working on a fix for SSO issue

- Prevent Automation UI from overriding schedule:
      - mapDbScheduleToUi now parses intervals robustly (cron/duration/seconds) via parseInterval
      - mapUiScheduleToDb merges with existing config and stores interval as seconds (no lossy cron conversion)
      - /api/config passes existing scheduleConfig to preserve ENV-sourced values
      - schedule-sync endpoint uses parseInterval for nextRun calculation
  - Add AUTO_MIRROR_REPOS support and scheduled auto-mirror phase:
      - scheduleConfig schema includes autoImport and autoMirror
      - env-config-loader reads AUTO_MIRROR_REPOS and carries through to DB
      - scheduler auto-mirrors imported/pending/failed repos when autoMirror is enabled before regular sync
      - docker-compose and ENV docs updated with AUTO_MIRROR_REPOS
  - Tests pass and build succeeds

CHANGELOG.md

@@ -58,6 +58,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Updated README with new features
   - Enhanced CLAUDE.md with repository status definitions
 
+## [3.7.1] - 2025-09-14
+
+### Fixed
+- Cleanup archiving for mirror repositories now works reliably (refs #84; awaiting user confirmation).
+  - Gitea rejects names violating the AlphaDashDot rule; archiving a mirror now uses a sanitized rename strategy (`archived-<name>`), with a timestamped fallback on conflicts or validation errors.
+  - Owner resolution during cleanup no longer uses the GitHub owner by mistake. It prefers `mirroredLocation`, falls back to computed Gitea owner via configuration, and verifies location with a presence check to avoid `GetUserByName` 404s.
+- Repositories UI crash resolved when cleanup marked repos as archived.
+  - Added `"archived"` to repository/job status enums, fixing Zod validation errors on the Repositories page.
+
+### Changed
+- Archiving logic for mirror repos is non-destructive by design: data is preserved, repo is renamed with an archive marker, and mirror interval is reduced (best‑effort) to minimize sync attempts.
+- Cleanup service updates DB to `status: "archived"` and `isArchived: true` on successful archive path.
+
+### Notes
+- This release addresses the scenario where a GitHub source disappears (deleted/banned), ensuring Gitea backups are preserved even when using `CLEANUP_DELETE_IF_NOT_IN_GITHUB=true` with `CLEANUP_ORPHANED_REPO_ACTION=archive`.
+- No database migration required.
+
 ## [3.2.6] - 2025-08-09
 
 ### Fixed

bun.lock

@@ -5,10 +5,11 @@
       "name": "gitea-mirror",
       "dependencies": {
         "@astrojs/check": "^0.9.4",
-        "@astrojs/mdx": "4.3.4",
+        "@astrojs/mdx": "4.3.5",
         "@astrojs/node": "9.4.3",
-        "@astrojs/react": "^4.3.0",
-        "@better-auth/sso": "^1.3.8",
+        "@astrojs/react": "^4.3.1",
+        "@better-auth/sso": "^1.3.9",
+        "@octokit/plugin-throttling": "^11.0.1",
         "@octokit/rest": "^22.0.0",
         "@radix-ui/react-accordion": "^1.2.12",
         "@radix-ui/react-avatar": "^1.1.10",
@@ -19,6 +20,7 @@
         "@radix-ui/react-hover-card": "^1.1.15",
         "@radix-ui/react-label": "^2.1.7",
         "@radix-ui/react-popover": "^1.1.15",
+        "@radix-ui/react-progress": "^1.1.7",
         "@radix-ui/react-radio-group": "^1.3.8",
         "@radix-ui/react-scroll-area": "^1.2.10",
         "@radix-ui/react-select": "^2.2.6",
@@ -27,19 +29,19 @@
         "@radix-ui/react-switch": "^1.2.6",
         "@radix-ui/react-tabs": "^1.1.13",
         "@radix-ui/react-tooltip": "^1.2.8",
-        "@tailwindcss/vite": "^4.1.12",
+        "@tailwindcss/vite": "^4.1.13",
         "@tanstack/react-virtual": "^3.13.12",
         "@types/canvas-confetti": "^1.9.0",
         "@types/react": "^19.1.12",
         "@types/react-dom": "^19.1.9",
-        "astro": "^5.13.4",
+        "astro": "^5.13.7",
         "bcryptjs": "^3.0.2",
-        "better-auth": "^1.3.8",
+        "better-auth": "^1.3.9",
         "canvas-confetti": "^1.9.3",
         "class-variance-authority": "^0.7.1",
         "clsx": "^2.1.1",
         "cmdk": "^1.1.1",
-        "dotenv": "^17.2.1",
+        "dotenv": "^17.2.2",
         "drizzle-orm": "^0.44.5",
         "fuse.js": "^7.1.0",
         "jsonwebtoken": "^9.0.2",
@@ -50,10 +52,10 @@
         "react-icons": "^5.5.0",
         "sonner": "^2.0.7",
         "tailwind-merge": "^3.3.1",
-        "tailwindcss": "^4.1.12",
-        "tw-animate-css": "^1.3.7",
+        "tailwindcss": "^4.1.13",
+        "tw-animate-css": "^1.3.8",
         "typescript": "^5.9.2",
-        "uuid": "^11.1.0",
+        "uuid": "^13.0.0",
         "vaul": "^1.1.2",
         "zod": "^4.1.5",
       },
@@ -93,13 +95,13 @@
 
     "@astrojs/markdown-remark": ["@astrojs/markdown-remark@6.3.6", "", { "dependencies": { "@astrojs/internal-helpers": "0.7.2", "@astrojs/prism": "3.3.0", "github-slugger": "^2.0.0", "hast-util-from-html": "^2.0.3", "hast-util-to-text": "^4.0.2", "import-meta-resolve": "^4.1.0", "js-yaml": "^4.1.0", "mdast-util-definitions": "^6.0.0", "rehype-raw": "^7.0.0", "rehype-stringify": "^10.0.1", "remark-gfm": "^4.0.1", "remark-parse": "^11.0.0", "remark-rehype": "^11.1.2", "remark-smartypants": "^3.0.2", "shiki": "^3.2.1", "smol-toml": "^1.3.4", "unified": "^11.0.5", "unist-util-remove-position": "^5.0.0", "unist-util-visit": "^5.0.0", "unist-util-visit-parents": "^6.0.1", "vfile": "^6.0.3" } }, "sha512-bwylYktCTsLMVoCOEHbn2GSUA3c5KT/qilekBKA3CBng0bo1TYjNZPr761vxumRk9kJGqTOtU+fgCAp5Vwokug=="],
 
-    "@astrojs/mdx": ["@astrojs/mdx@4.3.4", "", { "dependencies": { "@astrojs/markdown-remark": "6.3.6", "@mdx-js/mdx": "^3.1.0", "acorn": "^8.14.1", "es-module-lexer": "^1.6.0", "estree-util-visit": "^2.0.0", "hast-util-to-html": "^9.0.5", "kleur": "^4.1.5", "rehype-raw": "^7.0.0", "remark-gfm": "^4.0.1", "remark-smartypants": "^3.0.2", "source-map": "^0.7.4", "unist-util-visit": "^5.0.0", "vfile": "^6.0.3" }, "peerDependencies": { "astro": "^5.0.0" } }, "sha512-Ew3iP+6zuzzJWNEH5Qr1iknrue1heEfgmfuMpuwLaSwqlUiJQ0NDb2oxKosgWU1ROYmVf1H4KCmS6QdMWKyFjw=="],
+    "@astrojs/mdx": ["@astrojs/mdx@4.3.5", "", { "dependencies": { "@astrojs/markdown-remark": "6.3.6", "@mdx-js/mdx": "^3.1.1", "acorn": "^8.15.0", "es-module-lexer": "^1.7.0", "estree-util-visit": "^2.0.0", "hast-util-to-html": "^9.0.5", "kleur": "^4.1.5", "rehype-raw": "^7.0.0", "remark-gfm": "^4.0.1", "remark-smartypants": "^3.0.2", "source-map": "^0.7.6", "unist-util-visit": "^5.0.0", "vfile": "^6.0.3" }, "peerDependencies": { "astro": "^5.0.0" } }, "sha512-YB3Hhsvl1BxyY0ARe1OrnVzLNKDPXAz9epYvmL+MQ8A85duSsSLQaO3GHB6/qZJKNoLmP6PptOtCONCKkbhPeQ=="],
 
     "@astrojs/node": ["@astrojs/node@9.4.3", "", { "dependencies": { "@astrojs/internal-helpers": "0.7.2", "send": "^1.2.0", "server-destroy": "^1.0.1" }, "peerDependencies": { "astro": "^5.7.0" } }, "sha512-P9BQHY8wQU1y9obknXzxV5SS3EpdaRnuDuHKr3RFC7t+2AzcMXeVmMJprQGijnQ8VdijJ8aS7+12tx325TURMQ=="],
 
     "@astrojs/prism": ["@astrojs/prism@3.3.0", "", { "dependencies": { "prismjs": "^1.30.0" } }, "sha512-q8VwfU/fDZNoDOf+r7jUnMC2//H2l0TuQ6FkGJL8vD8nw/q5KiL3DS1KKBI3QhI9UQhpJ5dc7AtqfbXWuOgLCQ=="],
 
-    "@astrojs/react": ["@astrojs/react@4.3.0", "", { "dependencies": { "@vitejs/plugin-react": "^4.4.1", "ultrahtml": "^1.6.0", "vite": "^6.3.5" }, "peerDependencies": { "@types/react": "^17.0.50 || ^18.0.21 || ^19.0.0", "@types/react-dom": "^17.0.17 || ^18.0.6 || ^19.0.0", "react": "^17.0.2 || ^18.0.0 || ^19.0.0", "react-dom": "^17.0.2 || ^18.0.0 || ^19.0.0" } }, "sha512-N02aj52Iezn69qHyx5+XvPqgsPMEnel9mI5JMbGiRMTzzLMuNaxRVoQTaq2024Dpr7BLsxCjqMkNvelqMDhaHA=="],
+    "@astrojs/react": ["@astrojs/react@4.3.1", "", { "dependencies": { "@vitejs/plugin-react": "^4.7.0", "ultrahtml": "^1.6.0", "vite": "^6.3.6" }, "peerDependencies": { "@types/react": "^17.0.50 || ^18.0.21 || ^19.0.0", "@types/react-dom": "^17.0.17 || ^18.0.6 || ^19.0.0", "react": "^17.0.2 || ^18.0.0 || ^19.0.0", "react-dom": "^17.0.2 || ^18.0.0 || ^19.0.0" } }, "sha512-Jhv35TsDHuQLvwof2z10P3g1s9wIR4UN9jE7O4NZBJNXOt/+qk+L0rY9th4SX7VzccKmRltUGxAhI1cXH52gXw=="],
 
     "@astrojs/telemetry": ["@astrojs/telemetry@3.3.0", "", { "dependencies": { "ci-info": "^4.2.0", "debug": "^4.4.0", "dlv": "^1.1.3", "dset": "^3.1.4", "is-docker": "^3.0.0", "is-wsl": "^3.1.0", "which-pm-runs": "^1.1.0" } }, "sha512-UFBgfeldP06qu6khs/yY+q1cDAaArM2/7AEIqQ9Cuvf7B1hNLq0xDrZkct+QoIGyjq56y8IaE2I3CTvG99mlhQ=="],
 
@@ -147,7 +149,7 @@
 
     "@babel/types": ["@babel/types@7.28.2", "", { "dependencies": { "@babel/helper-string-parser": "^7.27.1", "@babel/helper-validator-identifier": "^7.27.1" } }, "sha512-ruv7Ae4J5dUYULmeXw1gmb7rYRz57OWCPM57pHojnLq/3Z1CK2lNSLTCVjxVk1F/TZHwOZZrOWi0ur95BbLxNQ=="],
 
-    "@better-auth/sso": ["@better-auth/sso@1.3.8", "", { "dependencies": { "@better-fetch/fetch": "^1.1.18", "fast-xml-parser": "^5.2.5", "jose": "^5.10.0", "oauth2-mock-server": "^7.2.1", "samlify": "^2.10.1", "zod": "^4.1.5" }, "peerDependencies": { "better-auth": "1.3.8" } }, "sha512-ohJl4uTRwVACu8840A5Ys/z2jus/vEsCrWvOj/RannsZ6CxQAjr8utYYXXs6lVn08ynOcuT4m0OsYRbrw7a42g=="],
+    "@better-auth/sso": ["@better-auth/sso@1.3.9", "", { "dependencies": { "@better-fetch/fetch": "^1.1.18", "fast-xml-parser": "^5.2.5", "jose": "^5.10.0", "oauth2-mock-server": "^7.2.1", "samlify": "^2.10.1", "zod": "^4.1.5" }, "peerDependencies": { "better-auth": "1.3.9" } }, "sha512-rYbFtl/MpD6iEyKSnwTlG8jdu6xqYmDF1Bmx2P8NaXzTtkhb432Q045vqB7cWpZKpLCf2tNK5QeAyPhS0zg+Gw=="],
 
     "@better-auth/utils": ["@better-auth/utils@0.2.6", "", { "dependencies": { "uncrypto": "^0.1.3" } }, "sha512-3y/vaL5Ox33dBwgJ6ub3OPkVqr6B5xL2kgxNHG8eHZuryLyG/4JSPGqjbdRSgjuy9kALUZYDFl+ORIAxlWMSuA=="],
 
@@ -181,7 +183,7 @@
 
     "@emmetio/stream-reader-utils": ["@emmetio/stream-reader-utils@0.1.0", "", {}, "sha512-ZsZ2I9Vzso3Ho/pjZFsmmZ++FWeEd/txqybHTm4OgaZzdS8V9V/YYWQwg5TC38Z7uLWUV1vavpLLbjJtKubR1A=="],
 
-    "@emnapi/runtime": ["@emnapi/runtime@1.4.3", "", { "dependencies": { "tslib": "^2.4.0" } }, "sha512-pBPWdu6MLKROBX05wSNKcNb++m5Er+KQ9QkB+WVM+pW2Kx9hoSrVTnu3BdkI5eBLZoKu/J6mW/B6i6bJB2ytXQ=="],
+    "@emnapi/runtime": ["@emnapi/runtime@1.4.5", "", { "dependencies": { "tslib": "^2.4.0" } }, "sha512-++LApOtY0pEEz1zrd9vy1/zXVaVJJ/EbAF3u0fXIzPJEDtnITsBGbbK0EkM72amhl/R5b+5xx0Y/QhcVOpuulg=="],
 
     "@esbuild-kit/esm-loader": ["tsx@4.20.5", "", { "dependencies": { "esbuild": "~0.25.0", "get-tsconfig": "^4.7.5" }, "optionalDependencies": { "fsevents": "~2.3.3" }, "bin": { "tsx": "dist/cli.mjs" } }, "sha512-+wKjMNU9w/EaQayHXb7WA7ZaHY6hN8WgfvHNQ3t1PnU91/7O8TcTnIhCDYTZwnt8JsO9IBqZ30Ln1r7pPF52Aw=="],
 
@@ -247,43 +249,49 @@
 
     "@hexagon/base64": ["@hexagon/base64@1.1.28", "", {}, "sha512-lhqDEAvWixy3bZ+UOYbPwUbBkwBq5C1LAJ/xPC8Oi+lL54oyakv/npbA0aU2hgCsx/1NUd4IBvV03+aUBWxerw=="],
 
-    "@img/sharp-darwin-arm64": ["@img/sharp-darwin-arm64@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-darwin-arm64": "1.0.4" }, "os": "darwin", "cpu": "arm64" }, "sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ=="],
+    "@img/sharp-darwin-arm64": ["@img/sharp-darwin-arm64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-darwin-arm64": "1.2.0" }, "os": "darwin", "cpu": "arm64" }, "sha512-ryFMfvxxpQRsgZJqBd4wsttYQbCxsJksrv9Lw/v798JcQ8+w84mBWuXwl+TT0WJ/WrYOLaYpwQXi3sA9nTIaIg=="],
 
-    "@img/sharp-darwin-x64": ["@img/sharp-darwin-x64@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-darwin-x64": "1.0.4" }, "os": "darwin", "cpu": "x64" }, "sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q=="],
+    "@img/sharp-darwin-x64": ["@img/sharp-darwin-x64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-darwin-x64": "1.2.0" }, "os": "darwin", "cpu": "x64" }, "sha512-yHpJYynROAj12TA6qil58hmPmAwxKKC7reUqtGLzsOHfP7/rniNGTL8tjWX6L3CTV4+5P4ypcS7Pp+7OB+8ihA=="],
 
-    "@img/sharp-libvips-darwin-arm64": ["@img/sharp-libvips-darwin-arm64@1.0.4", "", { "os": "darwin", "cpu": "arm64" }, "sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg=="],
+    "@img/sharp-libvips-darwin-arm64": ["@img/sharp-libvips-darwin-arm64@1.2.0", "", { "os": "darwin", "cpu": "arm64" }, "sha512-sBZmpwmxqwlqG9ueWFXtockhsxefaV6O84BMOrhtg/YqbTaRdqDE7hxraVE3y6gVM4eExmfzW4a8el9ArLeEiQ=="],
 
-    "@img/sharp-libvips-darwin-x64": ["@img/sharp-libvips-darwin-x64@1.0.4", "", { "os": "darwin", "cpu": "x64" }, "sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ=="],
+    "@img/sharp-libvips-darwin-x64": ["@img/sharp-libvips-darwin-x64@1.2.0", "", { "os": "darwin", "cpu": "x64" }, "sha512-M64XVuL94OgiNHa5/m2YvEQI5q2cl9d/wk0qFTDVXcYzi43lxuiFTftMR1tOnFQovVXNZJ5TURSDK2pNe9Yzqg=="],
 
-    "@img/sharp-libvips-linux-arm": ["@img/sharp-libvips-linux-arm@1.0.5", "", { "os": "linux", "cpu": "arm" }, "sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g=="],
+    "@img/sharp-libvips-linux-arm": ["@img/sharp-libvips-linux-arm@1.2.0", "", { "os": "linux", "cpu": "arm" }, "sha512-mWd2uWvDtL/nvIzThLq3fr2nnGfyr/XMXlq8ZJ9WMR6PXijHlC3ksp0IpuhK6bougvQrchUAfzRLnbsen0Cqvw=="],
 
-    "@img/sharp-libvips-linux-arm64": ["@img/sharp-libvips-linux-arm64@1.0.4", "", { "os": "linux", "cpu": "arm64" }, "sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA=="],
+    "@img/sharp-libvips-linux-arm64": ["@img/sharp-libvips-linux-arm64@1.2.0", "", { "os": "linux", "cpu": "arm64" }, "sha512-RXwd0CgG+uPRX5YYrkzKyalt2OJYRiJQ8ED/fi1tq9WQW2jsQIn0tqrlR5l5dr/rjqq6AHAxURhj2DVjyQWSOA=="],
 
-    "@img/sharp-libvips-linux-s390x": ["@img/sharp-libvips-linux-s390x@1.0.4", "", { "os": "linux", "cpu": "s390x" }, "sha512-u7Wz6ntiSSgGSGcjZ55im6uvTrOxSIS8/dgoVMoiGE9I6JAfU50yH5BoDlYA1tcuGS7g/QNtetJnxA6QEsCVTA=="],
+    "@img/sharp-libvips-linux-ppc64": ["@img/sharp-libvips-linux-ppc64@1.2.0", "", { "os": "linux", "cpu": "ppc64" }, "sha512-Xod/7KaDDHkYu2phxxfeEPXfVXFKx70EAFZ0qyUdOjCcxbjqyJOEUpDe6RIyaunGxT34Anf9ue/wuWOqBW2WcQ=="],
 
-    "@img/sharp-libvips-linux-x64": ["@img/sharp-libvips-linux-x64@1.0.4", "", { "os": "linux", "cpu": "x64" }, "sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw=="],
+    "@img/sharp-libvips-linux-s390x": ["@img/sharp-libvips-linux-s390x@1.2.0", "", { "os": "linux", "cpu": "s390x" }, "sha512-eMKfzDxLGT8mnmPJTNMcjfO33fLiTDsrMlUVcp6b96ETbnJmd4uvZxVJSKPQfS+odwfVaGifhsB07J1LynFehw=="],
 
-    "@img/sharp-libvips-linuxmusl-arm64": ["@img/sharp-libvips-linuxmusl-arm64@1.0.4", "", { "os": "linux", "cpu": "arm64" }, "sha512-9Ti+BbTYDcsbp4wfYib8Ctm1ilkugkA/uscUn6UXK1ldpC1JjiXbLfFZtRlBhjPZ5o1NCLiDbg8fhUPKStHoTA=="],
+    "@img/sharp-libvips-linux-x64": ["@img/sharp-libvips-linux-x64@1.2.0", "", { "os": "linux", "cpu": "x64" }, "sha512-ZW3FPWIc7K1sH9E3nxIGB3y3dZkpJlMnkk7z5tu1nSkBoCgw2nSRTFHI5pB/3CQaJM0pdzMF3paf9ckKMSE9Tg=="],
 
-    "@img/sharp-libvips-linuxmusl-x64": ["@img/sharp-libvips-linuxmusl-x64@1.0.4", "", { "os": "linux", "cpu": "x64" }, "sha512-viYN1KX9m+/hGkJtvYYp+CCLgnJXwiQB39damAO7WMdKWlIhmYTfHjwSbQeUK/20vY154mwezd9HflVFM1wVSw=="],
+    "@img/sharp-libvips-linuxmusl-arm64": ["@img/sharp-libvips-linuxmusl-arm64@1.2.0", "", { "os": "linux", "cpu": "arm64" }, "sha512-UG+LqQJbf5VJ8NWJ5Z3tdIe/HXjuIdo4JeVNADXBFuG7z9zjoegpzzGIyV5zQKi4zaJjnAd2+g2nna8TZvuW9Q=="],
 
-    "@img/sharp-linux-arm": ["@img/sharp-linux-arm@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-linux-arm": "1.0.5" }, "os": "linux", "cpu": "arm" }, "sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ=="],
+    "@img/sharp-libvips-linuxmusl-x64": ["@img/sharp-libvips-linuxmusl-x64@1.2.0", "", { "os": "linux", "cpu": "x64" }, "sha512-SRYOLR7CXPgNze8akZwjoGBoN1ThNZoqpOgfnOxmWsklTGVfJiGJoC/Lod7aNMGA1jSsKWM1+HRX43OP6p9+6Q=="],
 
-    "@img/sharp-linux-arm64": ["@img/sharp-linux-arm64@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-linux-arm64": "1.0.4" }, "os": "linux", "cpu": "arm64" }, "sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA=="],
+    "@img/sharp-linux-arm": ["@img/sharp-linux-arm@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linux-arm": "1.2.0" }, "os": "linux", "cpu": "arm" }, "sha512-oBK9l+h6KBN0i3dC8rYntLiVfW8D8wH+NPNT3O/WBHeW0OQWCjfWksLUaPidsrDKpJgXp3G3/hkmhptAW0I3+A=="],
 
-    "@img/sharp-linux-s390x": ["@img/sharp-linux-s390x@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-linux-s390x": "1.0.4" }, "os": "linux", "cpu": "s390x" }, "sha512-y/5PCd+mP4CA/sPDKl2961b+C9d+vPAveS33s6Z3zfASk2j5upL6fXVPZi7ztePZ5CuH+1kW8JtvxgbuXHRa4Q=="],
+    "@img/sharp-linux-arm64": ["@img/sharp-linux-arm64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linux-arm64": "1.2.0" }, "os": "linux", "cpu": "arm64" }, "sha512-QdrKe3EvQrqwkDrtuTIjI0bu6YEJHTgEeqdzI3uWJOH6G1O8Nl1iEeVYRGdj1h5I21CqxSvQp1Yv7xeU3ZewbA=="],
 
-    "@img/sharp-linux-x64": ["@img/sharp-linux-x64@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-linux-x64": "1.0.4" }, "os": "linux", "cpu": "x64" }, "sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA=="],
+    "@img/sharp-linux-ppc64": ["@img/sharp-linux-ppc64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linux-ppc64": "1.2.0" }, "os": "linux", "cpu": "ppc64" }, "sha512-GLtbLQMCNC5nxuImPR2+RgrviwKwVql28FWZIW1zWruy6zLgA5/x2ZXk3mxj58X/tszVF69KK0Is83V8YgWhLA=="],
 
-    "@img/sharp-linuxmusl-arm64": ["@img/sharp-linuxmusl-arm64@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-linuxmusl-arm64": "1.0.4" }, "os": "linux", "cpu": "arm64" }, "sha512-XrHMZwGQGvJg2V/oRSUfSAfjfPxO+4DkiRh6p2AFjLQztWUuY/o8Mq0eMQVIY7HJ1CDQUJlxGGZRw1a5bqmd1g=="],
+    "@img/sharp-linux-s390x": ["@img/sharp-linux-s390x@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linux-s390x": "1.2.0" }, "os": "linux", "cpu": "s390x" }, "sha512-3gahT+A6c4cdc2edhsLHmIOXMb17ltffJlxR0aC2VPZfwKoTGZec6u5GrFgdR7ciJSsHT27BD3TIuGcuRT0KmQ=="],
 
-    "@img/sharp-linuxmusl-x64": ["@img/sharp-linuxmusl-x64@0.33.5", "", { "optionalDependencies": { "@img/sharp-libvips-linuxmusl-x64": "1.0.4" }, "os": "linux", "cpu": "x64" }, "sha512-WT+d/cgqKkkKySYmqoZ8y3pxx7lx9vVejxW/W4DOFMYVSkErR+w7mf2u8m/y4+xHe7yY9DAXQMWQhpnMuFfScw=="],
+    "@img/sharp-linux-x64": ["@img/sharp-linux-x64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linux-x64": "1.2.0" }, "os": "linux", "cpu": "x64" }, "sha512-8kYso8d806ypnSq3/Ly0QEw90V5ZoHh10yH0HnrzOCr6DKAPI6QVHvwleqMkVQ0m+fc7EH8ah0BB0QPuWY6zJQ=="],
 
-    "@img/sharp-wasm32": ["@img/sharp-wasm32@0.33.5", "", { "dependencies": { "@emnapi/runtime": "^1.2.0" }, "cpu": "none" }, "sha512-ykUW4LVGaMcU9lu9thv85CbRMAwfeadCJHRsg2GmeRa/cJxsVY9Rbd57JcMxBkKHag5U/x7TSBpScF4U8ElVzg=="],
+    "@img/sharp-linuxmusl-arm64": ["@img/sharp-linuxmusl-arm64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linuxmusl-arm64": "1.2.0" }, "os": "linux", "cpu": "arm64" }, "sha512-vAjbHDlr4izEiXM1OTggpCcPg9tn4YriK5vAjowJsHwdBIdx0fYRsURkxLG2RLm9gyBq66gwtWI8Gx0/ov+JKQ=="],
 
-    "@img/sharp-win32-ia32": ["@img/sharp-win32-ia32@0.33.5", "", { "os": "win32", "cpu": "ia32" }, "sha512-T36PblLaTwuVJ/zw/LaH0PdZkRz5rd3SmMHX8GSmR7vtNSP5Z6bQkExdSK7xGWyxLw4sUknBuugTelgw2faBbQ=="],
+    "@img/sharp-linuxmusl-x64": ["@img/sharp-linuxmusl-x64@0.34.3", "", { "optionalDependencies": { "@img/sharp-libvips-linuxmusl-x64": "1.2.0" }, "os": "linux", "cpu": "x64" }, "sha512-gCWUn9547K5bwvOn9l5XGAEjVTTRji4aPTqLzGXHvIr6bIDZKNTA34seMPgM0WmSf+RYBH411VavCejp3PkOeQ=="],
 
-    "@img/sharp-win32-x64": ["@img/sharp-win32-x64@0.33.5", "", { "os": "win32", "cpu": "x64" }, "sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg=="],
+    "@img/sharp-wasm32": ["@img/sharp-wasm32@0.34.3", "", { "dependencies": { "@emnapi/runtime": "^1.4.4" }, "cpu": "none" }, "sha512-+CyRcpagHMGteySaWos8IbnXcHgfDn7pO2fiC2slJxvNq9gDipYBN42/RagzctVRKgxATmfqOSulgZv5e1RdMg=="],
+
+    "@img/sharp-win32-arm64": ["@img/sharp-win32-arm64@0.34.3", "", { "os": "win32", "cpu": "arm64" }, "sha512-MjnHPnbqMXNC2UgeLJtX4XqoVHHlZNd+nPt1kRPmj63wURegwBhZlApELdtxM2OIZDRv/DFtLcNhVbd1z8GYXQ=="],
+
+    "@img/sharp-win32-ia32": ["@img/sharp-win32-ia32@0.34.3", "", { "os": "win32", "cpu": "ia32" }, "sha512-xuCdhH44WxuXgOM714hn4amodJMZl3OEvf0GVTm0BEyMeA2to+8HEdRPShH0SLYptJY1uBw+SCFP9WVQi1Q/cw=="],
+
+    "@img/sharp-win32-x64": ["@img/sharp-win32-x64@0.34.3", "", { "os": "win32", "cpu": "x64" }, "sha512-OWwz05d++TxzLEv4VnsTz5CmZ6mI6S05sfQGEMrNrQcOEERbX46332IvE7pO/EUiw7jUrrS40z/M7kPyjfl04g=="],
 
     "@isaacs/fs-minipass": ["@isaacs/fs-minipass@4.0.1", "", { "dependencies": { "minipass": "^7.0.4" } }, "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w=="],
 
@@ -301,11 +309,11 @@
 
     "@levischuck/tiny-cbor": ["@levischuck/tiny-cbor@0.2.11", "", {}, "sha512-llBRm4dT4Z89aRsm6u2oEZ8tfwL/2l6BwpZ7JcyieouniDECM5AqNgr/y08zalEIvW3RSK4upYyybDcmjXqAow=="],
 
-    "@mdx-js/mdx": ["@mdx-js/mdx@3.1.0", "", { "dependencies": { "@types/estree": "^1.0.0", "@types/estree-jsx": "^1.0.0", "@types/hast": "^3.0.0", "@types/mdx": "^2.0.0", "collapse-white-space": "^2.0.0", "devlop": "^1.0.0", "estree-util-is-identifier-name": "^3.0.0", "estree-util-scope": "^1.0.0", "estree-walker": "^3.0.0", "hast-util-to-jsx-runtime": "^2.0.0", "markdown-extensions": "^2.0.0", "recma-build-jsx": "^1.0.0", "recma-jsx": "^1.0.0", "recma-stringify": "^1.0.0", "rehype-recma": "^1.0.0", "remark-mdx": "^3.0.0", "remark-parse": "^11.0.0", "remark-rehype": "^11.0.0", "source-map": "^0.7.0", "unified": "^11.0.0", "unist-util-position-from-estree": "^2.0.0", "unist-util-stringify-position": "^4.0.0", "unist-util-visit": "^5.0.0", "vfile": "^6.0.0" } }, "sha512-/QxEhPAvGwbQmy1Px8F899L5Uc2KZ6JtXwlCgJmjSTBedwOZkByYcBG4GceIGPXRDsmfxhHazuS+hlOShRLeDw=="],
+    "@mdx-js/mdx": ["@mdx-js/mdx@3.1.1", "", { "dependencies": { "@types/estree": "^1.0.0", "@types/estree-jsx": "^1.0.0", "@types/hast": "^3.0.0", "@types/mdx": "^2.0.0", "acorn": "^8.0.0", "collapse-white-space": "^2.0.0", "devlop": "^1.0.0", "estree-util-is-identifier-name": "^3.0.0", "estree-util-scope": "^1.0.0", "estree-walker": "^3.0.0", "hast-util-to-jsx-runtime": "^2.0.0", "markdown-extensions": "^2.0.0", "recma-build-jsx": "^1.0.0", "recma-jsx": "^1.0.0", "recma-stringify": "^1.0.0", "rehype-recma": "^1.0.0", "remark-mdx": "^3.0.0", "remark-parse": "^11.0.0", "remark-rehype": "^11.0.0", "source-map": "^0.7.0", "unified": "^11.0.0", "unist-util-position-from-estree": "^2.0.0", "unist-util-stringify-position": "^4.0.0", "unist-util-visit": "^5.0.0", "vfile": "^6.0.0" } }, "sha512-f6ZO2ifpwAQIpzGWaBQT2TXxPv6z3RBzQKpVftEWN78Vl/YweF1uwussDx8ECAXVtr3Rs89fKyG9YlzUs9DyGQ=="],
 
-    "@noble/ciphers": ["@noble/ciphers@0.6.0", "", {}, "sha512-mIbq/R9QXk5/cTfESb1OKtyFnk7oc1Om/8onA1158K9/OZUQFDEVy55jVTato+xmp3XX6F6Qh0zz0Nc1AxAlRQ=="],
+    "@noble/ciphers": ["@noble/ciphers@2.0.0", "", {}, "sha512-j/l6jpnpaIBM87cAYPJzi/6TgqmBv9spkqPyCXvRYsu5uxqh6tPJZDnD85yo8VWqzTuTQPgfv7NgT63u7kbwAQ=="],
 
-    "@noble/hashes": ["@noble/hashes@1.8.0", "", {}, "sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A=="],
+    "@noble/hashes": ["@noble/hashes@2.0.0", "", {}, "sha512-h8VUBlE8R42+XIDO229cgisD287im3kdY6nbNZJFjc6ZvKIXPYXe6Vc/t+kyjFdMFyt5JpapzTsEg8n63w5/lw=="],
 
     "@nodelib/fs.scandir": ["@nodelib/fs.scandir@2.1.5", "", { "dependencies": { "@nodelib/fs.stat": "2.0.5", "run-parallel": "^1.1.9" } }, "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g=="],
 
@@ -329,6 +337,8 @@
 
     "@octokit/plugin-rest-endpoint-methods": ["@octokit/plugin-rest-endpoint-methods@16.0.0", "", { "dependencies": { "@octokit/types": "^14.1.0" }, "peerDependencies": { "@octokit/core": ">=6" } }, "sha512-kJVUQk6/dx/gRNLWUnAWKFs1kVPn5O5CYZyssyEoNYaFedqZxsfYs7DwI3d67hGz4qOwaJ1dpm07hOAD1BXx6g=="],
 
