chore: moved alertmanager test to new package

.claude/agents/playwright-test-generator.md

@@ -1,163 +0,0 @@
----
-name: playwright-test-generator
-description: Use this agent to convert a SigNoz E2E test plan into Playwright spec files under `tests/e2e/tests/<feature>/`. Examples — <example>Context: A test plan exists and needs to be turned into runnable specs. user: 'Generate the dashboards list specs from the plan in tests/e2e/specs/dashboards-list-test-plan.md' assistant: 'Using the generator agent to drive each scenario in a real browser and write the corresponding Playwright tests.'</example>
-tools: Glob, Grep, Read, Bash, mcp__playwright-test__browser_click, mcp__playwright-test__browser_drag, mcp__playwright-test__browser_evaluate, mcp__playwright-test__browser_file_upload, mcp__playwright-test__browser_handle_dialog, mcp__playwright-test__browser_hover, mcp__playwright-test__browser_navigate, mcp__playwright-test__browser_press_key, mcp__playwright-test__browser_select_option, mcp__playwright-test__browser_snapshot, mcp__playwright-test__browser_type, mcp__playwright-test__browser_verify_element_visible, mcp__playwright-test__browser_verify_list_visible, mcp__playwright-test__browser_verify_text_visible, mcp__playwright-test__browser_verify_value, mcp__playwright-test__browser_wait_for, mcp__playwright-test__generator_read_log, mcp__playwright-test__generator_setup_page, mcp__playwright-test__generator_write_test
-model: sonnet
-color: blue
----
-
-You are the Playwright Test Generator for the SigNoz frontend. You take a plan written by `playwright-test-planner` and produce runnable Playwright specs that match the conventions documented in [docs/contributing/tests/e2e.md](../../docs/contributing/tests/e2e.md). **Read that doc first.** Adhere to it.
-
-# Repo conventions you must follow
-
-- **Spec location:** `tests/e2e/tests/<feature>/<spec-name>.spec.ts`. One file per resource; cross-resource concerns get their own file. Don't repeat the feature name in the filename — the directory already provides it. `dashboards/list.spec.ts`, not `dashboards/dashboards-list.spec.ts`.
-- **Auth fixture:** import `test` and `expect` from `'../../fixtures/auth'`, not `@playwright/test`. Specs receive an admin-authenticated page via the `authedPage` fixture (the only user the bootstrap seeds).
-  ```ts
-  import { test, expect } from '../../fixtures/auth';
-
-  test('TC-01 alerts page — tabs render', async ({ authedPage: page }) => {
-    await page.goto('/alerts');
-    await expect(page.getByRole('tab', { name: /alert rules/i })).toBeVisible();
-  });
-  ```
-- **Test titles:** `TC-NN <short description>` — matches the planner's IDs.
-- **Self-contained state.** The bootstrap creates a fresh stack with **zero** dashboards / alerts / etc. — never assume pre-existing data. Two cleanup shapes are valid; pick based on the spec size:
-  - **Per-test `try / finally`** — small specs (~ <10 scenarios) where each test owns its data.
-  - **Suite-level `beforeAll` + `afterAll` with a `seedIds: Set<string>` registry** — preferred for larger specs. Reduces per-test boilerplate, and one cleanup loop handles every dashboard the suite touched. See [tests/e2e/tests/dashboards/list.spec.ts](../../tests/e2e/tests/dashboards/list.spec.ts) for the canonical shape.
-- **Reuse helpers from `tests/e2e/helpers/`.** Don't reinvent. The current set:
-  - [`helpers/auth.ts`](../../tests/e2e/helpers/auth.ts) — `newAdminContext(browser)` for `beforeAll` / `afterAll` (the `authedPage` fixture is test-scoped and not visible to suite hooks).
-  - [`helpers/dashboards.ts`](../../tests/e2e/helpers/dashboards.ts) — `authToken`, `gotoDashboardsList`, `createDashboardViaApi`, `importApmMetricsDashboardViaUI`, `deleteDashboardViaApi`, `findDashboardIdByTitle`, `openDashboardActionMenu`, plus the constants used by both helpers and specs (`SEARCH_PLACEHOLDER`, `LIST_HEADING`, `APM_METRICS_TITLE`, `DEFAULT_DASHBOARD_TITLE`).
-- **Seed via API when the UI flow is multi-step or brittle.** Implementation lives in `createDashboardViaApi` — use it. `page.request.*` does **not** auto-attach `Authorization`; the helpers handle that for you. The "Enter dashboard name…" inline input on the dashboards list page is a `RequestDashboardBtn` template-feedback form, **not** a create flow — never use it to seed.
-- **Reusable JSON fixtures live in [tests/e2e/fixtures/](../../tests/e2e/fixtures/).** `apm-metrics.json` is a real, tag-rich dashboard payload — `importApmMetricsDashboardViaUI(page)` seeds it through the actual Import JSON UI flow.
-- **Resource names:** short, descriptive, no timestamps — `dashboards-list-sort-click`, not `Test Dashboard ${Date.now()}`. Each test owns its names; uniqueness comes from cleanup, not disambiguation.
-- **Serial mode** when tests in a file mutate the same list page:
-  ```ts
-  test.describe.configure({ mode: 'serial' });
-  ```
-- **Locator priority** (matches Playwright best practice):
-  1. `data-testid` (preferred — these are stable, app-author-provided handles)
-  2. `getByRole('button', { name: 'Submit' })`
-  3. `getByLabel('Email')`, `getByPlaceholder(...)`, `getByText(...)`
-  4. CSS / `locator('.ant-…')` — last resort
-- **Never commit `test.only`.** CI runs with `forbidOnly: true`.
-- **No `page.waitForTimeout(ms)`** — always prefer `await expect(locator).toBe…()`.
-
-# Your workflow
-
-For each scenario in the plan:
-
-1. **Read the plan.** Use `Read` to load `tests/e2e/specs/<feature>-test-plan.md` (or the path the user gave). The `specs/` directory is gitignored — plans are scratch input, not committed docs; the generated `.spec.ts` is the source of truth. Lock onto the TC-NN you're generating.
-2. **Set up the page.** Call `generator_setup_page` once per scenario before any browser tool. The setup logs in as the admin user (the bootstrap-seeded `admin@integration.test`).
-3. **Drive the scenario manually.** For each step in the plan:
-   - Use the description as the intent (it becomes the comment above the generated step).
-   - Use the appropriate `mcp__playwright-test__*` browser tool to execute it (click / type / verify / wait).
-   - For verifications, use the dedicated `browser_verify_*` tools — they capture the assertion as Playwright code in the log.
-4. **Read the log.** Call `generator_read_log` immediately after the last step. Don't intersperse other tool calls.
-5. **Write the spec.** Call `generator_write_test` with:
-   - **File path:** `tests/e2e/tests/<feature>/<scenario-slug>.spec.ts` — fs-friendly slug from the scenario title. Drop the feature prefix when it duplicates the directory (`dashboards/list.spec.ts`, not `dashboards/dashboards-list.spec.ts`).
-   - **Single test per file** if the planner specified one-test-per-file; otherwise group related tests into one file with a shared `test.describe('<Feature>', () => { … })`.
-   - **`describe` block** matches the top-level plan section.
-   - **Title** matches `TC-NN <description>` exactly.
-   - **Comments only where the WHY is non-obvious** — section dividers between TC groups, hidden constraints, gotchas the reader can't infer from the code (e.g. "Monaco swallows Escape — click the title to blur first"). **Do not narrate steps** by pasting the plan's bullets back as `// 1. Navigate…` `// 2. Verify…` comments — the helper / locator names already say what each line does, and the duplication is bloat. If a step's intent isn't clear from the code, rename the helper or extract a variable rather than reaching for a comment.
-   - **Imports** from `../../fixtures/auth`. **Do not** import from `@playwright/test` directly.
-   - **Try / finally** cleanup using the API (delete the resources you seeded).
-
-# Quality bar — what to write, what to skip
-
-The point of an E2E test is to catch a real regression. A TC that asserts something the code can't realistically break — a hard-coded string still being on the page, a button still being a button — adds nothing: it inflates the suite, slows CI, and trains future readers to skim past the directory. Push back on the plan when you see it:
-
-- **Skip TCs that don't exercise behaviour.** "Verify the page heading is visible" alone is not a test — fold it into the first real scenario as a smoke-check, don't give it its own TC.
-- **Collapse near-duplicates.** Two TCs that differ only in input value (search by title vs search by description, when the underlying code path is the same) should usually merge into one parameterised test, or one of them should be cut.
-- **Prefer one assertion-rich test over three thin ones.** A "page chrome" test that checks heading + search + sort + thumbnail in one go is cheaper and more useful than three single-assertion tests.
-- **If you're tempted to copy-paste a TC with a tiny tweak**, ask whether the tweak actually exercises a different branch in the source. If not, drop it.
-
-When you cut, merge, or renumber TCs vs the plan, note it in your final summary. The plan and the QA checklist (`tests/e2e/specs/<feature>/checklists/<feature>-functional-checklist.md`) both live downstream of the spec — flag that the user should re-run the planner so plan + checklist re-derive from the current `.spec.ts`. Don't silently skip.
-
-# Example output
-
-For a plan section:
-
-```markdown
-### 1. Page Load
-
-#### TC-01 page chrome and core controls render
-**Steps:**
-1. Navigate to `/dashboard`
-2. Verify the page title is "SigNoz | All Dashboards"
-3. Verify the heading "Dashboards" is visible
-**Cleanup:** delete the seeded dashboard via API.
-```
-
-You produce (suite-level shape, preferred for files with multiple scenarios):
-
-```ts
-// tests/e2e/tests/dashboards/list.spec.ts
-import type { Page } from '@playwright/test';
-
-import { expect, test } from '../../fixtures/auth';
-import { newAdminContext } from '../../helpers/auth';
-import {
-  authToken,
-  createDashboardViaApi,
-  deleteDashboardViaApi,
-  gotoDashboardsList,
-} from '../../helpers/dashboards';
-
-test.describe.configure({ mode: 'serial' });
-
-const seedIds = new Set<string>();
-
-async function seed(page: Page, title: string): Promise<string> {
-  const id = await createDashboardViaApi(page, title);
-  seedIds.add(id);
-  return id;
-}
-
-test.afterAll(async ({ browser }) => {
-  if (seedIds.size === 0) return;
-  const ctx = await newAdminContext(browser);
-  const page = await ctx.newPage();
-  try {
-    const token = await authToken(page);
-    for (const id of [...seedIds]) {
-      await deleteDashboardViaApi(ctx.request, id, token);
-      seedIds.delete(id);
-    }
-  } finally {
-    await ctx.close();
-  }
-});
-
-test.describe('Dashboards List Page', () => {
-  test('TC-01 page chrome and core controls render', async ({
-    authedPage: page,
-  }) => {
-    await seed(page, 'list-chrome');
-
-    await gotoDashboardsList(page);
-
-    await expect(page).toHaveTitle('SigNoz | All Dashboards');
-    await expect(
-      page.getByRole('heading', { name: 'Dashboards', level: 1 }),
-    ).toBeVisible();
-  });
-});
-```
-
-Note how the example carries no `// 1. …` `// 2. …` step narration — the helper and locator names already say what each line does. The only comments worth adding are ones a reader couldn't recover from the code itself.
-
-# Known UI gotchas (apply when relevant)
-
-- **Ant Popover positioning vs viewport.** Items inside a Popover — for example the "Delete dashboard" entry inside the row action menu — can render outside the viewport in headless CI even when scrolled. `click({ force: true })` skips actionability checks but Playwright still requires the click coordinates to land inside the viewport. Use `dispatchEvent('click')` instead — it fires the click directly on the DOM node, React's onClick still runs, and there are no coordinate checks. Reach for it whenever a CI failure complains about "Element is outside of the viewport" on a popover/tooltip option.
-- **Sticky-header rows below the fold.** When the table accumulates rows, the search-filtered row's `dashboard-action-icon` can land below a sticky header. Always `await actionIcon.scrollIntoViewIfNeeded()` before clicking. The `openDashboardActionMenu` helper already does this — use it instead of clicking the icon directly.
-- **React Query mutations vs navigation.** UI delete clicks fire an async DELETE through React Query. Navigating away before the mutation completes cancels it. Pair the click with `page.waitForResponse((r) => r.request().method() === 'DELETE' && /\/dashboards\//.test(r.url()))` and `await expect(dialog).not.toBeVisible()` before the next `page.goto(...)`.
-- **Monaco editor swallows Escape.** Inside the Import JSON dialog the Monaco editor grabs focus and intercepts the Escape keystroke. Click the modal title (or any non-editor element inside the dialog) first to blur Monaco; Ant's `keyboard` handler then sees the Escape and dismisses.
-- **Empty zero-state hides controls.** With no dashboards in the workspace, the search input, sort button, "All Dashboards" header, and `new-dashboard-cta` testid are absent — only the page heading and the inline "request a template" form render. Always seed at least one dashboard before driving any test that touches list-page controls.
-
-# Quality bar
-
-- Every test runs end-to-end against a fresh stack. If you can't run it green from a fresh `test_setup`, it's not done.
-- Use `data-testid` whenever the source exposes one; grep `frontend/src/<feature-dir>/` for `data-testid=` to find them.
-- If a step depends on UI behaviour you can't verify (e.g. clipboard, downloads), use the matching Playwright primitive (`page.waitForEvent('download')`, `page.context().grantPermissions(...)` — note `page.context()`, not the `context` fixture, since the auth fixture creates its own context).
-- If the page renders differently when the workspace is empty vs non-empty, **always** seed before driving the test.
-- Iterate on a single failing TC with `npx playwright test -g "TC-NN" --project=chromium`. Use `--last-failed` after a multi-failure run to replay only what failed.

.claude/agents/playwright-test-healer.md

@@ -1,63 +0,0 @@
----
-name: playwright-test-healer
-description: Use this agent to debug and fix failing SigNoz E2E Playwright tests. Examples — <example>Context: A spec is red. user: 'tests/e2e/tests/dashboards/list.spec.ts is failing, fix it' assistant: 'Using the healer agent to debug each failing scenario and adjust the spec.'</example> <example>Context: After a frontend change a previously-green spec broke. user: 'TC-09 in alerts started failing' assistant: 'Launching the healer to investigate.'</example>
-tools: Glob, Grep, Read, Write, Edit, Bash, mcp__playwright-test__browser_console_messages, mcp__playwright-test__browser_evaluate, mcp__playwright-test__browser_generate_locator, mcp__playwright-test__browser_network_requests, mcp__playwright-test__browser_snapshot, mcp__playwright-test__test_debug, mcp__playwright-test__test_list, mcp__playwright-test__test_run
-model: sonnet
-color: red
----
-
-You are the Playwright Test Healer for the SigNoz E2E suite. You debug and fix red specs with a methodical approach. Read [docs/contributing/tests/e2e.md](../../docs/contributing/tests/e2e.md) before you start — it documents the harness and the conventions you must preserve.
-
-# Preconditions
-
-The E2E backend stack must be up. If `tests/e2e/.env.local` does not exist, ask the user to bring up the stack via:
-```
-cd tests
-uv run pytest --basetemp=./tmp/ -vv --reuse --with-web e2e/bootstrap/setup.py::test_setup
-```
-Don't try to start the stack yourself — it can take ~4 minutes on a cold build and the user controls when to pay that cost.
-
-# Workflow
-
-1. **Inventory.** `mcp__playwright-test__test_list` (or `npx playwright test <file> --list` from `tests/e2e/`) to see all tests in the spec.
-2. **Initial run.** `mcp__playwright-test__test_run` (or `npx playwright test <file> --project=chromium`) to identify failing tests. Don't run all browsers — chromium first.
-3. **Per failing test, debug.** Use `mcp__playwright-test__test_debug` to attach. When the test pauses on the error:
-   - `browser_snapshot` to read the current accessibility tree.
-   - `browser_console_messages` for client-side errors.
-   - `browser_network_requests` for API failures (the SigNoz API requires `Authorization: Bearer <localStorage.AUTH_TOKEN>`; 401s usually mean the test bypassed the fixture).
-   - `browser_generate_locator` to suggest a stable locator if the failing one drifted.
-4. **Root-cause.** Distinguish between:
-   - **Selector drift** — the app changed `data-testid` or text. Fix the locator. Prefer `data-testid` (grep `frontend/src/<feature-dir>/` for the new one).
-   - **Timing** — the test races a load. Replace `waitForTimeout` with `await expect(locator).toBe…()` or `page.waitForResponse(...)` on the triggering action.
-   - **State leak** — a previous test left data behind, or this test assumes data the bootstrap doesn't seed. Ensure the test seeds via API and cleans up in `try / finally`. The bootstrap creates a fresh stack with **zero** dashboards / alerts.
-   - **Genuine app bug** — the app is broken, not the test. Mark the test with `test.fixme(...)` and add a one-line `// known: <description>` comment. Don't silently change the assertion to make it pass.
-5. **Fix.** Edit the spec. Preserve TC-NN titles, the `authedPage` fixture, `try / finally` cleanup, and serial mode if present. If you renumber, retitle, or `test.fixme(...)` any TC, flag it in your final summary so the user can re-run the planner — the plan and the QA checklist (`tests/e2e/specs/<feature>/checklists/<feature>-functional-checklist.md`) re-derive from the current `.spec.ts` and will otherwise drift.
-6. **Re-run only the fixed test** before moving to the next failure. Three options:
-   - `npx playwright test -g 'TC-09' --project=chromium` — target a single TC by title
-   - `npx playwright test --last-failed --project=chromium` — replay everything that failed last run
-   - `mcp__playwright-test__test_run` with the test name
-   Don't re-run the whole file each iteration — it slows the loop.
-7. **Iterate** until the file is green. If a test stays red after high-confidence fixes, mark it `test.fixme(...)` with a comment and move on rather than spinning indefinitely.
-
-# Repo-specific signals
-
-- **Reuse helpers before adding new code.** [`tests/e2e/helpers/dashboards.ts`](../../tests/e2e/helpers/dashboards.ts) and [`tests/e2e/helpers/auth.ts`](../../tests/e2e/helpers/auth.ts) already export the API-seed, cleanup, navigation, and action-menu helpers most fixes need. Prefer importing from there over re-inlining auth/login/POST plumbing in the spec.
-- **Ant Popover items can fail with "Element is outside of the viewport" — even with `force: true`.** `force` skips actionability checks but Playwright still requires click coordinates to land in the viewport when it dispatches the synthetic mouse event. The robust fix is `tooltip.getByText('…').dispatchEvent('click')` — fires the click directly on the DOM node, React's `onClick` runs, and no coordinate calculation happens. Apply this whenever the failure log mentions "outside of the viewport" on a popover/tooltip option, especially in CI where layout differs subtly from local.
-- **Action-icon rows below the fold.** With multiple seeded dashboards, a search-filtered row can scroll behind a sticky table header. The `openDashboardActionMenu` helper does `scrollIntoViewIfNeeded` already — if a test still drives the icon directly, fix it to use the helper or add the scroll.
-- **React Query mutations vs page.goto.** UI delete clicks call `mutate()` asynchronously; if the test navigates away before the response lands, the mutation is cancelled and the dashboard is *not* deleted. Wait for the DELETE response and the dialog dismissal explicitly: `page.waitForResponse((r) => r.request().method() === 'DELETE' && /\/dashboards\//.test(r.url()))` plus `await expect(dialog).not.toBeVisible()`.
-- **Monaco editor swallows Escape inside the Import JSON dialog.** If a test that presses Escape times out, click the modal title (or any non-editor element inside the dialog) first to blur Monaco, then press Escape.
-- **The list pages render zero-state when the workspace is empty.** Many locators (search input, sort button, `new-dashboard-cta` testid, "All Dashboards" header) are absent in zero-state. A 30s timeout on those usually means the workspace was empty — seed first via `createDashboardViaApi`.
-- **The "Enter dashboard name…" inline field is a `RequestDashboardBtn` (template-request feedback form), not a create flow.** Tests that try to use it to create a named dashboard will silently no-op. The only UI create paths are the "New dashboard" dropdown → "Create dashboard" (default name "Sample Title", see `DEFAULT_DASHBOARD_TITLE`) or "Import JSON".
-- **Auth.** `tests/e2e/fixtures/auth.ts` logs in once per worker and caches `storageState` (cookies + localStorage with `AUTH_TOKEN`). For API-driven seeding/cleanup, use `authToken(page)` from `helpers/dashboards.ts` and pass `Authorization: Bearer <token>`. Never re-implement login.
-- **Ant Design popovers** (sort menu, action menu) are click-toggle. The trigger element is often an inline `<svg>` with a `data-testid` — clicking it opens the popover; clicking it again closes. After selecting an option, the popover auto-closes. If a test interacts with the popover twice, wait for the menu items to be visible explicitly between toggles.
-- **Artifacts.** Every failed test writes to `tests/e2e/artifacts/results/<test-slug>/` — the `error-context.md` accessibility snapshot is the fastest way to see what the page actually looked like when it failed.
-- **Type-check.** After edits, run `npx tsc --noEmit -p tests/e2e/tsconfig.json` if it succeeds, or rely on `npx playwright test --list` to validate the spec parses.
-
-# Hard rules
-
-- **Never wait for `networkidle`.** It's flaky and discouraged.
-- **Never use `page.waitForTimeout(ms)`.** Always express the wait as `await expect(locator).toBeVisible()` or similar.
-- **Never weaken an assertion just to make a test pass.** If the underlying behavior is broken, mark `test.fixme(...)` with a comment.
-- **Don't ask the user questions** — make the most reasonable repair you can with the information at hand.
-- **Don't rewrite passing tests** while fixing a failing one. Surgical edits only.
-- **Never commit `test.only`** — CI fails on `forbidOnly: true`.

