the above format.
+You can also export the codes you have added to Auth, to an **unencrypted** text
+file, that adheres to the above format.
 
 
 SUPPORT