+    "@octokit/plugin-throttling": ["@octokit/plugin-throttling@11.0.1", "", { "dependencies": { "@octokit/types": "^14.0.0", "bottleneck": "^2.15.3" }, "peerDependencies": { "@octokit/core": "^7.0.0" } }, "sha512-S+EVhy52D/272L7up58dr3FNSMXWuNZolkL4zMJBNIfIxyZuUcczsQAU4b5w6dewJXnKYVgSHSV5wxitMSW1kw=="],
+
     "@octokit/request": ["@octokit/request@10.0.2", "", { "dependencies": { "@octokit/endpoint": "^11.0.0", "@octokit/request-error": "^7.0.0", "@octokit/types": "^14.0.0", "fast-content-type-parse": "^3.0.0", "universal-user-agent": "^7.0.2" } }, "sha512-iYj4SJG/2bbhh+iIpFmG5u49DtJ4lipQ+aPakjL9OKpsGY93wM8w06gvFbEQxcMsZcCvk5th5KkIm2m8o14aWA=="],
 
     "@octokit/request-error": ["@octokit/request-error@7.0.0", "", { "dependencies": { "@octokit/types": "^14.0.0" } }, "sha512-KRA7VTGdVyJlh0cP5Tf94hTiYVVqmt2f3I6mnimmaVz4UG3gQV/k4mDJlJv3X67iX6rmN7gSHCF8ssqeMnmhZg=="],
@@ -399,6 +409,8 @@
 
     "@radix-ui/react-primitive": ["@radix-ui/react-primitive@2.1.3", "", { "dependencies": { "@radix-ui/react-slot": "1.2.3" }, "peerDependencies": { "@types/react": "*", "@types/react-dom": "*", "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" }, "optionalPeers": ["@types/react", "@types/react-dom"] }, "sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ=="],
 
+    "@radix-ui/react-progress": ["@radix-ui/react-progress@1.1.7", "", { "dependencies": { "@radix-ui/react-context": "1.1.2", "@radix-ui/react-primitive": "2.1.3" }, "peerDependencies": { "@types/react": "*", "@types/react-dom": "*", "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" }, "optionalPeers": ["@types/react", "@types/react-dom"] }, "sha512-vPdg/tF6YC/ynuBIJlk1mm7Le0VgW6ub6J2UWnTQ7/D23KXcPI1qy+0vBkgKgd38RCMJavBXpB83HPNFMTb0Fg=="],
+
     "@radix-ui/react-radio-group": ["@radix-ui/react-radio-group@1.3.8", "", { "dependencies": { "@radix-ui/primitive": "1.1.3", "@radix-ui/react-compose-refs": "1.1.2", "@radix-ui/react-context": "1.1.2", "@radix-ui/react-direction": "1.1.1", "@radix-ui/react-presence": "1.1.5", "@radix-ui/react-primitive": "2.1.3", "@radix-ui/react-roving-focus": "1.1.11", "@radix-ui/react-use-controllable-state": "1.2.2", "@radix-ui/react-use-previous": "1.1.1", "@radix-ui/react-use-size": "1.1.1" }, "peerDependencies": { "@types/react": "*", "@types/react-dom": "*", "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" }, "optionalPeers": ["@types/react", "@types/react-dom"] }, "sha512-VBKYIYImA5zsxACdisNQ3BjCBfmbGH3kQlnFVqlWU4tXwjy7cGX8ta80BcrO+WJXIn5iBylEH3K6ZTlee//lgQ=="],
 
     "@radix-ui/react-roving-focus": ["@radix-ui/react-roving-focus@1.1.11", "", { "dependencies": { "@radix-ui/primitive": "1.1.3", "@radix-ui/react-collection": "1.1.7", "@radix-ui/react-compose-refs": "1.1.2", "@radix-ui/react-context": "1.1.2", "@radix-ui/react-direction": "1.1.1", "@radix-ui/react-id": "1.1.1", "@radix-ui/react-primitive": "2.1.3", "@radix-ui/react-use-callback-ref": "1.1.1", "@radix-ui/react-use-controllable-state": "1.2.2" }, "peerDependencies": { "@types/react": "*", "@types/react-dom": "*", "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" }, "optionalPeers": ["@types/react", "@types/react-dom"] }, "sha512-7A6S9jSgm/S+7MdtNDSb+IU859vQqJ/QAtcYQcfFC6W8RS4IxIZDldLR0xqCFZ6DCyrQLjLPsxtTNch5jVA4lA=="],
@@ -441,7 +453,7 @@
 
     "@rolldown/pluginutils": ["@rolldown/pluginutils@1.0.0-beta.34", "", {}, "sha512-LyAREkZHP5pMom7c24meKmJCdhf2hEyvam2q0unr3or9ydwDL+DJ8chTF6Av/RFPb3rH8UFBdMzO5MxTZW97oA=="],
 
-    "@rollup/pluginutils": ["@rollup/pluginutils@5.1.4", "", { "dependencies": { "@types/estree": "^1.0.0", "estree-walker": "^2.0.2", "picomatch": "^4.0.2" }, "peerDependencies": { "rollup": "^1.20.0||^2.0.0||^3.0.0||^4.0.0" }, "optionalPeers": ["rollup"] }, "sha512-USm05zrsFxYLPdWWq+K3STlWiT/3ELn3RcV5hJMghpeAIhxfsUIg6mt12CBJBInWMV4VneoV7SfGv8xIwo2qNQ=="],
+    "@rollup/pluginutils": ["@rollup/pluginutils@5.3.0", "", { "dependencies": { "@types/estree": "^1.0.0", "estree-walker": "^2.0.2", "picomatch": "^4.0.2" }, "peerDependencies": { "rollup": "^1.20.0||^2.0.0||^3.0.0||^4.0.0" }, "optionalPeers": ["rollup"] }, "sha512-5EdhGZtnu3V88ces7s53hhfK5KSASnJZv8Lulpc04cWO3REESroJXg73DFsOmgbU2BhwV0E20bu2IDZb3VKW4Q=="],
 
     "@rollup/rollup-android-arm-eabi": ["@rollup/rollup-android-arm-eabi@4.41.1", "", { "os": "android", "cpu": "arm" }, "sha512-NELNvyEWZ6R9QMkiytB4/L4zSEaBC03KIXEghptLGLZWJ6VPrL63ooZQCOnlx36aQPGhzuOMwDerC1Eb2VmrLw=="],
 
@@ -483,17 +495,17 @@
 
     "@rollup/rollup-win32-x64-msvc": ["@rollup/rollup-win32-x64-msvc@4.41.1", "", { "os": "win32", "cpu": "x64" }, "sha512-Wq2zpapRYLfi4aKxf2Xff0tN+7slj2d4R87WEzqw7ZLsVvO5zwYCIuEGSZYiK41+GlwUo1HiR+GdkLEJnCKTCw=="],
 
-    "@shikijs/core": ["@shikijs/core@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4", "hast-util-to-html": "^9.0.5" } }, "sha512-AG8vnSi1W2pbgR2B911EfGqtLE9c4hQBYkv/x7Z+Kt0VxhgQKcW7UNDVYsu9YxwV6u+OJrvdJrMq6DNWoBjihQ=="],
+    "@shikijs/core": ["@shikijs/core@3.12.2", "", { "dependencies": { "@shikijs/types": "3.12.2", "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4", "hast-util-to-html": "^9.0.5" } }, "sha512-L1Safnhra3tX/oJK5kYHaWmLEBJi1irASwewzY3taX5ibyXyMkkSDZlq01qigjryOBwrXSdFgTiZ3ryzSNeu7Q=="],
 
-    "@shikijs/engine-javascript": ["@shikijs/engine-javascript@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2", "oniguruma-to-es": "^4.3.3" } }, "sha512-1/adJbSMBOkpScCE/SB6XkjJU17ANln3Wky7lOmrnpl+zBdQ1qXUJg2GXTYVHRq+2j3hd1DesmElTXYDgtfSOQ=="],
+    "@shikijs/engine-javascript": ["@shikijs/engine-javascript@3.12.2", "", { "dependencies": { "@shikijs/types": "3.12.2", "@shikijs/vscode-textmate": "^10.0.2", "oniguruma-to-es": "^4.3.3" } }, "sha512-Nm3/azSsaVS7hk6EwtHEnTythjQfwvrO5tKqMlaH9TwG1P+PNaR8M0EAKZ+GaH2DFwvcr4iSfTveyxMIvXEHMw=="],
 
-    "@shikijs/engine-oniguruma": ["@shikijs/engine-oniguruma@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2" } }, "sha512-zcZKMnNndgRa3ORja6Iemsr3DrLtkX3cAF7lTJkdMB6v9alhlBsX9uNiCpqofNrXOvpA3h6lHcLJxgCIhVOU5Q=="],
+    "@shikijs/engine-oniguruma": ["@shikijs/engine-oniguruma@3.12.2", "", { "dependencies": { "@shikijs/types": "3.12.2", "@shikijs/vscode-textmate": "^10.0.2" } }, "sha512-hozwnFHsLvujK4/CPVHNo3Bcg2EsnG8krI/ZQ2FlBlCRpPZW4XAEQmEwqegJsypsTAN9ehu2tEYe30lYKSZW/w=="],
 
-    "@shikijs/langs": ["@shikijs/langs@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2" } }, "sha512-H6azIAM+OXD98yztIfs/KH5H4PU39t+SREhmM8LaNXyUrqj2mx+zVkr8MWYqjceSjDw9I1jawm1WdFqU806rMA=="],
+    "@shikijs/langs": ["@shikijs/langs@3.12.2", "", { "dependencies": { "@shikijs/types": "3.12.2" } }, "sha512-bVx5PfuZHDSHoBal+KzJZGheFuyH4qwwcwG/n+MsWno5cTlKmaNtTsGzJpHYQ8YPbB5BdEdKU1rga5/6JGY8ww=="],
 
-    "@shikijs/themes": ["@shikijs/themes@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2" } }, "sha512-qAEuAQh+brd8Jyej2UDDf+b4V2g1Rm8aBIdvt32XhDPrHvDkEnpb7Kzc9hSuHUxz0Iuflmq7elaDuQAP9bHIhg=="],
+    "@shikijs/themes": ["@shikijs/themes@3.12.2", "", { "dependencies": { "@shikijs/types": "3.12.2" } }, "sha512-fTR3QAgnwYpfGczpIbzPjlRnxyONJOerguQv1iwpyQZ9QXX4qy/XFQqXlf17XTsorxnHoJGbH/LXBvwtqDsF5A=="],
 
-    "@shikijs/types": ["@shikijs/types@3.4.2", "", { "dependencies": { "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4" } }, "sha512-zHC1l7L+eQlDXLnxvM9R91Efh2V4+rN3oMVS2swCBssbj2U/FBwybD1eeLaq8yl/iwT+zih8iUbTBCgGZOYlVg=="],
+    "@shikijs/types": ["@shikijs/types@3.12.2", "", { "dependencies": { "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4" } }, "sha512-K5UIBzxCyv0YoxN3LMrKB9zuhp1bV+LgewxuVwHdl4Gz5oePoUFrr9EfgJlGlDeXCU1b/yhdnXeuRvAnz8HN8Q=="],
 
     "@shikijs/vscode-textmate": ["@shikijs/vscode-textmate@10.0.2", "", {}, "sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg=="],
 
@@ -503,35 +515,35 @@
 
     "@swc/helpers": ["@swc/helpers@0.5.17", "", { "dependencies": { "tslib": "^2.8.0" } }, "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A=="],
 
-    "@tailwindcss/node": ["@tailwindcss/node@4.1.12", "", { "dependencies": { "@jridgewell/remapping": "^2.3.4", "enhanced-resolve": "^5.18.3", "jiti": "^2.5.1", "lightningcss": "1.30.1", "magic-string": "^0.30.17", "source-map-js": "^1.2.1", "tailwindcss": "4.1.12" } }, "sha512-3hm9brwvQkZFe++SBt+oLjo4OLDtkvlE8q2WalaD/7QWaeM7KEJbAiY/LJZUaCs7Xa8aUu4xy3uoyX4q54UVdQ=="],
+    "@tailwindcss/node": ["@tailwindcss/node@4.1.13", "", { "dependencies": { "@jridgewell/remapping": "^2.3.4", "enhanced-resolve": "^5.18.3", "jiti": "^2.5.1", "lightningcss": "1.30.1", "magic-string": "^0.30.18", "source-map-js": "^1.2.1", "tailwindcss": "4.1.13" } }, "sha512-eq3ouolC1oEFOAvOMOBAmfCIqZBJuvWvvYWh5h5iOYfe1HFC6+GZ6EIL0JdM3/niGRJmnrOc+8gl9/HGUaaptw=="],
 
-    "@tailwindcss/oxide": ["@tailwindcss/oxide@4.1.12", "", { "dependencies": { "detect-libc": "^2.0.4", "tar": "^7.4.3" }, "optionalDependencies": { "@tailwindcss/oxide-android-arm64": "4.1.12", "@tailwindcss/oxide-darwin-arm64": "4.1.12", "@tailwindcss/oxide-darwin-x64": "4.1.12", "@tailwindcss/oxide-freebsd-x64": "4.1.12", "@tailwindcss/oxide-linux-arm-gnueabihf": "4.1.12", "@tailwindcss/oxide-linux-arm64-gnu": "4.1.12", "@tailwindcss/oxide-linux-arm64-musl": "4.1.12", "@tailwindcss/oxide-linux-x64-gnu": "4.1.12", "@tailwindcss/oxide-linux-x64-musl": "4.1.12", "@tailwindcss/oxide-wasm32-wasi": "4.1.12", "@tailwindcss/oxide-win32-arm64-msvc": "4.1.12", "@tailwindcss/oxide-win32-x64-msvc": "4.1.12" } }, "sha512-gM5EoKHW/ukmlEtphNwaGx45fGoEmP10v51t9unv55voWh6WrOL19hfuIdo2FjxIaZzw776/BUQg7Pck++cIVw=="],
+    "@tailwindcss/oxide": ["@tailwindcss/oxide@4.1.13", "", { "dependencies": { "detect-libc": "^2.0.4", "tar": "^7.4.3" }, "optionalDependencies": { "@tailwindcss/oxide-android-arm64": "4.1.13", "@tailwindcss/oxide-darwin-arm64": "4.1.13", "@tailwindcss/oxide-darwin-x64": "4.1.13", "@tailwindcss/oxide-freebsd-x64": "4.1.13", "@tailwindcss/oxide-linux-arm-gnueabihf": "4.1.13", "@tailwindcss/oxide-linux-arm64-gnu": "4.1.13", "@tailwindcss/oxide-linux-arm64-musl": "4.1.13", "@tailwindcss/oxide-linux-x64-gnu": "4.1.13", "@tailwindcss/oxide-linux-x64-musl": "4.1.13", "@tailwindcss/oxide-wasm32-wasi": "4.1.13", "@tailwindcss/oxide-win32-arm64-msvc": "4.1.13", "@tailwindcss/oxide-win32-x64-msvc": "4.1.13" } }, "sha512-CPgsM1IpGRa880sMbYmG1s4xhAy3xEt1QULgTJGQmZUeNgXFR7s1YxYygmJyBGtou4SyEosGAGEeYqY7R53bIA=="],
 
-    "@tailwindcss/oxide-android-arm64": ["@tailwindcss/oxide-android-arm64@4.1.12", "", { "os": "android", "cpu": "arm64" }, "sha512-oNY5pq+1gc4T6QVTsZKwZaGpBb2N1H1fsc1GD4o7yinFySqIuRZ2E4NvGasWc6PhYJwGK2+5YT1f9Tp80zUQZQ=="],
+    "@tailwindcss/oxide-android-arm64": ["@tailwindcss/oxide-android-arm64@4.1.13", "", { "os": "android", "cpu": "arm64" }, "sha512-BrpTrVYyejbgGo57yc8ieE+D6VT9GOgnNdmh5Sac6+t0m+v+sKQevpFVpwX3pBrM2qKrQwJ0c5eDbtjouY/+ew=="],
 
-    "@tailwindcss/oxide-darwin-arm64": ["@tailwindcss/oxide-darwin-arm64@4.1.12", "", { "os": "darwin", "cpu": "arm64" }, "sha512-cq1qmq2HEtDV9HvZlTtrj671mCdGB93bVY6J29mwCyaMYCP/JaUBXxrQQQm7Qn33AXXASPUb2HFZlWiiHWFytw=="],
+    "@tailwindcss/oxide-darwin-arm64": ["@tailwindcss/oxide-darwin-arm64@4.1.13", "", { "os": "darwin", "cpu": "arm64" }, "sha512-YP+Jksc4U0KHcu76UhRDHq9bx4qtBftp9ShK/7UGfq0wpaP96YVnnjFnj3ZFrUAjc5iECzODl/Ts0AN7ZPOANQ=="],
 
-    "@tailwindcss/oxide-darwin-x64": ["@tailwindcss/oxide-darwin-x64@4.1.12", "", { "os": "darwin", "cpu": "x64" }, "sha512-6UCsIeFUcBfpangqlXay9Ffty9XhFH1QuUFn0WV83W8lGdX8cD5/+2ONLluALJD5+yJ7k8mVtwy3zMZmzEfbLg=="],
+    "@tailwindcss/oxide-darwin-x64": ["@tailwindcss/oxide-darwin-x64@4.1.13", "", { "os": "darwin", "cpu": "x64" }, "sha512-aAJ3bbwrn/PQHDxCto9sxwQfT30PzyYJFG0u/BWZGeVXi5Hx6uuUOQEI2Fa43qvmUjTRQNZnGqe9t0Zntexeuw=="],
 
-    "@tailwindcss/oxide-freebsd-x64": ["@tailwindcss/oxide-freebsd-x64@4.1.12", "", { "os": "freebsd", "cpu": "x64" }, "sha512-JOH/f7j6+nYXIrHobRYCtoArJdMJh5zy5lr0FV0Qu47MID/vqJAY3r/OElPzx1C/wdT1uS7cPq+xdYYelny1ww=="],
+    "@tailwindcss/oxide-freebsd-x64": ["@tailwindcss/oxide-freebsd-x64@4.1.13", "", { "os": "freebsd", "cpu": "x64" }, "sha512-Wt8KvASHwSXhKE/dJLCCWcTSVmBj3xhVhp/aF3RpAhGeZ3sVo7+NTfgiN8Vey/Fi8prRClDs6/f0KXPDTZE6nQ=="],
 
-    "@tailwindcss/oxide-linux-arm-gnueabihf": ["@tailwindcss/oxide-linux-arm-gnueabihf@4.1.12", "", { "os": "linux", "cpu": "arm" }, "sha512-v4Ghvi9AU1SYgGr3/j38PD8PEe6bRfTnNSUE3YCMIRrrNigCFtHZ2TCm8142X8fcSqHBZBceDx+JlFJEfNg5zQ=="],
+    "@tailwindcss/oxide-linux-arm-gnueabihf": ["@tailwindcss/oxide-linux-arm-gnueabihf@4.1.13", "", { "os": "linux", "cpu": "arm" }, "sha512-mbVbcAsW3Gkm2MGwA93eLtWrwajz91aXZCNSkGTx/R5eb6KpKD5q8Ueckkh9YNboU8RH7jiv+ol/I7ZyQ9H7Bw=="],
 
-    "@tailwindcss/oxide-linux-arm64-gnu": ["@tailwindcss/oxide-linux-arm64-gnu@4.1.12", "", { "os": "linux", "cpu": "arm64" }, "sha512-YP5s1LmetL9UsvVAKusHSyPlzSRqYyRB0f+Kl/xcYQSPLEw/BvGfxzbH+ihUciePDjiXwHh+p+qbSP3SlJw+6g=="],
+    "@tailwindcss/oxide-linux-arm64-gnu": ["@tailwindcss/oxide-linux-arm64-gnu@4.1.13", "", { "os": "linux", "cpu": "arm64" }, "sha512-wdtfkmpXiwej/yoAkrCP2DNzRXCALq9NVLgLELgLim1QpSfhQM5+ZxQQF8fkOiEpuNoKLp4nKZ6RC4kmeFH0HQ=="],
 
-    "@tailwindcss/oxide-linux-arm64-musl": ["@tailwindcss/oxide-linux-arm64-musl@4.1.12", "", { "os": "linux", "cpu": "arm64" }, "sha512-V8pAM3s8gsrXcCv6kCHSuwyb/gPsd863iT+v1PGXC4fSL/OJqsKhfK//v8P+w9ThKIoqNbEnsZqNy+WDnwQqCA=="],
+    "@tailwindcss/oxide-linux-arm64-musl": ["@tailwindcss/oxide-linux-arm64-musl@4.1.13", "", { "os": "linux", "cpu": "arm64" }, "sha512-hZQrmtLdhyqzXHB7mkXfq0IYbxegaqTmfa1p9MBj72WPoDD3oNOh1Lnxf6xZLY9C3OV6qiCYkO1i/LrzEdW2mg=="],
 
-    "@tailwindcss/oxide-linux-x64-gnu": ["@tailwindcss/oxide-linux-x64-gnu@4.1.12", "", { "os": "linux", "cpu": "x64" }, "sha512-xYfqYLjvm2UQ3TZggTGrwxjYaLB62b1Wiysw/YE3Yqbh86sOMoTn0feF98PonP7LtjsWOWcXEbGqDL7zv0uW8Q=="],
+    "@tailwindcss/oxide-linux-x64-gnu": ["@tailwindcss/oxide-linux-x64-gnu@4.1.13", "", { "os": "linux", "cpu": "x64" }, "sha512-uaZTYWxSXyMWDJZNY1Ul7XkJTCBRFZ5Fo6wtjrgBKzZLoJNrG+WderJwAjPzuNZOnmdrVg260DKwXCFtJ/hWRQ=="],
 
-    "@tailwindcss/oxide-linux-x64-musl": ["@tailwindcss/oxide-linux-x64-musl@4.1.12", "", { "os": "linux", "cpu": "x64" }, "sha512-ha0pHPamN+fWZY7GCzz5rKunlv9L5R8kdh+YNvP5awe3LtuXb5nRi/H27GeL2U+TdhDOptU7T6Is7mdwh5Ar3A=="],
+    "@tailwindcss/oxide-linux-x64-musl": ["@tailwindcss/oxide-linux-x64-musl@4.1.13", "", { "os": "linux", "cpu": "x64" }, "sha512-oXiPj5mi4Hdn50v5RdnuuIms0PVPI/EG4fxAfFiIKQh5TgQgX7oSuDWntHW7WNIi/yVLAiS+CRGW4RkoGSSgVQ=="],
 
-    "@tailwindcss/oxide-wasm32-wasi": ["@tailwindcss/oxide-wasm32-wasi@4.1.12", "", { "dependencies": { "@emnapi/core": "^1.4.5", "@emnapi/runtime": "^1.4.5", "@emnapi/wasi-threads": "^1.0.4", "@napi-rs/wasm-runtime": "^0.2.12", "@tybys/wasm-util": "^0.10.0", "tslib": "^2.8.0" }, "cpu": "none" }, "sha512-4tSyu3dW+ktzdEpuk6g49KdEangu3eCYoqPhWNsZgUhyegEda3M9rG0/j1GV/JjVVsj+lG7jWAyrTlLzd/WEBg=="],
+    "@tailwindcss/oxide-wasm32-wasi": ["@tailwindcss/oxide-wasm32-wasi@4.1.13", "", { "dependencies": { "@emnapi/core": "^1.4.5", "@emnapi/runtime": "^1.4.5", "@emnapi/wasi-threads": "^1.0.4", "@napi-rs/wasm-runtime": "^0.2.12", "@tybys/wasm-util": "^0.10.0", "tslib": "^2.8.0" }, "cpu": "none" }, "sha512-+LC2nNtPovtrDwBc/nqnIKYh/W2+R69FA0hgoeOn64BdCX522u19ryLh3Vf3F8W49XBcMIxSe665kwy21FkhvA=="],
 
-    "@tailwindcss/oxide-win32-arm64-msvc": ["@tailwindcss/oxide-win32-arm64-msvc@4.1.12", "", { "os": "win32", "cpu": "arm64" }, "sha512-iGLyD/cVP724+FGtMWslhcFyg4xyYyM+5F4hGvKA7eifPkXHRAUDFaimu53fpNg9X8dfP75pXx/zFt/jlNF+lg=="],
+    "@tailwindcss/oxide-win32-arm64-msvc": ["@tailwindcss/oxide-win32-arm64-msvc@4.1.13", "", { "os": "win32", "cpu": "arm64" }, "sha512-dziTNeQXtoQ2KBXmrjCxsuPk3F3CQ/yb7ZNZNA+UkNTeiTGgfeh+gH5Pi7mRncVgcPD2xgHvkFCh/MhZWSgyQg=="],
 
-    "@tailwindcss/oxide-win32-x64-msvc": ["@tailwindcss/oxide-win32-x64-msvc@4.1.12", "", { "os": "win32", "cpu": "x64" }, "sha512-NKIh5rzw6CpEodv/++r0hGLlfgT/gFN+5WNdZtvh6wpU2BpGNgdjvj6H2oFc8nCM839QM1YOhjpgbAONUb4IxA=="],
+    "@tailwindcss/oxide-win32-x64-msvc": ["@tailwindcss/oxide-win32-x64-msvc@4.1.13", "", { "os": "win32", "cpu": "x64" }, "sha512-3+LKesjXydTkHk5zXX01b5KMzLV1xl2mcktBJkje7rhFUpUlYJy7IMOLqjIRQncLTa1WZZiFY/foAeB5nmaiTw=="],
 
-    "@tailwindcss/vite": ["@tailwindcss/vite@4.1.12", "", { "dependencies": { "@tailwindcss/node": "4.1.12", "@tailwindcss/oxide": "4.1.12", "tailwindcss": "4.1.12" }, "peerDependencies": { "vite": "^5.2.0 || ^6 || ^7" } }, "sha512-4pt0AMFDx7gzIrAOIYgYP0KCBuKWqyW8ayrdiLEjoJTT4pKTjrzG/e4uzWtTLDziC+66R9wbUqZBccJalSE5vQ=="],
+    "@tailwindcss/vite": ["@tailwindcss/vite@4.1.13", "", { "dependencies": { "@tailwindcss/node": "4.1.13", "@tailwindcss/oxide": "4.1.13", "tailwindcss": "4.1.13" }, "peerDependencies": { "vite": "^5.2.0 || ^6 || ^7" } }, "sha512-0PmqLQ010N58SbMTJ7BVJ4I2xopiQn/5i6nlb4JmxzQf8zcS5+m2Cv6tqh+sfDwtIdjoEnOvwsGQ1hkUi8QEHQ=="],
 
     "@tanstack/react-virtual": ["@tanstack/react-virtual@3.13.12", "", { "dependencies": { "@tanstack/virtual-core": "3.13.12" }, "peerDependencies": { "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0" } }, "sha512-Gd13QdxPSukP8ZrkbgS2RwoZseTTbQPLnQEn7HY/rqtM+8Zt95f7xKC7N0EsKs7aoz0WzZ+fditZux+F8EzYxA=="],
 
@@ -633,7 +645,7 @@
 
     "accepts": ["accepts@1.3.8", "", { "dependencies": { "mime-types": "~2.1.34", "negotiator": "0.6.3" } }, "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw=="],
 
-    "acorn": ["acorn@8.14.1", "", { "bin": { "acorn": "bin/acorn" } }, "sha512-OvQ/2pUDKmgfCg++xsTX1wGxfTaszcHVcTctW4UJB4hibJx2HXxxO5UmVgyjMa+ZDsiaf5wWLXYpRWMmBI0QHg=="],
+    "acorn": ["acorn@8.15.0", "", { "bin": { "acorn": "bin/acorn" } }, "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg=="],
 
     "acorn-jsx": ["acorn-jsx@5.3.2", "", { "peerDependencies": { "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" } }, "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ=="],
 
@@ -667,7 +679,7 @@
 
     "astring": ["astring@1.9.0", "", { "bin": { "astring": "bin/astring" } }, "sha512-LElXdjswlqjWrPpJFg1Fx4wpkOCxj1TDHlSV4PlaRxHGWko024xICaa97ZkMfs6DRKlCguiAI+rbXv5GWwXIkg=="],
 
-    "astro": ["astro@5.13.4", "", { "dependencies": { "@astrojs/compiler": "^2.12.2", "@astrojs/internal-helpers": "0.7.2", "@astrojs/markdown-remark": "6.3.6", "@astrojs/telemetry": "3.3.0", "@capsizecss/unpack": "^2.4.0", "@oslojs/encoding": "^1.1.0", "@rollup/pluginutils": "^5.1.4", "acorn": "^8.14.1", "aria-query": "^5.3.2", "axobject-query": "^4.1.0", "boxen": "8.0.1", "ci-info": "^4.2.0", "clsx": "^2.1.1", "common-ancestor-path": "^1.0.1", "cookie": "^1.0.2", "cssesc": "^3.0.0", "debug": "^4.4.0", "deterministic-object-hash": "^2.0.2", "devalue": "^5.1.1", "diff": "^5.2.0", "dlv": "^1.1.3", "dset": "^3.1.4", "es-module-lexer": "^1.6.0", "esbuild": "^0.25.0", "estree-walker": "^3.0.3", "flattie": "^1.1.1", "fontace": "~0.3.0", "github-slugger": "^2.0.0", "html-escaper": "3.0.3", "http-cache-semantics": "^4.1.1", "import-meta-resolve": "^4.1.0", "js-yaml": "^4.1.0", "kleur": "^4.1.5", "magic-string": "^0.30.17", "magicast": "^0.3.5", "mrmime": "^2.0.1", "neotraverse": "^0.6.18", "p-limit": "^6.2.0", "p-queue": "^8.1.0", "package-manager-detector": "^1.1.0", "picomatch": "^4.0.2", "prompts": "^2.4.2", "rehype": "^13.0.2", "semver": "^7.7.1", "shiki": "^3.2.1", "smol-toml": "^1.3.4", "tinyexec": "^0.3.2", "tinyglobby": "^0.2.12", "tsconfck": "^3.1.5", "ultrahtml": "^1.6.0", "unifont": "~0.5.0", "unist-util-visit": "^5.0.0", "unstorage": "^1.15.0", "vfile": "^6.0.3", "vite": "^6.3.4", "vitefu": "^1.0.6", "xxhash-wasm": "^1.1.0", "yargs-parser": "^21.1.1", "yocto-spinner": "^0.2.1", "zod": "^3.24.4", "zod-to-json-schema": "^3.24.5", "zod-to-ts": "^1.2.0" }, "optionalDependencies": { "sharp": "^0.33.3" }, "bin": { "astro": "astro.js" } }, "sha512-Mgq5GYy3EHtastGXqdnh1UPuN++8NmJSluAspA5hu33O7YRs/em/L03cUfRXtc60l5yx5BfYJsjF2MFMlcWlzw=="],
+    "astro": ["astro@5.13.7", "", { "dependencies": { "@astrojs/compiler": "^2.12.2", "@astrojs/internal-helpers": "0.7.2", "@astrojs/markdown-remark": "6.3.6", "@astrojs/telemetry": "3.3.0", "@capsizecss/unpack": "^2.4.0", "@oslojs/encoding": "^1.1.0", "@rollup/pluginutils": "^5.2.0", "acorn": "^8.15.0", "aria-query": "^5.3.2", "axobject-query": "^4.1.0", "boxen": "8.0.1", "ci-info": "^4.3.0", "clsx": "^2.1.1", "common-ancestor-path": "^1.0.1", "cookie": "^1.0.2", "cssesc": "^3.0.0", "debug": "^4.4.1", "deterministic-object-hash": "^2.0.2", "devalue": "^5.1.1", "diff": "^5.2.0", "dlv": "^1.1.3", "dset": "^3.1.4", "es-module-lexer": "^1.7.0", "esbuild": "^0.25.0", "estree-walker": "^3.0.3", "flattie": "^1.1.1", "fontace": "~0.3.0", "github-slugger": "^2.0.0", "html-escaper": "3.0.3", "http-cache-semantics": "^4.2.0", "import-meta-resolve": "^4.2.0", "js-yaml": "^4.1.0", "kleur": "^4.1.5", "magic-string": "^0.30.18", "magicast": "^0.3.5", "mrmime": "^2.0.1", "neotraverse": "^0.6.18", "p-limit": "^6.2.0", "p-queue": "^8.1.0", "package-manager-detector": "^1.3.0", "picomatch": "^4.0.3", "prompts": "^2.4.2", "rehype": "^13.0.2", "semver": "^7.7.2", "shiki": "^3.12.0", "smol-toml": "^1.4.2", "tinyexec": "^0.3.2", "tinyglobby": "^0.2.14", "tsconfck": "^3.1.6", "ultrahtml": "^1.6.0", "unifont": "~0.5.2", "unist-util-visit": "^5.0.0", "unstorage": "^1.17.0", "vfile": "^6.0.3", "vite": "^6.3.6", "vitefu": "^1.1.1", "xxhash-wasm": "^1.1.0", "yargs-parser": "^21.1.1", "yocto-spinner": "^0.2.3", "zod": "^3.25.76", "zod-to-json-schema": "^3.24.6", "zod-to-ts": "^1.2.0" }, "optionalDependencies": { "sharp": "^0.34.0" }, "bin": { "astro": "astro.js" } }, "sha512-Of2tST7ErbE4y1dVb4aWDXaQSIRBAfraJ4jDqaA3PzPRJOn6Ina36+tQ+8BezjYqiWwRRJdOEE07PRAJXnsddw=="],
 
     "axobject-query": ["axobject-query@4.1.0", "", {}, "sha512-qIj0G9wZbMGNLjLmg1PT6v2mE9AH2zlnADJD/2tC6E00hgmhUOfEB6greHPAfLRSufHqROIUTkw6E+M3lH0PTQ=="],
 
@@ -683,14 +695,16 @@
 
     "before-after-hook": ["before-after-hook@4.0.0", "", {}, "sha512-q6tR3RPqIB1pMiTRMFcZwuG5T8vwp+vUvEG0vuI6B+Rikh5BfPp2fQ82c925FOs+b0lcFQ8CFrL+KbilfZFhOQ=="],
 
-    "better-auth": ["better-auth@1.3.8", "", { "dependencies": { "@better-auth/utils": "0.2.6", "@better-fetch/fetch": "^1.1.18", "@noble/ciphers": "^0.6.0", "@noble/hashes": "^1.8.0", "@simplewebauthn/browser": "^13.1.2", "@simplewebauthn/server": "^13.1.2", "better-call": "1.0.16", "defu": "^6.1.4", "jose": "^5.10.0", "kysely": "^0.28.5", "nanostores": "^0.11.4", "zod": "^4.1.5" }, "peerDependencies": { "react": "^18.0.0 || ^19.0.0", "react-dom": "^18.0.0 || ^19.0.0" }, "optionalPeers": ["react", "react-dom"] }, "sha512-uRFzHbWkhr8eWNy+BJwyMnrZPOvQjwrcLND3nc6jusRteYA9cjeRGElgCPTWTIyWUfzaQ708Lb5Mdq9Gv41Qpw=="],
+    "better-auth": ["better-auth@1.3.9", "", { "dependencies": { "@better-auth/utils": "0.2.6", "@better-fetch/fetch": "^1.1.18", "@noble/ciphers": "^2.0.0", "@noble/hashes": "^2.0.0", "@simplewebauthn/browser": "^13.1.2", "@simplewebauthn/server": "^13.1.2", "better-call": "1.0.18", "defu": "^6.1.4", "jose": "^6.1.0", "kysely": "^0.28.5", "nanostores": "^0.11.4", "zod": "^4.1.5" }, "peerDependencies": { "@lynx-js/react": "*", "react": "^18.0.0 || ^19.0.0", "react-dom": "^18.0.0 || ^19.0.0" }, "optionalPeers": ["@lynx-js/react", "react", "react-dom"] }, "sha512-Ty6BHzuShlqSs7I4RMlBRQ3duOWNB7WWriIu2FJVGjQAOtTVvamzFCR4/j5ROFLoNkpvNTRF7BJozsrMICL1gw=="],
 