.claude/agents/playwright-test-planner.md

@@ -1,104 +0,0 @@
----
-name: playwright-test-planner
-description: Use this agent to create a comprehensive E2E test plan for a SigNoz frontend feature. Examples — <example>Context: A new feature has shipped and we need test coverage. user: 'Plan E2E tests for the alerts list page' assistant: 'I'll use the planner agent to read the relevant frontend source, navigate the page in a real browser, and produce a structured test plan.' <commentary>Test planning needs both source code understanding and live browser exploration — perfect for this agent.</commentary></example> <example>Context: User wants edge-case coverage on an existing feature. user: 'What scenarios are we missing for dashboard variables?' assistant: 'Launching the planner agent to map flows and identify gaps.'</example>
-tools: Glob, Grep, Read, Write, Bash, mcp__playwright-test__browser_click, mcp__playwright-test__browser_close, mcp__playwright-test__browser_console_messages, mcp__playwright-test__browser_drag, mcp__playwright-test__browser_evaluate, mcp__playwright-test__browser_file_upload, mcp__playwright-test__browser_handle_dialog, mcp__playwright-test__browser_hover, mcp__playwright-test__browser_navigate, mcp__playwright-test__browser_navigate_back, mcp__playwright-test__browser_network_requests, mcp__playwright-test__browser_press_key, mcp__playwright-test__browser_select_option, mcp__playwright-test__browser_snapshot, mcp__playwright-test__browser_take_screenshot, mcp__playwright-test__browser_type, mcp__playwright-test__browser_wait_for, mcp__playwright-test__planner_setup_page
-model: sonnet
-color: green
----
-
-You are an expert E2E test planner for the SigNoz frontend, working inside the SigNoz monorepo. Your test plans drive Playwright specs that run against the local pytest-bootstrapped backend. Read [docs/contributing/tests/e2e.md](../../docs/contributing/tests/e2e.md) before planning — it documents the harness, the `authedPage` fixture, the TC-NN naming convention, and the self-contained-state principle that every plan you write must respect.
-
-You will:
-
-1. **Inspect the source component**
-   - Read the relevant React source under [frontend/src/](../../frontend/src/) directly with the `Read` / `Grep` / `Glob` tools — this is a monorepo, no need to fetch from GitHub.
-   - For a feature like "dashboards list", start at `frontend/src/pages/<Feature>Page/` and `frontend/src/container/<Feature>/`. Trace the component tree to identify:
-     - Interactive elements and their `data-testid` attributes (preferred locators)
-     - Conditional rendering (empty states, loading, error, role-gated UI)
-     - URL query-param state (search, sort, pagination)
-     - API endpoints the UI calls — these inform what cleanup endpoints exist for `try/finally` teardown
-   - The frontend stores its JWT in `localStorage` under `AUTH_TOKEN` and the API requires `Authorization: Bearer <token>` for protected endpoints. Plans that need API-driven seeding should note this so the generator can use `page.request.*`.
-
-2. **Check what's already wired up.**
-   - [tests/e2e/helpers/dashboards.ts](../../tests/e2e/helpers/dashboards.ts) and [tests/e2e/helpers/auth.ts](../../tests/e2e/helpers/auth.ts) hold reusable helpers (`createDashboardViaApi`, `gotoDashboardsList`, `openDashboardActionMenu`, `newAdminContext`, `importApmMetricsDashboardViaUI`, etc.). When the plan touches dashboards, reference these by name in the steps so the generator can reuse them rather than reinvent.
-   - [tests/e2e/fixtures/apm-metrics.json](../../tests/e2e/fixtures/apm-metrics.json) is a real-world dashboard payload (rich tags, panels, description) suitable as a seed fixture — note in the plan if a scenario benefits from it.
-
-3. **Navigate and explore**
-   - Invoke `planner_setup_page` once before any other browser tool.
-   - Use `browser_snapshot` to read the page's accessibility tree. **Do not take screenshots unless absolutely necessary** — snapshots are cheaper and more legible.
-   - Drive each flow end-to-end: happy path, error states, edge cases, URL deep-linking, browser-back behaviour.
-
-4. **Design comprehensive scenarios**
-   - Happy path
-   - Edge cases and boundary conditions (empty state, single item, > pagination threshold)
-   - Error handling and validation
-   - URL state and deep-linking
-   - Cross-flow regressions (e.g. searching while paginated)
-
-5. **Structure the test plan**
-
-   Each scenario must include:
-   - **TC-NN** title — `TC-NN <short description>` (matches the naming this repo uses for test titles).
-   - Preconditions (what state the test expects — note that the bootstrap creates a fresh stack with **zero dashboards / alerts / etc.**, so plans must seed their own data).
-   - Step-by-step user actions.
-   - Expected outcomes per step.
-   - Cleanup notes (what gets created and how to remove it — usually via API).
-
-6. **Save the plan and the checklist**
-   - **Plan:** `tests/e2e/specs/<feature>/<feature>-test-plan.md`. **`tests/e2e/specs/` is gitignored** — plans are scratch artifacts: working input for the generator, regenerable, not committed. Don't treat them as durable documentation. The committed tests are the source of truth.
-   - **Checklist:** `tests/e2e/specs/<feature>/checklists/<feature>-functional-checklist.md`. A manual-verification runbook that mirrors the TC list one-to-one (one checkbox per TC) for QA hand-off. Same gitignore, same scratch status.
-   - **The checklist must stay in sync with the TCs.** When you regenerate the plan, regenerate the checklist alongside it — they share TC IDs and titles, and the checklist ordering must match. If the existing spec under `tests/e2e/tests/<feature>/` has more / fewer / different TCs than the prior plan, the spec is authoritative: re-derive plan and checklist from it.
-   - **On re-runs against an evolved feature:** read the existing `.spec.ts` files first. Treat the committed tests as ground truth; produce a plan and checklist that reflect *what is currently in the spec*, not what the prior plan said. This is how the planner handles TC additions, deletions, merges, and renumbering performed by the generator or healer.
-   - Use clear headings, numbered steps, and a top-level "Application Overview" section.
-   - At the top of the plan, list any pre-existing limitations (e.g. "ascending sort not yet implemented") so the generator emits them as `// known behaviour` comments rather than failing assertions.
-
-<example-spec>
-# Dashboards List Page — Test Plan
-
-## Application Overview
-
-The dashboards list page (`/dashboard`) lists all dashboards in the workspace. From here a user can:
-
-- Search by title, description, or tags (real-time, URL-synced via `?search=`)
-- Sort by last-updated (URL-synced via `?columnKey=&order=`)
-- Open per-row actions: View, Open in New Tab, Copy Link, Export JSON, Delete dashboard
-- Create a new dashboard via the "New dashboard" dropdown (Create dashboard / Import JSON / View templates)
-
-**Bootstrap state:** the pytest harness creates a fresh stack with no pre-seeded dashboards. Every test must seed its own data. The "Enter dashboard name…" inline input is a "request a new template" feedback form — **not** a create flow. The only UI create path is the dropdown.
-
-**Known limitations:**
-- Ascending sort is not yet implemented — repeated clicks on the sort button keep `order=descend`.
-- Cancelling the delete confirmation dialog navigates to the dashboard detail page rather than staying on the list.
-
-## Test Scenarios
-
-### 1. Page Load and Layout
-
-#### TC-01 page chrome and core controls render
-**Preconditions:** at least one dashboard exists (seed via API).
-
-**Steps:**
-1. Navigate to `/dashboard`.
-2. Verify URL is `/dashboard` (no query params).
-3. Verify the page heading "Dashboards" (level 1) is visible.
-4. ...
-
-**Expected:**
-- All Dashboards section header rendered.
-- Search input, sort button, and at least one dashboard thumbnail visible.
-
-**Cleanup:** delete the seeded dashboard via `DELETE /api/v1/dashboards/<id>`.
-
-#### TC-02 ...
-</example-spec>
-
-**Quality bar:**
-- Steps must be specific enough that any tester (or the generator agent) can follow without ambiguity.
-- Include negative scenarios — empty state, no-match search, validation errors.
-- Each scenario must own its preconditions and cleanup. **Do not invent cross-file global fixtures** — they break parallel-by-file execution. Suite-level `beforeAll` / `afterAll` *within* a single spec file is fine and is the preferred shape for files with > ~10 scenarios; per-test `try / finally` is fine for smaller specs.
-- Prefer stable `data-testid` attributes when noting locators; fall back to ARIA roles or accessible names; treat CSS selectors as last resort.
-- **Don't pad coverage.** Every TC must catch a regression that would actually ship if the test were missing — a real branch in the source, a real user-visible failure mode. A TC that asserts a hard-coded string is still rendered, or that a button is still a button, adds nothing but maintenance cost: it inflates the suite, slows CI, and trains readers to skim past the directory. Before writing a scenario, ask "what code change would break this?" — if the only answer is "deleting the literal under test," cut it or fold it into a richer scenario as one assertion among many.
-- **Collapse near-duplicates.** Two TCs that differ only in input value (search by title vs search by description, when the underlying code path is the same) should merge into one parameterised scenario unless each input genuinely exercises a distinct branch. Prefer one assertion-rich TC over three thin ones.
-- **Smoke-checks aren't TCs.** "Heading is visible" belongs as the first assertion inside a real scenario, not as its own numbered case.
-
-**Output format:** a single Markdown file under `tests/e2e/specs/<feature>/<feature>-test-plan.md` (gitignored scratch path) ready to hand to the generator agent. The file is regenerable; once the spec is written, the plan can be discarded.

.dockerignore

@@ -7,8 +7,4 @@ deploy
 sample-apps
 
 # frontend
-**/node_modules
-
-# local env files (tracked example.env templates are unaffected)
-**/.env
-**/.env.*
+node_modules

.github/CODEOWNERS

@@ -52,49 +52,49 @@ go.mod @therealpandey
 
 # Querier Owners
 
-/pkg/querier/ @srikanthccv @therealpandey
-/pkg/variables/ @srikanthccv @therealpandey
-/pkg/types/querybuildertypes/ @srikanthccv @therealpandey
-/pkg/types/telemetrytypes/ @srikanthccv @therealpandey
-/pkg/querybuilder/ @srikanthccv @therealpandey
-/pkg/telemetrylogs/ @srikanthccv @therealpandey
-/pkg/telemetrymetadata/ @srikanthccv @therealpandey
-/pkg/telemetrymetrics/ @srikanthccv @therealpandey
-/pkg/telemetrytraces/ @srikanthccv @therealpandey
+/pkg/querier/ @srikanthccv
+/pkg/variables/ @srikanthccv
+/pkg/types/querybuildertypes/ @srikanthccv
+/pkg/types/telemetrytypes/ @srikanthccv
+/pkg/querybuilder/ @srikanthccv
+/pkg/telemetrylogs/ @srikanthccv
+/pkg/telemetrymetadata/ @srikanthccv
+/pkg/telemetrymetrics/ @srikanthccv
+/pkg/telemetrytraces/ @srikanthccv
 
 # Metrics
 
-/pkg/types/metrictypes/ @srikanthccv @therealpandey
-/pkg/types/metricsexplorertypes/ @srikanthccv @therealpandey
-/pkg/modules/metricsexplorer/ @srikanthccv @therealpandey
-/pkg/prometheus/ @srikanthccv @therealpandey
+/pkg/types/metrictypes/ @srikanthccv
+/pkg/types/metricsexplorertypes/ @srikanthccv
+/pkg/modules/metricsexplorer/ @srikanthccv
+/pkg/prometheus/ @srikanthccv
 
 # APM
 
-/pkg/types/servicetypes/ @srikanthccv @therealpandey
-/pkg/types/apdextypes/ @srikanthccv @therealpandey
-/pkg/modules/apdex/ @srikanthccv @therealpandey
-/pkg/modules/services/ @srikanthccv @therealpandey
+/pkg/types/servicetypes/ @srikanthccv
+/pkg/types/apdextypes/ @srikanthccv
+/pkg/modules/apdex/ @srikanthccv
+/pkg/modules/services/ @srikanthccv
 
 # Dashboard
 
-/pkg/types/dashboardtypes/ @srikanthccv @therealpandey
-/pkg/modules/dashboard/ @srikanthccv @therealpandey
+/pkg/types/dashboardtypes/ @srikanthccv
+/pkg/modules/dashboard/ @srikanthccv
 
 # Rule/Alertmanager
 
-/pkg/types/ruletypes/ @srikanthccv @therealpandey
-/pkg/types/alertmanagertypes @srikanthccv @therealpandey
-/pkg/alertmanager/ @srikanthccv @therealpandey
-/pkg/ruler/ @srikanthccv @therealpandey
-/pkg/modules/rulestatehistory/ @srikanthccv @therealpandey
-/pkg/types/rulestatehistorytypes/ @srikanthccv @therealpandey
+/pkg/types/ruletypes/ @srikanthccv
+/pkg/types/alertmanagertypes @srikanthccv
+/pkg/alertmanager/ @srikanthccv
+/pkg/ruler/ @srikanthccv
+/pkg/modules/rulestatehistory/ @srikanthccv
+/pkg/types/rulestatehistorytypes/ @srikanthccv
 
 # Correlation-adjacent
 
-/pkg/contextlinks/ @srikanthccv @therealpandey
-/pkg/types/parsertypes/ @srikanthccv @therealpandey
-/pkg/queryparser/ @srikanthccv @therealpandey
+/pkg/contextlinks/ @srikanthccv
+/pkg/types/parsertypes/ @srikanthccv
+/pkg/queryparser/ @srikanthccv
 
 # AuthN / AuthZ Owners
 
@@ -107,7 +107,6 @@ go.mod @therealpandey
 /pkg/modules/organization/ @therealpandey
 /pkg/modules/authdomain/ @therealpandey
 /pkg/modules/role/ @therealpandey
-/pkg/types/coretypes/ @therealpandey @vikrantgupta25
 
 # IdentN Owners
 

.github/workflows/build-community.yaml

@@ -54,7 +54,6 @@ jobs:
       JS_SRC: frontend
       JS_OUTPUT_ARTIFACT_CACHE_KEY: community-jsbuild-${{ github.sha }}
       JS_OUTPUT_ARTIFACT_PATH: frontend/build
-      JS_PKG_MANAGER: pnpm
       DOCKER_BUILD: false
       DOCKER_MANIFEST: false
   go-build:

.github/workflows/build-enterprise.yaml

@@ -87,7 +87,6 @@ jobs:
       JS_INPUT_ARTIFACT_PATH: frontend/.env
       JS_OUTPUT_ARTIFACT_CACHE_KEY: enterprise-jsbuild-${{ github.sha }}
       JS_OUTPUT_ARTIFACT_PATH: frontend/build
-      JS_PKG_MANAGER: pnpm
       DOCKER_BUILD: false
       DOCKER_MANIFEST: false
   go-build:

.github/workflows/build-staging.yaml

@@ -86,7 +86,6 @@ jobs:
       JS_INPUT_ARTIFACT_PATH: frontend/.env
       JS_OUTPUT_ARTIFACT_CACHE_KEY: staging-jsbuild-${{ github.sha }}
       JS_OUTPUT_ARTIFACT_PATH: frontend/build
-      JS_PKG_MANAGER: pnpm
       DOCKER_BUILD: false
       DOCKER_MANIFEST: false
   go-build:

.github/workflows/e2eci.yaml

@@ -21,19 +21,15 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: lts/*
-      - name: install-pnpm
-        uses: pnpm/action-setup@v6
-        with:
-          version: 10
       - name: install
         run: |
-          cd tests/e2e && pnpm install
+          cd tests/e2e && yarn install --frozen-lockfile
       - name: fmt
         run: |
-          cd tests/e2e && pnpm fmt:check
+          cd tests/e2e && yarn fmt:check
       - name: lint
         run: |
-          cd tests/e2e && pnpm lint
+          cd tests/e2e && yarn lint
   test:
     strategy:
       fail-fast: false
@@ -58,19 +54,15 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: lts/*
-      - name: install-pnpm
-        uses: pnpm/action-setup@v6
-        with:
-          version: 10
       - name: python-install
         run: |
           cd tests && uv sync
-      - name: pnpm-install
+      - name: yarn-install
         run: |
-          cd tests/e2e && pnpm install --frozen-lockfile
+          cd tests/e2e && yarn install --frozen-lockfile
       - name: playwright-browsers
         run: |
-          cd tests/e2e && pnpm playwright install --with-deps ${{ matrix.project }}
+          cd tests/e2e && yarn playwright install --with-deps ${{ matrix.project }}
       - name: bring-up-stack
         run: |
           cd tests && \
@@ -81,7 +73,7 @@ jobs:
       - name: playwright-test
         run: |
           cd tests/e2e && \
-            pnpm playwright test --project=${{ matrix.project }}
+            yarn playwright test --project=${{ matrix.project }}
       - name: teardown-stack
         if: always()
         run: |

.github/workflows/goci.yaml

@@ -77,10 +77,6 @@ jobs:
         uses: actions/setup-node@v5
         with:
           node-version: "22"
-      - name: setup-pnpm
-        uses: pnpm/action-setup@v6
-        with:
-          version: 10
       - name: docker-community
         shell: bash
         run: |
@@ -106,20 +102,3 @@ jobs:
         run: |
           go run cmd/enterprise/*.go generate openapi
           git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in openapi spec. Run go run cmd/enterprise/*.go generate openapi locally and commit."; exit 1)
-  authz:
-    if: |
-      github.event_name == 'merge_group' ||
-      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
-      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
-    runs-on: ubuntu-latest
-    steps:
-      - name: self-checkout
-        uses: actions/checkout@v4
-      - name: go-install
-        uses: actions/setup-go@v5
-        with:
-          go-version: "1.24"
-      - name: generate-authz
-        run: |
-          go run cmd/enterprise/*.go generate authz
-          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in authz permissions. Run go run cmd/enterprise/*.go generate authz locally and commit."; exit 1)

.github/workflows/gor-signoz-community.yaml

@@ -25,10 +25,6 @@ jobs:
         uses: actions/setup-node@v5
         with:
           node-version: "22"
-      - name: setup-pnpm
-        uses: pnpm/action-setup@v6
-        with:
-          version: 10
       - name: build-frontend
         run: make js-build
       - name: upload-frontend-artifact

.github/workflows/gor-signoz.yaml

@@ -41,10 +41,6 @@ jobs:
         uses: actions/setup-node@v5
         with:
           node-version: "22"
-      - name: setup-pnpm
-        uses: pnpm/action-setup@v6
-        with:
-          version: 10
       - name: build-frontend
         run: make js-build
       - name: upload-frontend-artifact

.github/workflows/integrationci.yaml

@@ -39,6 +39,7 @@ jobs:
       matrix:
         suite:
           - alerts
+          - alertmanager
           - callbackauthn
           - cloudintegrations
           - dashboard
@@ -51,7 +52,6 @@ jobs:
           - role
           - rootuser
           - serviceaccount
-          - querier_json_body
           - ttl
         sqlstore-provider:
           - postgres
@@ -62,7 +62,7 @@ jobs:
           - 25.5.6
           - 25.12.5
         schema-migrator-version:
-          - v0.144.3
+          - v0.142.0
         postgres-version:
           - 15
     if: |

.github/workflows/jsci.yaml

@@ -22,7 +22,6 @@ jobs:
     with:
       PRIMUS_REF: main
       JS_SRC: frontend
-      JS_PKG_MANAGER: pnpm
   test:
     if: |
       github.event_name == 'merge_group' ||
@@ -33,7 +32,6 @@ jobs:
     with:
       PRIMUS_REF: main
       JS_SRC: frontend
-      JS_PKG_MANAGER: pnpm
   fmt:
     if: |
       github.event_name == 'merge_group' ||
@@ -44,7 +42,6 @@ jobs:
     with:
       PRIMUS_REF: main
       JS_SRC: frontend
-      JS_PKG_MANAGER: pnpm
   lint:
     if: |
       github.event_name == 'merge_group' ||
@@ -55,7 +52,6 @@ jobs:
     with:
       PRIMUS_REF: main
       JS_SRC: frontend
-      JS_PKG_MANAGER: pnpm
   languages:
     if: |
       github.event_name == 'merge_group' ||
@@ -67,6 +63,46 @@ jobs:
         uses: actions/checkout@v4
       - name: run
         run: bash frontend/scripts/validate-md-languages.sh
+  authz:
+    if: |
+      github.event_name == 'merge_group' ||
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: self-checkout
+        uses: actions/checkout@v5
+      - name: node-install
+        uses: actions/setup-node@v5
+        with:
+          node-version: "22"
+      - name: deps-install
+        working-directory: ./frontend
+        run: |
+          yarn install
+      - name: uv-install
+        uses: astral-sh/setup-uv@v5
+      - name: uv-deps
+        working-directory: ./tests/integration
+        run: |
+          uv sync
+      - name: setup-test
+        run: |
+          make py-test-setup
+      - name: generate
+        working-directory: ./frontend
+        run: |
+          yarn generate:permissions-type
+      - name: teardown-test
+        if: always()
+        run: |
+          make py-test-teardown
+      - name: validate
+        run: |
+          if ! git diff --exit-code frontend/src/hooks/useAuthZ/permissions.type.ts; then
+            echo "::error::frontend/src/hooks/useAuthZ/permissions.type.ts is out of date. Please run the generator locally and commit the changes: npm run generate:permissions-type (from the frontend directory)"
+            exit 1
+          fi
   openapi:
     if: |
       github.event_name == 'merge_group' ||
@@ -80,13 +116,9 @@ jobs:
         uses: actions/setup-node@v5
         with:
           node-version: "22"
-      - name: install-pnpm
-        uses: pnpm/action-setup@v6
-        with:
-          version: 10
       - name: install-frontend
-        run: cd frontend && pnpm install
+        run: cd frontend && yarn install
       - name: generate-api-clients
         run: |
-          cd frontend && pnpm generate:api
-          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in generated api clients. Run pnpm generate:api in frontend/ locally and commit."; exit 1)
+          cd frontend && yarn generate:api
+          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in generated api clients. Run yarn generate:api in frontend/ locally and commit."; exit 1)

.gitpod.yml

@@ -1,21 +1,19 @@
 # Please adjust to your needs (see https://www.gitpod.io/docs/config-gitpod-file)
 # and commit this file to your remote git repository to share the goodness with others.
 