-    "better-call": ["better-call@1.0.16", "", { "dependencies": { "@better-fetch/fetch": "^1.1.4", "rou3": "^0.5.1", "set-cookie-parser": "^2.7.1", "uncrypto": "^0.1.3" } }, "sha512-42dgJ1rOtc0anOoxjXPOWuel/Z/4aeO7EJ2SiXNwvlkySSgjXhNjAjTMWa8DL1nt6EXS3jl3VKC3mPsU/lUgVA=="],
+    "better-call": ["better-call@1.0.18", "", { "dependencies": { "@better-fetch/fetch": "^1.1.4", "rou3": "^0.5.1", "set-cookie-parser": "^2.7.1", "uncrypto": "^0.1.3" } }, "sha512-Ojyck3P3fs/egBmCW50tvfbCJorNV5KphfPOKrkCxPfOr8Brth1ruDtAJuhHVHEUiWrXv+vpEgWQk7m7FzhbbQ=="],
 
     "blob-to-buffer": ["blob-to-buffer@1.2.9", "", {}, "sha512-BF033y5fN6OCofD3vgHmNtwZWRcq9NLyyxyILx9hfMy1sXYy4ojFl765hJ2lP0YaN2fuxPaLO2Vzzoxy0FLFFA=="],
 
     "body-parser": ["body-parser@1.20.3", "", { "dependencies": { "bytes": "3.1.2", "content-type": "~1.0.5", "debug": "2.6.9", "depd": "2.0.0", "destroy": "1.2.0", "http-errors": "2.0.0", "iconv-lite": "0.4.24", "on-finished": "2.4.1", "qs": "6.13.0", "raw-body": "2.5.2", "type-is": "~1.6.18", "unpipe": "1.0.0" } }, "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g=="],
 
+    "bottleneck": ["bottleneck@2.19.5", "", {}, "sha512-VHiNCbI1lKdl44tGrhNfU3lup0Tj/ZBMJB5/2ZbNXRCPuRCO7ed2mgcK4r17y+KB2EfuYuRaVlwNbAeaWGSpbw=="],
+
     "boxen": ["boxen@8.0.1", "", { "dependencies": { "ansi-align": "^3.0.1", "camelcase": "^8.0.0", "chalk": "^5.3.0", "cli-boxes": "^3.0.0", "string-width": "^7.2.0", "type-fest": "^4.21.0", "widest-line": "^5.0.0", "wrap-ansi": "^9.0.0" } }, "sha512-F3PH5k5juxom4xktynS7MoFY+NUWH5LC4CnH11YB8NPew+HLpmBLCybSAEyb2F+4pRXhuhWqFesoQd6DAyc2hw=="],
 
     "braces": ["braces@3.0.3", "", { "dependencies": { "fill-range": "^7.1.1" } }, "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA=="],
@@ -737,7 +751,7 @@
 
     "chownr": ["chownr@3.0.0", "", {}, "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g=="],
 
-    "ci-info": ["ci-info@4.2.0", "", {}, "sha512-cYY9mypksY8NRqgDB1XD1RiJL338v/551niynFTGkZOO2LHuB2OmOYxDIe/ttN9AHwrqdum1360G3ald0W9kCg=="],
+    "ci-info": ["ci-info@4.3.0", "", {}, "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ=="],
 
     "class-variance-authority": ["class-variance-authority@0.7.1", "", { "dependencies": { "clsx": "^2.1.1" } }, "sha512-Ka+9Trutv7G8M6WT6SeiRWz792K5qEqIGEGzXKhAE6xOWAY6pPH8U+9IY3oCMv6kqTmLsv7Xh/2w2RigkePMsg=="],
 
@@ -831,7 +845,7 @@
 
     "dom-accessibility-api": ["dom-accessibility-api@0.6.3", "", {}, "sha512-7ZgogeTnjuHbo+ct10G9Ffp0mif17idi0IyWNVA/wcwcm7NPOD/WEHVP3n7n3MhXqxoIYm8d6MuZohYWIZ4T3w=="],
 
-    "dotenv": ["dotenv@17.2.1", "", {}, "sha512-kQhDYKZecqnM0fCnzI5eIv5L4cAe/iRI+HqMbO/hbRdTAeXDG+M9FjipUxNfbARuEg4iHIbhnhs78BCHNbSxEQ=="],
+    "dotenv": ["dotenv@17.2.2", "", {}, "sha512-Sf2LSQP+bOlhKWWyhFsn0UsfdK/kCWRv1iuA2gXAwt3dyNabr6QSj00I2V10pidqz69soatm9ZwZvpQMTIOd5Q=="],
 
     "drizzle-kit": ["drizzle-kit@0.31.4", "", { "dependencies": { "@drizzle-team/brocli": "^0.10.2", "@esbuild-kit/esm-loader": "^2.5.5", "esbuild": "^0.25.4", "esbuild-register": "^3.5.0" }, "bin": { "drizzle-kit": "bin.cjs" } }, "sha512-tCPWVZWZqWVx2XUsVpJRnH9Mx0ClVOf5YUHerZ5so1OKSlqww4zy1R5ksEdGRcO3tM3zj0PYN6V48TbQCL1RfA=="],
 
@@ -961,7 +975,7 @@
 
     "graceful-fs": ["graceful-fs@4.2.11", "", {}, "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ=="],
 
-    "h3": ["h3@1.15.3", "", { "dependencies": { "cookie-es": "^1.2.2", "crossws": "^0.3.4", "defu": "^6.1.4", "destr": "^2.0.5", "iron-webcrypto": "^1.2.1", "node-mock-http": "^1.0.0", "radix3": "^1.1.2", "ufo": "^1.6.1", "uncrypto": "^0.1.3" } }, "sha512-z6GknHqyX0h9aQaTx22VZDf6QyZn+0Nh+Ym8O/u0SGSkyF5cuTJYKlc8MkzW3Nzf9LE1ivcpmYC3FUGpywhuUQ=="],
+    "h3": ["h3@1.15.4", "", { "dependencies": { "cookie-es": "^1.2.2", "crossws": "^0.3.5", "defu": "^6.1.4", "destr": "^2.0.5", "iron-webcrypto": "^1.2.1", "node-mock-http": "^1.0.2", "radix3": "^1.1.2", "ufo": "^1.6.1", "uncrypto": "^0.1.3" } }, "sha512-z5cFQWDffyOe4vQ9xIqNfCZdV4p//vy6fBnr8Q1AWnVZ0teurKMG66rLj++TKwKPUP3u7iMUvrvKaEUiQw2QWQ=="],
 
     "has-flag": ["has-flag@4.0.0", "", {}, "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ=="],
 
@@ -1009,7 +1023,7 @@
 
     "iconv-lite": ["iconv-lite@0.6.3", "", { "dependencies": { "safer-buffer": ">= 2.1.2 < 3.0.0" } }, "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw=="],
 
-    "import-meta-resolve": ["import-meta-resolve@4.1.0", "", {}, "sha512-I6fiaX09Xivtk+THaMfAwnA3MVA5Big1WHF1Dfx9hFuvNIWpXnorlkzhcQf6ehrqQiiZECRt1poOAkPmer3ruw=="],
+    "import-meta-resolve": ["import-meta-resolve@4.2.0", "", {}, "sha512-Iqv2fzaTQN28s/FwZAoFq0ZSs/7hMAHJVX+w8PZl3cY19Pxk6jFFalxQoIfW2826i/fDLXv8IiEZRIT0lDuWcg=="],
 
     "indent-string": ["indent-string@4.0.0", "", {}, "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg=="],
 
@@ -1287,11 +1301,11 @@
 
     "node-fetch": ["node-fetch@2.7.0", "", { "dependencies": { "whatwg-url": "^5.0.0" }, "peerDependencies": { "encoding": "^0.1.0" }, "optionalPeers": ["encoding"] }, "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A=="],
 
-    "node-fetch-native": ["node-fetch-native@1.6.6", "", {}, "sha512-8Mc2HhqPdlIfedsuZoc3yioPuzp6b+L5jRCRY1QzuWZh2EGJVQrGppC6V6cF0bLdbW0+O2YpqCA25aF/1lvipQ=="],
+    "node-fetch-native": ["node-fetch-native@1.6.7", "", {}, "sha512-g9yhqoedzIUm0nTnTqAQvueMPVOuIY16bqgAJJC8XOOubYFNwz6IER9qs0Gq2Xd0+CecCKFjtdDTMA4u4xG06Q=="],
 
     "node-forge": ["node-forge@1.3.1", "", {}, "sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA=="],
 
-    "node-mock-http": ["node-mock-http@1.0.0", "", {}, "sha512-0uGYQ1WQL1M5kKvGRXWQ3uZCHtLTO8hln3oBjIusM75WoesZ909uQJs/Hb946i2SS+Gsrhkaa6iAO17jRIv6DQ=="],
+    "node-mock-http": ["node-mock-http@1.0.3", "", {}, "sha512-jN8dK25fsfnMrVsEhluUTPkBFY+6ybu7jSB1n+ri/vOGjJxU8J9CZhpSGkHXSkFjtUhbmoncG/YG9ta5Ludqog=="],
 
     "node-releases": ["node-releases@2.0.19", "", {}, "sha512-xxOWJsBKtzAq7DY0J+DTzuz58K8e7sJbdgwkbMWQe8UYB6ekmsQ45q0M/tJDsGaZmbC+l7n57UV8Hl5tHxO9uw=="],
 
@@ -1483,9 +1497,9 @@
 
     "setprototypeof": ["setprototypeof@1.2.0", "", {}, "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="],
 
-    "sharp": ["sharp@0.33.5", "", { "dependencies": { "color": "^4.2.3", "detect-libc": "^2.0.3", "semver": "^7.6.3" }, "optionalDependencies": { "@img/sharp-darwin-arm64": "0.33.5", "@img/sharp-darwin-x64": "0.33.5", "@img/sharp-libvips-darwin-arm64": "1.0.4", "@img/sharp-libvips-darwin-x64": "1.0.4", "@img/sharp-libvips-linux-arm": "1.0.5", "@img/sharp-libvips-linux-arm64": "1.0.4", "@img/sharp-libvips-linux-s390x": "1.0.4", "@img/sharp-libvips-linux-x64": "1.0.4", "@img/sharp-libvips-linuxmusl-arm64": "1.0.4", "@img/sharp-libvips-linuxmusl-x64": "1.0.4", "@img/sharp-linux-arm": "0.33.5", "@img/sharp-linux-arm64": "0.33.5", "@img/sharp-linux-s390x": "0.33.5", "@img/sharp-linux-x64": "0.33.5", "@img/sharp-linuxmusl-arm64": "0.33.5", "@img/sharp-linuxmusl-x64": "0.33.5", "@img/sharp-wasm32": "0.33.5", "@img/sharp-win32-ia32": "0.33.5", "@img/sharp-win32-x64": "0.33.5" } }, "sha512-haPVm1EkS9pgvHrQ/F3Xy+hgcuMV0Wm9vfIBSiwZ05k+xgb0PkBQpGsAA/oWdDobNaZTH5ppvHtzCFbnSEwHVw=="],
+    "sharp": ["sharp@0.34.3", "", { "dependencies": { "color": "^4.2.3", "detect-libc": "^2.0.4", "semver": "^7.7.2" }, "optionalDependencies": { "@img/sharp-darwin-arm64": "0.34.3", "@img/sharp-darwin-x64": "0.34.3", "@img/sharp-libvips-darwin-arm64": "1.2.0", "@img/sharp-libvips-darwin-x64": "1.2.0", "@img/sharp-libvips-linux-arm": "1.2.0", "@img/sharp-libvips-linux-arm64": "1.2.0", "@img/sharp-libvips-linux-ppc64": "1.2.0", "@img/sharp-libvips-linux-s390x": "1.2.0", "@img/sharp-libvips-linux-x64": "1.2.0", "@img/sharp-libvips-linuxmusl-arm64": "1.2.0", "@img/sharp-libvips-linuxmusl-x64": "1.2.0", "@img/sharp-linux-arm": "0.34.3", "@img/sharp-linux-arm64": "0.34.3", "@img/sharp-linux-ppc64": "0.34.3", "@img/sharp-linux-s390x": "0.34.3", "@img/sharp-linux-x64": "0.34.3", "@img/sharp-linuxmusl-arm64": "0.34.3", "@img/sharp-linuxmusl-x64": "0.34.3", "@img/sharp-wasm32": "0.34.3", "@img/sharp-win32-arm64": "0.34.3", "@img/sharp-win32-ia32": "0.34.3", "@img/sharp-win32-x64": "0.34.3" } }, "sha512-eX2IQ6nFohW4DbvHIOLRB3MHFpYqaqvXd3Tp5e/T/dSH83fxaNJQRvDMhASmkNTsNTVF2/OOopzRCt7xokgPfg=="],
 
-    "shiki": ["shiki@3.4.2", "", { "dependencies": { "@shikijs/core": "3.4.2", "@shikijs/engine-javascript": "3.4.2", "@shikijs/engine-oniguruma": "3.4.2", "@shikijs/langs": "3.4.2", "@shikijs/themes": "3.4.2", "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4" } }, "sha512-wuxzZzQG8kvZndD7nustrNFIKYJ1jJoWIPaBpVe2+KHSvtzMi4SBjOxrigs8qeqce/l3U0cwiC+VAkLKSunHQQ=="],
+    "shiki": ["shiki@3.12.2", "", { "dependencies": { "@shikijs/core": "3.12.2", "@shikijs/engine-javascript": "3.12.2", "@shikijs/engine-oniguruma": "3.12.2", "@shikijs/langs": "3.12.2", "@shikijs/themes": "3.12.2", "@shikijs/types": "3.12.2", "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4" } }, "sha512-uIrKI+f9IPz1zDT+GMz+0RjzKJiijVr6WDWm9Pe3NNY6QigKCfifCEv9v9R2mDASKKjzjQ2QpFLcxaR3iHSnMA=="],
 
     "side-channel": ["side-channel@1.1.0", "", { "dependencies": { "es-errors": "^1.3.0", "object-inspect": "^1.13.3", "side-channel-list": "^1.0.0", "side-channel-map": "^1.0.1", "side-channel-weakmap": "^1.0.2" } }, "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw=="],
 
@@ -1501,11 +1515,11 @@
 
     "sisteransi": ["sisteransi@1.0.5", "", {}, "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg=="],
 
-    "smol-toml": ["smol-toml@1.3.4", "", {}, "sha512-UOPtVuYkzYGee0Bd2Szz8d2G3RfMfJ2t3qVdZUAozZyAk+a0Sxa+QKix0YCwjL/A1RR0ar44nCxaoN9FxdJGwA=="],
+    "smol-toml": ["smol-toml@1.4.2", "", {}, "sha512-rInDH6lCNiEyn3+hH8KVGFdbjc099j47+OSgbMrfDYX1CmXLfdKd7qi6IfcWj2wFxvSVkuI46M+wPGYfEOEj6g=="],
 
     "sonner": ["sonner@2.0.7", "", { "peerDependencies": { "react": "^18.0.0 || ^19.0.0 || ^19.0.0-rc", "react-dom": "^18.0.0 || ^19.0.0 || ^19.0.0-rc" } }, "sha512-W6ZN4p58k8aDKA4XPcx2hpIQXBRAgyiWVkYhT7CvK6D3iAu7xjvVyhQHg2/iaKJZ1XVJ4r7XuwGL+WGEK37i9w=="],
 
-    "source-map": ["source-map@0.7.4", "", {}, "sha512-l3BikUxvPOcn5E74dZiq5BGsTb5yEwhaTSzccU6t4sDOH8NWJCstKO5QT2CvtFoK6F0saL7p9xHAqHOlCPJygA=="],
+    "source-map": ["source-map@0.7.6", "", {}, "sha512-i5uvt8C3ikiWeNZSVZNWcfZPItFQOsYTUAOkcUPGd8DqDy1uOUikjt5dG+uRlwyvR108Fb9DOd4GvXfT0N2/uQ=="],
 
     "source-map-js": ["source-map-js@1.2.1", "", {}, "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA=="],
 
@@ -1539,7 +1553,7 @@
 
     "tailwind-merge": ["tailwind-merge@3.3.1", "", {}, "sha512-gBXpgUm/3rp1lMZZrM/w7D8GKqshif0zAymAhbCyIt8KMe+0v9DQ7cdYLR4FHH/cKpdTXb+A/tKKU3eolfsI+g=="],
 
-    "tailwindcss": ["tailwindcss@4.1.12", "", {}, "sha512-DzFtxOi+7NsFf7DBtI3BJsynR+0Yp6etH+nRPTbpWnS2pZBaSksv/JGctNwSWzbFjp0vxSqknaUylseZqMDGrA=="],
+    "tailwindcss": ["tailwindcss@4.1.13", "", {}, "sha512-i+zidfmTqtwquj4hMEwdjshYYgMbOrPzb9a0M3ZgNa0JMoZeFC6bxZvO8yr8ozS6ix2SDz0+mvryPeBs2TFE+w=="],
 
     "tapable": ["tapable@2.2.2", "", {}, "sha512-Re10+NauLTMCudc7T5WLFLAwDhQ0JWdrMK+9B2M8zR5hRExKmsRDCBA7/aV/pNJFltmBFO5BAMlQFi/vq3nKOg=="],
 
@@ -1581,7 +1595,7 @@
 
     "tsx": ["tsx@4.20.5", "", { "dependencies": { "esbuild": "~0.25.0", "get-tsconfig": "^4.7.5" }, "optionalDependencies": { "fsevents": "~2.3.3" }, "bin": { "tsx": "dist/cli.mjs" } }, "sha512-+wKjMNU9w/EaQayHXb7WA7ZaHY6hN8WgfvHNQ3t1PnU91/7O8TcTnIhCDYTZwnt8JsO9IBqZ30Ln1r7pPF52Aw=="],
 
-    "tw-animate-css": ["tw-animate-css@1.3.7", "", {}, "sha512-lvLb3hTIpB5oGsk8JmLoAjeCHV58nKa2zHYn8yWOoG5JJusH3bhJlF2DLAZ/5NmJ+jyH3ssiAx/2KmbhavJy/A=="],
+    "tw-animate-css": ["tw-animate-css@1.3.8", "", {}, "sha512-Qrk3PZ7l7wUcGYhwZloqfkWCmaXZAoqjkdbIDvzfGshwGtexa/DAs9koXxIkrpEasyevandomzCBAV1Yyop5rw=="],
 
     "type-fest": ["type-fest@4.41.0", "", {}, "sha512-TeTSQ6H5YHvpqVwBRcnLDCBnDOHWYu7IvGbHT6N8AOymcr9PJGjc1GTtiWZTYg0NCgYwvnYWEkVChQAr9bjfwA=="],
 
@@ -1607,7 +1621,7 @@
 
     "unified": ["unified@11.0.5", "", { "dependencies": { "@types/unist": "^3.0.0", "bail": "^2.0.0", "devlop": "^1.0.0", "extend": "^3.0.0", "is-plain-obj": "^4.0.0", "trough": "^2.0.0", "vfile": "^6.0.0" } }, "sha512-xKvGhPWw3k84Qjh8bI3ZeJjqnyadK+GEFtazSfZv/rKeTkTjOJho6mFqh2SM96iIcZokxiOpg78GazTSg8+KHA=="],
 
-    "unifont": ["unifont@0.5.0", "", { "dependencies": { "css-tree": "^3.0.0", "ohash": "^2.0.0" } }, "sha512-4DueXMP5Hy4n607sh+vJ+rajoLu778aU3GzqeTCqsD/EaUcvqZT9wPC8kgK6Vjh22ZskrxyRCR71FwNOaYn6jA=="],
+    "unifont": ["unifont@0.5.2", "", { "dependencies": { "css-tree": "^3.0.0", "ofetch": "^1.4.1", "ohash": "^2.0.0" } }, "sha512-LzR4WUqzH9ILFvjLAUU7dK3Lnou/qd5kD+IakBtBK4S15/+x2y9VX+DcWQv6s551R6W+vzwgVS6tFg3XggGBgg=="],
 
     "unist-util-find-after": ["unist-util-find-after@5.0.0", "", { "dependencies": { "@types/unist": "^3.0.0", "unist-util-is": "^6.0.0" } }, "sha512-amQa0Ep2m6hE2g72AugUItjbuM8X8cGQnFoHk0pGfrFeT9GZhzN5SW8nRsiGKK7Aif4CrACPENkA6P/Lw6fHGQ=="],
 
@@ -1633,7 +1647,7 @@
 
     "unpipe": ["unpipe@1.0.0", "", {}, "sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ=="],
 
-    "unstorage": ["unstorage@1.16.0", "", { "dependencies": { "anymatch": "^3.1.3", "chokidar": "^4.0.3", "destr": "^2.0.5", "h3": "^1.15.2", "lru-cache": "^10.4.3", "node-fetch-native": "^1.6.6", "ofetch": "^1.4.1", "ufo": "^1.6.1" }, "peerDependencies": { "@azure/app-configuration": "^1.8.0", "@azure/cosmos": "^4.2.0", "@azure/data-tables": "^13.3.0", "@azure/identity": "^4.6.0", "@azure/keyvault-secrets": "^4.9.0", "@azure/storage-blob": "^12.26.0", "@capacitor/preferences": "^6.0.3 || ^7.0.0", "@deno/kv": ">=0.9.0", "@netlify/blobs": "^6.5.0 || ^7.0.0 || ^8.1.0", "@planetscale/database": "^1.19.0", "@upstash/redis": "^1.34.3", "@vercel/blob": ">=0.27.1", "@vercel/kv": "^1.0.1", "aws4fetch": "^1.0.20", "db0": ">=0.2.1", "idb-keyval": "^6.2.1", "ioredis": "^5.4.2", "uploadthing": "^7.4.4" }, "optionalPeers": ["@azure/app-configuration", "@azure/cosmos", "@azure/data-tables", "@azure/identity", "@azure/keyvault-secrets", "@azure/storage-blob", "@capacitor/preferences", "@deno/kv", "@netlify/blobs", "@planetscale/database", "@upstash/redis", "@vercel/blob", "@vercel/kv", "aws4fetch", "db0", "idb-keyval", "ioredis", "uploadthing"] }, "sha512-WQ37/H5A7LcRPWfYOrDa1Ys02xAbpPJq6q5GkO88FBXVSQzHd7+BjEwfRqyaSWCv9MbsJy058GWjjPjcJ16GGA=="],
+    "unstorage": ["unstorage@1.17.1", "", { "dependencies": { "anymatch": "^3.1.3", "chokidar": "^4.0.3", "destr": "^2.0.5", "h3": "^1.15.4", "lru-cache": "^10.4.3", "node-fetch-native": "^1.6.7", "ofetch": "^1.4.1", "ufo": "^1.6.1" }, "peerDependencies": { "@azure/app-configuration": "^1.8.0", "@azure/cosmos": "^4.2.0", "@azure/data-tables": "^13.3.0", "@azure/identity": "^4.6.0", "@azure/keyvault-secrets": "^4.9.0", "@azure/storage-blob": "^12.26.0", "@capacitor/preferences": "^6.0.3 || ^7.0.0", "@deno/kv": ">=0.9.0", "@netlify/blobs": "^6.5.0 || ^7.0.0 || ^8.1.0 || ^9.0.0 || ^10.0.0", "@planetscale/database": "^1.19.0", "@upstash/redis": "^1.34.3", "@vercel/blob": ">=0.27.1", "@vercel/functions": "^2.2.12 || ^3.0.0", "@vercel/kv": "^1.0.1", "aws4fetch": "^1.0.20", "db0": ">=0.2.1", "idb-keyval": "^6.2.1", "ioredis": "^5.4.2", "uploadthing": "^7.4.4" }, "optionalPeers": ["@azure/app-configuration", "@azure/cosmos", "@azure/data-tables", "@azure/identity", "@azure/keyvault-secrets", "@azure/storage-blob", "@capacitor/preferences", "@deno/kv", "@netlify/blobs", "@planetscale/database", "@upstash/redis", "@vercel/blob", "@vercel/functions", "@vercel/kv", "aws4fetch", "db0", "idb-keyval", "ioredis", "uploadthing"] }, "sha512-KKGwRTT0iVBCErKemkJCLs7JdxNVfqTPc/85ae1XES0+bsHbc/sFBfVi5kJp156cc51BHinIH2l3k0EZ24vOBQ=="],
 
     "update-browserslist-db": ["update-browserslist-db@1.1.3", "", { "dependencies": { "escalade": "^3.2.0", "picocolors": "^1.1.1" }, "peerDependencies": { "browserslist": ">= 4.21.0" }, "bin": { "update-browserslist-db": "cli.js" } }, "sha512-UxhIZQ+QInVdunkDAaiazvvT/+fXL5Osr0JZlJulepYu6Jd7qJtDZjlur0emRlT71EN3ScPoE7gvsuIKKNavKw=="],
 
@@ -1645,7 +1659,7 @@
 
     "utils-merge": ["utils-merge@1.0.1", "", {}, "sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA=="],
 
-    "uuid": ["uuid@11.1.0", "", { "bin": { "uuid": "dist/esm/bin/uuid" } }, "sha512-0/A9rDy9P7cJ+8w1c9WD9V//9Wj15Ce2MPz8Ri6032usz+NfePxx5AcN3bN+r6ZL6jEo066/yNYB3tn4pQEx+A=="],
+    "uuid": ["uuid@13.0.0", "", { "bin": { "uuid": "dist-node/bin/uuid" } }, "sha512-XQegIaBTVUjSHliKqcnFqYypAd4S+WCYt5NIeRs6w/UAry7z8Y9j5ZwRRL4kzq9U3sD6v+85er9FvkEaBpji2w=="],
 
     "vary": ["vary@1.1.2", "", {}, "sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg=="],
 
@@ -1661,7 +1675,7 @@
 
     "vite-node": ["vite-node@3.2.4", "", { "dependencies": { "cac": "^6.7.14", "debug": "^4.4.1", "es-module-lexer": "^1.7.0", "pathe": "^2.0.3", "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0" }, "bin": { "vite-node": "vite-node.mjs" } }, "sha512-EbKSKh+bh1E1IFxeO0pg1n4dvoOTt0UDiXMd/qn++r98+jPO1xtJilvXldeuQ8giIB5IkpjCgMleHMNEsGH6pg=="],
 
-    "vitefu": ["vitefu@1.0.6", "", { "peerDependencies": { "vite": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0" }, "optionalPeers": ["vite"] }, "sha512-+Rex1GlappUyNN6UfwbVZne/9cYC4+R2XDk9xkNXBKMw6HQagdX9PgZ8V2v1WUSK1wfBLp7qbI1+XSNIlB1xmA=="],
+    "vitefu": ["vitefu@1.1.1", "", { "peerDependencies": { "vite": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0-beta.0" }, "optionalPeers": ["vite"] }, "sha512-B/Fegf3i8zh0yFbpzZ21amWzHmuNlLlmJT6n7bu5e+pCHUKQIfXSYokrqOBGEMMe9UG2sostKQF9mml/vYaWJQ=="],
 
     "vitest": ["vitest@3.2.4", "", { "dependencies": { "@types/chai": "^5.2.2", "@vitest/expect": "3.2.4", "@vitest/mocker": "3.2.4", "@vitest/pretty-format": "^3.2.4", "@vitest/runner": "3.2.4", "@vitest/snapshot": "3.2.4", "@vitest/spy": "3.2.4", "@vitest/utils": "3.2.4", "chai": "^5.2.0", "debug": "^4.4.1", "expect-type": "^1.2.1", "magic-string": "^0.30.17", "pathe": "^2.0.3", "picomatch": "^4.0.2", "std-env": "^3.9.0", "tinybench": "^2.9.0", "tinyexec": "^0.3.2", "tinyglobby": "^0.2.14", "tinypool": "^1.1.1", "tinyrainbow": "^2.0.0", "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0", "vite-node": "3.2.4", "why-is-node-running": "^2.3.0" }, "peerDependencies": { "@edge-runtime/vm": "*", "@types/debug": "^4.1.12", "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0", "@vitest/browser": "3.2.4", "@vitest/ui": "3.2.4", "happy-dom": "*", "jsdom": "*" }, "optionalPeers": ["@edge-runtime/vm", "@types/debug", "@types/node", "@vitest/browser", "@vitest/ui", "happy-dom", "jsdom"], "bin": { "vitest": "vitest.mjs" } }, "sha512-LUCP5ev3GURDysTWiP47wRRUpLKMOfPh+yKTx3kVIEiu5KOMeqzpnYNsKyOoVrULivR8tLcks4+lga33Whn90A=="],
 
@@ -1755,13 +1769,23 @@
 
     "zod": ["zod@4.1.5", "", {}, "sha512-rcUUZqlLJgBC33IT3PNMgsCq6TzLQEG/Ei/KTCU0PedSWRMAXoOUN+4t/0H+Q8bdnLPdqUYnvboJT0bn/229qg=="],
 
-    "zod-to-json-schema": ["zod-to-json-schema@3.24.5", "", { "peerDependencies": { "zod": "^3.24.1" } }, "sha512-/AuWwMP+YqiPbsJx5D6TfgRTc4kTLjsh5SOcd4bLsfUg2RcEXrFMJl1DGgdHy2aCfsIA/cr/1JM0xcB2GZji8g=="],
+    "zod-to-json-schema": ["zod-to-json-schema@3.24.6", "", { "peerDependencies": { "zod": "^3.24.1" } }, "sha512-h/z3PKvcTcTetyjl1fkj79MHNEjm+HpD6NXheWjzOekY7kV+lwDYnHw+ivHkijnCSMz1yJaWBD9vu/Fcmk+vEg=="],
 
     "zod-to-ts": ["zod-to-ts@1.2.0", "", { "peerDependencies": { "typescript": "^4.9.4 || ^5.0.2", "zod": "^3" } }, "sha512-x30XE43V+InwGpvTySRNz9kB7qFU8DlyEy7BsSTCHPH1R0QasMmHWZDCzYm6bVXtj/9NNJAZF3jW8rzFvH5OFA=="],
 
     "zwitch": ["zwitch@2.0.4", "", {}, "sha512-bXE4cR/kVZhKZX/RjPEflHaKVhUVl85noU3v6b8apfQEc1x4A+zBxjZ4lN8LqGd6WZ3dl98pY4o717VFmoPp+A=="],
 
-    "@astrojs/react/@vitejs/plugin-react": ["@vitejs/plugin-react@4.5.0", "", { "dependencies": { "@babel/core": "^7.26.10", "@babel/plugin-transform-react-jsx-self": "^7.25.9", "@babel/plugin-transform-react-jsx-source": "^7.25.9", "@rolldown/pluginutils": "1.0.0-beta.9", "@types/babel__core": "^7.20.5", "react-refresh": "^0.17.0" }, "peerDependencies": { "vite": "^4.2.0 || ^5.0.0 || ^6.0.0" } }, "sha512-JuLWaEqypaJmOJPLWwO335Ig6jSgC1FTONCWAxnqcQthLTK/Yc9aH6hr9z/87xciejbQcnP3GnA1FWUSWeXaeg=="],
+    "@astrojs/markdown-remark/import-meta-resolve": ["import-meta-resolve@4.1.0", "", {}, "sha512-I6fiaX09Xivtk+THaMfAwnA3MVA5Big1WHF1Dfx9hFuvNIWpXnorlkzhcQf6ehrqQiiZECRt1poOAkPmer3ruw=="],
+
+    "@astrojs/markdown-remark/shiki": ["shiki@3.4.2", "", { "dependencies": { "@shikijs/core": "3.4.2", "@shikijs/engine-javascript": "3.4.2", "@shikijs/engine-oniguruma": "3.4.2", "@shikijs/langs": "3.4.2", "@shikijs/themes": "3.4.2", "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4" } }, "sha512-wuxzZzQG8kvZndD7nustrNFIKYJ1jJoWIPaBpVe2+KHSvtzMi4SBjOxrigs8qeqce/l3U0cwiC+VAkLKSunHQQ=="],
+
+    "@astrojs/markdown-remark/smol-toml": ["smol-toml@1.3.4", "", {}, "sha512-UOPtVuYkzYGee0Bd2Szz8d2G3RfMfJ2t3qVdZUAozZyAk+a0Sxa+QKix0YCwjL/A1RR0ar44nCxaoN9FxdJGwA=="],
+
+    "@astrojs/react/@vitejs/plugin-react": ["@vitejs/plugin-react@4.7.0", "", { "dependencies": { "@babel/core": "^7.28.0", "@babel/plugin-transform-react-jsx-self": "^7.27.1", "@babel/plugin-transform-react-jsx-source": "^7.27.1", "@rolldown/pluginutils": "1.0.0-beta.27", "@types/babel__core": "^7.20.5", "react-refresh": "^0.17.0" }, "peerDependencies": { "vite": "^4.2.0 || ^5.0.0 || ^6.0.0 || ^7.0.0" } }, "sha512-gUu9hwfWvvEDBBmgtAowQCojwZmJ5mcLn3aufeCsitijs3+f2NsrPtlAWIR6OPiqljl96GVCUbLe0HyqIpVaoA=="],
+
+    "@astrojs/react/vite": ["vite@6.3.6", "", { "dependencies": { "esbuild": "^0.25.0", "fdir": "^6.4.4", "picomatch": "^4.0.2", "postcss": "^8.5.3", "rollup": "^4.34.9", "tinyglobby": "^0.2.13" }, "optionalDependencies": { "fsevents": "~2.3.3" }, "peerDependencies": { "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0", "jiti": ">=1.21.0", "less": "*", "lightningcss": "^1.21.0", "sass": "*", "sass-embedded": "*", "stylus": "*", "sugarss": "*", "terser": "^5.16.0", "tsx": "^4.8.1", "yaml": "^2.4.2" }, "optionalPeers": ["@types/node", "jiti", "less", "lightningcss", "sass", "sass-embedded", "stylus", "sugarss", "terser", "tsx", "yaml"], "bin": { "vite": "bin/vite.js" } }, "sha512-0msEVHJEScQbhkbVTb/4iHZdJ6SXp/AvxL2sjwYQFfBqleHtnCqv1J3sa9zbWz/6kW1m9Tfzn92vW+kZ1WV6QA=="],
+
+    "@astrojs/telemetry/ci-info": ["ci-info@4.2.0", "", {}, "sha512-cYY9mypksY8NRqgDB1XD1RiJL338v/551niynFTGkZOO2LHuB2OmOYxDIe/ttN9AHwrqdum1360G3ald0W9kCg=="],
 
     "@babel/core/semver": ["semver@6.3.1", "", { "bin": { "semver": "bin/semver.js" } }, "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="],
 
@@ -1787,8 +1811,12 @@
 
     "@rollup/pluginutils/estree-walker": ["estree-walker@2.0.2", "", {}, "sha512-Rfkk/Mp/DL7JVje3u18FxFujQlTNR2q6QfMSMB7AvCBx91NGj/ba3kCfza0f6dVDbw7YlRf/nDrn7pQrCCyQ/w=="],
 
+    "@rollup/pluginutils/picomatch": ["picomatch@4.0.3", "", {}, "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q=="],
+
     "@tailwindcss/node/jiti": ["jiti@2.5.1", "", { "bin": { "jiti": "lib/jiti-cli.mjs" } }, "sha512-twQoecYPiVA5K/h6SxtORw/Bs3ar+mLUtoPSc7iMXzQzK8d7eJ/R09wmTwAjiamETn1cXYPGfNnu7DMoHgu12w=="],
 
+    "@tailwindcss/node/magic-string": ["magic-string@0.30.19", "", { "dependencies": { "@jridgewell/sourcemap-codec": "^1.5.5" } }, "sha512-2N21sPY9Ws53PZvsEpVtNuSW+ScYbQdp4b9qUaL+9QkHUrGFKo56Lg9Emg5s9V/qrtNBmiR01sYhUOwu3H+VOw=="],
+
     "@tailwindcss/oxide-wasm32-wasi/@emnapi/core": ["@emnapi/core@1.4.5", "", { "dependencies": { "@emnapi/wasi-threads": "1.0.4", "tslib": "^2.4.0" }, "bundled": true }, "sha512-XsLw1dEOpkSX/WucdqUhPWP7hDxSvZiY+fsUC14h+FtQ2Ifni4znbBt8punRX+Uj2JG/uDb8nEHVKvrVlvdZ5Q=="],
 
     "@tailwindcss/oxide-wasm32-wasi/@emnapi/runtime": ["@emnapi/runtime@1.4.5", "", { "dependencies": { "tslib": "^2.4.0" }, "bundled": true }, "sha512-++LApOtY0pEEz1zrd9vy1/zXVaVJJ/EbAF3u0fXIzPJEDtnITsBGbbK0EkM72amhl/R5b+5xx0Y/QhcVOpuulg=="],
@@ -1821,10 +1849,18 @@
 
     "anymatch/picomatch": ["picomatch@2.3.1", "", {}, "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA=="],
 
-    "astro/zod": ["zod@3.25.75", "", {}, "sha512-OhpzAmVzabPOL6C3A3gpAifqr9MqihV/Msx3gor2b2kviCgcb+HM9SEOpMWwwNp9MRunWnhtAKUoo0AHhjyPPg=="],
+    "astro/magic-string": ["magic-string@0.30.19", "", { "dependencies": { "@jridgewell/sourcemap-codec": "^1.5.5" } }, "sha512-2N21sPY9Ws53PZvsEpVtNuSW+ScYbQdp4b9qUaL+9QkHUrGFKo56Lg9Emg5s9V/qrtNBmiR01sYhUOwu3H+VOw=="],
+
+    "astro/picomatch": ["picomatch@4.0.3", "", {}, "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q=="],
+
+    "astro/vite": ["vite@6.3.6", "", { "dependencies": { "esbuild": "^0.25.0", "fdir": "^6.4.4", "picomatch": "^4.0.2", "postcss": "^8.5.3", "rollup": "^4.34.9", "tinyglobby": "^0.2.13" }, "optionalDependencies": { "fsevents": "~2.3.3" }, "peerDependencies": { "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0", "jiti": ">=1.21.0", "less": "*", "lightningcss": "^1.21.0", "sass": "*", "sass-embedded": "*", "stylus": "*", "sugarss": "*", "terser": "^5.16.0", "tsx": "^4.8.1", "yaml": "^2.4.2" }, "optionalPeers": ["@types/node", "jiti", "less", "lightningcss", "sass", "sass-embedded", "stylus", "sugarss", "terser", "tsx", "yaml"], "bin": { "vite": "bin/vite.js" } }, "sha512-0msEVHJEScQbhkbVTb/4iHZdJ6SXp/AvxL2sjwYQFfBqleHtnCqv1J3sa9zbWz/6kW1m9Tfzn92vW+kZ1WV6QA=="],
+
+    "astro/zod": ["zod@3.25.76", "", {}, "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ=="],
 
     "basic-auth/safe-buffer": ["safe-buffer@5.1.2", "", {}, "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="],
 
+    "better-auth/jose": ["jose@6.1.0", "", {}, "sha512-TTQJyoEoKcC1lscpVDCSsVgYzUDg/0Bt3WE//WiTPK6uOCQC2KZS4MpugbMWt/zyjkopgZoXhZuCi00gLudfUA=="],
+
     "body-parser/debug": ["debug@2.6.9", "", { "dependencies": { "ms": "2.0.0" } }, "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA=="],
 
     "body-parser/iconv-lite": ["iconv-lite@0.4.24", "", { "dependencies": { "safer-buffer": ">= 2.1.2 < 3" } }, "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA=="],
@@ -1841,6 +1877,10 @@
 
     "cmdk/@radix-ui/react-dialog": ["@radix-ui/react-dialog@1.1.14", "", { "dependencies": { "@radix-ui/primitive": "1.1.2", "@radix-ui/react-compose-refs": "1.1.2", "@radix-ui/react-context": "1.1.2", "@radix-ui/react-dismissable-layer": "1.1.10", "@radix-ui/react-focus-guards": "1.1.2", "@radix-ui/react-focus-scope": "1.1.7", "@radix-ui/react-id": "1.1.1", "@radix-ui/react-portal": "1.1.9", "@radix-ui/react-presence": "1.1.4", "@radix-ui/react-primitive": "2.1.3", "@radix-ui/react-slot": "1.2.3", "@radix-ui/react-use-controllable-state": "1.2.2", "aria-hidden": "^1.2.4", "react-remove-scroll": "^2.6.3" }, "peerDependencies": { "@types/react": "*", "@types/react-dom": "*", "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" }, "optionalPeers": ["@types/react", "@types/react-dom"] }, "sha512-+CpweKjqpzTmwRwcYECQcNYbI8V9VSQt0SNFKeEBLgfucbsLssU6Ppq7wUdNXEGb573bMjFhVjKVll8rmV6zMw=="],
 
+    "esast-util-from-js/acorn": ["acorn@8.14.1", "", { "bin": { "acorn": "bin/acorn" } }, "sha512-OvQ/2pUDKmgfCg++xsTX1wGxfTaszcHVcTctW4UJB4hibJx2HXxxO5UmVgyjMa+ZDsiaf5wWLXYpRWMmBI0QHg=="],
+
+    "estree-util-to-js/source-map": ["source-map@0.7.4", "", {}, "sha512-l3BikUxvPOcn5E74dZiq5BGsTb5yEwhaTSzccU6t4sDOH8NWJCstKO5QT2CvtFoK6F0saL7p9xHAqHOlCPJygA=="],
+
     "express/cookie": ["cookie@0.7.1", "", {}, "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w=="],
 
     "express/debug": ["debug@2.6.9", "", { "dependencies": { "ms": "2.0.0" } }, "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA=="],
@@ -1857,10 +1897,14 @@
 
     "magicast/@babel/types": ["@babel/types@7.27.3", "", { "dependencies": { "@babel/helper-string-parser": "^7.27.1", "@babel/helper-validator-identifier": "^7.27.1" } }, "sha512-Y1GkI4ktrtvmawoSq+4FCVHNryea6uR+qUQy0AGxLSsjCX0nVmkYQMBLHDkXZuo5hGx7eYdnIaslsdBFm7zbUw=="],
 
+    "micromark-extension-mdxjs/acorn": ["acorn@8.14.1", "", { "bin": { "acorn": "bin/acorn" } }, "sha512-OvQ/2pUDKmgfCg++xsTX1wGxfTaszcHVcTctW4UJB4hibJx2HXxxO5UmVgyjMa+ZDsiaf5wWLXYpRWMmBI0QHg=="],
+
     "micromatch/picomatch": ["picomatch@2.3.1", "", {}, "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA=="],
 
     "node-fetch/whatwg-url": ["whatwg-url@5.0.0", "", { "dependencies": { "tr46": "~0.0.3", "webidl-conversions": "^3.0.0" } }, "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw=="],
 
+    "ofetch/node-fetch-native": ["node-fetch-native@1.6.6", "", {}, "sha512-8Mc2HhqPdlIfedsuZoc3yioPuzp6b+L5jRCRY1QzuWZh2EGJVQrGppC6V6cF0bLdbW0+O2YpqCA25aF/1lvipQ=="],
+
     "parse-entities/@types/unist": ["@types/unist@2.0.11", "", {}, "sha512-CmBKiL6NNo/OqgmMn95Fk9Whlp2mtvIv+KNpQKN2F4SjvrEesubTRWGYSg+BnWZOnlCaSTU1sMpsBOzgbYhnsA=="],
 
     "pretty-format/ansi-styles": ["ansi-styles@5.2.0", "", {}, "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA=="],
@@ -1899,9 +1943,21 @@
 
     "yaml-language-server/yaml": ["yaml@2.2.2", "", {}, "sha512-CBKFWExMn46Foo4cldiChEzn7S7SRV+wqiluAb6xmueD/fGyRHIhX8m14vVGgeFWjN540nKCNVj6P21eQjgTuA=="],
 
-    "@astrojs/react/@vitejs/plugin-react/@babel/core": ["@babel/core@7.27.3", "", { "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.27.1", "@babel/generator": "^7.27.3", "@babel/helper-compilation-targets": "^7.27.2", "@babel/helper-module-transforms": "^7.27.3", "@babel/helpers": "^7.27.3", "@babel/parser": "^7.27.3", "@babel/template": "^7.27.2", "@babel/traverse": "^7.27.3", "@babel/types": "^7.27.3", "convert-source-map": "^2.0.0", "debug": "^4.1.0", "gensync": "^1.0.0-beta.2", "json5": "^2.2.3", "semver": "^6.3.1" } }, "sha512-hyrN8ivxfvJ4i0fIJuV4EOlV0WDMz5Ui4StRTgVaAvWeiRCilXgwVvxJKtFQ3TKtHgJscB2YiXKGNJuVwhQMtA=="],
+    "@astrojs/markdown-remark/shiki/@shikijs/core": ["@shikijs/core@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4", "hast-util-to-html": "^9.0.5" } }, "sha512-AG8vnSi1W2pbgR2B911EfGqtLE9c4hQBYkv/x7Z+Kt0VxhgQKcW7UNDVYsu9YxwV6u+OJrvdJrMq6DNWoBjihQ=="],
 
-    "@astrojs/react/@vitejs/plugin-react/@rolldown/pluginutils": ["@rolldown/pluginutils@1.0.0-beta.9", "", {}, "sha512-e9MeMtVWo186sgvFFJOPGy7/d2j2mZhLJIdVW0C/xDluuOvymEATqz6zKsP0ZmXGzQtqlyjz5sC1sYQUoJG98w=="],
+    "@astrojs/markdown-remark/shiki/@shikijs/engine-javascript": ["@shikijs/engine-javascript@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2", "oniguruma-to-es": "^4.3.3" } }, "sha512-1/adJbSMBOkpScCE/SB6XkjJU17ANln3Wky7lOmrnpl+zBdQ1qXUJg2GXTYVHRq+2j3hd1DesmElTXYDgtfSOQ=="],
+
+    "@astrojs/markdown-remark/shiki/@shikijs/engine-oniguruma": ["@shikijs/engine-oniguruma@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2", "@shikijs/vscode-textmate": "^10.0.2" } }, "sha512-zcZKMnNndgRa3ORja6Iemsr3DrLtkX3cAF7lTJkdMB6v9alhlBsX9uNiCpqofNrXOvpA3h6lHcLJxgCIhVOU5Q=="],
+
+    "@astrojs/markdown-remark/shiki/@shikijs/langs": ["@shikijs/langs@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2" } }, "sha512-H6azIAM+OXD98yztIfs/KH5H4PU39t+SREhmM8LaNXyUrqj2mx+zVkr8MWYqjceSjDw9I1jawm1WdFqU806rMA=="],
+
+    "@astrojs/markdown-remark/shiki/@shikijs/themes": ["@shikijs/themes@3.4.2", "", { "dependencies": { "@shikijs/types": "3.4.2" } }, "sha512-qAEuAQh+brd8Jyej2UDDf+b4V2g1Rm8aBIdvt32XhDPrHvDkEnpb7Kzc9hSuHUxz0Iuflmq7elaDuQAP9bHIhg=="],
+
+    "@astrojs/markdown-remark/shiki/@shikijs/types": ["@shikijs/types@3.4.2", "", { "dependencies": { "@shikijs/vscode-textmate": "^10.0.2", "@types/hast": "^3.0.4" } }, "sha512-zHC1l7L+eQlDXLnxvM9R91Efh2V4+rN3oMVS2swCBssbj2U/FBwybD1eeLaq8yl/iwT+zih8iUbTBCgGZOYlVg=="],
+
+    "@astrojs/react/@vitejs/plugin-react/@rolldown/pluginutils": ["@rolldown/pluginutils@1.0.0-beta.27", "", {}, "sha512-+d0F4MKMCbeVUJwG96uQ4SgAznZNSq93I3V+9NHA4OpvqG8mRCpGdKmK8l/dl02h2CCDHwW2FqilnTyDcAnqjA=="],
+
+    "@astrojs/react/vite/picomatch": ["picomatch@4.0.3", "", {}, "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q=="],
 
     "@babel/helper-compilation-targets/lru-cache/yallist": ["yallist@3.1.1", "", {}, "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g=="],
 
@@ -1909,8 +1965,12 @@
 
     "@babel/helper-module-imports/@babel/traverse/@babel/parser": ["@babel/parser@7.27.3", "", { "dependencies": { "@babel/types": "^7.27.3" }, "bin": "./bin/babel-parser.js" }, "sha512-xyYxRj6+tLNDTWi0KCBcZ9V7yg3/lwL9DWh9Uwh/RIVlIfFidggcgxKX3GCXwCiswwcGRawBKbEg2LG/Y8eJhw=="],
 
+    "@tailwindcss/node/magic-string/@jridgewell/sourcemap-codec": ["@jridgewell/sourcemap-codec@1.5.5", "", {}, "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og=="],
+
     "accepts/mime-types/mime-db": ["mime-db@1.52.0", "", {}, "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg=="],
 
+    "astro/magic-string/@jridgewell/sourcemap-codec": ["@jridgewell/sourcemap-codec@1.5.5", "", {}, "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og=="],
+
     "body-parser/debug/ms": ["ms@2.0.0", "", {}, "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="],
 
     "boxen/string-width/emoji-regex": ["emoji-regex@10.4.0", "", {}, "sha512-EC+0oUMY1Rqm4O6LLrgjtYDvcVYTy7chDnM4Q7030tP4Kwj3u/pR6gP9ygnp2CJMK5Gq+9Q2oqmrFJAz01DXjw=="],
@@ -1961,20 +2021,6 @@
 
     "yaml-language-server/vscode-languageserver/vscode-languageserver-protocol": ["vscode-languageserver-protocol@3.16.0", "", { "dependencies": { "vscode-jsonrpc": "6.0.0", "vscode-languageserver-types": "3.16.0" } }, "sha512-sdeUoAawceQdgIfTI+sdcwkiK2KU+2cbEYA0agzM2uqaUy2UpnnGHtWTHVEtS0ES4zHU0eMFRGN+oQgDxlD66A=="],
 
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/@babel/generator": ["@babel/generator@7.27.3", "", { "dependencies": { "@babel/parser": "^7.27.3", "@babel/types": "^7.27.3", "@jridgewell/gen-mapping": "^0.3.5", "@jridgewell/trace-mapping": "^0.3.25", "jsesc": "^3.0.2" } }, "sha512-xnlJYj5zepml8NXtjkG0WquFUv8RskFqyFcVgTBp5k+NaA/8uw/K+OSVf8AMGw5e9HKP2ETd5xpK5MLZQD6b4Q=="],
-
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/@babel/helper-module-transforms": ["@babel/helper-module-transforms@7.27.3", "", { "dependencies": { "@babel/helper-module-imports": "^7.27.1", "@babel/helper-validator-identifier": "^7.27.1", "@babel/traverse": "^7.27.3" }, "peerDependencies": { "@babel/core": "^7.0.0" } }, "sha512-dSOvYwvyLsWBeIRyOeHXp5vPj5l1I011r52FM1+r1jCERv+aFXYk4whgQccYEGYxK2H3ZAIA8nuPkQ0HaUo3qg=="],
-
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/@babel/helpers": ["@babel/helpers@7.27.3", "", { "dependencies": { "@babel/template": "^7.27.2", "@babel/types": "^7.27.3" } }, "sha512-h/eKy9agOya1IGuLaZ9tEUgz+uIRXcbtOhRtUyyMf8JFmn1iT13vnl/IGVWSkdOCG/pC57U4S1jnAabAavTMwg=="],
-
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/@babel/parser": ["@babel/parser@7.27.3", "", { "dependencies": { "@babel/types": "^7.27.3" }, "bin": "./bin/babel-parser.js" }, "sha512-xyYxRj6+tLNDTWi0KCBcZ9V7yg3/lwL9DWh9Uwh/RIVlIfFidggcgxKX3GCXwCiswwcGRawBKbEg2LG/Y8eJhw=="],
-
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/@babel/traverse": ["@babel/traverse@7.27.3", "", { "dependencies": { "@babel/code-frame": "^7.27.1", "@babel/generator": "^7.27.3", "@babel/parser": "^7.27.3", "@babel/template": "^7.27.2", "@babel/types": "^7.27.3", "debug": "^4.3.1", "globals": "^11.1.0" } }, "sha512-lId/IfN/Ye1CIu8xG7oKBHXd2iNb2aW1ilPszzGcJug6M8RCKfVNcYhpI5+bMvFYjK7lXIM0R+a+6r8xhHp2FQ=="],
-
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/@babel/types": ["@babel/types@7.27.3", "", { "dependencies": { "@babel/helper-string-parser": "^7.27.1", "@babel/helper-validator-identifier": "^7.27.1" } }, "sha512-Y1GkI4ktrtvmawoSq+4FCVHNryea6uR+qUQy0AGxLSsjCX0nVmkYQMBLHDkXZuo5hGx7eYdnIaslsdBFm7zbUw=="],
-
-    "@astrojs/react/@vitejs/plugin-react/@babel/core/semver": ["semver@6.3.1", "", { "bin": { "semver": "bin/semver.js" } }, "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="],
-
     "boxen/string-width/strip-ansi/ansi-regex": ["ansi-regex@6.1.0", "", {}, "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA=="],
 
     "serve-static/send/debug/ms": ["ms@2.0.0", "", {}, "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="],

docker-compose.yml

@@ -57,6 +57,7 @@ services:
       - SCHEDULE_ENABLED=${SCHEDULE_ENABLED:-false}
       - GITEA_MIRROR_INTERVAL=${GITEA_MIRROR_INTERVAL:-8h}
       - AUTO_IMPORT_REPOS=${AUTO_IMPORT_REPOS:-true}
+      - AUTO_MIRROR_REPOS=${AUTO_MIRROR_REPOS:-false}
       # Repository Cleanup Configuration
       - CLEANUP_DELETE_IF_NOT_IN_GITHUB=${CLEANUP_DELETE_IF_NOT_IN_GITHUB:-false}
       - CLEANUP_ORPHANED_REPO_ACTION=${CLEANUP_ORPHANED_REPO_ACTION:-archive}

docker-entrypoint.sh

@@ -172,6 +172,7 @@ if [ ! -f "/app/data/gitea-mirror.db" ]; then
       owner TEXT NOT NULL,
       organization TEXT,
       mirrored_location TEXT DEFAULT '',
+      destination_org TEXT,
       is_private INTEGER NOT NULL DEFAULT 0,
       is_fork INTEGER NOT NULL DEFAULT 0,
       forked_from TEXT,
@@ -181,6 +182,8 @@ if [ ! -f "/app/data/gitea-mirror.db" ]; then
       size INTEGER NOT NULL DEFAULT 0,
       has_lfs INTEGER NOT NULL DEFAULT 0,
       has_submodules INTEGER NOT NULL DEFAULT 0,
+      language TEXT,
+      description TEXT,
       default_branch TEXT NOT NULL,
       visibility TEXT NOT NULL DEFAULT 'public',
       status TEXT NOT NULL DEFAULT 'imported',
@@ -192,6 +195,8 @@ if [ ! -f "/app/data/gitea-mirror.db" ]; then
       FOREIGN KEY (config_id) REFERENCES configs(id)
     );
 
+    -- Uniqueness of (user_id, full_name) for repositories is enforced via drizzle migrations
+
     CREATE TABLE IF NOT EXISTS organizations (
       id TEXT PRIMARY KEY,
       user_id TEXT NOT NULL,

docs/ENVIRONMENT_VARIABLES.md

@@ -195,6 +195,7 @@ Configure automatic scheduled mirroring.
 | Variable | Description | Default | Options |
 |----------|-------------|---------|---------|
 | `AUTO_IMPORT_REPOS` | Automatically discover and import new GitHub repositories during scheduled syncs | `true` | `true`, `false` |
+| `AUTO_MIRROR_REPOS` | Automatically mirror newly imported repositories during scheduled syncs (no manual “Mirror All” required) | `false` | `true`, `false` |
 | `SCHEDULE_ONLY_MIRROR_UPDATED` | Only mirror repos with updates | `false` | `true`, `false` |
 | `SCHEDULE_UPDATE_INTERVAL` | Check for updates interval (milliseconds) | `86400000` | Number |
 | `SCHEDULE_SKIP_RECENTLY_MIRRORED` | Skip recently mirrored repos | `true` | `true`, `false` |
@@ -407,4 +408,4 @@ BETTER_AUTH_TRUSTED_ORIGINS=http://localhost:3000,http://192.168.1.100:3000
    - `admin:org` (read organization data)
    - Additional scopes may be required for specific features
 
-For more examples and detailed configuration, see the `.env.example` file in the repository.
+For more examples and detailed configuration, see the `.env.example` file in the repository.

docs/SSO_TESTING.md

@@ -29,6 +29,8 @@ This guide explains how to test SSO authentication locally with Gitea Mirror.
      - Client Secret: (from Google Console)
    - Save the provider
 
+   Note: Provider creation uses Better Auth's SSO registration under the hood. Do not call the legacy `POST /api/sso/providers` endpoint directly; it is deprecated and reserved for internal mirroring. Use the UI or Better Auth client/server registration APIs instead.
+
 ## Option 2: Using Keycloak (Local Identity Provider)
 
 ### Setup with Docker:
@@ -113,8 +115,8 @@ npm start
 
 2. **Provider not showing in login**
    - Check browser console for errors
-   - Verify provider was saved successfully
-   - Check `/api/sso/providers` returns your providers
+   - Verify provider was saved successfully (via UI)
+   - Check `/api/sso/providers` (or `/api/sso/providers/public`) returns your providers. This list mirrors what was registered with Better Auth.
 
 3. **Redirect URI mismatch**
    - Ensure the redirect URI in your OAuth app matches exactly:
@@ -190,4 +192,4 @@ After successful SSO setup:
 1. Test user attribute mapping
 2. Configure role-based access
 3. Set up SAML if needed
-4. Test with your organization's actual IdP
+4. Test with your organization's actual IdP

drizzle/0003_open_spacker_dave.sql

@@ -0,0 +1,3 @@
+ALTER TABLE `organizations` ADD `public_repository_count` integer;--> statement-breakpoint
+ALTER TABLE `organizations` ADD `private_repository_count` integer;--> statement-breakpoint
+ALTER TABLE `organizations` ADD `fork_repository_count` integer;

drizzle/0004_grey_butterfly.sql

@@ -0,0 +1,18 @@
+CREATE TABLE `rate_limits` (
+	`id` text PRIMARY KEY NOT NULL,
+	`user_id` text NOT NULL,
+	`provider` text DEFAULT 'github' NOT NULL,
+	`limit` integer NOT NULL,
+	`remaining` integer NOT NULL,
+	`used` integer NOT NULL,
+	`reset` integer NOT NULL,
+	`retry_after` integer,
+	`status` text DEFAULT 'ok' NOT NULL,
+	`last_checked` integer NOT NULL,
+	`created_at` integer DEFAULT (unixepoch()) NOT NULL,
+	`updated_at` integer DEFAULT (unixepoch()) NOT NULL,
+	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE no action
+);
+--> statement-breakpoint
+CREATE INDEX `idx_rate_limits_user_provider` ON `rate_limits` (`user_id`,`provider`);--> statement-breakpoint
+CREATE INDEX `idx_rate_limits_status` ON `rate_limits` (`status`);

drizzle/0005_polite_preak.sql

@@ -0,0 +1 @@
+CREATE UNIQUE INDEX `uniq_repositories_user_full_name` ON `repositories` (`user_id`,`full_name`);

drizzle/0006_illegal_spyke.sql

@@ -0,0 +1 @@
+ALTER TABLE `sso_providers` ADD `saml_config` text;

drizzle/meta/_journal.json

@@ -22,6 +22,34 @@
       "when": 1753539600567,
       "tag": "0002_bored_captain_cross",
       "breakpoints": true
+    },
+    {
+      "idx": 3,
+      "version": "6",
+      "when": 1757390828679,
+      "tag": "0003_open_spacker_dave",
+      "breakpoints": true
+    },
+    {
+      "idx": 4,
+      "version": "6",
+      "when": 1757392620734,
+      "tag": "0004_grey_butterfly",
+      "breakpoints": true
+    },
+    {
+      "idx": 5,
+      "version": "6",
+      "when": 1757786449446,
+      "tag": "0005_polite_preak",
+      "breakpoints": true
+    },
+    {
+      "idx": 6,
+      "version": "6",
+      "when": 1757825311459,
+      "tag": "0006_illegal_spyke",
+      "breakpoints": true
     }
   ]
 }

package.json

@@ -1,7 +1,7 @@
 {
   "name": "gitea-mirror",
   "type": "module",
-  "version": "3.5.4",
+  "version": "3.7.1",
   "engines": {
     "bun": ">=1.2.9"
   },
@@ -43,10 +43,11 @@
   },
   "dependencies": {
     "@astrojs/check": "^0.9.4",
-    "@astrojs/mdx": "4.3.4",
+    "@astrojs/mdx": "4.3.5",
     "@astrojs/node": "9.4.3",
-    "@astrojs/react": "^4.3.0",
-    "@better-auth/sso": "^1.3.8",
+    "@astrojs/react": "^4.3.1",
+    "@better-auth/sso": "^1.3.9",
+    "@octokit/plugin-throttling": "^11.0.1",
     "@octokit/rest": "^22.0.0",
     "@radix-ui/react-accordion": "^1.2.12",
     "@radix-ui/react-avatar": "^1.1.10",
@@ -57,6 +58,7 @@
     "@radix-ui/react-hover-card": "^1.1.15",
     "@radix-ui/react-label": "^2.1.7",
     "@radix-ui/react-popover": "^1.1.15",
+    "@radix-ui/react-progress": "^1.1.7",
     "@radix-ui/react-radio-group": "^1.3.8",
     "@radix-ui/react-scroll-area": "^1.2.10",
     "@radix-ui/react-select": "^2.2.6",
@@ -65,19 +67,19 @@
     "@radix-ui/react-switch": "^1.2.6",
     "@radix-ui/react-tabs": "^1.1.13",
     "@radix-ui/react-tooltip": "^1.2.8",
-    "@tailwindcss/vite": "^4.1.12",
+    "@tailwindcss/vite": "^4.1.13",
     "@tanstack/react-virtual": "^3.13.12",
     "@types/canvas-confetti": "^1.9.0",
     "@types/react": "^19.1.12",
     "@types/react-dom": "^19.1.9",
-    "astro": "^5.13.4",
+    "astro": "^5.13.7",
     "bcryptjs": "^3.0.2",
-    "better-auth": "^1.3.8",
+    "better-auth": "^1.3.9",
     "canvas-confetti": "^1.9.3",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "cmdk": "^1.1.1",
-    "dotenv": "^17.2.1",
+    "dotenv": "^17.2.2",
     "drizzle-orm": "^0.44.5",
     "fuse.js": "^7.1.0",
     "jsonwebtoken": "^9.0.2",
@@ -88,10 +90,10 @@
     "react-icons": "^5.5.0",
     "sonner": "^2.0.7",
     "tailwind-merge": "^3.3.1",
-    "tailwindcss": "^4.1.12",
-    "tw-animate-css": "^1.3.7",
+    "tailwindcss": "^4.1.13",
+    "tw-animate-css": "^1.3.8",
     "typescript": "^5.9.2",
-    "uuid": "^11.1.0",
+    "uuid": "^13.0.0",
     "vaul": "^1.1.2",
     "zod": "^4.1.5"
   },

src/components/auth/LoginForm.tsx

@@ -70,6 +70,8 @@ export function LoginForm() {
         domain: domain,
         providerId: providerId,
         callbackURL: `${baseURL}/`,
+        errorCallbackURL: `${baseURL}/auth-error`,
+        newUserCallbackURL: `${baseURL}/`,
         scopes: ['openid', 'email', 'profile'], // TODO: This is not being respected by the SSO plugin.
       });
     } catch (error) {

src/components/config/GitHubMirrorSettings.tsx

@@ -15,11 +15,11 @@ import {
   PopoverContent,
   PopoverTrigger,
 } from "@/components/ui/popover";
-import { 
-  Info, 
-  GitBranch, 
-  Star, 
-  Lock, 
+import {
+  Info,
+  GitBranch,
+  Star,
+  Lock,
   Archive,
   GitPullRequest,
   Tag,
@@ -30,9 +30,17 @@ import {
   GitFork,
   ChevronDown,
   Funnel,
-  HardDrive
+  HardDrive,
+  FileCode2
 } from "lucide-react";
-import type { GitHubConfig, MirrorOptions, AdvancedOptions } from "@/types/config";
+import type { GitHubConfig, MirrorOptions, AdvancedOptions, DuplicateNameStrategy } from "@/types/config";
+import {
+  Select,
+  SelectContent,
+  SelectItem,
+  SelectTrigger,
+  SelectValue,
+} from "@/components/ui/select";
 import { cn } from "@/lib/utils";
 
 interface GitHubMirrorSettingsProps {
@@ -53,7 +61,7 @@ export function GitHubMirrorSettings({
   onAdvancedOptionsChange,
 }: GitHubMirrorSettingsProps) {
   
-  const handleGitHubChange = (field: keyof GitHubConfig, value: boolean) => {
+  const handleGitHubChange = (field: keyof GitHubConfig, value: boolean | string) => {
     onGitHubConfigChange({ ...githubConfig, [field]: value });
   };
 
@@ -278,6 +286,40 @@ export function GitHubMirrorSettings({
               </Popover>
             </div>
           </div>
+
+          {/* Duplicate name handling for starred repos */}
+          {githubConfig.mirrorStarred && (
+            <div className="mt-4 space-y-2">
+              <Label className="text-xs font-medium text-muted-foreground">
+                Duplicate name handling
+              </Label>
+              <div className="flex items-center gap-3">
+                <FileCode2 className="h-4 w-4 text-muted-foreground" />
+                <div className="flex-1">
+                  <p className="text-sm">Name collision strategy</p>
+                  <p className="text-xs text-muted-foreground">
+                    How to handle repos with the same name from different owners
+                  </p>
+                </div>
+                <Select
+                  value={githubConfig.starredDuplicateStrategy || "suffix"}
+                  onValueChange={(value) => handleGitHubChange('starredDuplicateStrategy', value as DuplicateNameStrategy)}
+                >
+                  <SelectTrigger className="w-[180px] h-8 text-xs">
+                    <SelectValue placeholder="Select strategy" />
+                  </SelectTrigger>
+                  <SelectContent align="end">
+                    <SelectItem value="suffix" className="text-xs">
+                      <span className="font-mono">repo-owner</span>
+                    </SelectItem>
+                    <SelectItem value="prefix" className="text-xs">
+                      <span className="font-mono">owner-repo</span>
+                    </SelectItem>
+                  </SelectContent>
+                </Select>
+              </div>
+            </div>
+          )}
         </div>
       </div>
 