+
 tasks:
   - name: Run Docker Images
     init: |
       cd ./deploy/docker
       sudo docker compose up -d
 
-  - name: Install pnpm
-    init: |
-      npm i -g pnpm
-
   - name: Run Frontend
     init: |
       cd ./frontend
-      pnpm install
-    command: pnpm dev
+      yarn install
+    command:
+      yarn dev
 
 ports:
   - port: 8080

.vscode/settings.json

@@ -1,8 +1,6 @@
 {
   "oxc.typeAware": true,
   "oxc.tsConfigPath": "./frontend/tsconfig.json",
-  "oxc.configPath": "./frontend/.oxlintrc.json",
-  "oxc.fmt.configPath": "./frontend/.oxfmtrc.json",
   "editor.formatOnSave": true,
   "editor.defaultFormatter": "oxc.oxc-vscode",
   "editor.codeActionsOnSave": {
@@ -21,3 +19,4 @@
   "python-envs.defaultEnvManager": "ms-python.python:system",
   "python-envs.pythonProjects": []
 }
+

Makefile

@@ -154,7 +154,7 @@ $(GO_BUILD_ARCHS_ENTERPRISE_RACE): go-build-enterprise-race-%: $(TARGET_DIR)
 .PHONY: js-build
 js-build: ## Builds the js frontend
 	@echo ">> building js frontend"
-	@cd $(JS_BUILD_CONTEXT) && CI=1 pnpm install && pnpm build
+	@cd $(JS_BUILD_CONTEXT) && CI=1 yarn install && yarn build
 
 ##############################################################
 # docker commands

cmd/authz.go

@@ -1,118 +0,0 @@
-package cmd
-
-import (
-	"bytes"
-	"context"
-	"os"
-	"sort"
-	"text/template"
-
-	"github.com/SigNoz/signoz/pkg/types/coretypes"
-	"github.com/spf13/cobra"
-)
-
-const permissionsTypePath = "frontend/src/hooks/useAuthZ/permissions.type.ts"
-
-var permissionsTypeTemplate = template.Must(template.New("permissions").Parse(
-	`// AUTO GENERATED FILE - DO NOT EDIT - GENERATED BY cmd/enterprise/*.go generate authz
-export default {
-	status: 'success',
-	data: {
-		resources: [
-{{- range .Resources }}
-			{
-				kind: '{{ .Kind }}',
-				type: '{{ .Type }}',
-			},
-{{- end }}
-		],
-		relations: {
-{{- range .Relations }}
-			{{ .Verb }}: [{{ range $i, $t := .Types }}{{ if $i }}, {{ end }}'{{ $t }}'{{ end }}],
-{{- end }}
-		},
-	},
-} as const;
-`))
-
-type permissionsTypeRelation struct {
-	Verb  string
-	Types []string
-}
-
-type permissionsTypeResource struct {
-	Kind string
-	Type string
-}
-
-type permissionsTypeData struct {
-	Resources []permissionsTypeResource
-	Relations []permissionsTypeRelation
-}
-
-func registerGenerateAuthz(parentCmd *cobra.Command) {
-	authzCmd := &cobra.Command{
-		Use:   "authz",
-		Short: "Generate authz permissions for the frontend",
-		RunE: func(currCmd *cobra.Command, args []string) error {
-			return runGenerateAuthz(currCmd.Context())
-		},
-	}
-
-	parentCmd.AddCommand(authzCmd)
-}
-
-func runGenerateAuthz(_ context.Context) error {
-	registry := coretypes.NewRegistry()
-
-	allowedResources := map[string]bool{
-		coretypes.NewResourceRef(coretypes.ResourceServiceAccount).String():              true,
-		coretypes.NewResourceRef(coretypes.ResourceMetaResourcesServiceAccount).String(): true,
-		coretypes.NewResourceRef(coretypes.ResourceRole).String():                        true,
-		coretypes.NewResourceRef(coretypes.ResourceMetaResourcesRole).String():           true,
-	}
-
-	allowedTypes := map[string]bool{}
-
-	refs := registry.ResourceRefs()
-	resources := make([]permissionsTypeResource, 0, len(refs))
-	for _, ref := range refs {
-		if !allowedResources[ref.String()] {
-			continue
-		}
-		allowedTypes[ref.Type.StringValue()] = true
-		resources = append(resources, permissionsTypeResource{
-			Kind: ref.Kind.String(),
-			Type: ref.Type.StringValue(),
-		})
-	}
-
-	typesByVerb := registry.TypesByVerb()
-	verbs := make([]coretypes.Verb, 0, len(typesByVerb))
-	for verb := range typesByVerb {
-		verbs = append(verbs, verb)
-	}
-	sort.Slice(verbs, func(i, j int) bool { return verbs[i].StringValue() < verbs[j].StringValue() })
-
-	relations := make([]permissionsTypeRelation, 0, len(verbs))
-	for _, verb := range verbs {
-		types := make([]string, 0, len(typesByVerb[verb]))
-		for _, t := range typesByVerb[verb] {
-			if !allowedTypes[t.StringValue()] {
-				continue
-			}
-			types = append(types, t.StringValue())
-		}
-		relations = append(relations, permissionsTypeRelation{
-			Verb:  verb.StringValue(),
-			Types: types,
-		})
-	}
-
-	var buf bytes.Buffer
-	if err := permissionsTypeTemplate.Execute(&buf, permissionsTypeData{Resources: resources, Relations: relations}); err != nil {
-		return err
-	}
-
-	return os.WriteFile(permissionsTypePath, buf.Bytes(), 0o600)
-}

cmd/community/server.go

@@ -18,19 +18,16 @@ import (
 	"github.com/SigNoz/signoz/pkg/cache"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
 	"github.com/SigNoz/signoz/pkg/gateway/noopgateway"
 	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/licensing/nooplicensing"
-	"github.com/SigNoz/signoz/pkg/meterreporter"
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/retention"
 	"github.com/SigNoz/signoz/pkg/modules/rulestatehistory"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/prometheus"
@@ -95,13 +92,13 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
 			return signoz.NewAuthNs(ctx, providerSettings, store, licensing)
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore, config authz.Config, _ licensing.Licensing, _ []authz.OnBeforeRoleDelete) (factory.ProviderFactory[authz.AuthZ, authz.Config], error) {
-			openfgaDataStore, err := openfgaserver.NewSQLStore(sqlstore, config)
+		func(ctx context.Context, sqlstore sqlstore.SQLStore, _ licensing.Licensing, _ []authz.OnBeforeRoleDelete, _ dashboard.Module) (factory.ProviderFactory[authz.AuthZ, authz.Config], error) {
+			openfgaDataStore, err := openfgaserver.NewSQLStore(sqlstore)
 			if err != nil {
 				return nil, err
 			}
 
-			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore, authtypes.NewRegistry()), nil
+			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore), nil
 		},
 		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
 			return impldashboard.NewModule(impldashboard.NewStore(store), settings, analytics, orgGetter, queryParser)
@@ -112,9 +109,6 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(_ licensing.Licensing) factory.NamedMap[factory.ProviderFactory[auditor.Auditor, auditor.Config]] {
 			return signoz.NewAuditorProviderFactories()
 		},
-		func(_ context.Context, _ factory.ProviderSettings, _ flagger.Flagger, _ licensing.Licensing, _ telemetrystore.TelemetryStore, _ retention.Getter, _ organization.Getter, _ zeus.Zeus) (factory.NamedMap[factory.ProviderFactory[meterreporter.Reporter, meterreporter.Config]], string) {
-			return signoz.NewMeterReporterProviderFactories(), "noop"
-		},
 		func(ps factory.ProviderSettings, q querier.Querier, a analytics.Analytics) querier.Handler {
 			return querier.NewHandler(ps, q, a)
 		},

cmd/enterprise/Dockerfile.with-web.integration

@@ -3,9 +3,8 @@ FROM node:22-bookworm AS build
 WORKDIR /opt/
 COPY ./frontend/ ./
 ENV NODE_OPTIONS=--max-old-space-size=8192
-RUN CI=1 npm i -g pnpm
-RUN CI=1 pnpm install
-RUN CI=1 pnpm build
+RUN CI=1 yarn install
+RUN CI=1 yarn build
 
 FROM golang:1.25-bookworm
 

cmd/enterprise/meter.go

@@ -1,55 +0,0 @@
-package main
-
-import (
-	"github.com/SigNoz/signoz/pkg/metercollector"
-	"github.com/SigNoz/signoz/pkg/telemetrylogs"
-	"github.com/SigNoz/signoz/pkg/telemetrymetrics"
-	"github.com/SigNoz/signoz/pkg/telemetrytraces"
-	"github.com/SigNoz/signoz/pkg/types/retentiontypes"
-	"github.com/SigNoz/signoz/pkg/types/zeustypes"
-)
-
-var meterConfigs = []metercollector.Config{
-	{
-		Provider: metercollector.ProviderStatic,
-		Static: metercollector.StaticConfig{
-			Name:        zeustypes.MeterPlatformActive,
-			Unit:        zeustypes.MeterUnitCount,
-			Aggregation: zeustypes.MeterAggregationMax,
-			Value:       1,
-		},
-	},
-	{
-		Provider: metercollector.ProviderTelemetry,
-		Telemetry: metercollector.TelemetryConfig{
-			Name:                 zeustypes.MeterLogSize,
-			Unit:                 zeustypes.MeterUnitBytes,
-			Aggregation:          zeustypes.MeterAggregationSum,
-			DBName:               telemetrylogs.DBName,
-			TableName:            telemetrylogs.LogsV2LocalTableName,
-			DefaultRetentionDays: retentiontypes.DefaultLogsRetentionDays,
-		},
-	},
-	{
-		Provider: metercollector.ProviderTelemetry,
-		Telemetry: metercollector.TelemetryConfig{
-			Name:                 zeustypes.MeterSpanSize,
-			Unit:                 zeustypes.MeterUnitBytes,
-			Aggregation:          zeustypes.MeterAggregationSum,
-			DBName:               telemetrytraces.DBName,
-			TableName:            telemetrytraces.SpanIndexV3LocalTableName,
-			DefaultRetentionDays: retentiontypes.DefaultTracesRetentionDays,
-		},
-	},
-	{
-		Provider: metercollector.ProviderTelemetry,
-		Telemetry: metercollector.TelemetryConfig{
-			Name:                 zeustypes.MeterDatapointCount,
-			Unit:                 zeustypes.MeterUnitCount,
-			Aggregation:          zeustypes.MeterAggregationSum,
-			DBName:               telemetrymetrics.DBName,
-			TableName:            telemetrymetrics.SamplesV4LocalTableName,
-			DefaultRetentionDays: retentiontypes.DefaultMetricsRetentionDays,
-		},
-	},
-}

cmd/enterprise/server.go

@@ -8,7 +8,6 @@ import (
 	"github.com/spf13/cobra"
 
 	"github.com/SigNoz/signoz/cmd"
-	"github.com/SigNoz/signoz/ee/auditor/fileauditor"
 	"github.com/SigNoz/signoz/ee/auditor/otlphttpauditor"
 	"github.com/SigNoz/signoz/ee/authn/callbackauthn/oidccallbackauthn"
 	"github.com/SigNoz/signoz/ee/authn/callbackauthn/samlcallbackauthn"
@@ -18,9 +17,6 @@ import (
 	"github.com/SigNoz/signoz/ee/gateway/httpgateway"
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
-	"github.com/SigNoz/signoz/ee/metercollector/staticmetercollector"
-	"github.com/SigNoz/signoz/ee/metercollector/telemetrymetercollector"
-	"github.com/SigNoz/signoz/ee/meterreporter/httpmeterreporter"
 	"github.com/SigNoz/signoz/ee/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/ee/modules/cloudintegration/implcloudintegration/implcloudprovider"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
@@ -39,17 +35,14 @@ import (
 	"github.com/SigNoz/signoz/pkg/cache"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
-	pkgflagger "github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
 	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/meterreporter"
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	pkgcloudintegration "github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/retention"
 	"github.com/SigNoz/signoz/pkg/modules/rulestatehistory"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/prometheus"
@@ -144,12 +137,12 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 
 			return authNs, nil
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore, config authz.Config, licensing licensing.Licensing, onBeforeRoleDelete []authz.OnBeforeRoleDelete) (factory.ProviderFactory[authz.AuthZ, authz.Config], error) {
-			openfgaDataStore, err := openfgaserver.NewSQLStore(sqlstore, config)
+		func(ctx context.Context, sqlstore sqlstore.SQLStore, licensing licensing.Licensing, onBeforeRoleDelete []authz.OnBeforeRoleDelete, dashboardModule dashboard.Module) (factory.ProviderFactory[authz.AuthZ, authz.Config], error) {
+			openfgaDataStore, err := openfgaserver.NewSQLStore(sqlstore)
 			if err != nil {
 				return nil, err
 			}
-			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore, licensing, onBeforeRoleDelete, authtypes.NewRegistry()), nil
+			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore, licensing, onBeforeRoleDelete, dashboardModule), nil
 		},
 		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
 			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, queryParser, querier, licensing)
@@ -162,25 +155,8 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 			if err := factories.Add(otlphttpauditor.NewFactory(licensing, version.Info)); err != nil {
 				panic(err)
 			}
-			if err := factories.Add(fileauditor.NewFactory(licensing, version.Info)); err != nil {
-				panic(err)
-			}
 			return factories
 		},
-		func(ctx context.Context, providerSettings factory.ProviderSettings, flagger pkgflagger.Flagger, licensing licensing.Licensing, telemetryStore telemetrystore.TelemetryStore, retentionGetter retention.Getter, orgGetter organization.Getter, zeus zeus.Zeus) (factory.NamedMap[factory.ProviderFactory[meterreporter.Reporter, meterreporter.Config]], string) {
-			factories := signoz.NewMeterReporterProviderFactories()
-
-			collectorFactories := factory.MustNewNamedMap(
-				staticmetercollector.NewFactory(),
-				telemetrymetercollector.NewFactory(telemetryStore, retentionGetter),
-			)
-
-			if err := factories.Add(httpmeterreporter.NewFactory(collectorFactories, meterConfigs, flagger, licensing, orgGetter, zeus)); err != nil {
-				panic(err)
-			}
-
-			return factories, "http"
-		},
 		func(ps factory.ProviderSettings, q querier.Querier, a analytics.Analytics) querier.Handler {
 			communityHandler := querier.NewHandler(ps, q, a)
 			return eequerier.NewHandler(ps, q, communityHandler)
@@ -191,7 +167,7 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 			if err != nil {
 				return nil, err
 			}
-			azureCloudProviderModule := implcloudprovider.NewAzureCloudProvider(defStore)
+			azureCloudProviderModule := implcloudprovider.NewAzureCloudProvider()
 			cloudProvidersMap := map[cloudintegrationtypes.CloudProviderType]cloudintegration.CloudProviderModule{
 				cloudintegrationtypes.CloudProviderTypeAWS:   awsCloudProviderModule,
 				cloudintegrationtypes.CloudProviderTypeAzure: azureCloudProviderModule,

cmd/generate.go

@@ -16,7 +16,6 @@ func RegisterGenerate(parentCmd *cobra.Command, logger *slog.Logger) {
 	}
 
 	registerGenerateOpenAPI(generateCmd)
-	registerGenerateAuthz(generateCmd)
 
 	parentCmd.AddCommand(generateCmd)
 }

conf/example.yaml

@@ -11,10 +11,6 @@ global:
   external_url: <unset>
   # the url where the SigNoz backend receives telemetry data (traces, metrics, logs) from instrumented applications.
   ingestion_url: <unset>
-  # the url of the SigNoz MCP server. when unset, the MCP settings page is hidden in the frontend.
-  # mcp_url: <unset>
-  # the url of the SigNoz AI Assistant server. when unset, the AI Assistant is hidden in the frontend.
-  # ai_assistant_url: <unset>
 
 ##################### Version #####################
 version:
@@ -412,27 +408,10 @@ cloudintegration:
     # The version of the cloud integration agent.
     version: v0.0.8
 
-##################### Trace Detail #####################
-tracedetail:
-  waterfall:
-    # Number of spans returned per request when the trace is too large to show all at once.
-    span_page_size: 500
-    # Maximum depth of descendents to auto-expand for the selected span.
-    max_depth_to_auto_expand: 5
-    # Threshold below which all spans are returned without windowing.
-    max_limit_to_select_all_spans: 10000
-
 ##################### Authz #################################
 authz:
   # Specifies the authz provider to use.
   provider: openfga
   openfga:
     # maximum tuples allowed per openfga write operation.
-    max_tuples_per_write: 300
-
-##################### Meter Reporter #####################
-meterreporter:
-  # The interval between collection ticks. Minimum 5m.
-  interval: 6h
-  # Whether to backfill sealed days from the license creation day.
-  backfill: true
+    max_tuples_per_write: 100

deploy/docker-swarm/docker-compose.ha.yaml

@@ -190,7 +190,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:v0.122.0
+    image: signoz/signoz:v0.120.0
     ports:
       - "8080:8080" # signoz port
     #   - "6060:6060"     # pprof port

deploy/docker-swarm/docker-compose.yaml

@@ -117,7 +117,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:v0.122.0
+    image: signoz/signoz:v0.120.0
     ports:
       - "8080:8080" # signoz port
     volumes:

deploy/docker/docker-compose.ha.yaml

@@ -181,7 +181,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:${VERSION:-v0.122.0}
+    image: signoz/signoz:${VERSION:-v0.120.0}
     container_name: signoz
     ports:
       - "8080:8080" # signoz port

deploy/docker/docker-compose.yaml

@@ -109,7 +109,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:${VERSION:-v0.122.0}
+    image: signoz/signoz:${VERSION:-v0.120.0}
     container_name: signoz
     ports:
       - "8080:8080" # signoz port

docs/contributing/development.md

@@ -13,12 +13,13 @@ Before diving in, make sure you have these tools installed:
   - Download from [go.dev/dl](https://go.dev/dl/)
   - Check [go.mod](../../go.mod#L3) for the minimum version
 
+
 - **Node** - Powers our frontend
   - Download from [nodejs.org](https://nodejs.org)
   - Check [.nvmrc](../../frontend/.nvmrc) for the version
 
-- **Pnpm** - Our frontend package manager
-  - Follow the [installation guide](https://pnpm.io/installation)
+- **Yarn** - Our frontend package manager
+  - Follow the [installation guide](https://yarnpkg.com/getting-started/install)
 
 - **Docker** - For running Clickhouse and Postgres locally
   - Get it from [docs.docker.com/get-docker](https://docs.docker.com/get-docker/)
@@ -94,7 +95,7 @@ This command:
 
 2. Install dependencies:
    ```bash
-   pnpm install
+   yarn install
    ```
 
 3. Create a `.env` file in this directory:
@@ -104,10 +105,10 @@ This command:
 
 4. Start the development server:
    ```bash
-   pnpm dev
+   yarn dev
    ```
 
-> 💡 **Tip**: `pnpm dev` will automatically rebuild when you make changes to the code
+> 💡 **Tip**: `yarn dev` will automatically rebuild when you make changes to the code
 
 Now you're all set to start developing! Happy coding! 🎉
 

docs/contributing/onboarding.md

@@ -304,7 +304,7 @@ import ec2Url from '@/assets/Logos/ec2.svg';
 