@@ -596,4 +638,4 @@ export function GitHubMirrorSettings({
       </div>
     </div>
   );
-}
+}

src/components/config/SSOSettings.tsx

@@ -14,6 +14,7 @@ import { Badge } from '../ui/badge';
 import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs';
 import { Textarea } from '@/components/ui/textarea';
 import { MultiSelect } from '@/components/ui/multi-select';
+import { authClient } from '@/lib/auth-client';
 
 function isTrustedIssuer(issuer: string, allowedHosts: string[]): boolean {
   try {
@@ -158,50 +159,146 @@ export function SSOSettings() {
   const createProvider = async () => {
     setAddingProvider(true);
     try {
-      const requestData: any = {
-        providerId: providerForm.providerId,
-        issuer: providerForm.issuer,
-        domain: providerForm.domain,
-        organizationId: providerForm.organizationId || undefined,
-        providerType,
-      };
-
-      if (providerType === 'oidc') {
-        requestData.clientId = providerForm.clientId;
-        requestData.clientSecret = providerForm.clientSecret;
-        requestData.authorizationEndpoint = providerForm.authorizationEndpoint;
-        requestData.tokenEndpoint = providerForm.tokenEndpoint;
-        requestData.jwksEndpoint = providerForm.jwksEndpoint;
-        requestData.userInfoEndpoint = providerForm.userInfoEndpoint;
-        requestData.discoveryEndpoint = providerForm.discoveryEndpoint;
-        requestData.scopes = providerForm.scopes;
-        requestData.pkce = providerForm.pkce;
-      } else {
-        requestData.entryPoint = providerForm.entryPoint;
-        requestData.cert = providerForm.cert;
-        requestData.callbackUrl = providerForm.callbackUrl || `${window.location.origin}/api/auth/sso/saml2/callback/${providerForm.providerId}`;
-        requestData.audience = providerForm.audience || window.location.origin;
-        requestData.wantAssertionsSigned = providerForm.wantAssertionsSigned;
-        requestData.signatureAlgorithm = providerForm.signatureAlgorithm;
-        requestData.digestAlgorithm = providerForm.digestAlgorithm;
-        requestData.identifierFormat = providerForm.identifierFormat;
-      }
-
       if (editingProvider) {
-        // Update existing provider
-        const updatedProvider = await apiRequest<SSOProvider>(`/sso/providers?id=${editingProvider.id}`, {
-          method: 'PUT',
-          data: requestData,
-        });
-        setProviders(providers.map(p => p.id === editingProvider.id ? updatedProvider : p));
-        toast.success('SSO provider updated successfully');
+        // Delete and recreate to align with Better Auth docs
+        try {
+          await apiRequest(`/sso/providers?id=${editingProvider.id}`, { method: 'DELETE' });
+        } catch (e) {
+          // Continue even if local delete fails; registration will mirror latest
+          console.warn('Failed to delete local provider before recreate', e);
+        }
+
+        // Recreate via Better Auth registration
+        try {
+          if (providerType === 'oidc') {
+            await authClient.sso.register({
+              providerId: providerForm.providerId,
+              issuer: providerForm.issuer,
+              domain: providerForm.domain,
+              organizationId: providerForm.organizationId || undefined,
+              oidcConfig: {
+                clientId: providerForm.clientId || undefined,
+                clientSecret: providerForm.clientSecret || undefined,
+                authorizationEndpoint: providerForm.authorizationEndpoint || undefined,
+                tokenEndpoint: providerForm.tokenEndpoint || undefined,
+                jwksEndpoint: providerForm.jwksEndpoint || undefined,
+                userInfoEndpoint: providerForm.userInfoEndpoint || undefined,
+                discoveryEndpoint: providerForm.discoveryEndpoint || undefined,
+                scopes: providerForm.scopes,
+                pkce: providerForm.pkce,
+              },
+              mapping: {
+                id: 'sub',
+                email: 'email',
+                emailVerified: 'email_verified',
+                name: 'name',
+                image: 'picture',
+              },
+            } as any);
+          } else {
+            await authClient.sso.register({
+              providerId: providerForm.providerId,
+              issuer: providerForm.issuer,
+              domain: providerForm.domain,
+              organizationId: providerForm.organizationId || undefined,
+              samlConfig: {
+                entryPoint: providerForm.entryPoint,
+                cert: providerForm.cert,
+                callbackUrl:
+                  providerForm.callbackUrl ||
+                  `${window.location.origin}/api/auth/sso/saml2/callback/${providerForm.providerId}`,
+                audience: providerForm.audience || window.location.origin,
+                wantAssertionsSigned: providerForm.wantAssertionsSigned,
+                signatureAlgorithm: providerForm.signatureAlgorithm,
+                digestAlgorithm: providerForm.digestAlgorithm,
+                identifierFormat: providerForm.identifierFormat,
+              },
+              mapping: {
+                id: 'nameID',
+                email: 'email',
+                name: 'displayName',
+                firstName: 'givenName',
+                lastName: 'surname',
+              },
+            } as any);
+          }
+          toast.success('SSO provider recreated');
+        } catch (e: any) {
+          console.error('Recreate failed', e);
+          const msg = typeof e?.message === 'string' ? e.message : String(e);
+          // Common case: providerId already exists in Better Auth
+          if (msg.toLowerCase().includes('already exists')) {
+            toast.error('Provider ID already exists in auth server. Choose a new Provider ID and try again.');
+          } else {
+            showErrorToast(e, toast);
+          }
+        }
+
+        // Refresh providers from our API after registration mirrors into DB
+        const refreshed = await apiRequest<SSOProvider[] | { providers: SSOProvider[] }>(
+          '/sso/providers'
+        );
+        setProviders(Array.isArray(refreshed) ? refreshed : refreshed?.providers || []);
       } else {
-        // Create new provider
-        const newProvider = await apiRequest<SSOProvider>('/sso/providers', {
-          method: 'POST',
-          data: requestData,
-        });
-        setProviders([...providers, newProvider]);
+        // Create new provider - follow Better Auth docs using the SSO client
+        if (providerType === 'oidc') {
+          await authClient.sso.register({
+            providerId: providerForm.providerId,
+            issuer: providerForm.issuer,
+            domain: providerForm.domain,
+            organizationId: providerForm.organizationId || undefined,
+            oidcConfig: {
+              clientId: providerForm.clientId || undefined,
+              clientSecret: providerForm.clientSecret || undefined,
+              authorizationEndpoint: providerForm.authorizationEndpoint || undefined,
+              tokenEndpoint: providerForm.tokenEndpoint || undefined,
+              jwksEndpoint: providerForm.jwksEndpoint || undefined,
+              userInfoEndpoint: providerForm.userInfoEndpoint || undefined,
+              discoveryEndpoint: providerForm.discoveryEndpoint || undefined,
+              scopes: providerForm.scopes,
+              pkce: providerForm.pkce,
+            },
+            mapping: {
+              id: 'sub',
+              email: 'email',
+              emailVerified: 'email_verified',
+              name: 'name',
+              image: 'picture',
+            },
+          } as any);
+        } else {
+          await authClient.sso.register({
+            providerId: providerForm.providerId,
+            issuer: providerForm.issuer,
+            domain: providerForm.domain,
+            organizationId: providerForm.organizationId || undefined,
+            samlConfig: {
+              entryPoint: providerForm.entryPoint,
+              cert: providerForm.cert,
+              callbackUrl:
+                providerForm.callbackUrl ||
+                `${window.location.origin}/api/auth/sso/saml2/callback/${providerForm.providerId}`,
+              audience: providerForm.audience || window.location.origin,
+              wantAssertionsSigned: providerForm.wantAssertionsSigned,
+              signatureAlgorithm: providerForm.signatureAlgorithm,
+              digestAlgorithm: providerForm.digestAlgorithm,
+              identifierFormat: providerForm.identifierFormat,
+            },
+            mapping: {
+              id: 'nameID',
+              email: 'email',
+              name: 'displayName',
+              firstName: 'givenName',
+              lastName: 'surname',
+            },
+          } as any);
+        }
+
+        // Refresh providers from our API after registration mirrors into DB
+        const refreshed = await apiRequest<SSOProvider[] | { providers: SSOProvider[] }>(
+          '/sso/providers'
+        );
+        setProviders(Array.isArray(refreshed) ? refreshed : refreshed?.providers || []);
         toast.success('SSO provider created successfully');
       }
 
@@ -724,4 +821,4 @@ export function SSOSettings() {
       </Card>
     </div>
   );
-}
+}

src/components/dashboard/Dashboard.tsx

@@ -9,6 +9,7 @@ import { apiRequest, showErrorToast } from "@/lib/utils";
 import type { DashboardApiResponse } from "@/types/dashboard";
 import { useSSE } from "@/hooks/useSEE";
 import { toast } from "sonner";
+import { useEffect as useEffectForToasts } from "react";
 import { Skeleton } from "@/components/ui/skeleton";
 import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
 import { useLiveRefresh } from "@/hooks/useLiveRefresh";
@@ -105,6 +106,51 @@ export function Dashboard() {
     onMessage: handleNewMessage,
   });
 
+  // Setup rate limit event listener for toast notifications
+  useEffectForToasts(() => {
+    if (!user?.id) return;
+
+    const eventSource = new EventSource(`/api/events?userId=${user.id}`);
+    
+    eventSource.addEventListener("rate-limit", (event) => {
+      try {
+        const data = JSON.parse(event.data);
+        
+        switch (data.type) {
+          case "warning":
+            // 80% threshold warning
+            toast.warning("GitHub API Rate Limit Warning", {
+              description: data.message,
+              duration: 8000,
+            });
+            break;
+            
+          case "exceeded":
+            // 100% rate limit exceeded
+            toast.error("GitHub API Rate Limit Exceeded", {
+              description: data.message,
+              duration: 10000,
+            });
+            break;
+            
+          case "resumed":
+            // Rate limit reset notification
+            toast.success("Rate Limit Reset", {
+              description: "API operations have resumed.",
+              duration: 5000,
+            });
+            break;
+        }
+      } catch (error) {
+        console.error("Error parsing rate limit event:", error);
+      }
+    });
+
+    return () => {
+      eventSource.close();
+    };
+  }, [user?.id]);
+
   // Extract fetchDashboardData as a stable callback
   const fetchDashboardData = useCallback(async (showToast = false) => {
     try {

src/components/ui/progress.tsx

@@ -0,0 +1,30 @@
+import * as React from "react"
+import * as ProgressPrimitive from "@radix-ui/react-progress"
+
+import { cn } from "@/lib/utils"
+
+interface ProgressProps extends React.ComponentPropsWithoutRef<typeof ProgressPrimitive.Root> {
+  indicatorClassName?: string
+}
+
+const Progress = React.forwardRef<
+  React.ElementRef<typeof ProgressPrimitive.Root>,
+  ProgressProps
+>(({ className, value, indicatorClassName, ...props }, ref) => (
+  <ProgressPrimitive.Root
+    ref={ref}
+    className={cn(
+      "relative h-4 w-full overflow-hidden rounded-full bg-secondary",
+      className
+    )}
+    {...props}
+  >
+    <ProgressPrimitive.Indicator
+      className={cn("h-full w-full flex-1 bg-primary transition-all", indicatorClassName)}
+      style={{ transform: `translateX(-${100 - (value || 0)}%)` }}
+    />
+  </ProgressPrimitive.Root>
+))
+Progress.displayName = ProgressPrimitive.Root.displayName
+
+export { Progress }

src/lib/db/index.ts

@@ -82,5 +82,6 @@ export {
   oauthApplications,
   oauthAccessTokens,
   oauthConsent,
-  ssoProviders
+  ssoProviders,
+  rateLimits
 } from "./schema";

src/lib/db/schema.ts

@@ -1,5 +1,5 @@
 import { z } from "zod";
-import { sqliteTable, text, integer, index } from "drizzle-orm/sqlite-core";
+import { sqliteTable, text, integer, index, uniqueIndex } from "drizzle-orm/sqlite-core";
 import { sql } from "drizzle-orm";
 
 // ===== Zod Validation Schemas =====
@@ -28,6 +28,7 @@ export const githubConfigSchema = z.object({
   mirrorStrategy: z.enum(["preserve", "single-org", "flat-user", "mixed"]).default("preserve"),
   defaultOrg: z.string().optional(),
   skipStarredIssues: z.boolean().default(false),
+  starredDuplicateStrategy: z.enum(["suffix", "prefix", "owner-org"]).default("suffix").optional(),
 });
 
 export const giteaConfigSchema = z.object({
@@ -80,6 +81,8 @@ export const scheduleConfigSchema = z.object({
   updateInterval: z.number().default(86400000),
   skipRecentlyMirrored: z.boolean().default(true),
   recentThreshold: z.number().default(3600000),
+  autoImport: z.boolean().default(true),
+  autoMirror: z.boolean().default(false),
   lastRun: z.coerce.date().optional(),
   nextRun: z.coerce.date().optional(),
 });
@@ -151,6 +154,7 @@ export const repositorySchema = z.object({
       "deleted",
       "syncing",
       "synced",
+      "archived",
     ])
     .default("imported"),
   lastMirrored: z.coerce.date().optional().nullable(),
@@ -180,6 +184,7 @@ export const mirrorJobSchema = z.object({
       "deleted",
       "syncing",
       "synced",
+      "archived",
     ])
     .default("imported"),
   message: z.string(),
@@ -379,6 +384,7 @@ export const repositories = sqliteTable("repositories", {
   index("idx_repositories_organization").on(table.organization),
   index("idx_repositories_is_fork").on(table.isForked),
   index("idx_repositories_is_starred").on(table.isStarred),
+  uniqueIndex("uniq_repositories_user_full_name").on(table.userId, table.fullName),
 ]);
 
 export const mirrorJobs = sqliteTable("mirror_jobs", {
@@ -445,6 +451,9 @@ export const organizations = sqliteTable("organizations", {
   errorMessage: text("error_message"),
 
   repositoryCount: integer("repository_count").notNull().default(0),
+  publicRepositoryCount: integer("public_repository_count"),
+  privateRepositoryCount: integer("private_repository_count"),
+  forkRepositoryCount: integer("fork_repository_count"),
 
   createdAt: integer("created_at", { mode: "timestamp" })
     .notNull()
@@ -608,6 +617,7 @@ export const ssoProviders = sqliteTable("sso_providers", {
   issuer: text("issuer").notNull(),
   domain: text("domain").notNull(),
   oidcConfig: text("oidc_config").notNull(), // JSON string with OIDC configuration
+  samlConfig: text("saml_config"), // JSON string with SAML configuration (optional)
   userId: text("user_id").notNull(), // Admin who created this provider
   providerId: text("provider_id").notNull().unique(), // Unique identifier for the provider
   organizationId: text("organization_id"), // Optional - if provider is linked to an organization
@@ -623,10 +633,52 @@ export const ssoProviders = sqliteTable("sso_providers", {
   index("idx_sso_providers_issuer").on(table.issuer),
 ]);
 
+// ===== Rate Limit Tracking =====
+
+export const rateLimitSchema = z.object({
+  id: z.string(),
+  userId: z.string(),
+  provider: z.enum(["github", "gitea"]).default("github"),
+  limit: z.number(),
+  remaining: z.number(),
+  used: z.number(),
+  reset: z.coerce.date(),
+  retryAfter: z.number().optional(), // seconds to wait
+  status: z.enum(["ok", "warning", "limited", "exceeded"]).default("ok"),
+  lastChecked: z.coerce.date(),
+  createdAt: z.coerce.date(),
+  updatedAt: z.coerce.date(),
+});
+
+export const rateLimits = sqliteTable("rate_limits", {
+  id: text("id").primaryKey(),
+  userId: text("user_id")
+    .notNull()
+    .references(() => users.id),
+  provider: text("provider").notNull().default("github"),
+  limit: integer("limit").notNull(),
+  remaining: integer("remaining").notNull(),
+  used: integer("used").notNull(),
+  reset: integer("reset", { mode: "timestamp" }).notNull(),
+  retryAfter: integer("retry_after"), // seconds to wait
+  status: text("status").notNull().default("ok"),
+  lastChecked: integer("last_checked", { mode: "timestamp" }).notNull(),
+  createdAt: integer("created_at", { mode: "timestamp" })
+    .notNull()
+    .default(sql`(unixepoch())`),
+  updatedAt: integer("updated_at", { mode: "timestamp" })
+    .notNull()
+    .default(sql`(unixepoch())`),
+}, (table) => [
+  index("idx_rate_limits_user_provider").on(table.userId, table.provider),
+  index("idx_rate_limits_status").on(table.status),
+]);
+
 // Export type definitions
 export type User = z.infer<typeof userSchema>;
 export type Config = z.infer<typeof configSchema>;
 export type Repository = z.infer<typeof repositorySchema>;
 export type MirrorJob = z.infer<typeof mirrorJobSchema>;
 export type Organization = z.infer<typeof organizationSchema>;
-export type Event = z.infer<typeof eventSchema>;
+export type Event = z.infer<typeof eventSchema>;
+export type RateLimit = z.infer<typeof rateLimitSchema>;

src/lib/env-config-loader.ts

@@ -69,6 +69,8 @@ interface EnvConfig {
     updateInterval?: number;
     skipRecentlyMirrored?: boolean;
     recentThreshold?: number;
+    autoImport?: boolean;
+    autoMirror?: boolean;
   };
   cleanup: {
     enabled?: boolean;
@@ -157,6 +159,8 @@ function parseEnvConfig(): EnvConfig {
       updateInterval: process.env.SCHEDULE_UPDATE_INTERVAL ? parseInt(process.env.SCHEDULE_UPDATE_INTERVAL, 10) : undefined,
       skipRecentlyMirrored: process.env.SCHEDULE_SKIP_RECENTLY_MIRRORED === 'true',
       recentThreshold: process.env.SCHEDULE_RECENT_THRESHOLD ? parseInt(process.env.SCHEDULE_RECENT_THRESHOLD, 10) : undefined,
+      autoImport: process.env.AUTO_IMPORT_REPOS !== 'false',
+      autoMirror: process.env.AUTO_MIRROR_REPOS === 'true',
     },
     cleanup: {
       enabled: process.env.CLEANUP_ENABLED === 'true' || 
@@ -301,7 +305,8 @@ export async function initializeConfigFromEnv(): Promise<void> {
       updateInterval: envConfig.schedule.updateInterval ?? existingConfig?.[0]?.scheduleConfig?.updateInterval ?? 86400000,
       skipRecentlyMirrored: envConfig.schedule.skipRecentlyMirrored ?? existingConfig?.[0]?.scheduleConfig?.skipRecentlyMirrored ?? true,
       recentThreshold: envConfig.schedule.recentThreshold ?? existingConfig?.[0]?.scheduleConfig?.recentThreshold ?? 3600000,
-      autoImport: process.env.AUTO_IMPORT_REPOS !== 'false', // New field for auto-importing new repositories
+      autoImport: envConfig.schedule.autoImport ?? existingConfig?.[0]?.scheduleConfig?.autoImport ?? true,
+      autoMirror: envConfig.schedule.autoMirror ?? existingConfig?.[0]?.scheduleConfig?.autoMirror ?? false,
       lastRun: existingConfig?.[0]?.scheduleConfig?.lastRun || undefined,
       nextRun: existingConfig?.[0]?.scheduleConfig?.nextRun || undefined,
     };
@@ -359,4 +364,4 @@ export async function initializeConfigFromEnv(): Promise<void> {
     console.error('[ENV Config Loader] Failed to initialize configuration from environment:', error);
     // Don't throw - this is a non-critical initialization
   }
-}
+}

src/lib/gitea.ts

@@ -274,15 +274,37 @@ export const mirrorGithubRepoToGitea = async ({
     // Get the correct owner based on the strategy (with organization overrides)
     let repoOwner = await getGiteaRepoOwnerAsync({ config, repository });
 
+    // Determine the actual repository name to use (handle duplicates for starred repos)
+    let targetRepoName = repository.name;
+    
+    if (repository.isStarred && config.githubConfig) {
+      // Extract GitHub owner from full_name (format: owner/repo)
+      const githubOwner = repository.fullName.split('/')[0];
+      
+      targetRepoName = await generateUniqueRepoName({
+        config,
+        orgName: repoOwner,
+        baseName: repository.name,
+        githubOwner,
+        strategy: config.githubConfig.starredDuplicateStrategy,
+      });
+      
+      if (targetRepoName !== repository.name) {
+        console.log(
+          `Starred repo ${repository.fullName} will be mirrored as ${repoOwner}/${targetRepoName} to avoid naming conflict`
+        );
+      }
+    }
+
     const isExisting = await isRepoPresentInGitea({
       config,
       owner: repoOwner,
-      repoName: repository.name,
+      repoName: targetRepoName,
     });
 
     if (isExisting) {
       console.log(
-        `Repository ${repository.name} already exists in Gitea under ${repoOwner}. Updating database status.`
+        `Repository ${targetRepoName} already exists in Gitea under ${repoOwner}. Updating database status.`
       );
 
       // Update database to reflect that the repository is already mirrored
@@ -293,7 +315,7 @@ export const mirrorGithubRepoToGitea = async ({
           updatedAt: new Date(),
           lastMirrored: new Date(),
           errorMessage: null,
-          mirroredLocation: `${repoOwner}/${repository.name}`,
+          mirroredLocation: `${repoOwner}/${targetRepoName}`,
         })
         .where(eq(repositories.id, repository.id!));
 
@@ -393,11 +415,11 @@ export const mirrorGithubRepoToGitea = async ({
     const existingRepo = await getGiteaRepoInfo({
       config,
       owner: repoOwner,
-      repoName: repository.name,
+      repoName: targetRepoName,
     });
 
     if (existingRepo && !existingRepo.mirror) {
-      console.log(`Repository ${repository.name} exists but is not a mirror. Handling...`);
+      console.log(`Repository ${targetRepoName} exists but is not a mirror. Handling...`);
       
       // Handle the existing non-mirror repository
       await handleExistingNonMirrorRepo({
@@ -408,14 +430,14 @@ export const mirrorGithubRepoToGitea = async ({
       });
       
       // After handling, proceed with mirror creation
-      console.log(`Proceeding with mirror creation for ${repository.name}`);
+      console.log(`Proceeding with mirror creation for ${targetRepoName}`);
     }
 
     const response = await httpPost(
       apiUrl,
       {
         clone_addr: cloneAddress,
-        repo_name: repository.name,
+        repo_name: targetRepoName,
         mirror: true,
         mirror_interval: config.giteaConfig?.mirrorInterval || "8h", // Set mirror interval
         wiki: config.giteaConfig?.wiki || false, // will mirror wiki if it exists
@@ -438,6 +460,8 @@ export const mirrorGithubRepoToGitea = async ({
           config,
           octokit,
           repository,
+          giteaOwner: repoOwner,
+          giteaRepoName: targetRepoName,
         });
         console.log(`[Metadata] Successfully mirrored releases for ${repository.name}`);
       } catch (error) {
@@ -460,6 +484,7 @@ export const mirrorGithubRepoToGitea = async ({
           octokit,
           repository,
           giteaOwner: repoOwner,
+          giteaRepoName: targetRepoName,
         });
         console.log(`[Metadata] Successfully mirrored issues for ${repository.name}`);
       } catch (error) {
@@ -477,6 +502,7 @@ export const mirrorGithubRepoToGitea = async ({
           octokit,
           repository,
           giteaOwner: repoOwner,
+          giteaRepoName: targetRepoName,
         });
         console.log(`[Metadata] Successfully mirrored pull requests for ${repository.name}`);
       } catch (error) {
@@ -494,6 +520,7 @@ export const mirrorGithubRepoToGitea = async ({
           octokit,
           repository,
           giteaOwner: repoOwner,
+          giteaRepoName: targetRepoName,
         });
         console.log(`[Metadata] Successfully mirrored labels for ${repository.name}`);
       } catch (error) {
@@ -511,6 +538,7 @@ export const mirrorGithubRepoToGitea = async ({
           octokit,
           repository,
           giteaOwner: repoOwner,
+          giteaRepoName: targetRepoName,
         });
         console.log(`[Metadata] Successfully mirrored milestones for ${repository.name}`);
       } catch (error) {
@@ -519,7 +547,7 @@ export const mirrorGithubRepoToGitea = async ({
       }
     }
 
-    console.log(`Repository ${repository.name} mirrored successfully`);
+    console.log(`Repository ${repository.name} mirrored successfully as ${targetRepoName}`);
 
     // Mark repos as "mirrored" in DB
     await db
@@ -529,7 +557,7 @@ export const mirrorGithubRepoToGitea = async ({
         updatedAt: new Date(),
         lastMirrored: new Date(),
         errorMessage: null,
-        mirroredLocation: `${repoOwner}/${repository.name}`,
+        mirroredLocation: `${repoOwner}/${targetRepoName}`,
       })
       .where(eq(repositories.id, repository.id!));
 
@@ -538,8 +566,8 @@ export const mirrorGithubRepoToGitea = async ({
       userId: config.userId,
       repositoryId: repository.id,
       repositoryName: repository.name,
-      message: `Successfully mirrored repository: ${repository.name}`,
-      details: `Repository ${repository.name} was mirrored to Gitea.`,
+      message: `Successfully mirrored repository: ${repository.name}${targetRepoName !== repository.name ? ` as ${targetRepoName}` : ''}`,
+      details: `Repository ${repository.fullName} was mirrored to Gitea at ${repoOwner}/${targetRepoName}.`,
       status: "mirrored",
     });
 
@@ -608,6 +636,80 @@ export async function getOrCreateGiteaOrg({
   }
 }
 
+/**
+ * Generate a unique repository name for starred repos with duplicate names
+ */
+async function generateUniqueRepoName({
+  config,
+  orgName,
+  baseName,
+  githubOwner,
+  strategy,
+}: {
+  config: Partial<Config>;
+  orgName: string;
+  baseName: string;
+  githubOwner: string;
+  strategy?: string;
+}): Promise<string> {
+  const duplicateStrategy = strategy || "suffix";
+  
+  // First check if base name is available
+  const baseExists = await isRepoPresentInGitea({
+    config,
+    owner: orgName,
+    repoName: baseName,
+  });
+  
+  if (!baseExists) {
+    return baseName;
+  }
+  
+  // Generate name based on strategy
+  let candidateName: string;
+  let attempt = 0;
+  const maxAttempts = 10;
+  
+  while (attempt < maxAttempts) {
+    switch (duplicateStrategy) {
+      case "prefix":
+        // Prefix with owner: owner-reponame
+        candidateName = attempt === 0 
+          ? `${githubOwner}-${baseName}`
+          : `${githubOwner}-${baseName}-${attempt}`;
+        break;
+        
+      case "owner-org":
+        // This would require creating sub-organizations, not supported in this PR
+        // Fall back to suffix strategy
+      case "suffix":
+      default:
+        // Suffix with owner: reponame-owner
+        candidateName = attempt === 0
+          ? `${baseName}-${githubOwner}`
+          : `${baseName}-${githubOwner}-${attempt}`;
+        break;
+    }
+    
+    const exists = await isRepoPresentInGitea({
+      config,
+      owner: orgName,
+      repoName: candidateName,
+    });
+    
+    if (!exists) {
+      console.log(`Found unique name for duplicate starred repo: ${candidateName}`);
+      return candidateName;
+    }
+    
+    attempt++;
+  }
+  
+  // If all attempts failed, use timestamp as last resort
+  const timestamp = Date.now();
+  return `${baseName}-${githubOwner}-${timestamp}`;
+}
+
 export async function mirrorGitHubRepoToGiteaOrg({
   octokit,
   config,
@@ -633,15 +735,37 @@ export async function mirrorGitHubRepoToGiteaOrg({
     // Decrypt config tokens for API usage
     const decryptedConfig = decryptConfigTokens(config as Config);
 
+    // Determine the actual repository name to use (handle duplicates for starred repos)
+    let targetRepoName = repository.name;
+    
+    if (repository.isStarred && config.githubConfig) {
+      // Extract GitHub owner from full_name (format: owner/repo)
+      const githubOwner = repository.fullName.split('/')[0];
+      
+      targetRepoName = await generateUniqueRepoName({
+        config,
+        orgName,
+        baseName: repository.name,
+        githubOwner,
+        strategy: config.githubConfig.starredDuplicateStrategy,
+      });
+      
+      if (targetRepoName !== repository.name) {
+        console.log(
+          `Starred repo ${repository.fullName} will be mirrored as ${orgName}/${targetRepoName} to avoid naming conflict`
+        );
+      }
+    }
+
     const isExisting = await isRepoPresentInGitea({
       config,
       owner: orgName,
-      repoName: repository.name,
+      repoName: targetRepoName,
     });
 
     if (isExisting) {
       console.log(
-        `Repository ${repository.name} already exists in Gitea organization ${orgName}. Updating database status.`
+        `Repository ${targetRepoName} already exists in Gitea organization ${orgName}. Updating database status.`
       );
 
       // Update database to reflect that the repository is already mirrored
@@ -652,7 +776,7 @@ export async function mirrorGitHubRepoToGiteaOrg({
           updatedAt: new Date(),
           lastMirrored: new Date(),
           errorMessage: null,
-          mirroredLocation: `${orgName}/${repository.name}`,
+          mirroredLocation: `${orgName}/${targetRepoName}`,
         })
         .where(eq(repositories.id, repository.id!));
 
@@ -661,19 +785,19 @@ export async function mirrorGitHubRepoToGiteaOrg({
         userId: config.userId,
         repositoryId: repository.id,
         repositoryName: repository.name,
-        message: `Repository ${repository.name} already exists in Gitea organization ${orgName}`,
-        details: `Repository ${repository.name} was found to already exist in Gitea organization ${orgName} and database status was updated.`,
+        message: `Repository ${targetRepoName} already exists in Gitea organization ${orgName}`,
+        details: `Repository ${targetRepoName} was found to already exist in Gitea organization ${orgName} and database status was updated.`,
         status: "mirrored",
       });
 
       console.log(
-        `Repository ${repository.name} database status updated to mirrored in organization ${orgName}`
+        `Repository ${targetRepoName} database status updated to mirrored in organization ${orgName}`
       );
       return;
     }
 
     console.log(
-      `Mirroring repository ${repository.name} to organization ${orgName}`
+      `Mirroring repository ${repository.fullName} to organization ${orgName} as ${targetRepoName}`
     );
 
     let cloneAddress = repository.cloneUrl;
@@ -710,7 +834,7 @@ export async function mirrorGitHubRepoToGiteaOrg({
       {
         clone_addr: cloneAddress,
         uid: giteaOrgId,
-        repo_name: repository.name,
+        repo_name: targetRepoName,
         mirror: true,
         mirror_interval: config.giteaConfig?.mirrorInterval || "8h", // Set mirror interval
         wiki: config.giteaConfig?.wiki || false, // will mirror wiki if it exists
@@ -730,6 +854,8 @@ export async function mirrorGitHubRepoToGiteaOrg({
           config,
           octokit,
           repository,
+          giteaOwner: orgName,
+          giteaRepoName: targetRepoName,
         });
         console.log(`[Metadata] Successfully mirrored releases for ${repository.name}`);
       } catch (error) {
@@ -752,10 +878,11 @@ export async function mirrorGitHubRepoToGiteaOrg({
           octokit,
           repository,
           giteaOwner: orgName,
+          giteaRepoName: targetRepoName,
         });
-        console.log(`[Metadata] Successfully mirrored issues for ${repository.name} to org ${orgName}`);
+        console.log(`[Metadata] Successfully mirrored issues for ${repository.name} to org ${orgName}/${targetRepoName}`);
       } catch (error) {
-        console.error(`[Metadata] Failed to mirror issues for ${repository.name} to org ${orgName}: ${error instanceof Error ? error.message : String(error)}`);
+        console.error(`[Metadata] Failed to mirror issues for ${repository.name} to org ${orgName}/${targetRepoName}: ${error instanceof Error ? error.message : String(error)}`);
         // Continue with other metadata operations even if issues fail
       }
     }
@@ -769,10 +896,11 @@ export async function mirrorGitHubRepoToGiteaOrg({
           octokit,
           repository,
           giteaOwner: orgName,
+          giteaRepoName: targetRepoName,
         });
-        console.log(`[Metadata] Successfully mirrored pull requests for ${repository.name} to org ${orgName}`);
+        console.log(`[Metadata] Successfully mirrored pull requests for ${repository.name} to org ${orgName}/${targetRepoName}`);
       } catch (error) {
-        console.error(`[Metadata] Failed to mirror pull requests for ${repository.name} to org ${orgName}: ${error instanceof Error ? error.message : String(error)}`);
+        console.error(`[Metadata] Failed to mirror pull requests for ${repository.name} to org ${orgName}/${targetRepoName}: ${error instanceof Error ? error.message : String(error)}`);
         // Continue with other metadata operations even if PRs fail
       }
     }
@@ -786,10 +914,11 @@ export async function mirrorGitHubRepoToGiteaOrg({
           octokit,
           repository,
           giteaOwner: orgName,
+          giteaRepoName: targetRepoName,
         });
-        console.log(`[Metadata] Successfully mirrored labels for ${repository.name} to org ${orgName}`);
+        console.log(`[Metadata] Successfully mirrored labels for ${repository.name} to org ${orgName}/${targetRepoName}`);
       } catch (error) {
-        console.error(`[Metadata] Failed to mirror labels for ${repository.name} to org ${orgName}: ${error instanceof Error ? error.message : String(error)}`);
+        console.error(`[Metadata] Failed to mirror labels for ${repository.name} to org ${orgName}/${targetRepoName}: ${error instanceof Error ? error.message : String(error)}`);
         // Continue with other metadata operations even if labels fail
       }
     }
@@ -803,16 +932,17 @@ export async function mirrorGitHubRepoToGiteaOrg({
           octokit,
           repository,
           giteaOwner: orgName,
+          giteaRepoName: targetRepoName,
         });
-        console.log(`[Metadata] Successfully mirrored milestones for ${repository.name} to org ${orgName}`);
+        console.log(`[Metadata] Successfully mirrored milestones for ${repository.name} to org ${orgName}/${targetRepoName}`);
       } catch (error) {
-        console.error(`[Metadata] Failed to mirror milestones for ${repository.name} to org ${orgName}: ${error instanceof Error ? error.message : String(error)}`);
+        console.error(`[Metadata] Failed to mirror milestones for ${repository.name} to org ${orgName}/${targetRepoName}: ${error instanceof Error ? error.message : String(error)}`);
         // Continue with other metadata operations even if milestones fail
       }
     }
 
     console.log(
-      `Repository ${repository.name} mirrored successfully to organization ${orgName}`
+      `Repository ${repository.name} mirrored successfully to organization ${orgName} as ${targetRepoName}`
     );
 
     // Mark repos as "mirrored" in DB
@@ -823,7 +953,7 @@ export async function mirrorGitHubRepoToGiteaOrg({
         updatedAt: new Date(),
         lastMirrored: new Date(),
         errorMessage: null,
-        mirroredLocation: `${orgName}/${repository.name}`,
+        mirroredLocation: `${orgName}/${targetRepoName}`,
       })
       .where(eq(repositories.id, repository.id!));
 
@@ -832,8 +962,8 @@ export async function mirrorGitHubRepoToGiteaOrg({
       userId: config.userId,
       repositoryId: repository.id,
       repositoryName: repository.name,
-      message: `Repository ${repository.name} mirrored successfully`,
-      details: `Repository ${repository.name} was mirrored to Gitea`,
+      message: `Repository ${repository.name} mirrored successfully${targetRepoName !== repository.name ? ` as ${targetRepoName}` : ''}`,
+      details: `Repository ${repository.fullName} was mirrored to Gitea at ${orgName}/${targetRepoName}`,
       status: "mirrored",
     });
 
@@ -1149,11 +1279,13 @@ export const mirrorGitRepoIssuesToGitea = async ({
   octokit,
   repository,
   giteaOwner,
+  giteaRepoName,
 }: {
   config: Partial<Config>;
   octokit: Octokit;
   repository: Repository;
   giteaOwner: string;
+  giteaRepoName?: string;
 }) => {
   //things covered here are- issue, title, body, labels, comments and assignees
   if (
@@ -1168,23 +1300,26 @@ export const mirrorGitRepoIssuesToGitea = async ({
   // Decrypt config tokens for API usage
   const decryptedConfig = decryptConfigTokens(config as Config);
   
+  // Use provided giteaRepoName or fall back to repository.name
+  const repoName = giteaRepoName || repository.name;
+  
   // Log configuration details for debugging
-  console.log(`[Issues] Starting issue mirroring for repository ${repository.name}`);
+  console.log(`[Issues] Starting issue mirroring for repository ${repository.name} as ${repoName}`);
   console.log(`[Issues] Gitea URL: ${config.giteaConfig!.url}`);
   console.log(`[Issues] Gitea Owner: ${giteaOwner}`);
   console.log(`[Issues] Gitea Default Owner: ${config.giteaConfig!.defaultOwner}`);
   
   // Verify the repository exists in Gitea before attempting to mirror metadata
-  console.log(`[Issues] Verifying repository ${repository.name} exists at ${giteaOwner}`);
+  console.log(`[Issues] Verifying repository ${repoName} exists at ${giteaOwner}`);
   const repoExists = await isRepoPresentInGitea({
     config,
     owner: giteaOwner,
-    repoName: repository.name,
+    repoName: repoName,
   });
   
   if (!repoExists) {
-    console.error(`[Issues] Repository ${repository.name} not found at ${giteaOwner}. Cannot mirror issues.`);
-    throw new Error(`Repository ${repository.name} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
+    console.error(`[Issues] Repository ${repoName} not found at ${giteaOwner}. Cannot mirror issues.`);
+    throw new Error(`Repository ${repoName} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
   }
 
   const [owner, repo] = repository.fullName.split("/");
@@ -1215,7 +1350,7 @@ export const mirrorGitRepoIssuesToGitea = async ({
 
   // Get existing labels from Gitea
   const giteaLabelsRes = await httpGet(
-    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/labels`,
+    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/labels`,
     {
       Authorization: `token ${decryptedConfig.giteaConfig.token}`,
     }
@@ -1247,9 +1382,7 @@ export const mirrorGitRepoIssuesToGitea = async ({
         } else {
           try {
             const created = await httpPost(
-              `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${
-                repository.name
-              }/labels`,
+              `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repoName}/labels`,
               { name, color: "#ededed" }, // Default color
               {
                 Authorization: `token ${decryptedConfig.giteaConfig!.token}`,
@@ -1284,9 +1417,7 @@ export const mirrorGitRepoIssuesToGitea = async ({
 
       // Create the issue in Gitea
       const createdIssue = await httpPost(
-        `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${
-          repository.name
-        }/issues`,
+        `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repoName}/issues`,
         issuePayload,
         {
           Authorization: `token ${decryptedConfig.giteaConfig!.token}`,
@@ -1311,9 +1442,7 @@ export const mirrorGitRepoIssuesToGitea = async ({
           comments,
           async (comment) => {
             await httpPost(
-              `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${
-                repository.name
-              }/issues/${createdIssue.data.number}/comments`,
+              `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repoName}/issues/${createdIssue.data.number}/comments`,
               {
                 body: `@${comment.user?.login} commented on GitHub:\n\n${comment.body}`,
               },
@@ -1367,10 +1496,14 @@ export async function mirrorGitHubReleasesToGitea({
   octokit,
   repository,
   config,
+  giteaOwner,
+  giteaRepoName,
 }: {
   octokit: Octokit;
   repository: Repository;
   config: Partial<Config>;
+  giteaOwner?: string;
+  giteaRepoName?: string;
 }) {
   if (
     !config.giteaConfig?.defaultOwner ||
@@ -1383,17 +1516,16 @@ export async function mirrorGitHubReleasesToGitea({
   // Decrypt config tokens for API usage
   const decryptedConfig = decryptConfigTokens(config as Config);
 
-  const repoOwner = await getGiteaRepoOwnerAsync({
-    config,
-    repository,
-  });
+  // Determine target owner/repo in Gitea (supports renamed repos)
+  const repoOwner = giteaOwner || (await getGiteaRepoOwnerAsync({ config, repository }));
+  const repoName = giteaRepoName || repository.name;
 
   // Verify the repository exists in Gitea before attempting to mirror releases
-  console.log(`[Releases] Verifying repository ${repository.name} exists at ${repoOwner}`);
+  console.log(`[Releases] Verifying repository ${repoName} exists at ${repoOwner}`);
   const repoExists = await isRepoPresentInGitea({
     config,
     owner: repoOwner,
-    repoName: repository.name,
+    repoName: repoName,
   });
   
   if (!repoExists) {
@@ -1429,7 +1561,7 @@ export async function mirrorGitHubReleasesToGitea({
     try {
       // Check if release already exists
       const existingReleasesResponse = await httpGet(
-        `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repository.name}/releases/tags/${release.tag_name}`,
+        `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repoName}/releases/tags/${release.tag_name}`,
         {
           Authorization: `token ${decryptedConfig.giteaConfig.token}`,
         }
@@ -1446,7 +1578,7 @@ export async function mirrorGitHubReleasesToGitea({
           console.log(`[Releases] Updating existing release ${release.tag_name} with new changelog/title`);
           
           await httpPut(
-            `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repository.name}/releases/${existingRelease.id}`,
+            `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repoName}/releases/${existingRelease.id}`,
             {
               tag_name: release.tag_name,
               target: release.target_commitish,
@@ -1477,7 +1609,7 @@ export async function mirrorGitHubReleasesToGitea({
       }
       
       const createReleaseResponse = await httpPost(
-        `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repository.name}/releases`,
+        `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repoName}/releases`,
         {
           tag_name: release.tag_name,
           target: release.target_commitish,
@@ -1518,7 +1650,7 @@ export async function mirrorGitHubReleasesToGitea({
             formData.append('attachment', new Blob([assetData]), asset.name);
             
             const uploadResponse = await fetch(
-              `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repository.name}/releases/${createReleaseResponse.data.id}/assets?name=${encodeURIComponent(asset.name)}`,
+              `${config.giteaConfig.url}/api/v1/repos/${repoOwner}/${repoName}/releases/${createReleaseResponse.data.id}/assets?name=${encodeURIComponent(asset.name)}`,
               {
                 method: 'POST',
                 headers: {
@@ -1556,11 +1688,13 @@ export async function mirrorGitRepoPullRequestsToGitea({
   octokit,
   repository,
   giteaOwner,
+  giteaRepoName,
 }: {
   config: Partial<Config>;
   octokit: Octokit;
   repository: Repository;
   giteaOwner: string;
+  giteaRepoName?: string;
 }) {
   if (
     !config.githubConfig?.token ||
@@ -1574,23 +1708,26 @@ export async function mirrorGitRepoPullRequestsToGitea({
   // Decrypt config tokens for API usage
   const decryptedConfig = decryptConfigTokens(config as Config);
   
+  // Use provided giteaRepoName or fall back to repository.name
+  const repoName = giteaRepoName || repository.name;
+  
   // Log configuration details for debugging
-  console.log(`[Pull Requests] Starting PR mirroring for repository ${repository.name}`);
+  console.log(`[Pull Requests] Starting PR mirroring for repository ${repository.name} as ${repoName}`);
   console.log(`[Pull Requests] Gitea URL: ${config.giteaConfig!.url}`);
   console.log(`[Pull Requests] Gitea Owner: ${giteaOwner}`);
   console.log(`[Pull Requests] Gitea Default Owner: ${config.giteaConfig!.defaultOwner}`);
   
   // Verify the repository exists in Gitea before attempting to mirror metadata
-  console.log(`[Pull Requests] Verifying repository ${repository.name} exists at ${giteaOwner}`);
+  console.log(`[Pull Requests] Verifying repository ${repoName} exists at ${giteaOwner}`);
   const repoExists = await isRepoPresentInGitea({
     config,
     owner: giteaOwner,
-    repoName: repository.name,
+    repoName: repoName,
   });
   
   if (!repoExists) {
-    console.error(`[Pull Requests] Repository ${repository.name} not found at ${giteaOwner}. Cannot mirror PRs.`);
-    throw new Error(`Repository ${repository.name} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
+    console.error(`[Pull Requests] Repository ${repoName} not found at ${giteaOwner}. Cannot mirror PRs.`);
+    throw new Error(`Repository ${repoName} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
   }
 
   const [owner, repo] = repository.fullName.split("/");
@@ -1622,7 +1759,7 @@ export async function mirrorGitRepoPullRequestsToGitea({
   
   // Get existing labels from Gitea and ensure "pull-request" label exists
   const giteaLabelsRes = await httpGet(
-    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/labels`,
+    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/labels`,
     {
       Authorization: `token ${decryptedConfig.giteaConfig.token}`,
     }
@@ -1640,7 +1777,7 @@ export async function mirrorGitRepoPullRequestsToGitea({
   } else {
     try {
       const created = await httpPost(
-        `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/labels`,
+        `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/labels`,
         { 
           name: "pull-request",
           color: "#0366d6",
@@ -1744,7 +1881,7 @@ export async function mirrorGitRepoPullRequestsToGitea({
 
         console.log(`[Pull Requests] Creating enriched issue for PR #${pr.number}: ${pr.title}`);
         await httpPost(
-          `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repository.name}/issues`,
+          `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repoName}/issues`,
           issueData,
           {
             Authorization: `token ${decryptedConfig.giteaConfig!.token}`,
@@ -1764,7 +1901,7 @@ export async function mirrorGitRepoPullRequestsToGitea({
         
         try {
           await httpPost(
-            `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repository.name}/issues`,
+            `${config.giteaConfig!.url}/api/v1/repos/${giteaOwner}/${repoName}/issues`,
             basicIssueData,
             {
               Authorization: `token ${decryptedConfig.giteaConfig!.token}`,
@@ -1795,11 +1932,13 @@ export async function mirrorGitRepoLabelsToGitea({
   octokit,
   repository,
   giteaOwner,
+  giteaRepoName,
 }: {
   config: Partial<Config>;
   octokit: Octokit;
   repository: Repository;
   giteaOwner: string;
+  giteaRepoName?: string;
 }) {
   if (
     !config.githubConfig?.token ||
@@ -1812,17 +1951,20 @@ export async function mirrorGitRepoLabelsToGitea({
   // Decrypt config tokens for API usage
   const decryptedConfig = decryptConfigTokens(config as Config);
   
+  // Use provided giteaRepoName or fall back to repository.name
+  const repoName = giteaRepoName || repository.name;
+  
   // Verify the repository exists in Gitea before attempting to mirror metadata
-  console.log(`[Labels] Verifying repository ${repository.name} exists at ${giteaOwner}`);
+  console.log(`[Labels] Verifying repository ${repoName} exists at ${giteaOwner}`);
   const repoExists = await isRepoPresentInGitea({
     config,
     owner: giteaOwner,
-    repoName: repository.name,
+    repoName: repoName,
   });
   
   if (!repoExists) {
-    console.error(`[Labels] Repository ${repository.name} not found at ${giteaOwner}. Cannot mirror labels.`);
-    throw new Error(`Repository ${repository.name} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
+    console.error(`[Labels] Repository ${repoName} not found at ${giteaOwner}. Cannot mirror labels.`);
+    throw new Error(`Repository ${repoName} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
   }
 
   const [owner, repo] = repository.fullName.split("/");
@@ -1847,7 +1989,7 @@ export async function mirrorGitRepoLabelsToGitea({
 
   // Get existing labels from Gitea
   const giteaLabelsRes = await httpGet(
-    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/labels`,
+    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/labels`,
     {
       Authorization: `token ${decryptedConfig.giteaConfig.token}`,
     }
@@ -1862,7 +2004,7 @@ export async function mirrorGitRepoLabelsToGitea({
     if (!existingLabels.has(label.name)) {
       try {
         await httpPost(
-          `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/labels`,
+          `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/labels`,
           {
             name: label.name,
             color: `#${label.color}`,
@@ -1889,11 +2031,13 @@ export async function mirrorGitRepoMilestonesToGitea({
   octokit,
   repository,
   giteaOwner,
+  giteaRepoName,
 }: {
   config: Partial<Config>;
   octokit: Octokit;
   repository: Repository;
   giteaOwner: string;
+  giteaRepoName?: string;
 }) {
   if (
     !config.githubConfig?.token ||
@@ -1906,17 +2050,20 @@ export async function mirrorGitRepoMilestonesToGitea({
   // Decrypt config tokens for API usage
   const decryptedConfig = decryptConfigTokens(config as Config);
   
+  // Use provided giteaRepoName or fall back to repository.name
+  const repoName = giteaRepoName || repository.name;
+  
   // Verify the repository exists in Gitea before attempting to mirror metadata
-  console.log(`[Milestones] Verifying repository ${repository.name} exists at ${giteaOwner}`);
+  console.log(`[Milestones] Verifying repository ${repoName} exists at ${giteaOwner}`);
   const repoExists = await isRepoPresentInGitea({
     config,
     owner: giteaOwner,
-    repoName: repository.name,
+    repoName: repoName,
   });
   
   if (!repoExists) {
-    console.error(`[Milestones] Repository ${repository.name} not found at ${giteaOwner}. Cannot mirror milestones.`);
-    throw new Error(`Repository ${repository.name} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
+    console.error(`[Milestones] Repository ${repoName} not found at ${giteaOwner}. Cannot mirror milestones.`);
+    throw new Error(`Repository ${repoName} does not exist in Gitea at ${giteaOwner}. Please ensure the repository is mirrored first.`);
   }
 
   const [owner, repo] = repository.fullName.split("/");
@@ -1942,7 +2089,7 @@ export async function mirrorGitRepoMilestonesToGitea({
 
   // Get existing milestones from Gitea
   const giteaMilestonesRes = await httpGet(
-    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/milestones`,
+    `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/milestones`,
     {
       Authorization: `token ${decryptedConfig.giteaConfig.token}`,
     }
@@ -1957,7 +2104,7 @@ export async function mirrorGitRepoMilestonesToGitea({
     if (!existingMilestones.has(milestone.title)) {
       try {
         await httpPost(
-          `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repository.name}/milestones`,
+          `${config.giteaConfig.url}/api/v1/repos/${giteaOwner}/${repoName}/milestones`,
           {
             title: milestone.title,
             description: milestone.description || "",
@@ -2029,6 +2176,14 @@ export async function archiveGiteaRepo(
   repo: string
 ): Promise<void> {
   try {
+    // Helper: sanitize to Gitea's AlphaDashDot rule
+    const sanitizeRepoNameAlphaDashDot = (name: string): string => {
+      // Replace anything that's not [A-Za-z0-9.-] with '-'
+      const base = name.replace(/[^A-Za-z0-9.-]+/g, "-").replace(/-+/g, "-");
+      // Trim leading/trailing separators and dots for safety
+      return base.replace(/^[.-]+/, "").replace(/[.-]+$/, "");
+    };
+
     // First, check if this is a mirror repository
     const repoResponse = await httpGet(
       `${client.url}/api/v1/repos/${owner}/${repo}`,
@@ -2060,7 +2215,8 @@ export async function archiveGiteaRepo(
         return;
       }
       
-      const archivedName = `[ARCHIVED] ${currentName}`;
+      // Use a safe prefix and sanitize the name to satisfy AlphaDashDot rule
+      let archivedName = `archived-${sanitizeRepoNameAlphaDashDot(currentName)}`;
       const currentDesc = repoResponse.data.description || '';
       const archiveNotice = `\n\n⚠️ ARCHIVED: Original GitHub repository no longer exists. Preserved as backup on ${new Date().toISOString()}`;
       
@@ -2069,23 +2225,40 @@ export async function archiveGiteaRepo(
         ? currentDesc 
         : currentDesc + archiveNotice;
       
-      const renameResponse = await httpPatch(
-        `${client.url}/api/v1/repos/${owner}/${repo}`,
-        {
-          name: archivedName,
-          description: newDescription,
-        },
-        {
-          Authorization: `token ${client.token}`,
-          'Content-Type': 'application/json',
+      try {
+        await httpPatch(
+          `${client.url}/api/v1/repos/${owner}/${repo}`,
+          {
+            name: archivedName,
+            description: newDescription,
+          },
+          {
+            Authorization: `token ${client.token}`,
+            'Content-Type': 'application/json',
+          }
+        );
+      } catch (e: any) {
+        // If rename fails (e.g., 422 AlphaDashDot or name conflict), attempt a timestamped fallback
+        const ts = new Date().toISOString().replace(/[-:T.]/g, "").slice(0, 14);
+        archivedName = `archived-${ts}-${sanitizeRepoNameAlphaDashDot(currentName)}`;
+        try {
+          await httpPatch(
+            `${client.url}/api/v1/repos/${owner}/${repo}`,
+            {
+              name: archivedName,
+              description: newDescription,
+            },
+            {
+              Authorization: `token ${client.token}`,
+              'Content-Type': 'application/json',
+            }
+          );
+        } catch (e2) {
+          // If this also fails, log but don't throw - data remains preserved
+          console.error(`[Archive] Failed to rename mirror repository ${owner}/${repo}:`, e2);
+          console.log(`[Archive] Repository ${owner}/${repo} remains accessible but not marked as archived`);
+          return;
         }
-      );
-      
-      if (renameResponse.status >= 400) {
-        // If rename fails, log but don't throw - data is still preserved
-        console.error(`[Archive] Failed to rename mirror repository ${owner}/${repo}: ${renameResponse.status}`);
-        console.log(`[Archive] Repository ${owner}/${repo} remains accessible but not marked as archived`);
-        return;
       }
       
       console.log(`[Archive] Successfully marked mirror repository ${owner}/${repo} as archived (renamed to ${archivedName})`);

src/lib/github.ts

@@ -1,15 +1,179 @@
 import type { GitOrg, MembershipRole } from "@/types/organizations";
 import type { GitRepo, RepoStatus } from "@/types/Repository";
 import { Octokit } from "@octokit/rest";
+import { throttling } from "@octokit/plugin-throttling";
 import type { Config } from "@/types/config";
+// Conditionally import rate limit manager (not available in test environment)
+let RateLimitManager: any = null;
+let publishEvent: any = null;
+
+if (process.env.NODE_ENV !== "test") {
+  try {
+    const rateLimitModule = await import("@/lib/rate-limit-manager");
+    RateLimitManager = rateLimitModule.RateLimitManager;
+    const eventsModule = await import("@/lib/events");
+    publishEvent = eventsModule.publishEvent;
+  } catch (error) {
+    console.warn("Rate limit manager not available:", error);
+  }
+}
+
+// Extend Octokit with throttling plugin when available (tests may stub Octokit)
+// Fallback to base Octokit if .plugin is not present
+const MyOctokit: any = (Octokit as any)?.plugin?.call
+  ? (Octokit as any).plugin(throttling)
+  : Octokit as any;
 
 /**
- * Creates an authenticated Octokit instance
+ * Creates an authenticated Octokit instance with rate limit tracking and throttling
  */
-export function createGitHubClient(token: string): Octokit {
-  return new Octokit({
-    auth: token,
+export function createGitHubClient(token: string, userId?: string, username?: string): Octokit {
+  // Create a proper User-Agent to identify our application
+  // This helps GitHub understand our traffic patterns and can provide better rate limits
+  const userAgent = username 
+    ? `gitea-mirror/3.5.4 (user:${username})` 
+    : "gitea-mirror/3.5.4";
+  
+  const octokit = new MyOctokit({
+    auth: token, // Always use token for authentication (5000 req/hr vs 60 for unauthenticated)
+    userAgent, // Identify our application and user
+    baseUrl: "https://api.github.com", // Explicitly set the API endpoint
+    log: {
+      debug: () => {},
+      info: console.log,
+      warn: console.warn,
+      error: console.error,
+    },
+    request: {
+      // Add default headers for better identification
+      headers: {
+        accept: "application/vnd.github.v3+json",
+        "x-github-api-version": "2022-11-28", // Use a stable API version
+      },
+    },
+    throttle: {
+      onRateLimit: async (retryAfter: number, options: any, octokit: any, retryCount: number) => {
+        const isSearch = options.url.includes("/search/");
+        const maxRetries = isSearch ? 5 : 3; // Search endpoints get more retries
+        
+        console.warn(
+          `[GitHub] Rate limit hit for ${options.method} ${options.url}. Retry ${retryCount + 1}/${maxRetries}`
+        );
+        
+        // Update rate limit status and notify UI (if available)
+        if (userId && RateLimitManager) {
+          await RateLimitManager.updateFromResponse(userId, {
+            "retry-after": retryAfter.toString(),
+            "x-ratelimit-remaining": "0",
+            "x-ratelimit-reset": (Date.now() / 1000 + retryAfter).toString(),
+          });
+        }
+        
+        if (userId && publishEvent) {
+          await publishEvent({
+            userId,
+            channel: "rate-limit",
+            payload: {
+              type: "rate-limited",
+              provider: "github",
+              retryAfter,
+              retryCount,
+              endpoint: options.url,
+              message: `Rate limit hit. Waiting ${retryAfter}s before retry ${retryCount + 1}/${maxRetries}...`,
+            },
+          });
+        }
+        
+        // Retry with exponential backoff
+        if (retryCount < maxRetries) {
+          console.log(`[GitHub] Waiting ${retryAfter}s before retry...`);
+          return true;
+        }
+        
+        // Max retries reached
+        console.error(`[GitHub] Max retries (${maxRetries}) reached for ${options.url}`);
+        return false;
+      },
+      onSecondaryRateLimit: async (retryAfter: number, options: any, octokit: any, retryCount: number) => {
+        console.warn(
+          `[GitHub] Secondary rate limit hit for ${options.method} ${options.url}`
+        );
+        
+        // Update status and notify UI (if available)
+        if (userId && publishEvent) {
+          await publishEvent({
+            userId,
+            channel: "rate-limit",
+            payload: {
+              type: "secondary-limited",
+              provider: "github",
+              retryAfter,
+              retryCount,
+              endpoint: options.url,
+              message: `Secondary rate limit hit. Waiting ${retryAfter}s...`,
+            },
+          });
+        }
+        
+        // Retry up to 2 times for secondary rate limits
+        if (retryCount < 2) {
+          console.log(`[GitHub] Waiting ${retryAfter}s for secondary rate limit...`);
+          return true;
+        }
+        
+        return false;
+      },
+      // Throttle options to prevent hitting limits
+      fallbackSecondaryRateRetryAfter: 60, // Wait 60s on secondary rate limit
+      minimumSecondaryRateRetryAfter: 5, // Min 5s wait
+      retryAfterBaseValue: 1000, // Base retry in ms
+    },
   });
+  
+  // Add additional rate limit tracking if userId is provided and RateLimitManager is available
+  if (userId && RateLimitManager) {
+    octokit.hook.after("request", async (response: any, options: any) => {
+      // Update rate limit from response headers
+      if (response.headers) {
+        await RateLimitManager.updateFromResponse(userId, response.headers);
+      }
+    });
+    
+    octokit.hook.error("request", async (error: any, options: any) => {
+      // Handle rate limit errors
+      if (error.status === 403 || error.status === 429) {
+        const message = error.message || "";
+        
+        if (message.includes("rate limit") || message.includes("API rate limit")) {
+          console.error(`[GitHub] Rate limit error for user ${userId}: ${message}`);
+          
+          // Update rate limit status from error response (if available)
+          if (error.response?.headers && RateLimitManager) {
+            await RateLimitManager.updateFromResponse(userId, error.response.headers);
+          }
+          
+          // Create error event for UI (if available)
+          if (publishEvent) {
+            await publishEvent({
+              userId,
+            channel: "rate-limit",
+            payload: {
+              type: "error",
+              provider: "github",
+              error: message,
+              endpoint: options.url,
+              message: `Rate limit exceeded: ${message}`,
+            },
+          });
+          }
+        }
+      }
+      
+      throw error;
+    });
+  }
+  
+  return octokit;
 }
 
 /**
@@ -68,6 +232,8 @@ export async function getGithubRepositories({
       owner: repo.owner.login,
       organization:
         repo.owner.type === "Organization" ? repo.owner.login : undefined,
+      mirroredLocation: "",
+      destinationOrg: null,
 
       isPrivate: repo.private,
       isForked: repo.fork,
@@ -82,6 +248,8 @@ export async function getGithubRepositories({
       hasLFS: false,
       hasSubmodules: false,
 
+      language: repo.language,
+      description: repo.description,
       defaultBranch: repo.default_branch,
       visibility: (repo.visibility ?? "public") as GitRepo["visibility"],
 
@@ -125,6 +293,8 @@ export async function getGithubStarredRepositories({
       owner: repo.owner.login,
       organization:
         repo.owner.type === "Organization" ? repo.owner.login : undefined,
+      mirroredLocation: "",
+      destinationOrg: null,
 
       isPrivate: repo.private,
       isForked: repo.fork,
@@ -138,6 +308,8 @@ export async function getGithubStarredRepositories({
       hasLFS: false, // Placeholder
       hasSubmodules: false, // Placeholder
 
+      language: repo.language,
+      description: repo.description,
       defaultBranch: repo.default_branch,
       visibility: (repo.visibility ?? "public") as GitRepo["visibility"],
 
@@ -244,6 +416,8 @@ export async function getGithubOrganizationRepositories({
 
       owner: repo.owner.login,
       organization: repo.owner.login,
+      mirroredLocation: "",
+      destinationOrg: null,
 
       isPrivate: repo.private,
       isForked: repo.fork,
@@ -258,6 +432,8 @@ export async function getGithubOrganizationRepositories({
       hasLFS: false,
       hasSubmodules: false,
 
+      language: repo.language,
+      description: repo.description,
       defaultBranch: repo.default_branch ?? "main",
       visibility: (repo.visibility ?? "public") as GitRepo["visibility"],
 

src/lib/rate-limit-manager.ts

@@ -0,0 +1,422 @@
+import { db, rateLimits } from "@/lib/db";
+import { eq, and } from "drizzle-orm";
+import { v4 as uuidv4 } from "uuid";
+import type { Octokit } from "@octokit/rest";
+import { publishEvent } from "@/lib/events";
+
+type RateLimitStatus = "ok" | "warning" | "limited" | "exceeded";
+
+interface RateLimitInfo {
+  limit: number;
+  remaining: number;
+  used: number;
+  reset: Date;
+  retryAfter?: number;
+  status: RateLimitStatus;
+}
+
+interface RateLimitHeaders {
+  "x-ratelimit-limit"?: string;
+  "x-ratelimit-remaining"?: string;
+  "x-ratelimit-used"?: string;
+  "x-ratelimit-reset"?: string;
+  "retry-after"?: string;
+}
+
+/**
+ * Rate limit manager for GitHub API
+ * 
+ * GitHub API Limits for authenticated users:
+ * - Primary: 5,000 requests per hour
+ * - Secondary: 900 points per minute (GET = 1 point, mutations = more)
+ * - Concurrent: Maximum 100 concurrent requests (recommended: 5-20)
+ * 
+ * For repositories with many issues/PRs:
+ * - Each issue = 1 request to fetch
+ * - Each PR = 1 request to fetch
+ * - Comments = Additional requests per issue/PR
+ * - Better to limit by total requests rather than repositories
+ */
+export class RateLimitManager {
+  private static readonly WARNING_THRESHOLD = 0.2; // Warn when 20% remaining (80% used)
+  private static readonly PAUSE_THRESHOLD = 0.05; // Pause when 5% remaining
+  private static readonly MIN_REQUESTS_BUFFER = 100; // Keep at least 100 requests as buffer
+  private static lastNotifiedThreshold: Map<string, number> = new Map(); // Track last notification per user
+
+  /**
+   * Check current rate limit status from GitHub
+   */
+  static async checkGitHubRateLimit(octokit: Octokit, userId: string): Promise<RateLimitInfo> {
+    try {
+      const { data } = await octokit.rateLimit.get();
+      const core = data.rate;
+      
+      const info: RateLimitInfo = {
+        limit: core.limit,
+        remaining: core.remaining,
+        used: core.used,
+        reset: new Date(core.reset * 1000),
+        status: this.calculateStatus(core.remaining, core.limit),
+      };
+
+      // Update database
+      await this.updateRateLimit(userId, "github", info);
+      
+      return info;
+    } catch (error) {
+      console.error("Failed to check GitHub rate limit:", error);
+      // Return last known status from database if API check fails
+      return await this.getLastKnownStatus(userId, "github");
+    }
+  }
+
+  /**
+   * Extract rate limit info from response headers
+   */
+  static parseRateLimitHeaders(headers: RateLimitHeaders): Partial<RateLimitInfo> {
+    const info: Partial<RateLimitInfo> = {};
+    
+    if (headers["x-ratelimit-limit"]) {
+      info.limit = parseInt(headers["x-ratelimit-limit"], 10);
+    }
+    if (headers["x-ratelimit-remaining"]) {
+      info.remaining = parseInt(headers["x-ratelimit-remaining"], 10);
+    }
+    if (headers["x-ratelimit-used"]) {
+      info.used = parseInt(headers["x-ratelimit-used"], 10);
+    }
+    if (headers["x-ratelimit-reset"]) {
+      info.reset = new Date(parseInt(headers["x-ratelimit-reset"], 10) * 1000);
+    }
+    if (headers["retry-after"]) {
+      info.retryAfter = parseInt(headers["retry-after"], 10);
+    }
+    
+    if (info.remaining !== undefined && info.limit !== undefined) {
+      info.status = this.calculateStatus(info.remaining, info.limit);
+    }
+    
+    return info;
+  }
+
+  /**
+   * Update rate limit info from API response
+   */
+  static async updateFromResponse(userId: string, headers: RateLimitHeaders): Promise<void> {
+    const info = this.parseRateLimitHeaders(headers);
+    if (Object.keys(info).length > 0) {
+      await this.updateRateLimit(userId, "github", info as RateLimitInfo);
+    }
+  }
+
+  /**
+   * Calculate rate limit status based on remaining requests
+   */
+  static calculateStatus(remaining: number, limit: number): RateLimitStatus {
+    const ratio = remaining / limit;
+    
+    if (remaining === 0) return "exceeded";
+    if (remaining < this.MIN_REQUESTS_BUFFER || ratio < this.PAUSE_THRESHOLD) return "limited";
+    if (ratio < this.WARNING_THRESHOLD) return "warning";
+    return "ok";
+  }
+
+  /**
+   * Check if we should pause operations
+   */
+  static async shouldPause(userId: string, provider: "github" | "gitea" = "github"): Promise<boolean> {
+    const status = await this.getLastKnownStatus(userId, provider);
+    return status.status === "limited" || status.status === "exceeded";
+  }
+
+  /**
+   * Calculate wait time until rate limit resets
+   */
+  static calculateWaitTime(reset: Date, retryAfter?: number): number {
+    if (retryAfter) {
+      return retryAfter * 1000; // Convert to milliseconds
+    }
+    
+    const now = new Date();
+    const waitTime = reset.getTime() - now.getTime();
+    return Math.max(0, waitTime);
+  }
+
+  /**
+   * Wait until rate limit resets
+   */
+  static async waitForReset(userId: string, provider: "github" | "gitea" = "github"): Promise<void> {
+    const status = await this.getLastKnownStatus(userId, provider);
+    
+    if (status.status === "ok" || status.status === "warning") {
+      return; // No need to wait
+    }
+    
+    const waitTime = this.calculateWaitTime(status.reset, status.retryAfter);
+    
+    if (waitTime > 0) {
+      console.log(`[RateLimit] Waiting ${Math.ceil(waitTime / 1000)}s for rate limit reset...`);
+      
+      // Create event for UI notification
+      await publishEvent({
+        userId,
+        channel: "rate-limit",
+        payload: {
+          type: "waiting",
+          provider,
+          waitTime,
+          resetAt: status.reset,
+          message: `API rate limit reached. Waiting ${Math.ceil(waitTime / 1000)} seconds before resuming...`,
+        },
+      });
+      
+      // Wait
+      await new Promise(resolve => setTimeout(resolve, waitTime));
+      
+      // Update status after waiting
+      await this.updateRateLimit(userId, provider, {
+        ...status,
+        status: "ok",
+        remaining: status.limit,
+        used: 0,
+      });
+      
+      // Notify that we've resumed
+      await publishEvent({
+        userId,
+        channel: "rate-limit",
+        payload: {
+          type: "resumed",
+          provider,
+          message: "Rate limit reset. Resuming operations...",
+        },
+      });
+    }
+  }
+
+  /**
+   * Update rate limit info in database
+   */
+  private static async updateRateLimit(
+    userId: string,
+    provider: "github" | "gitea",
+    info: RateLimitInfo
+  ): Promise<void> {
+    const existing = await db
+      .select()
+      .from(rateLimits)
+      .where(and(eq(rateLimits.userId, userId), eq(rateLimits.provider, provider)))
+      .limit(1);
+    
+    const data = {
+      userId,
+      provider,
+      limit: info.limit,
+      remaining: info.remaining,
+      used: info.used,
+      reset: info.reset,
+      retryAfter: info.retryAfter,
+      status: info.status,
+      lastChecked: new Date(),
+      updatedAt: new Date(),
+    };
+    
+    if (existing.length > 0) {
+      await db
+        .update(rateLimits)
+        .set(data)
+        .where(eq(rateLimits.id, existing[0].id));
+    } else {
+      await db.insert(rateLimits).values({
+        id: uuidv4(),
+        ...data,
+        createdAt: new Date(),
+      });
+    }
+    
+    // Only send notifications at specific thresholds to avoid spam
+    const usedPercentage = ((info.limit - info.remaining) / info.limit) * 100;
+    const userKey = `${userId}-${provider}`;
+    const lastNotified = this.lastNotifiedThreshold.get(userKey) || 0;
+    
+    // Notify at 80% usage (20% remaining)
+    if (usedPercentage >= 80 && usedPercentage < 100 && lastNotified < 80) {
+      this.lastNotifiedThreshold.set(userKey, 80);
+      await publishEvent({
+        userId,
+        channel: "rate-limit",
+        payload: {
+          type: "warning",
+          provider,
+          status: info.status,
+          remaining: info.remaining,
+          limit: info.limit,
+          usedPercentage: Math.round(usedPercentage),
+          message: `GitHub API rate limit at ${Math.round(usedPercentage)}%. ${info.remaining} requests remaining.`,
+        },
+      });
+      console.log(`[RateLimit] 80% threshold reached for user ${userId}: ${info.remaining}/${info.limit} requests remaining`);
+    }
+    
+    // Notify at 100% usage (0 remaining)
+    if (info.remaining === 0 && lastNotified < 100) {
+      this.lastNotifiedThreshold.set(userKey, 100);
+      const resetTime = new Date(info.reset);
+      const minutesUntilReset = Math.ceil((resetTime.getTime() - Date.now()) / 60000);
+      await publishEvent({
+        userId,
+        channel: "rate-limit",
+        payload: {
+          type: "exceeded",
+          provider,
+          status: "exceeded",
+          remaining: 0,
+          limit: info.limit,
+          usedPercentage: 100,
+          reset: info.reset,
+          message: `GitHub API rate limit exceeded. Will automatically resume in ${minutesUntilReset} minutes.`,
+        },
+      });
+      console.log(`[RateLimit] 100% rate limit exceeded for user ${userId}. Resets at ${resetTime.toLocaleTimeString()}`);
+    }
+    
+    // Reset notification threshold when rate limit resets
+    if (info.remaining > info.limit * 0.5 && lastNotified > 0) {
+      this.lastNotifiedThreshold.delete(userKey);
+    }
+  }
+
+  /**
+   * Get last known rate limit status from database
+   */
+  private static async getLastKnownStatus(
+    userId: string,
+    provider: "github" | "gitea"
+  ): Promise<RateLimitInfo> {
+    const [result] = await db
+      .select()
+      .from(rateLimits)
+      .where(and(eq(rateLimits.userId, userId), eq(rateLimits.provider, provider)))
+      .limit(1);
+    
+    if (result) {
+      return {
+        limit: result.limit,
+        remaining: result.remaining,
+        used: result.used,
+        reset: result.reset,
+        retryAfter: result.retryAfter ?? undefined,
+        status: result.status as RateLimitStatus,
+      };
+    }
+    
+    // Return default if no data
+    return {
+      limit: 5000,
+      remaining: 5000,
+      used: 0,
+      reset: new Date(Date.now() + 3600000), // 1 hour from now
+      status: "ok",
+    };
+  }
+
+  /**
+   * Get human-readable status message
+   */
+  private static getStatusMessage(info: RateLimitInfo): string {
+    const percentage = Math.round((info.remaining / info.limit) * 100);
+    
+    switch (info.status) {
+      case "exceeded":
+        return `API rate limit exceeded. Resets at ${info.reset.toLocaleTimeString()}.`;
+      case "limited":
+        return `API rate limit critical: Only ${info.remaining} requests remaining (${percentage}%). Pausing operations...`;
+      case "warning":
+        return `API rate limit warning: ${info.remaining} requests remaining (${percentage}%).`;
+      default:
+        return `API rate limit healthy: ${info.remaining}/${info.limit} requests remaining.`;
+    }
+  }
+
+  /**
+   * Smart retry with exponential backoff for rate-limited requests
+   */
+  static async retryWithBackoff<T>(
+    fn: () => Promise<T>,
+    userId: string,
+    maxRetries: number = 3
+  ): Promise<T> {
+    let lastError: any;
+    
+    for (let attempt = 0; attempt < maxRetries; attempt++) {
+      try {
+        // Check if we should pause before attempting
+        if (await this.shouldPause(userId)) {
+          await this.waitForReset(userId);
+        }
+        
+        return await fn();
+      } catch (error: any) {
+        lastError = error;
+        
+        // Check if it's a rate limit error
+        if (error.status === 403 && error.message?.includes("rate limit")) {
+          console.log(`[RateLimit] Rate limit hit on attempt ${attempt + 1}/${maxRetries}`);
+          
+          // Parse rate limit headers from error response if available
+          if (error.response?.headers) {
+            await this.updateFromResponse(userId, error.response.headers);
+          }
+          
+          // Wait for reset
+          await this.waitForReset(userId);
+        } else if (error.status === 429) {
+          // Too Many Requests - use exponential backoff
+          const backoffTime = Math.min(1000 * Math.pow(2, attempt), 30000); // Max 30s
+          console.log(`[RateLimit] Too many requests, backing off ${backoffTime}ms`);
+          await new Promise(resolve => setTimeout(resolve, backoffTime));
+        } else {
+          // Not a rate limit error, throw immediately
+          throw error;
+        }
+      }
+    }
+    
+    throw lastError;
+  }
+}
+
+/**
+ * Middleware to check rate limits before making API calls
+ */
+export async function withRateLimitCheck<T>(
+  userId: string,
+  operation: () => Promise<T>,
+  operationName: string = "API call"
+): Promise<T> {
+  // Check if we should pause
+  if (await RateLimitManager.shouldPause(userId)) {
+    console.log(`[RateLimit] Pausing ${operationName} due to rate limit`);
+    await RateLimitManager.waitForReset(userId);
+  }
+  
+  // Execute with retry logic
+  return await RateLimitManager.retryWithBackoff(operation, userId);
+}
+
+/**
+ * Hook to update rate limits from Octokit responses
+ */
+export function createOctokitRateLimitPlugin(userId: string) {
+  return {
+    hook: (request: any, options: any) => {
+      return request(options).then((response: any) => {
+        // Update rate limit from response headers
+        if (response.headers) {
+          RateLimitManager.updateFromResponse(userId, response.headers).catch(console.error);
+        }
+        return response;
+      });
+    },
+  };
+}

src/lib/recovery.ts

@@ -260,11 +260,13 @@ async function recoverMirrorJob(job: any, remainingItemIds: string[]) {
       throw new Error('GitHub token not found in configuration');
     }
 