 1. Add the logo SVG to `src/assets/Logos/` and add a top-level import in the config file (e.g., `import myServiceUrl from '@/assets/Logos/my-service.svg'`)
 2. Add your data source object to the `onboardingConfigWithLinks` array, referencing the imported variable for `imgUrl`
-3. Test the flow locally with `pnpm dev`
+3. Test the flow locally with `yarn dev`
 4. Validation:
    - Navigate to the [onboarding page](http://localhost:3301/get-started-with-signoz-cloud) on your local machine
    - Data source appears in the list

docs/contributing/tests/e2e.md

@@ -81,52 +81,23 @@ tests/
     ├── .env.local             # generated by bootstrap/setup.py (gitignored)
     ├── bootstrap/
     │   └── setup.py           # test_setup / test_teardown — pytest lifecycle
-    ├── fixtures/              # Playwright test fixtures (test.extend) only
-    │   └── auth.ts
-    ├── helpers/               # function helpers + the constants they share with tests
-    │   ├── auth.ts
-    │   └── dashboards.ts
-    ├── testdata/              # static data files (JSON) used by helpers and tests
-    │   └── apm-metrics.json   # (example)
+    ├── fixtures/
+    │   └── auth.ts            # authedPage Playwright fixture + per-worker storageState cache
     ├── tests/                 # Playwright .spec.ts files, one dir per feature area
     │   └── alerts/
-    │       └── alerts.spec.ts # (example)
+    │       └── alerts.spec.ts
     └── artifacts/             # per-run output (gitignored)
         ├── html/              # HTML reporter output
         ├── json/              # JSON reporter output
         └── results/           # per-test traces / screenshots / videos on failure
 ```
 
-### `fixtures/` vs `helpers/` — what goes where
-
-These two folders look similar but mean different things:
-
-- **`fixtures/`** holds *Playwright test fixtures* (created via `test.extend({...})`). By the canonical definition, a fixture is "a consistent, predefined set of data, objects, or environmental conditions used to ensure tests run in a stable state" — i.e. setup/teardown that runs *automatically* around each test or worker. `auth.ts` matches: it extends Playwright's `test` with an `authedPage` that's logged-in before every test runs and torn down after. If the only thing in this folder ever is `auth.ts`, that's fine — fixtures are a deliberately small surface.
-- **`helpers/`** holds plain function helpers that you call *explicitly* from a test or hook — they don't extend Playwright's `test`. This covers both behaviour helpers (e.g. `gotoDashboardsList(page)`) and the constants those helpers and the tests both refer to (e.g. `SEARCH_PLACEHOLDER`). Constants live next to the helpers that use them so a single import line in a test covers both.
-- **`testdata/`** holds static data files (typically JSON / YAML) consumed by the helpers — for example, `apm-metrics.json`, a real dashboard payload uploaded through the UI by an importer helper.
-
-Rule of thumb: if it's a `test.extend` fixture, put it in `fixtures/`. If it's a function you call explicitly (or a constant the function uses), put it in `helpers/`. If it's a static file the helpers read, put it in `testdata/`.
-
 Each spec follows these principles:
 
 1. **Directory per feature**: `tests/e2e/tests/<feature>/*.spec.ts`. Cross-resource junction concerns (e.g. cascade-delete) go in their own file, not packed into one giant spec.
 2. **Test titles use `TC-NN`**: `test('TC-01 alerts page — tabs render', ...)`. Preserves ordering at a glance and maps to external coverage tracking.
 3. **UI-first**: drive flows through the UI. Playwright traces capture every BE request/response the UI triggers, so asserting on UI outcomes implicitly validates BE contracts. Reach for direct `page.request.*` only when the test's *purpose* is asserting a response contract (use `page.waitForResponse` on a UI click) or when a specific UI step is structurally flaky (e.g. Ant DatePicker calendar-cell indices) — and even then try UI first.
-4. **Self-contained state**: each spec seeds its own data and cleans up at suite teardown. The pytest harness creates a fresh stack with **zero** dashboards / alerts / etc. — never assume pre-existing data. Two patterns work:
-    - **Per-test seed + cleanup in `try / finally`** — small specs where each test owns its data.
-    - **Suite-level seed + `afterAll` teardown** — preferred for larger specs. Each `createDashboard(...)` call adds the resulting ID to a module-level `Set<string>`, and one `test.afterAll(...)` deletes everything in the set. See `tests/e2e/tests/dashboards/list.spec.ts` for the full pattern. `test.beforeAll` / `test.afterAll` cannot use `authedPage` directly (it's test-scoped); use `newAdminContext(browser)` from `helpers/auth.ts` instead — it performs one fresh login per suite hook.
-5. **Seed via API when the UI flow is multi-step or brittle.** The frontend stores its JWT in `localStorage` under `AUTH_TOKEN`; `page.request.*` inherits the auth fixture's storage state. A typical pattern:
-    ```ts
-    const token = await page.evaluate(
-      () => (globalThis as any).localStorage.getItem('AUTH_TOKEN') || '',
-    );
-    await page.request.post('/api/v1/dashboards', {
-      data: { title: 'my-name', uploadedGrafana: false },
-      headers: { Authorization: `Bearer ${token}` },
-    });
-    ```
-    This is faster and more reliable than a multi-step UI seed. Reach for the UI flow only when the test's *purpose* is asserting that flow.
-6. **Reusable static data lives in `tests/e2e/testdata/`.** For example, `apm-metrics.json` is a real dashboard payload that `importApmMetricsDashboardViaUI` (in `helpers/dashboards.ts`) uploads through the actual Import JSON UI flow to seed a richly-tagged dashboard for search/list tests.
+4. **Self-contained state**: each spec creates what it needs and cleans up in `try/finally`. No global pre-seeding fixtures.
 
 ## How to write an E2E test?
 
@@ -184,23 +155,13 @@ test('TC-02 alerts list — create, toggle, delete', async ({ authedPage: page }
 
 ### Locator priority
 
-1. `getByTestId('...')` — preferred when the source exposes one. Stable, app-author-provided handle that survives copy-edits.
-2. `getByRole('button', { name: 'Submit' })`
-3. `getByLabel('Email')`
-4. `getByPlaceholder('...')`
-5. `getByText('...')`
+1. `getByRole('button', { name: 'Submit' })`
+2. `getByLabel('Email')`
+3. `getByPlaceholder('...')`
+4. `getByText('...')`
+5. `getByTestId('...')`
 6. `locator('.ant-select')` — last resort (Ant Design dropdowns often have no semantic alternative)
 
-## Agents
-
-Three Claude agents in `.claude/agents/` accelerate writing and maintaining E2E specs:
-
-- **`playwright-test-planner`** — explores a feature in a real browser plus the local frontend source and writes a test plan as a scratch markdown file (under `tests/e2e/specs/`, which is gitignored — plans are working artifacts for the generator, not committed docs).
-- **`playwright-test-generator`** — converts a test plan into Playwright spec files under `tests/e2e/tests/<feature>/`. Drives each scenario through MCP browser tools and emits TC-NN-titled tests using the `authedPage` fixture and the API-seed pattern.
-- **`playwright-test-healer`** — runs failing specs, debugs them with snapshots / console / network introspection, and edits the spec to fix selector drift, timing, or state-leak issues.
-
-The agents rely on the Playwright-test MCP server (`mcp__playwright-test__*` tools). Configure it in your Claude MCP settings; the permission allowlist lives in [.claude/settings.local.json](../../../.claude/settings.local.json).
-
 ## How to run E2E tests?
 
 ### Running All Tests

ee/auditor/fileauditor/export.go

@@ -1,33 +0,0 @@
-package fileauditor
-
-import (
-	"context"
-	"log/slog"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/audittypes"
-)
-
-func (provider *provider) export(ctx context.Context, events []audittypes.AuditEvent) error {
-	logs := audittypes.NewPLogsFromAuditEvents(events, "signoz", provider.build.Version(), "signoz.audit")
-
-	payload, err := provider.marshaler.MarshalLogs(logs)
-	if err != nil {
-		return err
-	}
-
-	// Combine the payload and trailing newline into one Write call so the line
-	// is emitted in a single syscall — concurrent readers see either the full
-	// line or nothing, never a torn JSON object.
-	payload = append(payload, '\n')
-
-	provider.mu.Lock()
-	defer provider.mu.Unlock()
-
-	if _, err := provider.file.Write(payload); err != nil {
-		provider.settings.Logger().ErrorContext(ctx, "audit export failed", errors.Attr(err), slog.Int("dropped_log_records", len(events)))
-		return err
-	}
-
-	return provider.file.Sync()
-}

ee/auditor/fileauditor/provider.go

@@ -1,100 +0,0 @@
-package fileauditor
-
-import (
-	"context"
-	"os"
-	"sync"
-
-	"github.com/SigNoz/signoz/pkg/auditor"
-	"github.com/SigNoz/signoz/pkg/auditor/auditorserver"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/types/audittypes"
-	"github.com/SigNoz/signoz/pkg/version"
-	"go.opentelemetry.io/collector/pdata/plog"
-)
-
-var _ auditor.Auditor = (*provider)(nil)
-
-type provider struct {
-	settings  factory.ScopedProviderSettings
-	config    auditor.Config
-	licensing licensing.Licensing
-	build     version.Build
-	server    *auditorserver.Server
-	marshaler plog.JSONMarshaler
-	file      *os.File
-	mu        sync.Mutex
-}
-
-func NewFactory(licensing licensing.Licensing, build version.Build) factory.ProviderFactory[auditor.Auditor, auditor.Config] {
-	return factory.NewProviderFactory(factory.MustNewName("file"), func(ctx context.Context, providerSettings factory.ProviderSettings, config auditor.Config) (auditor.Auditor, error) {
-		return newProvider(ctx, providerSettings, config, licensing, build)
-	})
-}
-
-func newProvider(_ context.Context, providerSettings factory.ProviderSettings, config auditor.Config, licensing licensing.Licensing, build version.Build) (auditor.Auditor, error) {
-	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/ee/auditor/fileauditor")
-
-	file, err := os.OpenFile(config.File.Path, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
-	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInvalidInput, auditor.ErrCodeAuditExportFailed, "failed to open audit file %q", config.File.Path)
-	}
-
-	provider := &provider{
-		settings:  settings,
-		config:    config,
-		licensing: licensing,
-		build:     build,
-		marshaler: plog.JSONMarshaler{},
-		file:      file,
-	}
-
-	server, err := auditorserver.New(settings,
-		auditorserver.Config{
-			BufferSize:    config.BufferSize,
-			BatchSize:     config.BatchSize,
-			FlushInterval: config.FlushInterval,
-		},
-		provider.export,
-	)
-	if err != nil {
-		_ = file.Close()
-		return nil, err
-	}
-
-	provider.server = server
-	return provider, nil
-}
-
-func (provider *provider) Start(ctx context.Context) error {
-	return provider.server.Start(ctx)
-}
-
-func (provider *provider) Audit(ctx context.Context, event audittypes.AuditEvent) {
-	if event.PrincipalAttributes.PrincipalOrgID.IsZero() {
-		provider.settings.Logger().WarnContext(ctx, "audit event dropped as org_id is zero")
-		return
-	}
-
-	if _, err := provider.licensing.GetActive(ctx, event.PrincipalAttributes.PrincipalOrgID); err != nil {
-		return
-	}
-
-	provider.server.Add(ctx, event)
-}
-
-func (provider *provider) Healthy() <-chan struct{} {
-	return provider.server.Healthy()
-}
-
-func (provider *provider) Stop(ctx context.Context) error {
-	serverErr := provider.server.Stop(ctx)
-	fileErr := provider.file.Close()
-	if serverErr != nil {
-		return serverErr
-	}
-
-	return fileErr
-}

ee/authz/openfgaauthz/provider.go

@@ -2,6 +2,7 @@ package openfgaauthz
 
 import (
 	"context"
+	"slices"
 
 	"github.com/SigNoz/signoz/ee/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/authz"
@@ -12,7 +13,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/coretypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
@@ -25,19 +25,19 @@ type provider struct {
 	openfgaServer      *openfgaserver.Server
 	licensing          licensing.Licensing
 	store              authtypes.RoleStore
-	registry           *authtypes.Registry
+	registry           []authz.RegisterTypeable
 	settings           factory.ScopedProviderSettings
 	onBeforeRoleDelete []authz.OnBeforeRoleDelete
 }
 
-func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, openfgaDataStore storage.OpenFGADatastore, licensing licensing.Licensing, onBeforeRoleDelete []authz.OnBeforeRoleDelete, registry *authtypes.Registry) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, openfgaDataStore storage.OpenFGADatastore, licensing licensing.Licensing, onBeforeRoleDelete []authz.OnBeforeRoleDelete, registry ...authz.RegisterTypeable) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("openfga"), func(ctx context.Context, ps factory.ProviderSettings, config authz.Config) (authz.AuthZ, error) {
 		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema, openfgaDataStore, licensing, onBeforeRoleDelete, registry)
 	})
 }
 
-func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, openfgaDataStore storage.OpenFGADatastore, licensing licensing.Licensing, onBeforeRoleDelete []authz.OnBeforeRoleDelete, registry *authtypes.Registry) (authz.AuthZ, error) {
-	pkgOpenfgaAuthzProvider := pkgopenfgaauthz.NewProviderFactory(sqlstore, openfgaSchema, openfgaDataStore, registry)
+func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, openfgaDataStore storage.OpenFGADatastore, licensing licensing.Licensing, onBeforeRoleDelete []authz.OnBeforeRoleDelete, registry []authz.RegisterTypeable) (authz.AuthZ, error) {
+	pkgOpenfgaAuthzProvider := pkgopenfgaauthz.NewProviderFactory(sqlstore, openfgaSchema, openfgaDataStore)
 	pkgAuthzService, err := pkgOpenfgaAuthzProvider.New(ctx, settings, config)
 	if err != nil {
 		return nil, err
@@ -74,11 +74,11 @@ func (provider *provider) Stop(ctx context.Context) error {
 	return provider.openfgaServer.Stop(ctx)
 }
 
-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable coretypes.Resource, selectors []coretypes.Selector, roleSelectors []coretypes.Selector) error {
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
 	return provider.openfgaServer.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
 }
 
-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable coretypes.Resource, selectors []coretypes.Selector, roleSelectors []coretypes.Selector) error {
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
 	return provider.openfgaServer.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
 }
 
@@ -86,29 +86,7 @@ func (provider *provider) BatchCheck(ctx context.Context, tupleReq map[string]*o
 	return provider.openfgaServer.BatchCheck(ctx, tupleReq)
 }
 
-func (provider *provider) CheckTransactions(ctx context.Context, subject string, orgID valuer.UUID, transactions []*authtypes.Transaction) ([]*authtypes.TransactionWithAuthorization, error) {
-	tuples, err := authtypes.NewTuplesFromTransactions(transactions, subject, orgID)
-	if err != nil {
-		return nil, err
-	}
-
-	batchResults, err := provider.openfgaServer.BatchCheck(ctx, tuples)
-	if err != nil {
-		return nil, err
-	}
-
-	results := make([]*authtypes.TransactionWithAuthorization, len(transactions))
-	for i, txn := range transactions {
-		result := batchResults[txn.ID.StringValue()]
-		results[i] = &authtypes.TransactionWithAuthorization{
-			Transaction: txn,
-			Authorized:  result.Authorized,
-		}
-	}
-	return results, nil
-}
-
-func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, objectType coretypes.Type) ([]*coretypes.Object, error) {
+func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, objectType authtypes.Type) ([]*authtypes.Object, error) {
 	return provider.openfgaServer.ListObjects(ctx, subject, relation, objectType)
 }
 
@@ -159,10 +137,16 @@ func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.U
 func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
 	tuples := make([]*openfgav1.TupleKey, 0)
 
-	grantTuples := provider.getManagedRoleGrantTuples(orgID, userID)
+	grantTuples, err := provider.getManagedRoleGrantTuples(orgID, userID)
+	if err != nil {
+		return err
+	}
 	tuples = append(tuples, grantTuples...)
 
-	managedRoleTuples := provider.getManagedRoleTransactionTuples(orgID)
+	managedRoleTuples, err := provider.getManagedRoleTransactionTuples(orgID)
+	if err != nil {
+		return err
+	}
 	tuples = append(tuples, managedRoleTuples...)
 
 	return provider.Write(ctx, tuples, nil)
@@ -202,7 +186,21 @@ func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, ro
 	return role, nil
 }
 
-func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*coretypes.Object, error) {
+func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
+	resources := make([]*authtypes.Resource, 0)
+	for _, register := range provider.registry {
+		for _, typeable := range register.MustGetTypeables() {
+			resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
+		}
+	}
+	for _, typeable := range provider.MustGetTypeables() {
+		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
+	}
+
+	return resources
+}
+
+func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
 	_, err := provider.licensing.GetActive(ctx, orgID)
 	if err != nil {
 		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
@@ -213,16 +211,16 @@ func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id
 		return nil, err
 	}
 
-	objects := make([]*coretypes.Object, 0)
-	for _, objectType := range provider.registry.Types() {
-		if coretypes.ErrIfVerbNotValidForType(relation.Verb, objectType) != nil {
+	objects := make([]*authtypes.Object, 0)
+	for _, objectType := range provider.getUniqueTypes() {
+		if !slices.Contains(authtypes.TypeableRelations[objectType], relation) {
 			continue
 		}
 
 		resourceObjects, err := provider.
 			ListObjects(
 				ctx,
-				authtypes.MustNewSubject(coretypes.NewResourceRole(), storableRole.Name, orgID, &coretypes.VerbAssignee),
+				authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.Name, orgID, &authtypes.RelationAssignee),
 				relation,
 				objectType,
 			)
@@ -245,7 +243,7 @@ func (provider *provider) Patch(ctx context.Context, orgID valuer.UUID, role *au
 	return provider.store.Update(ctx, orgID, role)
 }
 
-func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*coretypes.Object) error {
+func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
 	_, err := provider.licensing.GetActive(ctx, orgID)
 	if err != nil {
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
@@ -298,63 +296,84 @@ func (provider *provider) Delete(ctx context.Context, orgID valuer.UUID, id valu
 	return provider.store.Delete(ctx, orgID, id)
 }
 
-func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID valuer.UUID) []*openfgav1.TupleKey {
+func (provider *provider) MustGetTypeables() []authtypes.Typeable {
+	return []authtypes.Typeable{authtypes.TypeableRole, authtypes.TypeableResourcesRoles}
+}
+
+func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := []*openfgav1.TupleKey{}
 
 	// Grant the admin role to the user
-	adminSubject := authtypes.MustNewSubject(coretypes.NewResourceUser(), userID.String(), orgID, nil)
-	adminTuple := authtypes.NewTuples(
-		coretypes.NewResourceRole(),
+	adminSubject := authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil)
+	adminTuple, err := authtypes.TypeableRole.Tuples(
 		adminSubject,
-		authtypes.Relation{Verb: coretypes.VerbAssignee},
-		[]coretypes.Selector{coretypes.TypeRole.MustSelector(authtypes.SigNozAdminRoleName)},
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
+		},
 		orgID,
 	)
+	if err != nil {
+		return nil, err
+	}
 	tuples = append(tuples, adminTuple...)
 
 	// Grant the admin role to the anonymous user
-	anonymousSubject := authtypes.MustNewSubject(coretypes.NewResourceAnonymous(), coretypes.AnonymousUser.String(), orgID, nil)
-	anonymousTuple := authtypes.NewTuples(
-		coretypes.NewResourceRole(),
+	anonymousSubject := authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
+	anonymousTuple, err := authtypes.TypeableRole.Tuples(
 		anonymousSubject,
-		authtypes.Relation{Verb: coretypes.VerbAssignee},
-		[]coretypes.Selector{coretypes.TypeRole.MustSelector(authtypes.SigNozAnonymousRoleName)},
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAnonymousRoleName),
+		},
 		orgID,
 	)
+	if err != nil {
+		return nil, err
+	}
 	tuples = append(tuples, anonymousTuple...)
 
-	return tuples
+	return tuples, nil
 }
 
-func (provider *provider) getManagedRoleTransactionTuples(orgID valuer.UUID) []*openfgav1.TupleKey {
+func (provider *provider) getManagedRoleTransactionTuples(orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+	transactionsByRole := make(map[string][]*authtypes.Transaction)
+	for _, register := range provider.registry {
+		for roleName, txns := range register.MustGetManagedRoleTransactions() {
+			transactionsByRole[roleName] = append(transactionsByRole[roleName], txns...)
+		}
+	}
+
 	tuples := make([]*openfgav1.TupleKey, 0)
-	for roleName, transactions := range provider.registry.ManagedRoleTransactions() {
+	for roleName, transactions := range transactionsByRole {
 		for _, txn := range transactions {
-			resource := coretypes.MustNewResourceFromTypeAndKind(txn.Object.Resource.Type, txn.Object.Resource.Kind)
-			txnTuples := authtypes.NewTuples(
-				resource,
+			typeable := authtypes.MustNewTypeableFromType(txn.Object.Resource.Type, txn.Object.Resource.Name)
+			txnTuples, err := typeable.Tuples(
 				authtypes.MustNewSubject(
-					coretypes.NewResourceRole(),
+					authtypes.TypeableRole,
 					roleName,
 					orgID,
-					&coretypes.VerbAssignee,
+					&authtypes.RelationAssignee,
 				),
 				txn.Relation,
-				[]coretypes.Selector{txn.Object.Selector},
+				[]authtypes.Selector{txn.Object.Selector},
 				orgID,
 			)
+			if err != nil {
+				return nil, err
+			}
 			tuples = append(tuples, txnTuples...)
 		}
 	}
 
-	return tuples
+	return tuples, nil
 }
 
 func (provider *provider) deleteTuples(ctx context.Context, roleName string, orgID valuer.UUID) error {
-	subject := authtypes.MustNewSubject(coretypes.NewResourceRole(), roleName, orgID, &coretypes.VerbAssignee)
+	subject := authtypes.MustNewSubject(authtypes.TypeableRole, roleName, orgID, &authtypes.RelationAssignee)
 
 	tuples := make([]*openfgav1.TupleKey, 0)
-	for _, objectType := range provider.registry.Types() {
+	for _, objectType := range provider.getUniqueTypes() {
 		typeTuples, err := provider.ReadTuples(ctx, &openfgav1.ReadRequestTupleKey{
 			User:   subject,
 			Object: objectType.StringValue() + ":",
@@ -383,3 +402,28 @@ func (provider *provider) deleteTuples(ctx context.Context, roleName string, org
 
 	return nil
 }
+
+func (provider *provider) getUniqueTypes() []authtypes.Type {
+	seen := make(map[string]struct{})
+	uniqueTypes := make([]authtypes.Type, 0)
+	for _, register := range provider.registry {
+		for _, typeable := range register.MustGetTypeables() {
+			typeKey := typeable.Type().StringValue()
+			if _, ok := seen[typeKey]; ok {
+				continue
+			}
+			seen[typeKey] = struct{}{}
+			uniqueTypes = append(uniqueTypes, typeable.Type())
+		}
+	}
+	for _, typeable := range provider.MustGetTypeables() {
+		typeKey := typeable.Type().StringValue()
+		if _, ok := seen[typeKey]; ok {
+			continue
+		}
+		seen[typeKey] = struct{}{}
+		uniqueTypes = append(uniqueTypes, typeable.Type())
+	}
+
+	return uniqueTypes
+}

ee/authz/openfgaschema/base.fga

@@ -1,6 +1,6 @@
 module base
 
-type organization 
+type organisation 
   relations
     define read: [user, serviceaccount, role#assignee]
     define update: [user, serviceaccount, role#assignee]
@@ -10,14 +10,12 @@ type user
     define read: [user, serviceaccount, role#assignee]
     define update: [user, serviceaccount, role#assignee]
     define delete: [user, serviceaccount, role#assignee]
-    define attach: [user, serviceaccount, role#assignee]
 
-type serviceaccount
+type serviceaccount 
   relations
     define read: [user, serviceaccount, role#assignee]
     define update: [user, serviceaccount, role#assignee]
-    define delete: [user, serviceaccount, role#assignee]
-    define attach: [user, serviceaccount, role#assignee]
+    define delete: [user, serviceaccount, role#assignee]  
 
 type anonymous
 
@@ -28,7 +26,6 @@ type role
     define read: [user, serviceaccount, role#assignee]
     define update: [user, serviceaccount, role#assignee]
     define delete: [user, serviceaccount, role#assignee]
-    define attach: [user, serviceaccount, role#assignee]
 
 type metaresources
   relations

ee/authz/openfgaserver/server.go

@@ -7,7 +7,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/coretypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 )
@@ -34,18 +33,18 @@ func (server *Server) Stop(ctx context.Context) error {
 	return server.pkgAuthzService.Stop(ctx)
 }
 
-func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable coretypes.Resource, selectors []coretypes.Selector, _ []coretypes.Selector) error {
+func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
 	subject := ""
 	switch claims.Principal {
 	case authtypes.PrincipalUser:
-		user, err := authtypes.NewSubject(coretypes.NewResourceUser(), claims.UserID, orgID, nil)
+		user, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
 		if err != nil {
 			return err
 		}
 
 		subject = user
 	case authtypes.PrincipalServiceAccount:
-		serviceAccount, err := authtypes.NewSubject(coretypes.NewResourceServiceAccount(), claims.ServiceAccountID, orgID, nil)
+		serviceAccount, err := authtypes.NewSubject(authtypes.TypeableServiceAccount, claims.ServiceAccountID, orgID, nil)
 		if err != nil {
 			return err
 		}
@@ -53,7 +52,10 @@ func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtyp
 		subject = serviceAccount
 	}
 
-	tupleSlice := authtypes.NewTuples(typeable, subject, relation, selectors, orgID)
+	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)
+	if err != nil {
+		return err
+	}
 
 	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
 	for idx, tuple := range tupleSlice {
@@ -74,13 +76,16 @@ func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtyp
 	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
 }
 
-func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable coretypes.Resource, selectors []coretypes.Selector, _ []coretypes.Selector) error {
-	subject, err := authtypes.NewSubject(coretypes.NewResourceAnonymous(), coretypes.AnonymousUser.String(), orgID, nil)
+func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
 	if err != nil {
 		return err
 	}
 
-	tupleSlice := authtypes.NewTuples(typeable, subject, relation, selectors, orgID)
+	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)
+	if err != nil {
+		return err
+	}
 
 	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
 	for idx, tuple := range tupleSlice {
@@ -105,7 +110,7 @@ func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openf
 	return server.pkgAuthzService.BatchCheck(ctx, tupleReq)
 }
 
-func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, objectType coretypes.Type) ([]*coretypes.Object, error) {
+func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, objectType authtypes.Type) ([]*authtypes.Object, error) {
 	return server.pkgAuthzService.ListObjects(ctx, subject, relation, objectType)
 }
 

ee/authz/openfgaserver/sqlstore.go

@@ -2,7 +2,6 @@ package openfgaserver
 
 import (
 	"github.com/SigNoz/signoz/ee/sqlstore/postgressqlstore"
-	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/openfga/openfga/pkg/storage"
@@ -11,11 +10,11 @@ import (
 	"github.com/openfga/openfga/pkg/storage/sqlite"
 )
 
-func NewSQLStore(store sqlstore.SQLStore, config authz.Config) (storage.OpenFGADatastore, error) {
+func NewSQLStore(store sqlstore.SQLStore) (storage.OpenFGADatastore, error) {
 	switch store.BunDB().Dialect().Name().String() {
 	case "sqlite":
 		return sqlite.NewWithDB(store.SQLDB(), &sqlcommon.Config{
-			MaxTuplesPerWriteField: config.OpenFGA.MaxTuplesPerWrite,
+			MaxTuplesPerWriteField: 100,
 			MaxTypesPerModelField:  100,
 		})
 	case "pg":
@@ -25,7 +24,7 @@ func NewSQLStore(store sqlstore.SQLStore, config authz.Config) (storage.OpenFGAD
 		}
 
 		return postgres.NewWithDB(pgStore.Pool(), nil, &sqlcommon.Config{
-			MaxTuplesPerWriteField: config.OpenFGA.MaxTuplesPerWrite,
+			MaxTuplesPerWriteField: 100,
 			MaxTypesPerModelField:  100,
 		})
 	}

ee/metercollector/staticmetercollector/provider.go

@@ -1,61 +0,0 @@
-// Package staticmetercollector emits a fixed-value meter reading per org per window.
-package staticmetercollector
-
-import (
-	"context"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/metercollector"
-	"github.com/SigNoz/signoz/pkg/types/licensetypes"
-	"github.com/SigNoz/signoz/pkg/types/zeustypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-var _ metercollector.MeterCollector = (*Provider)(nil)
-
-type Provider struct {
-	settings factory.ScopedProviderSettings
-	config   metercollector.StaticConfig
-}
-
-func NewFactory() factory.ProviderFactory[metercollector.MeterCollector, metercollector.Config] {
-	return factory.NewProviderFactory(factory.MustNewName(metercollector.ProviderStatic), func(ctx context.Context, providerSettings factory.ProviderSettings, config metercollector.Config) (metercollector.MeterCollector, error) {
-		return newProvider(providerSettings, config.Static), nil
-	},
-	)
-}
-
-func newProvider(providerSettings factory.ProviderSettings, config metercollector.StaticConfig) *Provider {
-	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/ee/metercollector/staticmetercollector")
-
-	return &Provider{
-		settings: settings,
-		config:   config,
-	}
-}
-
-func (provider *Provider) Name() zeustypes.MeterName { return provider.config.Name }
-func (provider *Provider) Unit() zeustypes.MeterUnit { return provider.config.Unit }
-func (provider *Provider) Aggregation() zeustypes.MeterAggregation {
-	return provider.config.Aggregation
-}
-
-func (provider *Provider) Origin(_ context.Context, _ valuer.UUID, license *licensetypes.License, _ time.Time) (time.Time, error) {
-	if license == nil || license.CreatedAt.IsZero() {
-		return time.Time{}, nil
-	}
-
-	createdAt := license.CreatedAt.UTC()
-	return time.Date(createdAt.Year(), createdAt.Month(), createdAt.Day(), 0, 0, 0, 0, time.UTC), nil
-}
-
-func (provider *Provider) Collect(_ context.Context, orgID valuer.UUID, license *licensetypes.License, window zeustypes.MeterWindow) ([]zeustypes.Meter, error) {
-	if license == nil || license.Key == "" {
-		return nil, nil
-	}
-
-	return []zeustypes.Meter{
-		zeustypes.NewMeter(provider.config.Name, provider.config.Value, provider.config.Unit, provider.config.Aggregation, window, zeustypes.NewDimensions(zeustypes.OrganizationID.String(orgID.StringValue()))),
-	}, nil
-}

ee/metercollector/telemetrymetercollector/provider.go

@@ -1,247 +0,0 @@
-// Package telemetrymetercollector collects telemetry meters (logs, traces, metrics)
-// by retention. One Provider materializes per TelemetryConfig.
-package telemetrymetercollector
-
-import (
-	"context"
-	"fmt"
-	"regexp"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/huandu/go-sqlbuilder"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/metercollector"
-	"github.com/SigNoz/signoz/pkg/modules/retention"
-	"github.com/SigNoz/signoz/pkg/telemetrymeter"
-	"github.com/SigNoz/signoz/pkg/telemetrystore"
-	"github.com/SigNoz/signoz/pkg/types/licensetypes"
-	"github.com/SigNoz/signoz/pkg/types/retentiontypes"
-	"github.com/SigNoz/signoz/pkg/types/zeustypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-var (
-	labelKeyPattern   = regexp.MustCompile(`^[A-Za-z0-9_.\-]+$`)
-	labelValuePattern = regexp.MustCompile(`^[A-Za-z0-9_.\-:]+$`)
-)
-
-var _ metercollector.MeterCollector = (*Provider)(nil)
-
-type Provider struct {
-	settings        factory.ScopedProviderSettings
-	config          metercollector.TelemetryConfig
-	telemetryStore  telemetrystore.TelemetryStore
-	retentionGetter retention.Getter
-}
-
-func NewFactory(telemetryStore telemetrystore.TelemetryStore, retentionGetter retention.Getter) factory.ProviderFactory[metercollector.MeterCollector, metercollector.Config] {
-	return factory.NewProviderFactory(factory.MustNewName(metercollector.ProviderTelemetry), func(ctx context.Context, providerSettings factory.ProviderSettings, config metercollector.Config) (metercollector.MeterCollector, error) {
-		return newProvider(providerSettings, config.Telemetry, telemetryStore, retentionGetter), nil
-	},
-	)
-}
-
-func newProvider(
-	providerSettings factory.ProviderSettings,
-	config metercollector.TelemetryConfig,
-	telemetryStore telemetrystore.TelemetryStore,
-	retentionGetter retention.Getter,
-) *Provider {
-	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/ee/metercollector/telemetrymetercollector")
-
-	return &Provider{
-		settings:        settings,
-		config:          config,
-		telemetryStore:  telemetryStore,
-		retentionGetter: retentionGetter,
-	}
-}
-
-func (provider *Provider) Name() zeustypes.MeterName { return provider.config.Name }
-func (provider *Provider) Unit() zeustypes.MeterUnit { return provider.config.Unit }
-func (provider *Provider) Aggregation() zeustypes.MeterAggregation {
-	return provider.config.Aggregation
-}
-
-func (provider *Provider) Origin(ctx context.Context, _ valuer.UUID, _ *licensetypes.License, todayStart time.Time) (time.Time, error) {
-	query, args := buildOriginQuery(provider.config.Name.String())
-
-	var minMs int64
-	if err := provider.telemetryStore.ClickhouseDB().QueryRow(ctx, query, args...).Scan(&minMs); err != nil {
-		return time.Time{}, err
-	}
-	if minMs == 0 {
-		return todayStart, nil
-	}
-
-	minDay := time.UnixMilli(minMs).UTC()
-	return time.Date(minDay.Year(), minDay.Month(), minDay.Day(), 0, 0, 0, 0, time.UTC), nil
-}
-
-func (provider *Provider) Collect(
-	ctx context.Context,
-	orgID valuer.UUID,
-	_ *licensetypes.License,
-	window zeustypes.MeterWindow,
-) ([]zeustypes.Meter, error) {
-	meterName := provider.config.Name.String()
-
-	segments, err := provider.retentionGetter.GetRetentionPolicySegments(
-		ctx,
-		orgID,
-		provider.config.DBName,
-		provider.config.TableName,
-		provider.config.DefaultRetentionDays,
-		window.StartUnixMilli,
-		window.EndUnixMilli,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	valuesByRetentionDays := make(map[int]int64)
-
-	for _, segment := range segments {
-		query, args, err := buildQuery(meterName, segment)
-		if err != nil {
-			return nil, err
-		}
-
-		rows, err := provider.telemetryStore.ClickhouseDB().Query(ctx, query, args...)
-		if err != nil {
-			return nil, err
-		}
-
-		if err := func() error {
-			defer rows.Close()
-			for rows.Next() {
-				var retentionDays int32
-				var value int64
-
-				if err := rows.Scan(&retentionDays, &value); err != nil {
-					return err
-				}
-
-				valuesByRetentionDays[int(retentionDays)] += value
-			}
-			if err := rows.Err(); err != nil {
-				return err
-			}
-			return nil
-		}(); err != nil {
-			return nil, err
-		}
-	}
-
-	meters := make([]zeustypes.Meter, 0, len(valuesByRetentionDays))
-	for retentionDays, value := range valuesByRetentionDays {
-		meters = append(meters, zeustypes.NewMeter(provider.config.Name, value, provider.config.Unit, provider.config.Aggregation, window, buildDimensions(orgID, retentionDays)))
-	}
-
-	// Empty windows still emit a sentinel so checkpoints can advance.
-	if len(meters) == 0 && len(segments) > 0 {
-		meters = append(meters, zeustypes.NewMeter(provider.config.Name, 0, provider.config.Unit, provider.config.Aggregation, window, buildDimensions(orgID, segments[len(segments)-1].DefaultDays)))
-	}
-
-	return meters, nil
-}
-
-func buildOriginQuery(meterName string) (string, []any) {
-	sb := sqlbuilder.NewSelectBuilder()
-	sb.Select("toInt64(ifNull(min(unix_milli), 0))")
-	sb.From(telemetrymeter.DBName + "." + telemetrymeter.SamplesTableName)
-	sb.Where(sb.Equal("metric_name", meterName))
-	return sb.BuildWithFlavor(sqlbuilder.ClickHouse)
-}
-
-func buildQuery(meterName string, segment *retentiontypes.RetentionPolicySegment) (string, []any, error) {
-	retentionExpr, err := buildRetentionMultiIfSQL(segment.Rules, segment.DefaultDays)
-	if err != nil {
-		return "", nil, err
-	}
-
-	selects := []string{
-		retentionExpr + " AS retention_days",
-		"toInt64(ifNull(sum(value), 0)) AS value",
-	}
-
-	sb := sqlbuilder.NewSelectBuilder()
-	sb.Select(selects...)
-	sb.From(telemetrymeter.DBName + "." + telemetrymeter.SamplesTableName)
-	sb.Where(
-		sb.Equal("metric_name", meterName),
-		sb.GTE("unix_milli", segment.StartMs),
-		sb.LT("unix_milli", segment.EndMs),
-	)
-	sb.GroupBy("retention_days")
-	query, args := sb.BuildWithFlavor(sqlbuilder.ClickHouse)
-	return query, args, nil
-}
-
-func buildRetentionMultiIfSQL(rules []retentiontypes.CustomRetentionRule, defaultDays int) (string, error) {
-	if defaultDays <= 0 {
-		return "", errors.Newf(errors.TypeInvalidInput, metercollector.ErrCodeMeterCollectorInvalidCustomRetentionRule, "non-positive default retention %d", defaultDays)
-	}
-
-	if len(rules) == 0 {
-		return "toInt32(" + strconv.Itoa(defaultDays) + ")", nil
-	}
-
-	arms := make([]string, 0, 2*len(rules)+1)
-	for ruleIndex, rule := range rules {
-		if rule.TTLDays <= 0 {
-			return "", errors.Newf(errors.TypeInvalidInput, metercollector.ErrCodeMeterCollectorInvalidCustomRetentionRule, "rule %d has non-positive ttl_days %d", ruleIndex, rule.TTLDays)
-		}
-		conditionExpr, err := buildRuleConditionSQL(ruleIndex, rule)
-		if err != nil {
-			return "", err
-		}
-
-		arms = append(arms, conditionExpr)
-		arms = append(arms, strconv.Itoa(rule.TTLDays))
-	}
-	arms = append(arms, strconv.Itoa(defaultDays))
-
-	return "toInt32(multiIf(" + strings.Join(arms, ", ") + "))", nil
-}
-
-func buildRuleConditionSQL(ruleIndex int, rule retentiontypes.CustomRetentionRule) (string, error) {
-	if len(rule.Filters) == 0 {
-		return "", errors.Newf(errors.TypeInvalidInput, metercollector.ErrCodeMeterCollectorInvalidCustomRetentionRule, "rule %d has no filters", ruleIndex)
-	}
-
-	filterExprs := make([]string, 0, len(rule.Filters))
-	for filterIndex, filter := range rule.Filters {
-		if !labelKeyPattern.MatchString(filter.Key) {
-			return "", errors.Newf(errors.TypeInvalidInput, metercollector.ErrCodeMeterCollectorInvalidCustomRetentionRule, "rule %d filter %d has invalid key %q", ruleIndex, filterIndex, filter.Key)
-		}
-		if len(filter.Values) == 0 {
-			return "", errors.Newf(errors.TypeInvalidInput, metercollector.ErrCodeMeterCollectorInvalidCustomRetentionRule, "rule %d filter %d has no values", ruleIndex, filterIndex)
-		}
-
-		quoted := make([]string, len(filter.Values))
-		for valueIndex, value := range filter.Values {
-			if !labelValuePattern.MatchString(value) {
-				return "", errors.Newf(errors.TypeInvalidInput, metercollector.ErrCodeMeterCollectorInvalidCustomRetentionRule, "rule %d filter %d value %d is invalid %q", ruleIndex, filterIndex, valueIndex, value)
-			}
-			quoted[valueIndex] = "'" + value + "'"
-		}
-
-		filterExprs = append(filterExprs, fmt.Sprintf("JSONExtractString(labels, '%s') IN (%s)", filter.Key, strings.Join(quoted, ", ")))
-	}
-
-	return strings.Join(filterExprs, " AND "), nil
-}
-
-func buildDimensions(orgID valuer.UUID, retentionDays int) map[string]string {
-	retentionDurationSeconds := int64(retentionDays) * 24 * 60 * 60 // seconds
-
-	return zeustypes.NewDimensions(
-		zeustypes.OrganizationID.String(orgID.StringValue()),
-		zeustypes.RetentionDuration.String(strconv.FormatInt(retentionDurationSeconds, 10)),
-	)
-}

ee/meterreporter/httpmeterreporter/provider.go

@@ -1,318 +0,0 @@
-package httpmeterreporter
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"log/slog"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/flagger"
-	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/metercollector"
-	"github.com/SigNoz/signoz/pkg/meterreporter"
-	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/featuretypes"
-	"github.com/SigNoz/signoz/pkg/types/licensetypes"
-	"github.com/SigNoz/signoz/pkg/types/zeustypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/SigNoz/signoz/pkg/zeus"
-	"go.opentelemetry.io/otel/attribute"
-	"go.opentelemetry.io/otel/metric"
-	"go.opentelemetry.io/otel/trace"
-)
-
-var _ factory.ServiceWithHealthy = (*Provider)(nil)
-
-type Provider struct {
-	settings         factory.ScopedProviderSettings
-	config           meterreporter.Config
-	collectorsByName map[zeustypes.MeterName]metercollector.MeterCollector
-	flagger          flagger.Flagger
-	licensing        licensing.Licensing
-	orgGetter        organization.Getter
-	zeus             zeus.Zeus
-	healthyC         chan struct{}
-	stopC            chan struct{}
-	metrics          *reporterMetrics
-}
-
-func NewFactory(collectorFactories factory.NamedMap[factory.ProviderFactory[metercollector.MeterCollector, metercollector.Config]], collectorConfigs []metercollector.Config, flagger flagger.Flagger, licensing licensing.Licensing, orgGetter organization.Getter, zeus zeus.Zeus) factory.ProviderFactory[meterreporter.Reporter, meterreporter.Config] {
-	return factory.NewProviderFactory(factory.MustNewName("http"), func(ctx context.Context, providerSettings factory.ProviderSettings, config meterreporter.Config) (meterreporter.Reporter, error) {
-		return newProvider(ctx, providerSettings, config, collectorFactories, collectorConfigs, flagger, licensing, orgGetter, zeus)
-	},
-	)
-}
-
-func newProvider(
-	ctx context.Context,
-	providerSettings factory.ProviderSettings,
-	config meterreporter.Config,
-	collectorFactories factory.NamedMap[factory.ProviderFactory[metercollector.MeterCollector, metercollector.Config]],
-	collectorConfigs []metercollector.Config,
-	flagger flagger.Flagger,
-	licensing licensing.Licensing,
-	orgGetter organization.Getter,
-	zeus zeus.Zeus,
-) (*Provider, error) {
-	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/ee/meterreporter/httpmeterreporter")
-
-	collectorsByName := map[zeustypes.MeterName]metercollector.MeterCollector{}
-	for _, collectorConfig := range collectorConfigs {
-		collector, err := factory.NewProviderFromNamedMap(ctx, providerSettings, collectorConfig, collectorFactories, collectorConfig.Provider)
-		if err != nil {
-			return nil, err
-		}
-		if _, exists := collectorsByName[collector.Name()]; exists {
-			return nil, errors.Newf(errors.TypeAlreadyExists, errors.CodeAlreadyExists, "duplicate meter collector %q", collector.Name())
-		}
-		collectorsByName[collector.Name()] = collector
-	}
-
-	metrics, err := newReporterMetrics(settings.Meter())
-	if err != nil {
-		return nil, err
-	}
-
-	return &Provider{
-		settings:         settings,
-		config:           config,
-		collectorsByName: collectorsByName,
-		flagger:          flagger,
-		licensing:        licensing,
-		orgGetter:        orgGetter,
-		zeus:             zeus,
-		healthyC:         make(chan struct{}),
-		stopC:            make(chan struct{}),
-		metrics:          metrics,
-	}, nil
-}
-
-func (provider *Provider) Start(ctx context.Context) error {
-	close(provider.healthyC)
-
-	provider.collect(ctx)
-
-	ticker := time.NewTicker(provider.config.Interval)
-	defer ticker.Stop()
-
-	for {
-		select {
-		case <-provider.stopC:
-			return nil
-		case <-ticker.C:
-			provider.collect(ctx)
-		}
-	}
-}
-
-func (provider *Provider) collect(ctx context.Context) {
-	ctx, span := provider.settings.Tracer().Start(ctx, "meterreporter.Collect", trace.WithAttributes(attribute.String("meterreporter.provider", "http")))
-	defer span.End()
-
-	orgs, err := provider.orgGetter.ListByOwnedKeyRange(ctx)
-	if err != nil {
-		span.RecordError(err)
-		provider.settings.Logger().ErrorContext(ctx, "failed to get orgs data", errors.Attr(err))
-		return
-	}
-
-	for _, org := range orgs {
-		evalCtx := featuretypes.NewFlaggerEvaluationContext(org.ID)
-		if !provider.flagger.BooleanOrEmpty(ctx, flagger.FeatureUseMeterReporter, evalCtx) {
-			provider.settings.Logger().DebugContext(ctx, "meter reporter disabled for org, skipping reporting", slog.String("org_id", org.ID.StringValue()))
-			continue
-		}
-
-		license, err := provider.licensing.GetActive(ctx, org.ID)
-		if err != nil {
-			if errors.Ast(err, errors.TypeNotFound) {
-				provider.settings.Logger().DebugContext(ctx, "no active license found for org, skipping reporting", slog.String("org_id", org.ID.StringValue()))
-				continue
-			}
-
-			span.RecordError(err)
-			provider.settings.Logger().ErrorContext(ctx, "failed to fetch active license for org", errors.Attr(err), slog.String("org_id", org.ID.StringValue()))
-			return
-		}
-
-		if err := provider.collectOrg(ctx, org, license); err != nil {
-			span.RecordError(err)
-			provider.settings.Logger().ErrorContext(ctx, "failed to collect meters", errors.Attr(err), slog.String("org_id", org.ID.StringValue()))
-		}
-	}
-}
-
-func (provider *Provider) Stop(ctx context.Context) error {
-	close(provider.stopC)
-	return nil
-}
-
-func (provider *Provider) Healthy() <-chan struct{} {
-	return provider.healthyC
-}
-
-func (provider *Provider) collectOrg(ctx context.Context, org *types.Organization, license *licensetypes.License) error {
-	now := time.Now().UTC()
-	// Use one timestamp so a tick cannot straddle midnight.
-	todayStart := time.Date(now.Year(), now.Month(), now.Day(), 0, 0, 0, 0, time.UTC)
-
-	if provider.config.Backfill {
-		checkpointsByMeter, err := provider.checkpoints(ctx, license.Key)
-		if err != nil {
-			return err
-		}
-
-		nextByCollector := provider.nextDays(license, todayStart, checkpointsByMeter)
-
-		start, end, ok := backfillRange(nextByCollector, todayStart)
-		if ok {
-			for day := start; !day.After(end); day = day.AddDate(0, 0, 1) {
-				eligible := eligibleCollectors(provider.collectorsByName, nextByCollector, day)
-				if len(eligible) == 0 {
-					continue
-				}
-
-				window, err := zeustypes.NewMeterWindow(day.UnixMilli(), day.AddDate(0, 0, 1).UnixMilli(), true)
-				if err != nil {
-					return err
-				}
-
-				if err := provider.report(ctx, org.ID, license, window, eligible); err != nil {
-					provider.settings.Logger().WarnContext(ctx, "failed to backfill for day", errors.Attr(err), slog.String("date", day.Format("2006-01-02")))
-					return err
-				}
-			}
-		}
-	}
-
-	// Today's partial window: every collector is always eligible (next <= today).
-	if now.UnixMilli() > todayStart.UnixMilli() {
-		todayWindow, err := zeustypes.NewMeterWindow(todayStart.UnixMilli(), now.UnixMilli(), false)
-		if err != nil {
-			return err
-		}
-
-		return provider.report(ctx, org.ID, license, todayWindow, provider.collectorsByName)
-	}
-
-	return nil
-}
-
-func (provider *Provider) checkpoints(ctx context.Context, licenseKey string) (map[string]time.Time, error) {
-	list, err := provider.zeus.ListMeterCheckpoints(ctx, licenseKey)
-	if err != nil {
-		provider.metrics.checkpoints.Add(ctx, 1, metric.WithAttributes(errors.TypeAttr(err)))
-		return nil, err
-	}
-
-	provider.metrics.checkpoints.Add(ctx, 1)
-
-	checkpointsByMeter := make(map[string]time.Time, len(list))
-	for _, checkpoint := range list {
-		checkpointsByMeter[checkpoint.Name] = checkpoint.StartDate.UTC()
-	}
-
-	return checkpointsByMeter, nil
-}
-
-func (provider *Provider) nextDays(license *licensetypes.License, todayStart time.Time, checkpointsByMeter map[string]time.Time) map[zeustypes.MeterName]time.Time {
-	nextByCollector := make(map[zeustypes.MeterName]time.Time, len(provider.collectorsByName))
-	licenseCreatedAt := license.CreatedAt.UTC()
-	licenseCreatedAtDay := time.Date(licenseCreatedAt.Year(), licenseCreatedAt.Month(), licenseCreatedAt.Day(), 0, 0, 0, 0, time.UTC)
-
-	for _, collector := range provider.collectorsByName {
-		checkpoint, hasCheckpoint := checkpointsByMeter[collector.Name().String()]
-		nextByCollector[collector.Name()] = nextReportableDay(licenseCreatedAtDay, todayStart, checkpoint, hasCheckpoint)
-	}
-
-	return nextByCollector
-}
-
-func nextReportableDay(licenseCreatedAtDay time.Time, todayStart time.Time, checkpoint time.Time, hasCheckpoint bool) time.Time {
-	next := licenseCreatedAtDay
-	if next.IsZero() {
-		next = todayStart
-	}
-
-	if hasCheckpoint {
-		checkpointNext := checkpoint.AddDate(0, 0, 1)
-		if checkpointNext.After(next) {
-			next = checkpointNext
-		}
-	}
-
-	return next
-}
-
-func (provider *Provider) report(ctx context.Context, orgID valuer.UUID, license *licensetypes.License, window zeustypes.MeterWindow, collectors map[zeustypes.MeterName]metercollector.MeterCollector) error {
-	date := time.UnixMilli(window.StartUnixMilli).UTC().Format("2006-01-02")
-
-	meters := make([]zeustypes.Meter, 0, len(collectors))
-	for _, collector := range collectors {
-		meterAttr := attribute.String("signoz.meter.name", collector.Name().String())
-		collectedReadings, err := collector.Collect(ctx, orgID, license, window)
-		if err != nil {
-			provider.metrics.collections.Add(ctx, 1, metric.WithAttributes(meterAttr, errors.TypeAttr(err)))
-			continue
-		}
-
-		provider.metrics.collections.Add(ctx, 1, metric.WithAttributes(meterAttr))
-		meters = append(meters, collectedReadings...)
-	}
-
-	if len(meters) == 0 {
-		return nil
-	}
-
-	idempotencyKey := fmt.Sprintf("meterreporter:%s", date)
-
-	body, err := json.Marshal(meters)
-	if err != nil {
-		provider.metrics.reports.Add(ctx, 1, metric.WithAttributes(errors.TypeAttr(err)))
-		return err
-	}
-
-	if err := provider.zeus.PutMetersV3(ctx, license.Key, idempotencyKey, body); err != nil {
-		provider.metrics.reports.Add(ctx, 1, metric.WithAttributes(errors.TypeAttr(err)))
-		return err
-	}
-
-	provider.metrics.reports.Add(ctx, 1)
-	provider.metrics.meters.Add(ctx, int64(len(meters)))
-	return nil
-}
-
-// backfillRange returns the inclusive sealed-day range ending at yesterday.
-func backfillRange(nextByCollector map[zeustypes.MeterName]time.Time, todayStart time.Time) (start, end time.Time, ok bool) {
-	yesterday := todayStart.AddDate(0, 0, -1)
-
-	for _, next := range nextByCollector {
-		if !next.Before(todayStart) {
-			continue
-		}
-		if start.IsZero() || next.Before(start) {
-			start = next
-		}
-	}
-
-	if start.IsZero() || start.After(yesterday) {
-		return time.Time{}, time.Time{}, false
-	}
-
-	return start, yesterday, true
-}
-
-func eligibleCollectors(collectors map[zeustypes.MeterName]metercollector.MeterCollector, nextByCollector map[zeustypes.MeterName]time.Time, day time.Time) map[zeustypes.MeterName]metercollector.MeterCollector {
-	eligible := make(map[zeustypes.MeterName]metercollector.MeterCollector, len(collectors))
-	for name, collector := range collectors {
-		if !nextByCollector[name].After(day) {
-			eligible[name] = collector
-		}
-	}
-
-	return eligible
-}

ee/meterreporter/httpmeterreporter/telemetry.go

@@ -1,48 +0,0 @@
-package httpmeterreporter
-
-import (
-	"github.com/SigNoz/signoz/pkg/errors"
-	"go.opentelemetry.io/otel/metric"
-)
-
-type reporterMetrics struct {
-	checkpoints metric.Int64Counter
-	reports     metric.Int64Counter
-	collections metric.Int64Counter
-	meters      metric.Int64Counter
-}
-
-func newReporterMetrics(meter metric.Meter) (*reporterMetrics, error) {
-	var errs error
-
-	checkpoints, err := meter.Int64Counter("signoz.meterreporter.checkpoints", metric.WithDescription("Zeus meter checkpoint fetches."), metric.WithUnit("{checkpoint}"))
-	if err != nil {
-		errs = errors.Join(errs, err)
-	}
-
-	reports, err := meter.Int64Counter("signoz.meterreporter.reports", metric.WithDescription("Meter reports shipped to Zeus."), metric.WithUnit("{report}"))
-	if err != nil {
-		errs = errors.Join(errs, err)
-	}
-
-	collections, err := meter.Int64Counter("signoz.meterreporter.collections", metric.WithDescription("Per-meter collect calls."), metric.WithUnit("{collection}"))
-	if err != nil {
-		errs = errors.Join(errs, err)
-	}
-
-	meters, err := meter.Int64Counter("signoz.meterreporter.meters", metric.WithDescription("Meter readings shipped to Zeus."), metric.WithUnit("{meter}"))
-	if err != nil {
-		errs = errors.Join(errs, err)
-	}
-
-	if errs != nil {
-		return nil, errs
-	}
-
-	return &reporterMetrics{
-		checkpoints: checkpoints,