-    // Create GitHub client with error handling
+    // Create GitHub client with error handling and rate limit tracking
     let octokit;
     try {
       const decryptedToken = getDecryptedGitHubToken(config);
-      octokit = createGitHubClient(decryptedToken);
+      const githubUsername = config.githubConfig?.owner || undefined;
+      const userId = config.userId || undefined;
+      octokit = createGitHubClient(decryptedToken, userId, githubUsername);
     } catch (error) {
       throw new Error(`Failed to create GitHub client: ${error instanceof Error ? error.message : String(error)}`);
     }

src/lib/repo-utils.test.ts

@@ -0,0 +1,75 @@
+import { describe, it, expect } from 'bun:test';
+import { mergeGitReposPreferStarred, normalizeGitRepoToInsert, calcBatchSizeForInsert } from '@/lib/repo-utils';
+import type { GitRepo } from '@/types/Repository';
+
+function sampleRepo(overrides: Partial<GitRepo> = {}): GitRepo {
+  const base: GitRepo = {
+    name: 'repo',
+    fullName: 'owner/repo',
+    url: 'https://github.com/owner/repo',
+    cloneUrl: 'https://github.com/owner/repo.git',
+    owner: 'owner',
+    organization: undefined,
+    mirroredLocation: '',
+    destinationOrg: null,
+    isPrivate: false,
+    isForked: false,
+    forkedFrom: undefined,
+    hasIssues: true,
+    isStarred: false,
+    isArchived: false,
+    size: 1,
+    hasLFS: false,
+    hasSubmodules: false,
+    language: null,
+    description: null,
+    defaultBranch: 'main',
+    visibility: 'public',
+    status: 'imported',
+    lastMirrored: undefined,
+    errorMessage: undefined,
+    createdAt: new Date(),
+    updatedAt: new Date(),
+  };
+  return { ...base, ...overrides };
+}
+
+describe('mergeGitReposPreferStarred', () => {
+  it('keeps unique repos', () => {
+    const basic = [sampleRepo({ fullName: 'a/x', name: 'x' })];
+    const starred: GitRepo[] = [];
+    const merged = mergeGitReposPreferStarred(basic, starred);
+    expect(merged).toHaveLength(1);
+    expect(merged[0].fullName).toBe('a/x');
+  });
+
+  it('prefers starred when duplicate exists', () => {
+    const basic = [sampleRepo({ fullName: 'a/x', name: 'x', isStarred: false })];
+    const starred = [sampleRepo({ fullName: 'a/x', name: 'x', isStarred: true })];
+    const merged = mergeGitReposPreferStarred(basic, starred);
+    expect(merged).toHaveLength(1);
+    expect(merged[0].isStarred).toBe(true);
+  });
+});
+
+describe('normalizeGitRepoToInsert', () => {
+  it('sets undefined optional fields to null', () => {
+    const repo = sampleRepo({ organization: undefined, forkedFrom: undefined, language: undefined, description: undefined, lastMirrored: undefined, errorMessage: undefined });
+    const insert = normalizeGitRepoToInsert(repo, { userId: 'u', configId: 'c' });
+    expect(insert.organization).toBeNull();
+    expect(insert.forkedFrom).toBeNull();
+    expect(insert.language).toBeNull();
+    expect(insert.description).toBeNull();
+    expect(insert.lastMirrored).toBeNull();
+    expect(insert.errorMessage).toBeNull();
+  });
+});
+
+describe('calcBatchSizeForInsert', () => {
+  it('respects 999 parameter limit', () => {
+    const batch = calcBatchSizeForInsert(29);
+    expect(batch).toBeGreaterThan(0);
+    expect(batch * 29).toBeLessThanOrEqual(999);
+  });
+});
+

src/lib/repo-utils.ts

@@ -0,0 +1,71 @@
+import { v4 as uuidv4 } from 'uuid';
+import type { GitRepo } from '@/types/Repository';
+import { repositories } from '@/lib/db/schema';
+
+export type RepoInsert = typeof repositories.$inferInsert;
+
+// Merge lists and de-duplicate by fullName, preferring starred variant when present
+export function mergeGitReposPreferStarred(
+  basicAndForked: GitRepo[],
+  starred: GitRepo[]
+): GitRepo[] {
+  const map = new Map<string, GitRepo>();
+  for (const r of [...basicAndForked, ...starred]) {
+    const existing = map.get(r.fullName);
+    if (!existing || (!existing.isStarred && r.isStarred)) {
+      map.set(r.fullName, r);
+    }
+  }
+  return Array.from(map.values());
+}
+
+// Convert a GitRepo to a normalized DB insert object with all nullable fields set
+export function normalizeGitRepoToInsert(
+  repo: GitRepo,
+  {
+    userId,
+    configId,
+  }: { userId: string; configId: string }
+): RepoInsert {
+  return {
+    id: uuidv4(),
+    userId,
+    configId,
+    name: repo.name,
+    fullName: repo.fullName,
+    url: repo.url,
+    cloneUrl: repo.cloneUrl,
+    owner: repo.owner,
+    organization: repo.organization ?? null,
+    mirroredLocation: repo.mirroredLocation || '',
+    destinationOrg: repo.destinationOrg || null,
+    isPrivate: repo.isPrivate,
+    isForked: repo.isForked,
+    forkedFrom: repo.forkedFrom ?? null,
+    hasIssues: repo.hasIssues,
+    isStarred: repo.isStarred,
+    isArchived: repo.isArchived,
+    size: repo.size,
+    hasLFS: repo.hasLFS,
+    hasSubmodules: repo.hasSubmodules,
+    language: repo.language ?? null,
+    description: repo.description ?? null,
+    defaultBranch: repo.defaultBranch,
+    visibility: repo.visibility,
+    status: 'imported',
+    lastMirrored: repo.lastMirrored ?? null,
+    errorMessage: repo.errorMessage ?? null,
+    createdAt: repo.createdAt || new Date(),
+    updatedAt: repo.updatedAt || new Date(),
+  };
+}
+
+// Compute a safe batch size based on SQLite 999-parameter limit
+export function calcBatchSizeForInsert(columnCount: number, maxParams = 999): number {
+  if (columnCount <= 0) return 1;
+  // Reserve a little headroom in case column count drifts
+  const safety = 0;
+  const effectiveMax = Math.max(1, maxParams - safety);
+  return Math.max(1, Math.floor(effectiveMax / columnCount));
+}
+

src/lib/repository-cleanup-service.ts

@@ -7,7 +7,7 @@
 import { db, configs, repositories } from '@/lib/db';
 import { eq, and, or, sql, not, inArray } from 'drizzle-orm';
 import { createGitHubClient, getGithubRepositories, getGithubStarredRepositories } from '@/lib/github';
-import { createGiteaClient, deleteGiteaRepo, archiveGiteaRepo } from '@/lib/gitea';
+import { createGiteaClient, deleteGiteaRepo, archiveGiteaRepo, getGiteaRepoOwnerAsync, checkRepoLocation } from '@/lib/gitea';
 import { getDecryptedGitHubToken, getDecryptedGiteaToken } from '@/lib/utils/config-encryption';
 import { publishEvent } from '@/lib/events';
 
@@ -23,9 +23,10 @@ async function identifyOrphanedRepositories(config: any): Promise<any[]> {
   const userId = config.userId;
   
   try {
-    // Get current GitHub repositories
+    // Get current GitHub repositories with rate limit tracking
     const decryptedToken = getDecryptedGitHubToken(config);
-    const octokit = createGitHubClient(decryptedToken);
+    const githubUsername = config.githubConfig?.owner || undefined;
+    const octokit = createGitHubClient(decryptedToken, userId, githubUsername);
     
     let allGithubRepos = [];
     let githubApiAccessible = true;
@@ -108,26 +109,46 @@ async function handleOrphanedRepository(
     const giteaToken = getDecryptedGiteaToken(config);
     const giteaClient = createGiteaClient(config.giteaConfig.url, giteaToken);
     
-    // Determine the Gitea owner and repo name
-    const mirroredLocation = repo.mirroredLocation || '';
-    let giteaOwner = repo.owner;
-    let giteaRepoName = repo.name;
-    
-    if (mirroredLocation) {
-      const parts = mirroredLocation.split('/');
-      if (parts.length >= 2) {
-        giteaOwner = parts[parts.length - 2];
-        giteaRepoName = parts[parts.length - 1];
-      }
+    // Determine the Gitea owner and repo name more robustly
+    const mirroredLocation = (repo.mirroredLocation || '').trim();
+    let giteaOwner: string;
+    let giteaRepoName: string;
+
+    if (mirroredLocation && mirroredLocation.includes('/')) {
+      const [ownerPart, namePart] = mirroredLocation.split('/');
+      giteaOwner = ownerPart;
+      giteaRepoName = namePart;
+    } else {
+      // Fall back to expected owner based on config and repo flags (starred/org overrides)
+      giteaOwner = await getGiteaRepoOwnerAsync({ config, repository: repo });
+      giteaRepoName = repo.name;
     }
+
+    // Normalize owner casing to avoid GetUserByName issues on some Gitea setups
+    giteaOwner = giteaOwner.trim();
     
     if (action === 'archive') {
       console.log(`[Repository Cleanup] Archiving orphaned repository ${repoFullName} in Gitea`);
+      // Best-effort check to validate actual location; falls back gracefully
+      try {
+        const { present, actualOwner } = await checkRepoLocation({
+          config,
+          repository: repo,
+          expectedOwner: giteaOwner,
+        });
+        if (present) {
+          giteaOwner = actualOwner;
+        }
+      } catch {
+        // Non-fatal; continue with best guess
+      }
+
       await archiveGiteaRepo(giteaClient, giteaOwner, giteaRepoName);
       
       // Update database status
       await db.update(repositories).set({
         status: 'archived',
+        isArchived: true,
         errorMessage: 'Repository archived - no longer in GitHub',
         updatedAt: new Date(),
       }).where(eq(repositories.id, repo.id));
@@ -401,4 +422,4 @@ export async function triggerRepositoryCleanup(userId: string): Promise<{
   }
   
   return runRepositoryCleanup(config);
-}
+}

src/lib/scheduler-service.ts

@@ -11,6 +11,7 @@ import { getDecryptedGitHubToken } from '@/lib/utils/config-encryption';
 import { parseInterval, formatDuration } from '@/lib/utils/duration-parser';
 import type { Repository } from '@/lib/db/schema';
 import { repoStatusEnum, repositoryVisibilityEnum } from '@/types/Repository';
+import { mergeGitReposPreferStarred, normalizeGitRepoToInsert, calcBatchSizeForInsert } from '@/lib/repo-utils';
 
 let schedulerInterval: NodeJS.Timeout | null = null;
 let isSchedulerRunning = false;
@@ -94,8 +95,7 @@ async function runScheduledSync(config: any): Promise<void> {
             ? getGithubStarredRepositories({ octokit, config })
             : Promise.resolve([]),
         ]);
-        
-        const allGithubRepos = [...basicAndForkedRepos, ...starredRepos];
+        const allGithubRepos = mergeGitReposPreferStarred(basicAndForkedRepos, starredRepos);
         
         // Check for new repositories
         const existingRepos = await db
@@ -110,33 +110,21 @@ async function runScheduledSync(config: any): Promise<void> {
           console.log(`[Scheduler] Found ${newRepos.length} new repositories for user ${userId}`);
           
           // Insert new repositories
-          const reposToInsert = newRepos.map(repo => ({
-            id: uuidv4(),
-            userId,
-            configId: config.id,
-            name: repo.name,
-            fullName: repo.fullName,
-            url: repo.url,
-            cloneUrl: repo.cloneUrl,
-            owner: repo.owner,
-            organization: repo.organization,
-            isPrivate: repo.isPrivate,
-            isForked: repo.isForked,
-            forkedFrom: repo.forkedFrom,
-            hasIssues: repo.hasIssues,
-            isStarred: repo.isStarred,
-            isArchived: repo.isArchived,
-            size: repo.size,
-            hasLFS: repo.hasLFS,
-            hasSubmodules: repo.hasSubmodules,
-            defaultBranch: repo.defaultBranch,
-            visibility: repo.visibility,
-            status: 'imported',
-            createdAt: new Date(),
-            updatedAt: new Date(),
-          }));
+          const reposToInsert = newRepos.map(repo => 
+            normalizeGitRepoToInsert(repo, { userId, configId: config.id })
+          );
           
-          await db.insert(repositories).values(reposToInsert);
+          // Batch insert to avoid SQLite parameter limit
+          const sample = reposToInsert[0];
+          const columnCount = Object.keys(sample ?? {}).length || 1;
+          const BATCH_SIZE = calcBatchSizeForInsert(columnCount);
+          for (let i = 0; i < reposToInsert.length; i += BATCH_SIZE) {
+            const batch = reposToInsert.slice(i, i + BATCH_SIZE);
+            await db
+              .insert(repositories)
+              .values(batch)
+              .onConflictDoNothing({ target: [repositories.userId, repositories.fullName] });
+          }
           console.log(`[Scheduler] Successfully imported ${newRepos.length} new repositories for user ${userId}`);
         } else {
           console.log(`[Scheduler] No new repositories found for user ${userId}`);
@@ -178,6 +166,75 @@ async function runScheduledSync(config: any): Promise<void> {
       }
     }
     
+    // Auto-mirror: Mirror imported/pending/failed repositories if enabled
+    if (scheduleConfig.autoMirror) {
+      try {
+        console.log(`[Scheduler] Auto-mirror enabled - checking for repositories to mirror for user ${userId}...`);
+        const reposNeedingMirror = await db
+          .select()
+          .from(repositories)
+          .where(
+            and(
+              eq(repositories.userId, userId),
+              or(
+                eq(repositories.status, 'imported'),
+                eq(repositories.status, 'pending'),
+                eq(repositories.status, 'failed')
+              )
+            )
+          );
+
+        if (reposNeedingMirror.length > 0) {
+          console.log(`[Scheduler] Found ${reposNeedingMirror.length} repositories that need initial mirroring`);
+
+          // Prepare Octokit client
+          const decryptedToken = getDecryptedGitHubToken(config);
+          const { Octokit } = await import('@octokit/rest');
+          const octokit = new Octokit({ auth: decryptedToken });
+
+          // Process repositories in batches
+          const batchSize = scheduleConfig.batchSize || 10;
+          const pauseBetweenBatches = scheduleConfig.pauseBetweenBatches || 2000;
+          for (let i = 0; i < reposNeedingMirror.length; i += batchSize) {
+            const batch = reposNeedingMirror.slice(i, Math.min(i + batchSize, reposNeedingMirror.length));
+            console.log(`[Scheduler] Auto-mirror batch ${Math.floor(i / batchSize) + 1} of ${Math.ceil(reposNeedingMirror.length / batchSize)} (${batch.length} repos)`);
+
+            await Promise.all(
+              batch.map(async (repo) => {
+                try {
+                  const repository: Repository = {
+                    ...repo,
+                    status: repoStatusEnum.parse(repo.status),
+                    organization: repo.organization ?? undefined,
+                    lastMirrored: repo.lastMirrored ?? undefined,
+                    errorMessage: repo.errorMessage ?? undefined,
+                    mirroredLocation: repo.mirroredLocation || '',
+                    forkedFrom: repo.forkedFrom ?? undefined,
+                    visibility: repositoryVisibilityEnum.parse(repo.visibility),
+                  };
+
+                  await mirrorGithubRepoToGitea({ octokit, repository, config });
+                  console.log(`[Scheduler] Auto-mirrored repository: ${repo.fullName}`);
+                } catch (error) {
+                  console.error(`[Scheduler] Failed to auto-mirror repository ${repo.fullName}:`, error);
+                }
+              })
+            );
+
+            // Pause between batches if configured
+            if (i + batchSize < reposNeedingMirror.length) {
+              console.log(`[Scheduler] Pausing for ${pauseBetweenBatches}ms before next auto-mirror batch...`);
+              await new Promise(resolve => setTimeout(resolve, pauseBetweenBatches));
+            }
+          }
+        } else {
+          console.log(`[Scheduler] No repositories need initial mirroring`);
+        }
+      } catch (mirrorError) {
+        console.error(`[Scheduler] Error during auto-mirror phase for user ${userId}:`, mirrorError);
+      }
+    }
+
     // Get repositories to sync
     let reposToSync = await db
       .select()
@@ -371,8 +428,7 @@ async function performInitialAutoStart(): Promise<void> {
             ? getGithubStarredRepositories({ octokit, config })
             : Promise.resolve([]),
         ]);
-        
-        const allGithubRepos = [...basicAndForkedRepos, ...starredRepos];
+        const allGithubRepos = mergeGitReposPreferStarred(basicAndForkedRepos, starredRepos);
         
         // Check for new repositories
         const existingRepos = await db
@@ -387,33 +443,21 @@ async function performInitialAutoStart(): Promise<void> {
           console.log(`[Scheduler] Importing ${reposToImport.length} repositories for user ${config.userId}...`);
           
           // Insert new repositories
-          const reposToInsert = reposToImport.map(repo => ({
-            id: uuidv4(),
-            userId: config.userId,
-            configId: config.id,
-            name: repo.name,
-            fullName: repo.fullName,
-            url: repo.url,
-            cloneUrl: repo.cloneUrl,
-            owner: repo.owner,
-            organization: repo.organization,
-            isPrivate: repo.isPrivate,
-            isForked: repo.isForked,
-            forkedFrom: repo.forkedFrom,
-            hasIssues: repo.hasIssues,
-            isStarred: repo.isStarred,
-            isArchived: repo.isArchived,
-            size: repo.size,
-            hasLFS: repo.hasLFS,
-            hasSubmodules: repo.hasSubmodules,
-            defaultBranch: repo.defaultBranch,
-            visibility: repo.visibility,
-            status: 'imported',
-            createdAt: new Date(),
-            updatedAt: new Date(),
-          }));
+          const reposToInsert = reposToImport.map(repo => 
+            normalizeGitRepoToInsert(repo, { userId: config.userId, configId: config.id })
+          );
           
-          await db.insert(repositories).values(reposToInsert);
+          // Batch insert to avoid SQLite parameter limit
+          const sample = reposToInsert[0];
+          const columnCount = Object.keys(sample ?? {}).length || 1;
+          const BATCH_SIZE = calcBatchSizeForInsert(columnCount);
+          for (let i = 0; i < reposToInsert.length; i += BATCH_SIZE) {
+            const batch = reposToInsert.slice(i, i + BATCH_SIZE);
+            await db
+              .insert(repositories)
+              .values(batch)
+              .onConflictDoNothing({ target: [repositories.userId, repositories.fullName] });
+          }
           console.log(`[Scheduler] Successfully imported ${reposToImport.length} repositories`);
         } else {
           console.log(`[Scheduler] No new repositories to import for user ${config.userId}`);
@@ -689,4 +733,4 @@ export function stopSchedulerService(): void {
  */
 export function isSchedulerServiceRunning(): boolean {
   return schedulerInterval !== null;
-}
+}

src/lib/utils/concurrency.ts

@@ -10,7 +10,7 @@
 export async function processInParallel<T, R>(
   items: T[],
   processItem: (item: T) => Promise<R>,
-  concurrencyLimit: number = 5,
+  concurrencyLimit: number = 5, // Safe default for GitHub API (max 100 concurrent, but 5-10 recommended)
   onProgress?: (completed: number, total: number, result?: R) => void
 ): Promise<R[]> {
   const results: R[] = [];

src/lib/utils/config-defaults.ts

@@ -93,7 +93,7 @@ export async function createDefaultConfig({ userId, envOverrides = {} }: Default
       enabled: scheduleEnabled,
       interval: scheduleInterval,
       concurrent: false,
-      batchSize: 10,
+      batchSize: 5, // Reduced from 10 to be more conservative with GitHub API limits
       lastRun: null,
       nextRun: scheduleEnabled ? new Date(Date.now() + scheduleInterval * 1000) : null,
     },

src/lib/utils/config-mapper.ts

@@ -11,6 +11,7 @@ import type {
 } from "@/types/config";
 import { z } from "zod";
 import { githubConfigSchema, giteaConfigSchema, scheduleConfigSchema, cleanupConfigSchema } from "@/lib/db/schema";
+import { parseInterval } from "@/lib/utils/duration-parser";
 
 // Use the actual database schema types
 type DbGitHubConfig = z.infer<typeof githubConfigSchema>;
@@ -165,27 +166,22 @@ export function mapDbToUiConfig(dbConfig: any): {
 /**
  * Maps UI schedule config to database schema
  */
-export function mapUiScheduleToDb(uiSchedule: any): DbScheduleConfig {
+export function mapUiScheduleToDb(uiSchedule: any, existing?: DbScheduleConfig): DbScheduleConfig {
+  // Preserve existing schedule config and only update fields controlled by the UI
+  const base: DbScheduleConfig = existing
+    ? { ...(existing as unknown as DbScheduleConfig) }
+    : (scheduleConfigSchema.parse({}) as unknown as DbScheduleConfig);
+
+  // Store interval as seconds string to avoid lossy cron conversion
+  const intervalSeconds = typeof uiSchedule.interval === 'number' && uiSchedule.interval > 0
+    ? String(uiSchedule.interval)
+    : (typeof base.interval === 'string' ? base.interval : String(86400));
+
   return {
-    enabled: uiSchedule.enabled || false,
-    interval: uiSchedule.interval ? `0 */${Math.floor(uiSchedule.interval / 3600)} * * *` : "0 2 * * *", // Convert seconds to cron expression
-    concurrent: false,
-    batchSize: 10,
-    pauseBetweenBatches: 5000,
-    retryAttempts: 3,
-    retryDelay: 60000,
-    timeout: 3600000,
-    autoRetry: true,
-    cleanupBeforeMirror: false,
-    notifyOnFailure: true,
-    notifyOnSuccess: false,
-    logLevel: "info",
-    timezone: "UTC",
-    onlyMirrorUpdated: false,
-    updateInterval: 86400000,
-    skipRecentlyMirrored: true,
-    recentThreshold: 3600000,
-  };
+    ...base,
+    enabled: !!uiSchedule.enabled,
+    interval: intervalSeconds,
+  } as DbScheduleConfig;
 }
 
 /**
@@ -202,23 +198,18 @@ export function mapDbScheduleToUi(dbSchedule: DbScheduleConfig): any {
     };
   }
 
-  // Extract hours from cron expression if possible
+  // Parse interval supporting numbers (seconds), duration strings, and cron
   let intervalSeconds = 86400; // Default to daily (24 hours)
-  
-  if (dbSchedule.interval) {
-    // Check if it's already a number (seconds), use it directly
-    if (typeof dbSchedule.interval === 'number') {
-      intervalSeconds = dbSchedule.interval;
-    } else if (typeof dbSchedule.interval === 'string') {
-      // Check if it's a cron expression
-      const cronMatch = dbSchedule.interval.match(/0 \*\/(\d+) \* \* \*/);
-      if (cronMatch) {
-        intervalSeconds = parseInt(cronMatch[1]) * 3600;
-      } else if (dbSchedule.interval === "0 2 * * *") {
-        // Daily at 2 AM
-        intervalSeconds = 86400;
-      }
-    }
+  try {
+    const ms = parseInterval(
+      typeof dbSchedule.interval === 'number'
+        ? dbSchedule.interval
+        : (dbSchedule.interval as unknown as string)
+    );
+    intervalSeconds = Math.max(1, Math.floor(ms / 1000));
+  } catch (_e) {
+    // Fallback to default if unparsable
+    intervalSeconds = 86400;
   }
 
   return {
@@ -266,4 +257,4 @@ export function mapDbCleanupToUi(dbCleanup: DbCleanupConfig): any {
     lastRun: dbCleanup.lastRun || null,
     nextRun: dbCleanup.nextRun || null,
   };
-}
+}

src/pages/api/auth/sso/register.ts

@@ -2,6 +2,9 @@ import type { APIContext } from "astro";
 import { createSecureErrorResponse } from "@/lib/utils";
 import { requireAuth } from "@/lib/utils/auth-helpers";
 import { auth } from "@/lib/auth";
+import { db, ssoProviders } from "@/lib/db";
+import { eq } from "drizzle-orm";
+import { nanoid } from "nanoid";
 
 // POST /api/auth/sso/register - Register a new SSO provider using Better Auth
 export async function POST(context: APIContext) {
@@ -168,7 +171,47 @@ export async function POST(context: APIContext) {
     }
 
     const result = await response.json();
-    
+
+    // Mirror provider into our local sso_providers table for UI listing
+    try {
+      const existing = await db
+        .select()
+        .from(ssoProviders)
+        .where(eq(ssoProviders.providerId, providerId))
+        .limit(1);
+
+      const values: any = {
+        issuer: registrationBody.issuer,
+        domain: registrationBody.domain,
+        organizationId: registrationBody.organizationId,
+        updatedAt: new Date(),
+      };
+      if (registrationBody.oidcConfig) {
+        values.oidcConfig = JSON.stringify(registrationBody.oidcConfig);
+      }
+      if (registrationBody.samlConfig) {
+        values.samlConfig = JSON.stringify(registrationBody.samlConfig);
+      }
+
+      if (existing.length > 0) {
+        await db.update(ssoProviders).set(values).where(eq(ssoProviders.id, existing[0].id));
+      } else {
+        await db.insert(ssoProviders).values({
+          id: nanoid(),
+          issuer: registrationBody.issuer,
+          domain: registrationBody.domain,
+          oidcConfig: JSON.stringify(registrationBody.oidcConfig || {}),
+          samlConfig: registrationBody.samlConfig ? JSON.stringify(registrationBody.samlConfig) : undefined,
+          userId: user.id,
+          providerId: registrationBody.providerId,
+          organizationId: registrationBody.organizationId,
+        });
+      }
+    } catch (e) {
+      // Do not fail the main request if mirroring to local table fails
+      console.warn("Failed to mirror SSO provider to local DB:", e);
+    }
+
     return new Response(JSON.stringify(result), {
       status: 201,
       headers: { "Content-Type": "application/json" },
@@ -199,4 +242,4 @@ export async function GET(context: APIContext) {
   } catch (error) {
     return createSecureErrorResponse(error, "SSO provider listing");
   }
-}
+}

src/pages/api/config/index.ts

@@ -87,7 +87,10 @@ export const POST: APIRoute = async ({ request }) => {
     }
 
     // Map schedule and cleanup configs to database schema
-    const processedScheduleConfig = mapUiScheduleToDb(scheduleConfig);
+    const processedScheduleConfig = mapUiScheduleToDb(
+      scheduleConfig,
+      existingConfig ? existingConfig.scheduleConfig : undefined
+    );
     const processedCleanupConfig = mapUiCleanupToDb(cleanupConfig);
 
     if (existingConfig) {

src/pages/api/events/index.ts

@@ -0,0 +1,69 @@
+import type { APIRoute } from "astro";
+import { getNewEvents } from "@/lib/events";
+
+export const GET: APIRoute = async ({ request }) => {
+  const url = new URL(request.url);
+  const userId = url.searchParams.get("userId");
+
+  if (!userId) {
+    return new Response("Missing userId", { status: 400 });
+  }
+
+  // Create a new ReadableStream for SSE
+  const stream = new ReadableStream({
+    start(controller) {
+      const encoder = new TextEncoder();
+      let lastEventTime = new Date();
+
+      // Send initial connection message
+      controller.enqueue(encoder.encode(": connected\n\n"));
+
+      // Poll for new events every 2 seconds
+      const pollInterval = setInterval(async () => {
+        try {
+          // Get new rate limit events
+          const newEvents = await getNewEvents({
+            userId,
+            channel: "rate-limit",
+            lastEventTime,
+          });
+
+          // Send each new event
+          for (const event of newEvents) {
+            const message = `event: rate-limit\ndata: ${JSON.stringify(event.payload)}\n\n`;
+            controller.enqueue(encoder.encode(message));
+            lastEventTime = new Date(event.createdAt);
+          }
+        } catch (error) {
+          console.error("Error polling for events:", error);
+        }
+      }, 2000); // Poll every 2 seconds
+
+      // Send heartbeat every 30 seconds to keep connection alive
+      const heartbeatInterval = setInterval(() => {
+        try {
+          controller.enqueue(encoder.encode(": heartbeat\n\n"));
+        } catch (error) {
+          clearInterval(heartbeatInterval);
+          clearInterval(pollInterval);
+        }
+      }, 30000);
+
+      // Cleanup on close
+      request.signal.addEventListener("abort", () => {
+        clearInterval(pollInterval);
+        clearInterval(heartbeatInterval);
+        controller.close();
+      });
+    },
+  });
+
+  return new Response(stream, {
+    headers: {
+      "Content-Type": "text/event-stream",
+      "Cache-Control": "no-cache",
+      "Connection": "keep-alive",
+      "X-Accel-Buffering": "no", // Disable nginx buffering
+    },
+  });
+};

src/pages/api/job/mirror-org.ts

@@ -71,9 +71,10 @@ export const POST: APIRoute = async ({ request }) => {
         throw new Error("GitHub token is missing in config.");
       }
 
-      // Create a single Octokit instance to be reused
+      // Create a single Octokit instance to be reused with rate limit tracking
       const decryptedToken = getDecryptedGitHubToken(config);
-      const octokit = createGitHubClient(decryptedToken);
+      const githubUsername = config.githubConfig?.owner || undefined;
+      const octokit = createGitHubClient(decryptedToken, userId, githubUsername);
 
       // Define the concurrency limit - adjust based on API rate limits
       // Using a lower concurrency for organizations since each org might contain many repos

src/pages/api/job/mirror-repo.ts

@@ -73,9 +73,10 @@ export const POST: APIRoute = async ({ request }) => {
         throw new Error("GitHub token is missing.");
       }
 
-      // Create a single Octokit instance to be reused
+      // Create a single Octokit instance to be reused with rate limit tracking
       const decryptedToken = getDecryptedGitHubToken(config);
-      const octokit = createGitHubClient(decryptedToken);
+      const githubUsername = config.githubConfig?.owner || undefined;
+      const octokit = createGitHubClient(decryptedToken, userId, githubUsername);
 