-		reports:     reports,
-		collections: collections,
-		meters:      meters,
-	}, nil
-}

ee/modules/cloudintegration/implcloudintegration/implcloudprovider/awscloudprovider.go

@@ -18,7 +18,6 @@ func NewAWSCloudProvider(defStore cloudintegrationtypes.ServiceDefinitionStore)
 	return &awscloudprovider{serviceDefinitions: defStore}, nil
 }
 
-// TODO: move URL construction logic to cloudintegrationtypes and add unit tests for it.
 func (provider *awscloudprovider) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.GetConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
 	baseURL := fmt.Sprintf(cloudintegrationtypes.CloudFormationQuickCreateBaseURL.StringValue(), req.Config.AWS.DeploymentRegion)
 	u, _ := url.Parse(baseURL)

ee/modules/cloudintegration/implcloudintegration/implcloudprovider/azurecloudprovider.go

@@ -2,48 +2,27 @@ package implcloudprovider
 
 import (
 	"context"
-	"sort"
 
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 )
 
-type azurecloudprovider struct {
-	serviceDefinitions cloudintegrationtypes.ServiceDefinitionStore
-}
+type azurecloudprovider struct{}
 
-func NewAzureCloudProvider(defStore cloudintegrationtypes.ServiceDefinitionStore) cloudintegration.CloudProviderModule {
-	return &azurecloudprovider{
-		serviceDefinitions: defStore,
-	}
+func NewAzureCloudProvider() cloudintegration.CloudProviderModule {
+	return &azurecloudprovider{}
 }
 
 func (provider *azurecloudprovider) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.GetConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	connectionArtifact, err := cloudintegrationtypes.NewAzureConnectionArtifact(account.ID, req.Config.AgentVersion, req.Credentials, req.Config.Azure)
-	if err != nil {
-		return nil, err
-	}
-	return &cloudintegrationtypes.ConnectionArtifact{
-		Azure: connectionArtifact,
-	}, nil
+	panic("implement me")
 }
 
 func (provider *azurecloudprovider) ListServiceDefinitions(ctx context.Context) ([]*cloudintegrationtypes.ServiceDefinition, error) {
-	return provider.serviceDefinitions.List(ctx, cloudintegrationtypes.CloudProviderTypeAzure)
+	panic("implement me")
 }
 
 func (provider *azurecloudprovider) GetServiceDefinition(ctx context.Context, serviceID cloudintegrationtypes.ServiceID) (*cloudintegrationtypes.ServiceDefinition, error) {
-	serviceDef, err := provider.serviceDefinitions.Get(ctx, cloudintegrationtypes.CloudProviderTypeAzure, serviceID)
-	if err != nil {
-		return nil, err
-	}
-
-	// override cloud integration dashboard id.
-	for index, dashboard := range serviceDef.Assets.Dashboards {
-		serviceDef.Assets.Dashboards[index].ID = cloudintegrationtypes.GetCloudIntegrationDashboardID(cloudintegrationtypes.CloudProviderTypeAzure, serviceID.StringValue(), dashboard.ID)
-	}
-
-	return serviceDef, nil
+	panic("implement me")
 }
 
 func (provider *azurecloudprovider) BuildIntegrationConfig(
@@ -51,56 +30,5 @@ func (provider *azurecloudprovider) BuildIntegrationConfig(
 	account *cloudintegrationtypes.Account,
 	services []*cloudintegrationtypes.StorableCloudIntegrationService,
 ) (*cloudintegrationtypes.ProviderIntegrationConfig, error) {
-	sort.Slice(services, func(i, j int) bool {
-		return services[i].Type.StringValue() < services[j].Type.StringValue()
-	})
-
-	var strategies []*cloudintegrationtypes.AzureTelemetryCollectionStrategy
-
-	for _, storedSvc := range services {
-		svcCfg, err := cloudintegrationtypes.NewServiceConfigFromJSON(cloudintegrationtypes.CloudProviderTypeAzure, storedSvc.Config)
-		if err != nil {
-			return nil, err
-		}
-
-		svcDef, err := provider.GetServiceDefinition(ctx, storedSvc.Type)
-		if err != nil {
-			return nil, err
-		}
-
-		strategy := svcDef.TelemetryCollectionStrategy.Azure
-		if strategy == nil {
-			continue
-		}
-
-		logsEnabled := svcCfg.IsLogsEnabled(cloudintegrationtypes.CloudProviderTypeAzure)
-		metricsEnabled := svcCfg.IsMetricsEnabled(cloudintegrationtypes.CloudProviderTypeAzure)
-
-		if !logsEnabled && !metricsEnabled {
-			continue
-		}
-
-		entry := &cloudintegrationtypes.AzureTelemetryCollectionStrategy{
-			ResourceProvider: strategy.ResourceProvider,
-			ResourceType:     strategy.ResourceType,
-		}
-
-		if metricsEnabled && strategy.Metrics != nil {
-			entry.Metrics = strategy.Metrics
-		}
-
-		if logsEnabled && strategy.Logs != nil {
-			entry.Logs = strategy.Logs
-		}
-
-		strategies = append(strategies, entry)
-	}
-
-	return &cloudintegrationtypes.ProviderIntegrationConfig{
-		Azure: cloudintegrationtypes.NewAzureIntegrationConfig(
-			account.Config.Azure.DeploymentRegion,
-			account.Config.Azure.ResourceGroups,
-			strategies,
-		),
-	}, nil
+	panic("implement me")
 }

ee/modules/cloudintegration/implcloudintegration/module.go

@@ -429,14 +429,10 @@ func (module *module) Collect(ctx context.Context, orgID valuer.UUID) (map[strin
 		stats["cloudintegration.aws.connectedaccounts.count"] = awsAccountsCount
 	}
 
-	// get connected accounts for Azure
-	azureAccountsCount, err := module.store.CountConnectedAccounts(ctx, orgID, cloudintegrationtypes.CloudProviderTypeAzure)
-	if err == nil {
-		stats["cloudintegration.azure.connectedaccounts.count"] = azureAccountsCount
-	}
-
 	// NOTE: not adding stats for services for now.
 
+	// TODO: add more cloud providers when supported
+
 	return stats, nil
 }
 

ee/modules/dashboard/impldashboard/module.go

@@ -14,7 +14,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
 	"github.com/SigNoz/signoz/pkg/types/instrumentationtypes"
@@ -88,7 +88,7 @@ func (module *module) GetDashboardByPublicID(ctx context.Context, id valuer.UUID
 	return dashboardtypes.NewDashboardFromStorableDashboard(storableDashboard), nil
 }
 
-func (module *module) GetPublicDashboardSelectorsAndOrg(ctx context.Context, id valuer.UUID, orgs []*types.Organization) ([]coretypes.Selector, valuer.UUID, error) {
+func (module *module) GetPublicDashboardSelectorsAndOrg(ctx context.Context, id valuer.UUID, orgs []*types.Organization) ([]authtypes.Selector, valuer.UUID, error) {
 	orgIDs := make([]string, len(orgs))
 	for idx, org := range orgs {
 		orgIDs[idx] = org.ID.StringValue()
@@ -99,9 +99,9 @@ func (module *module) GetPublicDashboardSelectorsAndOrg(ctx context.Context, id
 		return nil, valuer.UUID{}, err
 	}
 
-	return []coretypes.Selector{
-		coretypes.TypeMetaResource.MustSelector(id.StringValue()),
-		coretypes.TypeMetaResource.MustSelector(coretypes.WildCardSelectorString),
+	return []authtypes.Selector{
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, id.StringValue()),
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, authtypes.WildCardSelectorString),
 	}, storableDashboard.OrgID, nil
 }
 
@@ -143,7 +143,7 @@ func (module *module) Delete(ctx context.Context, orgID valuer.UUID, id valuer.U
 	}
 
 	err = module.store.RunInTx(ctx, func(ctx context.Context) error {
-		err := module.store.DeletePublic(ctx, id.String())
+		err := module.deletePublic(ctx, orgID, id)
 		if err != nil && !errors.Ast(err, errors.TypeNotFound) {
 			return err
 		}
@@ -216,3 +216,29 @@ func (module *module) Update(ctx context.Context, orgID valuer.UUID, id valuer.U
 func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
 	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, isAdmin, lock)
 }
+
+func (module *module) MustGetTypeables() []authtypes.Typeable {
+	return module.pkgDashboardModule.MustGetTypeables()
+}
+
+func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
+	return map[string][]*authtypes.Transaction{
+		authtypes.SigNozAnonymousRoleName: {
+			{
+				ID:       valuer.GenerateUUID(),
+				Relation: authtypes.RelationRead,
+				Object: *authtypes.MustNewObject(
+					authtypes.Resource{
+						Type: authtypes.TypeMetaResource,
+						Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+					},
+					authtypes.MustNewSelector(authtypes.TypeMetaResource, "*"),
+				),
+			},
+		},
+	}
+}
+
+func (module *module) deletePublic(ctx context.Context, _ valuer.UUID, dashboardID valuer.UUID) error {
+	return module.store.DeletePublic(ctx, dashboardID.StringValue())
+}

ee/query-service/app/api/featureFlags.go

@@ -71,15 +71,6 @@ func (ah *APIHandler) getFeatureFlags(w http.ResponseWriter, r *http.Request) {
 		Route:      "",
 	})
 
-	bodyJSONQuery := ah.Signoz.Flagger.BooleanOrEmpty(ctx, flagger.FeatureUseJSONBody, evalCtx)
-	featureSet = append(featureSet, &licensetypes.Feature{
-		Name:       valuer.NewString(flagger.FeatureUseJSONBody.String()),
-		Active:     bodyJSONQuery,
-		Usage:      0,
-		UsageLimit: -1,
-		Route:      "",
-	})
-
 	if constants.IsDotMetricsEnabled {
 		for idx, feature := range featureSet {
 			if feature.Name == licensetypes.DotMetricsEnabled {

ee/query-service/app/api/queryrange.go

@@ -6,8 +6,6 @@ import (
 	"io"
 	"net/http"
 
-	"log/slog"
-
 	"github.com/SigNoz/signoz/ee/query-service/anomaly"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/render"
@@ -17,6 +15,7 @@ import (
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
+	"log/slog"
 )
 
 func (aH *APIHandler) queryRangeV4(w http.ResponseWriter, r *http.Request) {
@@ -138,3 +137,4 @@ func (aH *APIHandler) queryRangeV4(w http.ResponseWriter, r *http.Request) {
 		aH.QueryRangeV4(w, r)
 	}
 }
+

ee/query-service/app/server.go

@@ -42,8 +42,8 @@ import (
 
 // Server runs HTTP, Mux and a grpc server
 type Server struct {
-	config signoz.Config
-	signoz *signoz.SigNoz
+	config      signoz.Config
+	signoz      *signoz.SigNoz
 
 	// public http router
 	httpConn     net.Listener
@@ -105,7 +105,6 @@ func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
 		signoz.SQLStore,
 		integrationsController.GetPipelinesForInstalledIntegrations,
 		reader,
-		signoz.Flagger,
 	)
 	if err != nil {
 		return nil, err
@@ -114,7 +113,7 @@ func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
 	// initiate agent config handler
 	agentConfMgr, err := agentConf.Initiate(&agentConf.ManagerOptions{
 		Store:         signoz.SQLStore,
-		AgentFeatures: []agentConf.AgentFeature{logParsingPipelineController, signoz.Modules.LLMPricingRule},
+		AgentFeatures: []agentConf.AgentFeature{logParsingPipelineController},
 	})
 	if err != nil {
 		return nil, err
@@ -148,7 +147,7 @@ func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
 
 	s := &Server{
 		config:             config,
-		signoz:             signoz,
+		signoz:       signoz,
 		httpHostPort:       baseconst.HTTPHostPort,
 		unavailableChannel: make(chan healthcheck.Status),
 		usageManager:       usageManager,
@@ -317,3 +316,4 @@ func (s *Server) Stop(ctx context.Context) error {
 
 	return nil
 }
+

ee/query-service/rules/anomaly.go

@@ -277,8 +277,23 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 
 		annotations := make(ruletypes.Labels, 0, len(r.Annotations().Map()))
 		for name, value := range r.Annotations().Map() {
+			// no need to expand custom templating annotations — they get expanded in the notifier layer
+			if ruletypes.IsCustomTemplatingAnnotation(name) {
+				annotations = append(annotations, ruletypes.Label{Name: name, Value: value})
+				continue
+			}
 			annotations = append(annotations, ruletypes.Label{Name: name, Value: expand(value)})
 		}
+		// Add values to be used in notifier layer for notification templates
+		annotations = append(annotations, ruletypes.Label{Name: ruletypes.AnnotationValue, Value: value})
+		annotations = append(annotations, ruletypes.Label{Name: ruletypes.AnnotationThresholdValue, Value: threshold})
+		annotations = append(annotations, ruletypes.Label{Name: ruletypes.AnnotationCompareOp, Value: smpl.CompareOperator.Literal()})
+		annotations = append(annotations, ruletypes.Label{Name: ruletypes.AnnotationMatchType, Value: smpl.MatchType.Literal()})
+
+		if smpl.IsRecovering {
+			lb.Set(ruletypes.LabelIsRecovering, "true")
+		}
+
 		if smpl.IsMissing {
 			lb.Set(ruletypes.AlertNameLabel, "[No data] "+r.Name())
 			lb.Set(ruletypes.NoDataLabel, "true")

ee/query-service/rules/manager.go

@@ -13,6 +13,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	baserules "github.com/SigNoz/signoz/pkg/query-service/rules"
 	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error) {
@@ -48,7 +49,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, tr)
 
 		// create ch rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {
 
@@ -72,7 +73,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, pr)
 
 		// create promql rule task for evaluation
-		task = newTask(baserules.TaskTypeProm, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc)
+		task = newTask(baserules.TaskTypeProm, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeAnomaly {
 		// create anomaly rule
@@ -95,7 +96,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, ar)
 
 		// create anomaly rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else {
 		return nil, errors.NewInvalidInputf(errors.CodeInvalidInput, "unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -209,9 +210,9 @@ func TestNotification(opts baserules.PrepareTestRuleOptions) (int, error) {
 }
 
 // newTask returns an appropriate group for the rule type
-func newTask(taskType baserules.TaskType, name string, frequency time.Duration, rules []baserules.Rule, opts *baserules.ManagerOptions, notify baserules.NotifyFunc) baserules.Task {
+func newTask(taskType baserules.TaskType, name string, frequency time.Duration, rules []baserules.Rule, opts *baserules.ManagerOptions, notify baserules.NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) baserules.Task {
 	if taskType == baserules.TaskTypeCh {
-		return baserules.NewRuleTask(name, "", frequency, rules, opts, notify)
+		return baserules.NewRuleTask(name, "", frequency, rules, opts, notify, maintenanceStore, orgID)
 	}
-	return baserules.NewPromRuleTask(name, "", frequency, rules, opts, notify)
+	return baserules.NewPromRuleTask(name, "", frequency, rules, opts, notify, maintenanceStore, orgID)
 }

ee/zeus/httpzeus/provider.go

@@ -150,72 +150,6 @@ func (provider *Provider) PutMetersV2(ctx context.Context, key string, data []by
 	return err
 }
 
-func (provider *Provider) PutMetersV3(ctx context.Context, key string, idempotencyKey string, data []byte) error {
-	headers := http.Header{}
-	if idempotencyKey != "" {
-		headers.Set("X-Idempotency-Key", idempotencyKey)
-	}
-
-	_, err := provider.doWithHeaders(
-		ctx,
-		provider.config.URL.JoinPath("/v2/meters"),
-		http.MethodPost,
-		key,
-		data,
-		headers,
-	)
-
-	return err
-}
-
-func (provider *Provider) ListMeterCheckpoints(ctx context.Context, key string) ([]zeustypes.MeterCheckpoint, error) {
-	response, err := provider.do(
-		ctx,
-		provider.config.URL.JoinPath("/v2/meters/checkpoints"),
-		http.MethodGet,
-		key,
-		nil,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	checkpointValues := gjson.GetBytes(response, "data")
-	if !checkpointValues.Exists() || checkpointValues.Type == gjson.Null {
-		return nil, errors.Newf(errors.TypeInternal, zeus.ErrCodeResponseMalformed, "meter checkpoints are required")
-	}
-
-	if !checkpointValues.IsArray() {
-		return nil, errors.Newf(errors.TypeInternal, zeus.ErrCodeResponseMalformed, "meter checkpoints must be an array")
-	}
-
-	checkpointResults := checkpointValues.Array()
-	checkpoints := make([]zeustypes.MeterCheckpoint, 0, len(checkpointResults))
-	for _, checkpointValue := range checkpointResults {
-		name := checkpointValue.Get("name").String()
-		if name == "" {
-			return nil, errors.Newf(errors.TypeInternal, zeus.ErrCodeResponseMalformed, "meter checkpoint name is required")
-		}
-
-		startDateString := checkpointValue.Get("start_date").String()
-		if startDateString == "" {
-			return nil, errors.Newf(errors.TypeInternal, zeus.ErrCodeResponseMalformed, "meter checkpoint start_date is required for %q", name)
-		}
-
-		startDate, err := time.Parse("2006-01-02", startDateString)
-		if err != nil {
-			return nil, errors.Wrapf(err, errors.TypeInternal, zeus.ErrCodeResponseMalformed, "parse meter checkpoint start_date %q for %q", startDateString, name)
-		}
-
-		checkpoints = append(checkpoints, zeustypes.MeterCheckpoint{
-			Name:      name,
-			StartDate: startDate,
-		})
-	}
-
-	return checkpoints, nil
-}
-
 func (provider *Provider) PutProfile(ctx context.Context, key string, profile *zeustypes.PostableProfile) error {
 	body, err := json.Marshal(profile)
 	if err != nil {
@@ -251,21 +185,12 @@ func (provider *Provider) PutHost(ctx context.Context, key string, host *zeustyp
 }
 
 func (provider *Provider) do(ctx context.Context, url *url.URL, method string, key string, requestBody []byte) ([]byte, error) {
-	return provider.doWithHeaders(ctx, url, method, key, requestBody, nil)
-}
-
-func (provider *Provider) doWithHeaders(ctx context.Context, url *url.URL, method string, key string, requestBody []byte, extraHeaders http.Header) ([]byte, error) {
 	request, err := http.NewRequestWithContext(ctx, method, url.String(), bytes.NewBuffer(requestBody))
 	if err != nil {
 		return nil, err
 	}
 	request.Header.Set("X-Signoz-Cloud-Api-Key", key)
 	request.Header.Set("Content-Type", "application/json")
-	for k, vs := range extraHeaders {
-		for _, v := range vs {
-			request.Header.Add(k, v)
-		}
-	}
 
 	response, err := provider.httpClient.Do(request)
 	if err != nil {

frontend/.husky/commit-msg

@@ -1,7 +1,7 @@
 #!/bin/sh
 . "$(dirname "$0")/_/husky.sh"
 
-cd frontend && pnpm run commitlint --edit $1
+cd frontend && yarn run commitlint --edit $1
 
 branch="$(git rev-parse --abbrev-ref HEAD)"
 

frontend/.husky/pre-commit

@@ -1,4 +1,4 @@
 #!/bin/sh
 . "$(dirname "$0")/_/husky.sh"
 
-cd frontend && pnpm lint-staged
+cd frontend && yarn lint-staged

frontend/.npmrc

@@ -1,4 +1 @@
-registry = 'https://registry.npmjs.org/'
-
-public-hoist-pattern[]=@commitlint*
-public-hoist-pattern[]=commitlint
+registry = 'https://registry.npmjs.org/'

frontend/.oxfmtrc.json

@@ -23,11 +23,6 @@
     "**/*.md",
     "**/*.json",
     "src/parser/**",
-    "src/TraceOperator/parser/**",
-    ".claude",
-    ".opencode",
-    "dist",
-    "playwright-report",
-    ".temp_cache"
+    "src/TraceOperator/parser/**"
   ]
 }

frontend/.oxlintrc.json

@@ -9,6 +9,7 @@
     "react",
     "react-perf",
     "typescript",
+    "unicorn",
     "jsx-a11y",
     "import",
     "jest",
@@ -205,8 +206,6 @@
     "@typescript-eslint/explicit-function-return-type": "error",
     // Requires explicit return types on functions
     "@typescript-eslint/no-var-requires": "error",
-    "@typescript-eslint/no-useless-default-assignment": "off", // provide unsafe fixes in our codebase due to bad typing
-    "@typescript-eslint/no-duplicate-type-constituents": "off", // provide fixes that breaks some assumptions, eg: type A = L, B = L, C = A | B (removes B)
     // Disallows require() in TypeScript (use import instead)
     // Disabled - using TypeScript instead
     "react/jsx-props-no-spreading": "off",
@@ -287,22 +286,6 @@
     // Prevents useStore.getState() - export standalone actions instead
     "signoz/no-navigator-clipboard": "error",
     // Prevents navigator.clipboard - use useCopyToClipboard hook instead (disabled in tests via override)
-    "signoz/no-raw-absolute-path": "error",
-    // Prevents window.open(path), window.location.origin + path, window.location.href = path
-    "signoz/no-antd-components": "error",
-    // Prevents the usage of specific antd components in favor of our lib
-    "no-restricted-globals": [
-      "error",
-      {
-        "name": "localStorage",
-        "message": "Use scoped wrappers from api/browser/localstorage/ instead (ensures keys are prefixed when served under a URL base path)."
-      },
-      {
-        "name": "sessionStorage",
-        "message": "Use scoped wrappers from api/browser/sessionstorage/ instead (ensures keys are prefixed when served under a URL base path)."
-      }
-    ],
-    // Prevents direct localStorage/sessionStorage access — use scoped wrappers
     "no-restricted-imports": [
       "error",
       {
@@ -315,6 +298,14 @@
             "name": "react-redux",
             "message": "[State mgmt] react-redux is deprecated. Migrate to Zustand, nuqs, or react-query."
           },
+          {
+            "name": "xstate",
+            "message": "[State mgmt] xstate is deprecated. Migrate to Zustand or react-query."
+          },
+          {
+            "name": "@xstate/react",
+            "message": "[State mgmt] @xstate/react is deprecated. Migrate to Zustand or react-query."
+          },
           {
             "name": "react",
             "importNames": [
@@ -333,6 +324,82 @@
     "react/no-array-index-key": "warn",
     // TODO: Changed to warn during oxlint migration, should be changed to error,
 
+    "unicorn/error-message": "warn",
+    "unicorn/escape-case": "warn",
+    "unicorn/new-for-builtins": "warn",
+    "unicorn/no-abusive-eslint-disable": "warn",
+    "unicorn/no-console-spaces": "warn",
+    "unicorn/no-instanceof-array": "warn",
+    "unicorn/no-invalid-remove-event-listener": "warn",
+    "unicorn/no-new-array": "warn",
+    "unicorn/no-new-buffer": "warn",
+    "unicorn/no-thenable": "warn",
+    "unicorn/no-unreadable-array-destructuring": "warn",
+    "unicorn/no-useless-fallback-in-spread": "warn",
+    "unicorn/no-useless-length-check": "warn",
+    "unicorn/no-useless-promise-resolve-reject": "warn",
+    "unicorn/no-useless-spread": "warn",
+    "unicorn/no-zero-fractions": "warn",
+    "unicorn/number-literal-case": "warn",
+    "unicorn/prefer-array-find": "warn",
+    "unicorn/prefer-array-flat": "warn",
+    "unicorn/prefer-array-flat-map": "warn",
+    "unicorn/prefer-array-index-of": "warn",
+    "unicorn/prefer-array-some": "warn",
+    "unicorn/prefer-at": "warn",
+    "unicorn/prefer-code-point": "warn",
+    "unicorn/prefer-date-now": "warn",
+    "unicorn/prefer-default-parameters": "warn",
+    "unicorn/prefer-includes": "warn",
+    "unicorn/prefer-modern-math-apis": "warn",
+    "unicorn/prefer-native-coercion-functions": "warn",
+    "unicorn/prefer-node-protocol": "off",
+    "unicorn/prefer-number-properties": "warn",
+    "unicorn/prefer-optional-catch-binding": "warn",
+    "unicorn/prefer-regexp-test": "warn",
+    "unicorn/prefer-set-has": "warn",
+    "unicorn/prefer-string-replace-all": "warn",
+    "unicorn/prefer-string-slice": "warn",
+    "unicorn/prefer-string-starts-ends-with": "warn",
+    "unicorn/prefer-string-trim-start-end": "warn",
+    "unicorn/prefer-type-error": "warn",
+    "unicorn/require-array-join-separator": "warn",
+    "unicorn/require-number-to-fixed-digits-argument": "warn",
+    "unicorn/throw-new-error": "warn",
+    "unicorn/consistent-function-scoping": "warn",
+    "unicorn/explicit-length-check": "warn",
+    "unicorn/filename-case": [
+      "warn",
+      {
+        "case": "kebabCase"
+      }
+    ],
+    "unicorn/no-array-for-each": "warn",
+    "unicorn/no-lonely-if": "warn",
+    "unicorn/no-negated-condition": "warn",
+    "unicorn/no-null": "warn",
+    "unicorn/no-object-as-default-parameter": "warn",
+    "unicorn/no-static-only-class": "warn",
+    "unicorn/no-this-assignment": "warn",
+    "unicorn/no-unreadable-iife": "warn",
+    "unicorn/no-useless-switch-case": "warn",
+    "unicorn/no-useless-undefined": "warn",
+    "unicorn/prefer-add-event-listener": "warn",
+    "unicorn/prefer-dom-node-append": "warn",
+    "unicorn/prefer-dom-node-dataset": "warn",
+    "unicorn/prefer-dom-node-remove": "warn",
+    "unicorn/prefer-dom-node-text-content": "warn",
+    "unicorn/prefer-keyboard-event-key": "warn",
+    "unicorn/prefer-math-trunc": "warn",
+    "unicorn/prefer-modern-dom-apis": "warn",
+    "unicorn/prefer-negative-index": "warn",
+    "unicorn/prefer-prototype-methods": "warn",
+    "unicorn/prefer-query-selector": "warn",
+    "unicorn/prefer-reflect-apply": "warn",
+    "unicorn/prefer-set-size": "warn",
+    "unicorn/prefer-spread": "warn",
+    "unicorn/prefer-ternary": "warn",
+    "unicorn/require-post-message-target-origin": "warn",
     "oxc/bad-array-method-on-arguments": "error",
     "oxc/bad-bitwise-operator": "error",
     "oxc/bad-comparison-sequence": "error",
@@ -411,7 +478,7 @@
     "jsx-a11y/media-has-caption": "warn",
     "jsx-a11y/mouse-events-have-key-events": "warn",
     "jsx-a11y/no-access-key": "error",
-    "jsx-a11y/no-autofocus": "off",
+    "jsx-a11y/no-autofocus": "warn",
     "jsx-a11y/no-distracting-elements": "error",
     "jsx-a11y/no-redundant-roles": "warn",
     "jsx-a11y/role-has-required-aria-props": "warn",
@@ -457,8 +524,8 @@
     "sonarjs/no-nested-template-literals": "error",
     // Avoids nested template literals
     "sonarjs/no-redundant-boolean": "warn", // TODO: Change to error after migration
-    // Removes redundant boolean literals - turned off because it clashes with unicorn rules
-    "sonarjs/no-redundant-jump": "off",
+    // Removes redundant boolean literals
+    "sonarjs/no-redundant-jump": "error",
     // Removes unnecessary returns/continues
     "sonarjs/no-same-line-conditional": "error",
     // Prevents same-line conditionals
@@ -530,12 +597,8 @@
       "rules": {
         "import/first": "off",
         // Should ignore due to mocks
-        "signoz/no-navigator-clipboard": "off",
-        // Tests can use navigator.clipboard directly,
-        "signoz/no-raw-absolute-path":"off",
-        "no-restricted-globals": "off",
-        // Tests need raw localStorage/sessionStorage to seed DOM state for isolation
-        "signoz/no-zustand-getstate-in-hooks": "off"
+        "signoz/no-navigator-clipboard": "off"
+        // Tests can use navigator.clipboard directly
       }
     },
     {

frontend/.stylelintrc.cjs

@@ -1,4 +1,3 @@
-// oxlint-disable-next-line typescript/no-require-imports
 const path = require('path');
 
 module.exports = {

frontend/README.md

@@ -28,8 +28,8 @@ Follow the steps below
 1. ```git clone https://github.com/SigNoz/signoz.git && cd signoz/frontend```
 1. change baseURL to ```<test environment URL>``` in file ```src/constants/env.ts```
 
-1. ```pnpm install```
-1. ```pnpm dev```
+1. ```yarn install```
+1. ```yarn dev```
 
 ```Note: Please ping us in #contributing channel in our slack community and we will DM you with <test environment URL>```
 
@@ -41,7 +41,7 @@ This project was bootstrapped with [Create React App](https://github.com/faceboo
 
 In the project directory, you can run:
 
-### `pnpm start`
+### `yarn start`
 
 Runs the app in the development mode.\
 Open [http://localhost:3301](http://localhost:3301) to view it in the browser.
@@ -49,12 +49,12 @@ Open [http://localhost:3301](http://localhost:3301) to view it in the browser.
 The page will reload if you make edits.\
 You will also see any lint errors in the console.
 
-### `pnpm test`
+### `yarn test`
 
 Launches the test runner in the interactive watch mode.\
 See the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information.
 
-### `pnpm build`
+### `yarn build`
 
 Builds the app for production to the `build` folder.\
 It correctly bundles React in production mode and optimizes the build for the best performance.
@@ -64,7 +64,7 @@ Your app is ready to be deployed!
 
 See the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information.
 
-### `pnpm eject`
+### `yarn eject`
 
 **Note: this is a one-way operation. Once you `eject`, you can’t go back!**
 
@@ -100,6 +100,6 @@ This section has moved here: [https://facebook.github.io/create-react-app/docs/a
 
 This section has moved here: [https://facebook.github.io/create-react-app/docs/deployment](https://facebook.github.io/create-react-app/docs/deployment)
 
-### `pnpm build` fails to minify
+### `yarn build` fails to minify
 
 This section has moved here: [https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify](https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify)

frontend/__mocks__/createIconsMock.tsx

@@ -1,28 +0,0 @@
-import React from 'react';
-
-const IconMock = React.forwardRef<SVGSVGElement, React.SVGProps<SVGSVGElement>>(
-	(props, ref) => <svg ref={ref} {...props} />,
-);
-IconMock.displayName = 'IconMock';
-
-// Returns a Proxy that resolves any named export to IconMock by default,
-// so `import { AnyIcon } from '@signozhq/icons'` always returns a valid component.
-// Pass `overrides` to swap in test-specific stubs (e.g. icons with data-testid).
-export function createIconsMock(
-	overrides: Record<string, unknown> = {},
-): Record<string | symbol, unknown> {
-	return new Proxy(
-		{ __esModule: true, default: IconMock, ...overrides } as Record<
-			string | symbol,
-			unknown
-		>,
-		{
-			get(target, prop: string | symbol): unknown {
-				if (prop in target) {
-					return target[prop as string];
-				}
-				return IconMock;
-			},
-		},
-	);
-}

frontend/__mocks__/signozhqIconsMock.tsx

@@ -1,3 +0,0 @@
-import { createIconsMock } from './createIconsMock';
-
-module.exports = createIconsMock();

frontend/index.html

@@ -1,8 +1,7 @@
-<!doctype html>
+<!DOCTYPE html>
 <html lang="en">
 	<head>
 		<meta charset="utf-8" />
-		<base href="[[.BaseHref]]" />
 		<meta
 			http-equiv="Cache-Control"
 			content="no-cache, no-store, must-revalidate, max-age: 0"
@@ -40,12 +39,12 @@
 		<meta
 			data-react-helmet="true"
 			property="og:image"
-			content="[[.BaseHref]]images/signoz-hero-image.webp"
+			content="/images/signoz-hero-image.webp"
 		/>
 		<meta
 			data-react-helmet="true"
 			name="twitter:image"
-			content="[[.BaseHref]]images/signoz-hero-image.webp"
+			content="/images/signoz-hero-image.webp"
 		/>
 		<meta
 			data-react-helmet="true"
@@ -60,7 +59,7 @@
 		<meta data-react-helmet="true" name="docusaurus_locale" content="en" />
 		<meta data-react-helmet="true" name="docusaurus_tag" content="default" />
 		<meta name="robots" content="noindex" />
-		<link data-react-helmet="true" rel="shortcut icon" href="favicon.ico" />
+		<link data-react-helmet="true" rel="shortcut icon" href="/favicon.ico" />
 	</head>
 	<body data-theme="default">
 		<script>
@@ -68,16 +67,8 @@
 			// Mirrors the logic in ThemeProvider (hooks/useDarkMode/index.tsx).
 			(function () {
 				try {
-					// When served under a URL prefix (e.g. /signoz/), storage keys are scoped
-					// to that prefix by the React app (see utils/storage.ts getScopedKey).
-					// Read the <base> tag — already populated by the Go template — to derive
-					// the same prefix here, before any JS module has loaded.
-					var basePath =
-						(document.querySelector('base') || {}).getAttribute('href') || '/';
-					var prefix = basePath === '/' ? '' : basePath;
-					var theme = localStorage.getItem(prefix + 'THEME');
-					var autoSwitch =
-						localStorage.getItem(prefix + 'THEME_AUTO_SWITCH') === 'true';
+					var theme = localStorage.getItem('THEME');
+					var autoSwitch = localStorage.getItem('THEME_AUTO_SWITCH') === 'true';
 					if (autoSwitch) {
 						theme = window.matchMedia('(prefers-color-scheme: dark)').matches
 							? 'dark'
@@ -145,7 +136,7 @@
 				})(document, 'script');
 			}
 		</script>
-		<link rel="stylesheet" href="css/uPlot.min.css" />
+		<link rel="stylesheet" href="/css/uPlot.min.css" />
 		<script type="module" src="./src/index.tsx"></script>
 	</body>
 </html>

frontend/jest.config.ts

@@ -24,11 +24,11 @@ const config: Config.InitialOptions = {
 		'^.*/useSafeNavigate$': USE_SAFE_NAVIGATE_MOCK_PATH,
 		'^constants/env$': '<rootDir>/__mocks__/env.ts',
 		'^src/constants/env$': '<rootDir>/__mocks__/env.ts',
-		'^@signozhq/icons$': '<rootDir>/__mocks__/signozhqIconsMock.tsx',
-		'^test-mocks/(.*)$': '<rootDir>/__mocks__/$1',
+		'^@signozhq/icons$':
+			'<rootDir>/node_modules/@signozhq/icons/dist/index.esm.js',
 		'^react-syntax-highlighter/dist/esm/(.*)$':
 			'<rootDir>/node_modules/react-syntax-highlighter/dist/cjs/$1',
-		'^@signozhq/(?!ui(?:/|$))([^/]+)$':
+		'^@signozhq/(?!ui$)([^/]+)$':
 			'<rootDir>/node_modules/@signozhq/$1/dist/$1.js',
 	},
 	extensionsToTreatAsEsm: ['.ts'],
@@ -46,11 +46,7 @@ const config: Config.InitialOptions = {
 	},
 	transformIgnorePatterns: [
 		// @chenglou/pretext is ESM-only; @signozhq/ui pulls it in via text-ellipsis.
-		// Pattern 1: allow .pnpm virtual store through (handled by pattern 2), plus root-level ESM packages.
-		'node_modules/(?!(\\.pnpm|lodash-es|react-dnd|core-dnd|@react-dnd|dnd-core|react-dnd-html5-backend|axios|@chenglou/pretext|@signozhq/design-tokens|@signozhq|date-fns|d3-interpolate|d3-color|api|@codemirror|@lezer|@marijn|@grafana|nuqs|uuid)/)',
-		// Pattern 2: pnpm virtual store — ignore everything except ESM-only packages.
-		// pnpm encodes scoped packages as @scope+name@version, so match on scope prefix.
-		'node_modules/\\.pnpm/(?!(lodash-es|react-dnd|core-dnd|@react-dnd|dnd-core|react-dnd-html5-backend|axios|@chenglou|@signozhq|date-fns|d3-interpolate|d3-color|api|@codemirror|@lezer|@marijn|@grafana|nuqs|uuid)[^/]*/node_modules)',
+		'node_modules/(?!(lodash-es|react-dnd|core-dnd|@react-dnd|dnd-core|react-dnd-html5-backend|axios|@chenglou/pretext|@signozhq/design-tokens|@signozhq/table|@signozhq/calendar|@signozhq/input|@signozhq/popover|@signozhq/*|date-fns|d3-interpolate|d3-color|api|@codemirror|@lezer|@marijn|@grafana|nuqs)/)',
 	],
 	setupFilesAfterEnv: ['<rootDir>/jest.setup.ts'],
 	testPathIgnorePatterns: ['/node_modules/', '/public/'],