       // Define the concurrency limit - adjust based on API rate limits
       const CONCURRENCY_LIMIT = 3;

src/pages/api/job/retry-repo.ts

@@ -71,12 +71,13 @@ export const POST: APIRoute = async ({ request }) => {
 
     // Start background retry with parallel processing
     setTimeout(async () => {
-      // Create a single Octokit instance to be reused if needed
+      // Create a single Octokit instance to be reused if needed with rate limit tracking
       const decryptedToken = config.githubConfig.token
         ? getDecryptedGitHubToken(config)
         : null;
+      const githubUsername = config.githubConfig?.owner || undefined;
       const octokit = decryptedToken
-        ? createGitHubClient(decryptedToken)
+        ? createGitHubClient(decryptedToken, userId, githubUsername)
         : null;
 
       // Define the concurrency limit - adjust based on API rate limits

src/pages/api/job/schedule-sync-repo.ts

@@ -8,6 +8,7 @@ import type {
   ScheduleSyncRepoResponse,
 } from "@/types/sync";
 import { createSecureErrorResponse } from "@/lib/utils";
+import { parseInterval } from "@/lib/utils/duration-parser";
 
 export const POST: APIRoute = async ({ request }) => {
   try {
@@ -72,8 +73,17 @@ export const POST: APIRoute = async ({ request }) => {
 
     // Calculate nextRun and update lastRun and nextRun in the config
     const currentTime = new Date();
-    const interval = config.scheduleConfig?.interval ?? 3600;
-    const nextRun = new Date(currentTime.getTime() + interval * 1000);
+    let intervalMs = 3600 * 1000;
+    try {
+      intervalMs = parseInterval(
+        typeof config.scheduleConfig?.interval === 'number'
+          ? config.scheduleConfig.interval
+          : (config.scheduleConfig?.interval as unknown as string) || '3600'
+      );
+    } catch {
+      intervalMs = 3600 * 1000;
+    }
+    const nextRun = new Date(currentTime.getTime() + intervalMs);
 
     // Update the full giteaConfig object
     await db

src/pages/api/rate-limit/index.ts

@@ -0,0 +1,104 @@
+import type { APIRoute } from "astro";
+import { db, rateLimits } from "@/lib/db";
+import { eq, and, desc } from "drizzle-orm";
+import { jsonResponse, createSecureErrorResponse } from "@/lib/utils";
+import { RateLimitManager } from "@/lib/rate-limit-manager";
+import { createGitHubClient } from "@/lib/github";
+import { getDecryptedGitHubToken } from "@/lib/utils/config-encryption";
+import { configs } from "@/lib/db";
+
+export const GET: APIRoute = async ({ request }) => {
+  const url = new URL(request.url);
+  const userId = url.searchParams.get("userId");
+  const refresh = url.searchParams.get("refresh") === "true";
+
+  if (!userId) {
+    return jsonResponse({
+      data: { error: "Missing userId" },
+      status: 400,
+    });
+  }
+
+  try {
+    // If refresh is requested, fetch current rate limit from GitHub
+    if (refresh) {
+      const [config] = await db
+        .select()
+        .from(configs)
+        .where(eq(configs.userId, userId))
+        .limit(1);
+
+      if (config && config.githubConfig?.token) {
+        const decryptedToken = getDecryptedGitHubToken(config);
+        const githubUsername = config.githubConfig?.owner || undefined;
+        const octokit = createGitHubClient(decryptedToken, userId, githubUsername);
+        
+        // This will update the rate limit in the database
+        await RateLimitManager.checkGitHubRateLimit(octokit, userId);
+      }
+    }
+
+    // Get rate limit status from database
+    const [rateLimit] = await db
+      .select()
+      .from(rateLimits)
+      .where(and(eq(rateLimits.userId, userId), eq(rateLimits.provider, "github")))
+      .orderBy(desc(rateLimits.updatedAt))
+      .limit(1);
+
+    if (!rateLimit) {
+      return jsonResponse({
+        data: {
+          limit: 5000,
+          remaining: 5000,
+          used: 0,
+          reset: new Date(Date.now() + 3600000), // 1 hour from now
+          status: "ok",
+          lastChecked: new Date(),
+          message: "No rate limit data available yet",
+        },
+      });
+    }
+
+    // Calculate percentage
+    const percentage = Math.round((rateLimit.remaining / rateLimit.limit) * 100);
+    
+    // Calculate time until reset
+    const now = new Date();
+    const resetTime = new Date(rateLimit.reset);
+    const timeUntilReset = Math.max(0, resetTime.getTime() - now.getTime());
+    const minutesUntilReset = Math.ceil(timeUntilReset / 60000);
+
+    let message = "";
+    switch (rateLimit.status) {
+      case "exceeded":
+        message = `Rate limit exceeded. Resets in ${minutesUntilReset} minutes.`;
+        break;
+      case "limited":
+        message = `Rate limit critical: ${rateLimit.remaining}/${rateLimit.limit} (${percentage}%)`;
+        break;
+      case "warning":
+        message = `Rate limit warning: ${rateLimit.remaining}/${rateLimit.limit} (${percentage}%)`;
+        break;
+      default:
+        message = `Rate limit healthy: ${rateLimit.remaining}/${rateLimit.limit} (${percentage}%)`;
+    }
+
+    return jsonResponse({
+      data: {
+        limit: rateLimit.limit,
+        remaining: rateLimit.remaining,
+        used: rateLimit.used,
+        reset: rateLimit.reset,
+        retryAfter: rateLimit.retryAfter,
+        status: rateLimit.status,
+        lastChecked: rateLimit.lastChecked,
+        percentage,
+        minutesUntilReset,
+        message,
+      },
+    });
+  } catch (error) {
+    return createSecureErrorResponse(error, "rate limit check", 500);
+  }
+};

src/pages/api/sso/providers.ts

@@ -4,6 +4,7 @@ import { requireAuth } from "@/lib/utils/auth-helpers";
 import { db, ssoProviders } from "@/lib/db";
 import { nanoid } from "nanoid";
 import { eq } from "drizzle-orm";
+import { auth } from "@/lib/auth";
 
 // GET /api/sso/providers - List all SSO providers
 export async function GET(context: APIContext) {
@@ -29,7 +30,11 @@ export async function GET(context: APIContext) {
   }
 }
 
-// POST /api/sso/providers - Create a new SSO provider
+// POST /api/sso/providers - DEPRECATED legacy create (use Better Auth registration)
+// This route remains for backward-compatibility only. Preferred flow:
+// - Client/UI calls authClient.sso.register(...) to register with Better Auth
+// - Server mirrors provider into local DB for listing
+// Creation via this route is discouraged and may be removed in a future version.
 export async function POST(context: APIContext) {
   try {
     const { user, response } = await requireAuth(context);
@@ -45,10 +50,12 @@ export async function POST(context: APIContext) {
       tokenEndpoint,
       jwksEndpoint,
       userInfoEndpoint,
+      discoveryEndpoint,
       mapping,
       providerId,
       organizationId,
       scopes,
+      pkce,
     } = body;
 
     // Validate required fields
@@ -62,6 +69,32 @@ export async function POST(context: APIContext) {
       );
     }
 
+    // Clean issuer URL (remove trailing slash); validate URL format
+    let cleanIssuer = issuer;
+    try {
+      const issuerUrl = new URL(issuer.toString().trim());
+      cleanIssuer = issuerUrl.toString().replace(/\/$/, "");
+    } catch {
+      return new Response(
+        JSON.stringify({ error: `Invalid issuer URL format: ${issuer}` }),
+        { status: 400, headers: { "Content-Type": "application/json" } }
+      );
+    }
+
+    // Validate OIDC endpoints: require discoveryEndpoint or at least authorization+token
+    const hasDiscovery = typeof discoveryEndpoint === 'string' && discoveryEndpoint.trim() !== '';
+    const hasCoreEndpoints = typeof authorizationEndpoint === 'string' && authorizationEndpoint.trim() !== ''
+      && typeof tokenEndpoint === 'string' && tokenEndpoint.trim() !== '';
+    if (!hasDiscovery && !hasCoreEndpoints) {
+      return new Response(
+        JSON.stringify({
+          error: "Invalid OIDC configuration",
+          details: "Provide discoveryEndpoint, or both authorizationEndpoint and tokenEndpoint."
+        }),
+        { status: 400, headers: { "Content-Type": "application/json" } }
+      );
+    }
+
     // Check if provider ID already exists
     const existing = await db
       .select()
@@ -79,15 +112,27 @@ export async function POST(context: APIContext) {
       );
     }
 
-    // Create OIDC config object
+    // Helper to validate and normalize URL strings (optional fields allowed)
+    const validateUrl = (value?: string) => {
+      if (!value || typeof value !== 'string' || value.trim() === '') return undefined;
+      try {
+        return new URL(value.trim()).toString();
+      } catch {
+        return undefined;
+      }
+    };
+
+    // Create OIDC config object (store as-is for UI and for Better Auth registration)
     const oidcConfig = {
       clientId,
       clientSecret,
-      authorizationEndpoint,
-      tokenEndpoint,
-      jwksEndpoint,
-      userInfoEndpoint,
+      authorizationEndpoint: validateUrl(authorizationEndpoint),
+      tokenEndpoint: validateUrl(tokenEndpoint),
+      jwksEndpoint: validateUrl(jwksEndpoint),
+      userInfoEndpoint: validateUrl(userInfoEndpoint),
+      discoveryEndpoint: validateUrl(discoveryEndpoint),
       scopes: scopes || ["openid", "email", "profile"],
+      pkce: pkce !== false,
       mapping: mapping || {
         id: "sub",
         email: "email",
@@ -97,12 +142,55 @@ export async function POST(context: APIContext) {
       },
     };
 
+    // First, register with Better Auth so the SSO plugin has the provider
+    try {
+      const headers = new Headers();
+      const cookieHeader = context.request.headers.get("cookie");
+      if (cookieHeader) headers.set("cookie", cookieHeader);
+
+      const res = await auth.api.registerSSOProvider({
+        body: {
+          providerId,
+          issuer: cleanIssuer,
+          domain,
+          organizationId,
+          oidcConfig: {
+            clientId: oidcConfig.clientId,
+            clientSecret: oidcConfig.clientSecret,
+            authorizationEndpoint: oidcConfig.authorizationEndpoint,
+            tokenEndpoint: oidcConfig.tokenEndpoint,
+            jwksEndpoint: oidcConfig.jwksEndpoint,
+            discoveryEndpoint: oidcConfig.discoveryEndpoint,
+            userInfoEndpoint: oidcConfig.userInfoEndpoint,
+            scopes: oidcConfig.scopes,
+            pkce: oidcConfig.pkce,
+          },
+          mapping: oidcConfig.mapping,
+        },
+        headers,
+      });
+
+      if (!res.ok) {
+        const errText = await res.text();
+        return new Response(
+          JSON.stringify({ error: `Failed to register SSO provider: ${errText}` }),
+          { status: res.status || 500, headers: { "Content-Type": "application/json" } }
+        );
+      }
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      return new Response(
+        JSON.stringify({ error: `Better Auth registration failed: ${message}` }),
+        { status: 500, headers: { "Content-Type": "application/json" } }
+      );
+    }
+
     // Insert new provider
     const [newProvider] = await db
       .insert(ssoProviders)
       .values({
         id: nanoid(),
-        issuer,
+        issuer: cleanIssuer,
         domain,
         oidcConfig: JSON.stringify(oidcConfig),
         userId: user.id,
@@ -259,4 +347,4 @@ export async function DELETE(context: APIContext) {
   } catch (error) {
     return createSecureErrorResponse(error, "SSO providers API");
   }
-}
+}

src/pages/api/sync/index.ts

@@ -10,6 +10,7 @@ import {
   getGithubStarredRepositories,
 } from "@/lib/github";
 import { jsonResponse, createSecureErrorResponse } from "@/lib/utils";
+import { mergeGitReposPreferStarred, calcBatchSizeForInsert } from "@/lib/repo-utils";
 import { getDecryptedGitHubToken } from "@/lib/utils/config-encryption";
 
 export const POST: APIRoute = async ({ request }) => {
@@ -43,7 +44,8 @@ export const POST: APIRoute = async ({ request }) => {
 
     // Decrypt the GitHub token before using it
     const decryptedToken = getDecryptedGitHubToken(config);
-    const octokit = createGitHubClient(decryptedToken);
+    const githubUsername = config.githubConfig?.owner || undefined;
+    const octokit = createGitHubClient(decryptedToken, userId, githubUsername);
 
     // Fetch GitHub data in parallel
     const [basicAndForkedRepos, starredRepos, gitOrgs] = await Promise.all([
@@ -54,7 +56,8 @@ export const POST: APIRoute = async ({ request }) => {
       getGithubOrganizations({ octokit, config }),
     ]);
 
-    const allGithubRepos = [...basicAndForkedRepos, ...starredRepos];
+    // Merge and de-duplicate by fullName, preferring starred variant when duplicated
+    const allGithubRepos = mergeGitReposPreferStarred(basicAndForkedRepos, starredRepos);
 
     // Prepare full list of repos and orgs
     const newRepos = allGithubRepos.map((repo) => ({
@@ -66,21 +69,25 @@ export const POST: APIRoute = async ({ request }) => {
       url: repo.url,
       cloneUrl: repo.cloneUrl,
       owner: repo.owner,
-      organization: repo.organization,
+      organization: repo.organization ?? null,
+      mirroredLocation: repo.mirroredLocation || "",
+      destinationOrg: repo.destinationOrg || null,
       isPrivate: repo.isPrivate,
       isForked: repo.isForked,
-      forkedFrom: repo.forkedFrom,
+      forkedFrom: repo.forkedFrom ?? null,
       hasIssues: repo.hasIssues,
       isStarred: repo.isStarred,
       isArchived: repo.isArchived,
       size: repo.size,
       hasLFS: repo.hasLFS,
       hasSubmodules: repo.hasSubmodules,
+      language: repo.language ?? null,
+      description: repo.description ?? null,
       defaultBranch: repo.defaultBranch,
       visibility: repo.visibility,
       status: repo.status,
-      lastMirrored: repo.lastMirrored,
-      errorMessage: repo.errorMessage,
+      lastMirrored: repo.lastMirrored ?? null,
+      errorMessage: repo.errorMessage ?? null,
       createdAt: repo.createdAt,
       updatedAt: repo.updatedAt,
     }));
@@ -123,12 +130,27 @@ export const POST: APIRoute = async ({ request }) => {
       );
       insertedOrgs = newOrgs.filter((o) => !existingOrgNames.has(o.name));
 
+      // Batch insert repositories to avoid SQLite parameter limit (dynamic by column count)
+      const sample = newRepos[0];
+      const columnCount = Object.keys(sample ?? {}).length || 1;
+      const REPO_BATCH_SIZE = calcBatchSizeForInsert(columnCount);
       if (insertedRepos.length > 0) {
-        await tx.insert(repositories).values(insertedRepos);
+        for (let i = 0; i < insertedRepos.length; i += REPO_BATCH_SIZE) {
+          const batch = insertedRepos.slice(i, i + REPO_BATCH_SIZE);
+          await tx
+            .insert(repositories)
+            .values(batch)
+            .onConflictDoNothing({ target: [repositories.userId, repositories.fullName] });
+        }
       }
 
+      // Batch insert organizations (they have fewer fields, so we can use larger batches)
+      const ORG_BATCH_SIZE = 100;
       if (insertedOrgs.length > 0) {
-        await tx.insert(organizations).values(insertedOrgs);
+        for (let i = 0; i < insertedOrgs.length; i += ORG_BATCH_SIZE) {
+          const batch = insertedOrgs.slice(i, i + ORG_BATCH_SIZE);
+          await tx.insert(organizations).values(batch);
+        }
       }
     });
 

src/pages/api/sync/organization.ts

@@ -69,8 +69,9 @@ export const POST: APIRoute = async ({ request }) => {
       });
     }
     
-    // Create authenticated Octokit instance
-    const octokit = createGitHubClient(decryptedConfig.githubConfig.token);
+    // Create authenticated Octokit instance with rate limit tracking
+    const githubUsername = decryptedConfig.githubConfig?.owner || undefined;
+    const octokit = createGitHubClient(decryptedConfig.githubConfig.token, userId, githubUsername);
 
     // Fetch org metadata
     const { data: orgData } = await octokit.orgs.get({ org });
@@ -117,25 +118,40 @@ export const POST: APIRoute = async ({ request }) => {
       owner: repo.owner.login,
       organization:
         repo.owner.type === "Organization" ? repo.owner.login : null,
+      mirroredLocation: "",
+      destinationOrg: null,
       isPrivate: repo.private,
       isForked: repo.fork,
-      forkedFrom: undefined,
+      forkedFrom: null,
       hasIssues: repo.has_issues,
       isStarred: false,
       isArchived: repo.archived,
       size: repo.size,
       hasLFS: false,
       hasSubmodules: false,
+      language: repo.language ?? null,
+      description: repo.description ?? null,
       defaultBranch: repo.default_branch ?? "main",
       visibility: (repo.visibility ?? "public") as RepositoryVisibility,
       status: "imported" as RepoStatus,
-      lastMirrored: undefined,
-      errorMessage: undefined,
+      lastMirrored: null,
+      errorMessage: null,
       createdAt: repo.created_at ? new Date(repo.created_at) : new Date(),
       updatedAt: repo.updated_at ? new Date(repo.updated_at) : new Date(),
     }));
 
-    await db.insert(repositories).values(repoRecords);
+    // Batch insert repositories to avoid SQLite parameter limit
+    // Compute batch size based on column count
+    const sample = repoRecords[0];
+    const columnCount = Object.keys(sample ?? {}).length || 1;
+    const BATCH_SIZE = Math.max(1, Math.floor(999 / columnCount));
+    for (let i = 0; i < repoRecords.length; i += BATCH_SIZE) {
+      const batch = repoRecords.slice(i, i + BATCH_SIZE);
+      await db
+        .insert(repositories)
+        .values(batch)
+        .onConflictDoNothing({ target: [repositories.userId, repositories.fullName] });
+    }
 
     // Insert organization metadata
     const organizationRecord = {

src/pages/api/sync/repository.ts

@@ -80,24 +80,25 @@ export const POST: APIRoute = async ({ request }) => {
       cloneUrl: repoData.clone_url,
       owner: repoData.owner.login,
       organization:
-        repoData.owner.type === "Organization"
-          ? repoData.owner.login
-          : undefined,
+        repoData.owner.type === "Organization" ? repoData.owner.login : null,
       isPrivate: repoData.private,
       isForked: repoData.fork,
-      forkedFrom: undefined,
+      forkedFrom: null,
       hasIssues: repoData.has_issues,
       isStarred: false,
       isArchived: repoData.archived,
       size: repoData.size,
       hasLFS: false,
       hasSubmodules: false,
+      language: repoData.language ?? null,
+      description: repoData.description ?? null,
       defaultBranch: repoData.default_branch,
       visibility: (repoData.visibility ?? "public") as RepositoryVisibility,
       status: "imported" as Repository["status"],
-      lastMirrored: undefined,
-      errorMessage: undefined,
+      lastMirrored: null,
+      errorMessage: null,
       mirroredLocation: "",
+      destinationOrg: null,
       createdAt: repoData.created_at
         ? new Date(repoData.created_at)
         : new Date(),
@@ -106,7 +107,10 @@ export const POST: APIRoute = async ({ request }) => {
         : new Date(),
     };
 
-    await db.insert(repositories).values(metadata);
+    await db
+      .insert(repositories)
+      .values(metadata)
+      .onConflictDoNothing({ target: [repositories.userId, repositories.fullName] });
 
     createMirrorJob({
       userId,

src/pages/docs/advanced.astro

@@ -52,7 +52,9 @@ import MainLayout from '../../layouts/main.astro';
                 { var: 'PORT', desc: 'Server port', default: '4321' },
                 { var: 'HOST', desc: 'Server host', default: '0.0.0.0' },
                 { var: 'BETTER_AUTH_SECRET', desc: 'Authentication secret key', default: 'Auto-generated' },
-                { var: 'BETTER_AUTH_URL', desc: 'Authentication base URL', default: 'http://localhost:4321' },
+                { var: 'BETTER_AUTH_URL', desc: 'Authentication base URL (public origin)', default: 'http://localhost:4321' },
+                { var: 'PUBLIC_BETTER_AUTH_URL', desc: 'Optional: public URL used by the client', default: 'Unset' },
+                { var: 'BETTER_AUTH_TRUSTED_ORIGINS', desc: 'Comma-separated list of additional trusted origins', default: 'Unset' },
                 { var: 'NODE_EXTRA_CA_CERTS', desc: 'Path to CA certificate file', default: 'None' },
                 { var: 'DATABASE_URL', desc: 'SQLite database path', default: './data/gitea-mirror.db' },
               ].map((item, i) => (
@@ -464,4 +466,4 @@ ls -t "$BACKUP_DIR"/backup_*.tar.gz | tail -n +8 | xargs rm -f`}</code></pre>
       </section>
     </article>
   </main>
-</MainLayout>
+</MainLayout>

src/pages/docs/architecture.astro

@@ -216,7 +216,7 @@ import MainLayout from '../../layouts/main.astro';
             <div class="space-y-3">
               {[
                 'User accounts and authentication data (Better Auth)',
-                'OAuth applications and SSO provider configurations',
+                'OAuth applications and SSO provider configurations (providers registered via Better Auth; mirrored locally for UI)',
                 'GitHub and Gitea configuration',
                 'Repository and organization information',
                 'Mirroring job history and status',
@@ -336,4 +336,4 @@ import MainLayout from '../../layouts/main.astro';
       </section>
     </article>
   </main>
-</MainLayout>
+</MainLayout>

src/pages/docs/authentication.astro

@@ -107,6 +107,23 @@ import MainLayout from '../../layouts/main.astro';
         </p>
 
         <h3 class="text-xl font-semibold mb-4">Adding an SSO Provider</h3>
+        <div class="bg-blue-500/10 border border-blue-500/20 rounded-lg p-4 mb-6">
+          <div class="flex gap-3">
+            <div class="text-blue-600 dark:text-blue-500">
+              <svg class="w-5 h-5 mt-0.5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z"/>
+              </svg>
+            </div>
+            <div>
+              <p class="font-semibold text-blue-600 dark:text-blue-500 mb-1">Better Auth Registration</p>
+              <p class="text-sm">
+                Provider creation uses Better Auth's SSO registration under the hood. The legacy API route
+                <code class="bg-muted px-1 rounded">POST /api/sso/providers</code> is deprecated and not required for setup.
+                To change Provider ID or endpoints, delete and recreate the provider from the UI.
+              </p>
+            </div>
+          </div>
+        </div>
         
         <div class="bg-card rounded-lg border border-border p-6 mb-6">
           <h4 class="font-semibold mb-4">Required Information</h4>
@@ -147,11 +164,11 @@ import MainLayout from '../../layouts/main.astro';
 
         <h3 class="text-xl font-semibold mb-4">Redirect URL Configuration</h3>
         
-        <div class="bg-muted/30 rounded-lg p-4">
-          <p class="text-sm mb-2">When configuring your SSO provider, use this redirect URL:</p>
-          <code class="bg-muted rounded px-3 py-2 block">https://your-domain.com/api/auth/sso/callback/{`{provider-id}`}</code>
-          <p class="text-xs text-muted-foreground mt-2">Replace <code>{`{provider-id}`}</code> with your chosen Provider ID (e.g., google-sso)</p>
-        </div>
+          <div class="bg-muted/30 rounded-lg p-4">
+            <p class="text-sm mb-2">When configuring your SSO provider, use this redirect URL:</p>
+            <code class="bg-muted rounded px-3 py-2 block">https://your-domain.com/api/auth/sso/callback/{`{provider-id}`}</code>
+            <p class="text-xs text-muted-foreground mt-2">Replace <code>{`{provider-id}`}</code> with your chosen Provider ID (e.g., google-sso)</p>
+          </div>
       </section>
 
       <div class="my-12 h-px bg-border/50"></div>
@@ -532,4 +549,4 @@ import MainLayout from '../../layouts/main.astro';
       </section>
     </article>
   </main>
-</MainLayout>
+</MainLayout>

src/pages/docs/configuration.astro

@@ -4,7 +4,10 @@ import MainLayout from '../../layouts/main.astro';
 const envVars = [
   { name: 'NODE_ENV', desc: 'Runtime environment', default: 'development', example: 'production' },
   { name: 'DATABASE_URL', desc: 'SQLite database URL', default: 'file:data/gitea-mirror.db', example: 'file:path/to/database.db' },
-  { name: 'JWT_SECRET', desc: 'Secret key for JWT auth', default: 'Auto-generated', example: 'your-secure-string' },
+  { name: 'BETTER_AUTH_SECRET', desc: 'Authentication secret key', default: 'Auto-generated', example: 'generate a strong random string' },
+  { name: 'BETTER_AUTH_URL', desc: 'Authentication base URL (public origin)', default: 'http://localhost:4321', example: 'https://gitea-mirror.example.com' },
+  { name: 'PUBLIC_BETTER_AUTH_URL', desc: 'Optional: public URL used by the client', default: 'Unset', example: 'https://gitea-mirror.example.com' },
+  { name: 'BETTER_AUTH_TRUSTED_ORIGINS', desc: 'Comma-separated list of additional trusted origins', default: 'Unset', example: 'https://gitea-mirror.example.com,https://alt.example.com' },
   { name: 'HOST', desc: 'Server host', default: 'localhost', example: '0.0.0.0' },
   { name: 'PORT', desc: 'Server port', default: '4321', example: '8080' }
 ];
@@ -509,4 +512,4 @@ curl http://your-server:port/api/health`}</code></pre>
       </section>
     </article>
   </main>
-</MainLayout>
+</MainLayout>

src/pages/docs/quickstart.astro

@@ -260,6 +260,16 @@ bun run start</code></pre>
             },
             {
               num: '3',
+              title: 'Optional: Configure SSO',
+              items: [
+                'Open Configuration → Authentication',
+                'Click “Add Provider” and enter your OIDC details',
+                'Use redirect URL: https://<your-domain>/api/auth/sso/callback/{provider-id}',
+                'Edits are handled as delete & recreate (Better Auth registration)'
+              ]
+            },
+            {
+              num: '4',
               title: 'Configure Gitea Connection',
               items: [
                 'Enter your Gitea server URL',
@@ -269,7 +279,7 @@ bun run start</code></pre>
               ]
             },
             {
-              num: '4',
+              num: '5',
               title: 'Set Up Scheduling',
               items: [
                 'Enable automatic mirroring',
@@ -434,4 +444,4 @@ bun run start</code></pre>
       </section>
     </article>
   </main>
-</MainLayout>
+</MainLayout>

src/types/Repository.ts

@@ -12,6 +12,7 @@ export const repoStatusEnum = z.enum([
   "deleted",
   "syncing",
   "synced",
+  "archived",
 ]);
 
 export type RepoStatus = z.infer<typeof repoStatusEnum>;
@@ -48,6 +49,8 @@ export interface GitRepo {
 
   owner: string;
   organization?: string;
+  mirroredLocation?: string;
+  destinationOrg?: string | null;
 
   isPrivate: boolean;
   isForked: boolean;
@@ -61,6 +64,8 @@ export interface GitRepo {
   hasLFS: boolean;
   hasSubmodules: boolean;
 
+  language?: string | null;
+  description?: string | null;
   defaultBranch: string;
   visibility: RepositoryVisibility;
 

src/types/config.ts

@@ -29,11 +29,14 @@ export interface DatabaseCleanupConfig {
   nextRun?: Date;
 }
 
+export type DuplicateNameStrategy = "suffix" | "prefix" | "owner-org";
+
 export interface GitHubConfig {
   username: string;
   token: string;
   privateRepositories: boolean;
   mirrorStarred: boolean;
+  starredDuplicateStrategy?: DuplicateNameStrategy;
 }
 
 export interface MirrorOptions {

src/types/repository-status.test.ts

@@ -0,0 +1,10 @@
+import { describe, expect, it } from "bun:test";
+import { repoStatusEnum } from "@/types/Repository";
+
+describe("repoStatusEnum", () => {
+  it("includes archived status", () => {
+    const res = repoStatusEnum.safeParse("archived");
+    expect(res.success).toBe(true);
+  });
+});
+

www/pnpm-lock.yaml

@@ -28,7 +28,7 @@ importers:
         version: 1.10.52
       '@tailwindcss/vite':
         specifier: ^4.1.12
-        version: 4.1.12(vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))
+        version: 4.1.12(vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))
       '@types/canvas-confetti':
         specifier: ^1.9.0
         version: 1.9.0
@@ -2017,8 +2017,8 @@ packages:
   vfile@6.0.3:
     resolution: {integrity: sha512-KzIbH/9tXat2u30jf+smMwFCsno4wHVdNmzFyL+T/L3UGqqk6JKfVqOFOZEpZSHADH1k40ab6NUIXZq422ov3Q==}
 
-  vite@6.3.5:
-    resolution: {integrity: sha512-cZn6NDFE7wdTpINgs++ZJ4N49W2vRp8LCKrn3Ob1kYNtOo21vfDoaV5GzBfLU4MovSAB8uNRm4jgzVQZ+mBzPQ==}
+  vite@6.3.6:
+    resolution: {integrity: sha512-0msEVHJEScQbhkbVTb/4iHZdJ6SXp/AvxL2sjwYQFfBqleHtnCqv1J3sa9zbWz/6kW1m9Tfzn92vW+kZ1WV6QA==}
     engines: {node: ^18.0.0 || ^20.0.0 || >=22.0.0}
     hasBin: true
     peerDependencies:
@@ -2193,11 +2193,11 @@ snapshots:
     dependencies:
       '@types/react': 19.1.12
       '@types/react-dom': 19.1.9(@types/react@19.1.12)
-      '@vitejs/plugin-react': 4.6.0(vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))
+      '@vitejs/plugin-react': 4.6.0(vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))
       react: 19.1.1
       react-dom: 19.1.1(react@19.1.1)
       ultrahtml: 1.6.0
-      vite: 6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
+      vite: 6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
     transitivePeerDependencies:
       - '@types/node'
       - jiti
@@ -2760,12 +2760,12 @@ snapshots:
       '@tailwindcss/oxide-win32-arm64-msvc': 4.1.12
       '@tailwindcss/oxide-win32-x64-msvc': 4.1.12
 
-  '@tailwindcss/vite@4.1.12(vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))':
+  '@tailwindcss/vite@4.1.12(vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))':
     dependencies:
       '@tailwindcss/node': 4.1.12
       '@tailwindcss/oxide': 4.1.12
       tailwindcss: 4.1.12
-      vite: 6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
+      vite: 6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
 
   '@types/babel__core@7.20.5':
     dependencies:
@@ -2838,7 +2838,7 @@ snapshots:
 
   '@ungap/structured-clone@1.3.0': {}
 
-  '@vitejs/plugin-react@4.6.0(vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))':
+  '@vitejs/plugin-react@4.6.0(vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))':
     dependencies:
       '@babel/core': 7.28.0
       '@babel/plugin-transform-react-jsx-self': 7.27.1(@babel/core@7.28.0)
@@ -2846,7 +2846,7 @@ snapshots:
       '@rolldown/pluginutils': 1.0.0-beta.19
       '@types/babel__core': 7.20.5
       react-refresh: 0.17.0
-      vite: 6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
+      vite: 6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
     transitivePeerDependencies:
       - supports-color
 
@@ -2935,8 +2935,8 @@ snapshots:
       unist-util-visit: 5.0.0
       unstorage: 1.16.0
       vfile: 6.0.3
-      vite: 6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
-      vitefu: 1.1.1(vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))
+      vite: 6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
+      vitefu: 1.1.1(vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1))
       xxhash-wasm: 1.1.0
       yargs-parser: 21.1.1
       yocto-spinner: 0.2.3
@@ -4526,7 +4526,7 @@ snapshots:
       '@types/unist': 3.0.3
       vfile-message: 4.0.2
 
-  vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1):
+  vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1):
     dependencies:
       esbuild: 0.25.9
       fdir: 6.4.6(picomatch@4.0.2)
@@ -4540,9 +4540,9 @@ snapshots:
       jiti: 2.5.1
       lightningcss: 1.30.1
 
-  vitefu@1.1.1(vite@6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)):
+  vitefu@1.1.1(vite@6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)):
     optionalDependencies:
-      vite: 6.3.5(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
+      vite: 6.3.6(@types/node@24.0.11)(jiti@2.5.1)(lightningcss@1.30.1)
 
   web-namespaces@2.0.1: {}
 

www/src/components/Hero.tsx

@@ -67,8 +67,35 @@ export function Hero() {
           </div>
         </div>
 
+         {/* Product Hunt Badge */}
+        <div className="mt-6 sm:mt-8 flex items-center justify-center px-4 z-20">
+          <a 
+            href="https://www.producthunt.com/products/gitea-mirror?embed=true&utm_source=badge-featured&utm_medium=badge&utm_source=badge-gitea-mirror" 
+            target="_blank"
+            rel="noopener noreferrer"
+            className="inline-block transition-transform hover:scale-105"
+          >
+            <img 
+              src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=1013721&theme=light&t=1757620787136" 
+              alt="Gitea Mirror - Automated github to gitea repository mirroring & backup | Product Hunt" 
+              style={{ width: '250px', height: '54px' }}
+              width="250" 
+              height="54" 
+              className="dark:hidden"
+            />
+            <img 
+              src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=1013721&theme=dark&t=1757620890723" 
+              alt="Gitea Mirror - Automated github to gitea repository mirroring & backup | Product Hunt" 
+              style={{ width: '250px', height: '54px' }}
+              width="250" 
+              height="54" 
+              className="hidden dark:block"
+            />
+          </a>
+        </div>
+
         {/* Call to action buttons */}
-        <div className="mt-8 sm:mt-10 flex flex-col sm:flex-row items-center justify-center gap-3 sm:gap-4 px-4 z-20">
+        {/* <div className="mt-8 sm:mt-10 flex flex-col sm:flex-row items-center justify-center gap-3 sm:gap-4 px-4 z-20">
           <Button
             size="lg"
             className="relative group w-full sm:w-auto min-h-[48px] text-base bg-gradient-to-r from-primary to-accent hover:from-primary/90 hover:to-accent/90 shadow-lg shadow-primary/25 hover:shadow-xl hover:shadow-primary/30 transition-all duration-300"
@@ -91,7 +118,7 @@ export function Hero() {
           >
             <a href="#features">View Features</a>
           </Button>
-        </div>
+        </div> */}
       </div>
     </section>
   );