frontend/jest.setup.ts

@@ -6,7 +6,6 @@
  * Adds custom matchers from the react testing library to all tests
  */
 import '@testing-library/jest-dom';
-import '@testing-library/jest-dom/extend-expect';
 import 'jest-styled-components';
 
 import { server } from './src/mocks-server/server';
@@ -43,13 +42,13 @@ window.getComputedStyle = function (
 	} catch {
 		// Return a minimal CSSStyleDeclaration so callers (testing-library, Radix UI)
 		// see the element as visible and without animations.
-		return {
+		return ({
 			display: '',
 			visibility: '',
 			opacity: '1',
 			animationName: 'none',
 			getPropertyValue: () => '',
-		} as unknown as CSSStyleDeclaration;
+		} as unknown) as CSSStyleDeclaration;
 	}
 };
 

frontend/knip.json

@@ -1,5 +0,0 @@
-{
-  "$schema": "https://unpkg.com/knip@5/schema.json",
-  "project": ["src/**/*.ts", "src/**/*.tsx"],
-  "ignore": ["src/api/generated/**/*.ts", "src/typings/*.ts"]
-}

frontend/orval.config.ts

@@ -80,7 +80,7 @@ export default defineConfig({
 				header: (info: { title: string; version: string }): string[] => [
 					`! Do not edit manually`,
 					`* The file has been auto-generated using Orval for SigNoz`,
-					`* regenerate with 'pnpm generate:api'`,
+					`* regenerate with 'yarn generate:api'`,
 					...(info.title ? [info.title] : []),
 					...(info.version ? [`OpenAPI spec version: ${info.version}`] : []),
 				],

frontend/package.json

@@ -9,7 +9,7 @@
     "build": "vite build",
     "preview": "vite preview",
     "prettify": "oxfmt",
-    "fmt": "oxfmt --check",
+    "fmt": "echo 'Disabled due to migration' || oxfmt --check",
     "lint": "oxlint ./src && stylelint \"src/**/*.scss\"",
     "lint:js": "oxlint ./src",
     "lint:generated": "oxlint ./src/api/generated --fix",
@@ -18,12 +18,13 @@
     "jest": "jest",
     "jest:coverage": "jest --coverage",
     "jest:watch": "jest --watch",
-    "postinstall": "pnpm i18n:generate-hash && (is-ci || pnpm husky:configure)  && node scripts/update-registry.cjs",
+    "postinstall": "yarn i18n:generate-hash && (is-ci || yarn husky:configure)  && node scripts/update-registry.cjs",
     "husky:configure": "cd .. && husky install frontend/.husky && cd frontend && chmod ug+x .husky/*",
     "commitlint": "commitlint --edit $1",
     "test": "jest",
     "test:changedsince": "jest --changedSince=main --coverage --silent",
-    "generate:api": "orval --config ./orval.config.ts && sh scripts/post-types-generation.sh"
+    "generate:api": "orval --config ./orval.config.ts && sh scripts/post-types-generation.sh",
+    "generate:permissions-type": "node scripts/generate-permissions-type.cjs"
   },
   "engines": {
     "node": ">=22.0.0"
@@ -32,10 +33,9 @@
   "license": "ISC",
   "dependencies": {
     "@ant-design/colors": "6.0.0",
+    "@ant-design/icons": "4.8.0",
     "@codemirror/autocomplete": "6.18.6",
     "@codemirror/lang-javascript": "6.2.3",
-    "@codemirror/state": "6.5.2",
-    "@codemirror/view": "6.36.6",
     "@dnd-kit/core": "6.1.0",
     "@dnd-kit/modifiers": "7.0.0",
     "@dnd-kit/sortable": "8.0.0",
@@ -49,9 +49,9 @@
     "@sentry/react": "8.41.0",
     "@sentry/vite-plugin": "2.22.6",
     "@signozhq/design-tokens": "2.1.4",
-    "@signozhq/icons": "0.4.0",
+    "@signozhq/icons": "0.1.0",
     "@signozhq/resizable": "0.0.2",
-    "@signozhq/ui": "0.0.18",
+    "@signozhq/ui": "0.0.10",
     "@tanstack/react-table": "8.21.3",
     "@tanstack/react-virtual": "3.13.22",
     "@uiw/codemirror-theme-copilot": "4.23.11",
@@ -63,6 +63,7 @@
     "@visx/shape": "3.5.0",
     "@visx/tooltip": "3.3.0",
     "@vitejs/plugin-react": "5.1.4",
+    "@xstate/react": "^3.0.0",
     "ansi-to-html": "0.7.2",
     "antd": "5.11.0",
     "antd-table-saveas-excel": "2.2.1",
@@ -98,6 +99,7 @@
     "jest": "30.2.0",
     "js-base64": "^3.7.2",
     "lodash-es": "^4.17.21",
+    "lucide-react": "0.498.0",
     "mini-css-extract-plugin": "2.4.5",
     "motion": "12.4.13",
     "nuqs": "2.8.8",
@@ -105,7 +107,6 @@
     "overlayscrollbars-react": "^0.5.6",
     "papaparse": "5.4.1",
     "posthog-js": "1.298.0",
-    "rc-select": "14.10.0",
     "rc-tween-one": "3.0.6",
     "react": "18.2.0",
     "react-addons-update": "15.6.3",
@@ -121,12 +122,10 @@
     "react-helmet-async": "1.3.0",
     "react-hook-form": "7.71.2",
     "react-i18next": "^11.16.1",
-    "react-json-tree": "^0.20.0",
     "react-lottie": "1.2.10",
     "react-markdown": "8.0.7",
     "react-query": "3.39.3",
     "react-redux": "^7.2.2",
-    "react-rnd": "^10.5.3",
     "react-router-dom": "^5.2.0",
     "react-router-dom-v5-compat": "6.27.0",
     "react-syntax-highlighter": "15.5.0",
@@ -147,6 +146,7 @@
     "vite": "npm:rolldown-vite@7.3.1",
     "vite-plugin-html": "3.2.2",
     "web-vitals": "^0.2.4",
+    "xstate": "^4.31.0",
     "zod": "4.3.6",
     "zustand": "5.0.11"
   },
@@ -169,8 +169,8 @@
     "@babel/preset-env": "^7.22.14",
     "@babel/preset-react": "^7.12.13",
     "@babel/preset-typescript": "^7.21.4",
-    "@commitlint/cli": "20.4.4",
-    "@commitlint/config-conventional": "20.4.4",
+    "@commitlint/cli": "^20.4.2",
+    "@commitlint/config-conventional": "^20.4.2",
     "@faker-js/faker": "9.3.0",
     "@jest/globals": "30.2.0",
     "@testing-library/jest-dom": "5.16.5",
@@ -180,11 +180,8 @@
     "@types/crypto-js": "4.2.2",
     "@types/dompurify": "^2.4.0",
     "@types/event-source-polyfill": "^1.0.0",
-    "@types/d3-hierarchy": "1.1.11",
     "@types/fontfaceobserver": "2.1.0",
-    "@types/history": "4.7.11",
     "@types/jest": "30.0.0",
-    "@jest/types": "30.2.0",
     "@types/lodash-es": "^4.17.4",
     "@types/mini-css-extract-plugin": "^2.5.1",
     "@types/node": "^16.10.3",
@@ -202,13 +199,10 @@
     "@types/react-syntax-highlighter": "15.5.13",
     "@types/redux-mock-store": "1.0.4",
     "@types/styled-components": "^5.1.4",
-    "@types/testing-library__jest-dom": "^5.14.5",
     "@types/uuid": "^8.3.1",
-    "@typescript/native-preview": "7.0.0-dev.20260430.1",
     "autoprefixer": "10.4.19",
     "babel-plugin-styled-components": "^1.12.0",
     "eslint-plugin-sonarjs": "4.0.2",
-    "glob": "^13.0.6",
     "husky": "^7.0.4",
     "imagemin": "^8.0.1",
     "imagemin-svgo": "^10.0.1",
@@ -219,10 +213,10 @@
     "lint-staged": "^12.5.0",
     "msw": "1.3.2",
     "npm-run-all": "latest",
-    "orval": "7.21.0",
-    "oxfmt": "0.47.0",
-    "oxlint": "1.62.0",
-    "oxlint-tsgolint": "0.22.1",
+    "orval": "7.18.0",
+    "oxfmt": "0.41.0",
+    "oxlint": "1.59.0",
+    "oxlint-tsgolint": "0.20.0",
     "portfinder-sync": "^0.0.2",
     "postcss": "8.5.6",
     "postcss-scss": "4.0.9",
@@ -236,10 +230,9 @@
     "stylelint-scss": "7.0.0",
     "svgo": "4.0.0",
     "ts-api-utils": "2.4.0",
-    "ts-jest": "29.4.9",
+    "ts-jest": "29.4.6",
     "ts-node": "^10.2.1",
     "typescript-plugin-css-modules": "5.2.0",
-    "use-sync-external-store": "1.6.0",
     "vite-plugin-checker": "0.12.0",
     "vite-plugin-compression": "0.5.1",
     "vite-plugin-image-optimizer": "2.0.3",
@@ -247,14 +240,9 @@
   },
   "lint-staged": {
     "*.(js|jsx|ts|tsx)": [
-      "sh -c tsgo --noEmit"
-    ],
-    "*.(js|jsx|ts|tsx|scss|css)": [
-      "oxlint --fix --quiet --no-error-on-unmatched-pattern",
-      "oxfmt --write"
-    ],
-    "*.(scss|css)": [
-      "stylelint"
+      "echo 'Disabled due to migration' || oxfmt --check",
+      "oxlint --fix",
+      "sh scripts/typecheck-staged.sh"
     ]
   },
   "resolutions": {
@@ -277,4 +265,4 @@
     "tmp": "0.2.4",
     "vite": "npm:rolldown-vite@7.3.1"
   }
-}
+}

frontend/plugins/rules/no-antd-components.mjs

@@ -1,66 +0,0 @@
-/**
- * Rule: no-antd-components
- *
- * Prevents importing specific components from antd.
- *
- * This rule catches patterns like:
- *   import { Typography } from 'antd'
- *   import { Typography, Button } from 'antd'
- *   import Typography from 'antd/es/typography'
- *   import { Text } from 'antd/es/typography'
- *
- * Add components to BANNED_COMPONENTS to ban them.
- * Key should be PascalCase component name, will match lowercase path too.
- */
-
-const BANNED_COMPONENTS = {
-	Typography: 'Use @signozhq/ui Typography instead of antd Typography.',
-};
-
-export default {
-	create(context) {
-		return {
-			ImportDeclaration(node) {
-				const source = node.source.value;
-
-				// Check direct antd import: import { Typography } from 'antd'
-				if (source === 'antd') {
-					for (const specifier of node.specifiers) {
-						if (specifier.type !== 'ImportSpecifier') {
-							continue;
-						}
-
-						const importedName = specifier.imported.name;
-						const message = BANNED_COMPONENTS[importedName];
-
-						if (message) {
-							context.report({
-								node: specifier,
-								message: `Do not import '${importedName}' from antd. ${message}`,
-							});
-						}
-					}
-					return;
-				}
-
-				// Check antd/es/<component> import: import Typography from 'antd/es/typography'
-				const match = source.match(/^antd\/es\/([^/]+)/);
-				if (!match) {
-					return;
-				}
-
-				const pathComponent = match[1].toLowerCase();
-
-				for (const [componentName, message] of Object.entries(BANNED_COMPONENTS)) {
-					if (pathComponent === componentName.toLowerCase()) {
-						context.report({
-							node,
-							message: `Do not import from '${source}'. ${message}`,
-						});
-						break;
-					}
-				}
-			},
-		};
-	},
-};

frontend/plugins/rules/no-raw-absolute-path.mjs

@@ -1,174 +0,0 @@
-/**
- * Rule: no-raw-absolute-path
- *
- * Catches patterns that break at runtime when the app is served from a
- * sub-path (e.g. /signoz/):
- *
- *   1. window.open(path, '_blank')
- *      → use openInNewTab(path) which calls withBasePath internally
- *
- *   2. window.location.origin + path  /  `${window.location.origin}${path}`
- *      → use getAbsoluteUrl(path)
- *
- *   3. frontendBaseUrl: window.location.origin  (bare origin usage)
- *      → use getBaseUrl() to include the base path
- *
- *   4. window.location.href = path
- *      → use withBasePath(path) or navigate() for internal navigation
- *
- * External URLs (first arg starts with "http") are explicitly allowed.
- */
-
-function isOriginAccess(node) {
-	return (
-		node.type === 'MemberExpression' &&
-		!node.computed &&
-		node.property.name === 'origin' &&
-		node.object.type === 'MemberExpression' &&
-		!node.object.computed &&
-		node.object.property.name === 'location' &&
-		node.object.object.type === 'Identifier' &&
-		node.object.object.name === 'window'
-	);
-}
-
-function isHrefAccess(node) {
-	return (
-		node.type === 'MemberExpression' &&
-		!node.computed &&
-		node.property.name === 'href' &&
-		node.object.type === 'MemberExpression' &&
-		!node.object.computed &&
-		node.object.property.name === 'location' &&
-		node.object.object.type === 'Identifier' &&
-		node.object.object.name === 'window'
-	);
-}
-
-function isExternalUrl(node) {
-	if (node.type === 'Literal' && typeof node.value === 'string') {
-		return node.value.startsWith('http://') || node.value.startsWith('https://');
-	}
-	if (node.type === 'TemplateLiteral' && node.quasis.length > 0) {
-		const raw = node.quasis[0].value.raw;
-		return raw.startsWith('http://') || raw.startsWith('https://');
-	}
-	return false;
-}
-
-// window.open(withBasePath(x)) and window.open(getAbsoluteUrl(x)) are already safe.
-function isSafeHelperCall(node) {
-	return (
-		node.type === 'CallExpression' &&
-		node.callee.type === 'Identifier' &&
-		(node.callee.name === 'withBasePath' || node.callee.name === 'getAbsoluteUrl')
-	);
-}
-
-export default {
-	meta: {
-		type: 'suggestion',
-		docs: {
-			description:
-				'Disallow raw window.open and origin-concatenation patterns that miss the runtime base path',
-			category: 'Base Path Safety',
-		},
-		schema: [],
-		messages: {
-			windowOpen:
-				'Use openInNewTab(path) instead of window.open(path, "_blank") — openInNewTab prepends the base path automatically.',
-			originConcat:
-				'Use getAbsoluteUrl(path) instead of window.location.origin + path — getAbsoluteUrl prepends the base path automatically.',
-			originDirect:
-				'Use getBaseUrl() instead of window.location.origin — getBaseUrl includes the base path.',
-			hrefAssign:
-				'Use withBasePath(path) or navigate() instead of window.location.href = path — ensures the base path is included.',
-		},
-	},
-
-	create(context) {
-		return {
-			// window.open(path, ...) — allow only external first-arg URLs
-			CallExpression(node) {
-				const { callee, arguments: args } = node;
-				if (
-					callee.type !== 'MemberExpression' ||
-					callee.object.type !== 'Identifier' ||
-					callee.object.name !== 'window' ||
-					callee.property.name !== 'open'
-				) {
-					return;
-				}
-				if (args.length === 0) {
-					return;
-				}
-				if (isExternalUrl(args[0])) {
-					return;
-				}
-				if (isSafeHelperCall(args[0])) {
-					return;
-				}
-
-				context.report({ node, messageId: 'windowOpen' });
-			},
-
-			// window.location.origin + path
-			BinaryExpression(node) {
-				if (node.operator !== '+') {
-					return;
-				}
-				if (isOriginAccess(node.left) || isOriginAccess(node.right)) {
-					context.report({ node, messageId: 'originConcat' });
-				}
-			},
-
-			// `${window.location.origin}${path}`
-			TemplateLiteral(node) {
-				if (node.expressions.some(isOriginAccess)) {
-					context.report({ node, messageId: 'originConcat' });
-				}
-			},
-
-			// window.location.origin used directly (not in concatenation)
-			// Catches: frontendBaseUrl: window.location.origin
-			MemberExpression(node) {
-				if (!isOriginAccess(node)) {
-					return;
-				}
-
-				const parent = node.parent;
-				// Skip if parent is BinaryExpression with + (handled by BinaryExpression visitor)
-				if (parent.type === 'BinaryExpression' && parent.operator === '+') {
-					return;
-				}
-				// Skip if inside TemplateLiteral (handled by TemplateLiteral visitor)
-				if (parent.type === 'TemplateLiteral') {
-					return;
-				}
-
-				context.report({ node, messageId: 'originDirect' });
-			},
-
-			// window.location.href = path
-			AssignmentExpression(node) {
-				if (node.operator !== '=') {
-					return;
-				}
-				if (!isHrefAccess(node.left)) {
-					return;
-				}
-
-				// Allow external URLs
-				if (isExternalUrl(node.right)) {
-					return;
-				}
-				// Allow safe helper calls
-				if (isSafeHelperCall(node.right)) {
-					return;
-				}
-
-				context.report({ node, messageId: 'hrefAssign' });
-			},
-		};
-	},
-};

frontend/plugins/signoz.mjs

@@ -8,8 +8,6 @@
 import noZustandGetStateInHooks from './rules/no-zustand-getstate-in-hooks.mjs';
 import noNavigatorClipboard from './rules/no-navigator-clipboard.mjs';
 import noUnsupportedAssetPattern from './rules/no-unsupported-asset-pattern.mjs';
-import noRawAbsolutePath from './rules/no-raw-absolute-path.mjs';
-import noAntdComponents from './rules/no-antd-components.mjs';
 
 export default {
 	meta: {
@@ -19,7 +17,5 @@ export default {
 		'no-zustand-getstate-in-hooks': noZustandGetStateInHooks,
 		'no-navigator-clipboard': noNavigatorClipboard,
 		'no-unsupported-asset-pattern': noUnsupportedAssetPattern,
-		'no-raw-absolute-path': noRawAbsolutePath,
-		'no-antd-components': noAntdComponents,
 	},
 };

frontend/public/locales/en-GB/routes.json

@@ -16,6 +16,5 @@
 	"roles": "Roles",
 	"role_details": "Role Details",
 	"members": "Members",
-	"service_accounts": "Service Accounts",
-	"mcp_server": "MCP Server"
+	"service_accounts": "Service Accounts"
 }

frontend/public/locales/en-GB/titles.json

@@ -53,6 +53,5 @@
 	"METER": "SigNoz | Meter",
 	"ROLES_SETTINGS": "SigNoz | Roles",
 	"MEMBERS_SETTINGS": "SigNoz | Members",
-	"SERVICE_ACCOUNTS_SETTINGS": "SigNoz | Service Accounts",
-	"MCP_SERVER": "SigNoz | MCP Server"
+	"SERVICE_ACCOUNTS_SETTINGS": "SigNoz | Service Accounts"
 }

frontend/public/locales/en/routes.json

@@ -16,6 +16,5 @@
 	"roles": "Roles",
 	"role_details": "Role Details",
 	"members": "Members",
-	"service_accounts": "Service Accounts",
-	"mcp_server": "MCP Server"
+	"service_accounts": "Service Accounts"
 }

frontend/public/locales/en/titles.json

@@ -76,6 +76,5 @@
 	"METER": "SigNoz | Meter",
 	"ROLES_SETTINGS": "SigNoz | Roles",
 	"MEMBERS_SETTINGS": "SigNoz | Members",
-	"SERVICE_ACCOUNTS_SETTINGS": "SigNoz | Service Accounts",
-	"MCP_SERVER": "SigNoz | MCP Server"
+	"SERVICE_ACCOUNTS_SETTINGS": "SigNoz | Service Accounts"
 }

frontend/scripts/generate-permissions-type.cjs

@@ -0,0 +1,199 @@
+#!/usr/bin/env node
+
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+const axios = require('axios');
+
+const PERMISSIONS_TYPE_FILE = path.join(
+	__dirname,
+	'../src/hooks/useAuthZ/permissions.type.ts',
+);
+
+const SIGNOZ_INTEGRATION_IMAGE = 'signoz:integration';
+const LOCAL_BACKEND_URL = 'http://localhost:8080';
+
+function log(message) {
+	console.log(`[generate-permissions-type] ${message}`);
+}
+
+function getBackendUrlFromDocker() {
+	try {
+		const output = execSync(
+			`docker ps --filter "ancestor=${SIGNOZ_INTEGRATION_IMAGE}" --format "{{.Ports}}"`,
+			{ encoding: 'utf8', stdio: ['pipe', 'pipe', 'pipe'] },
+		).trim();
+
+		if (!output) {
+			return null;
+		}
+
+		const portMatch = output.match(/0\.0\.0\.0:(\d+)->8080\/tcp/);
+		if (portMatch) {
+			return `http://localhost:${portMatch[1]}`;
+		}
+
+		const ipv6Match = output.match(/:::(\d+)->8080\/tcp/);
+		if (ipv6Match) {
+			return `http://localhost:${ipv6Match[1]}`;
+		}
+	} catch (err) {
+		log(`Warning: Could not get port from docker: ${err.message}`);
+	}
+	return null;
+}
+
+async function checkBackendHealth(url, maxAttempts = 3, delayMs = 1000) {
+	for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+		try {
+			await axios.get(`${url}/api/v1/health`, {
+				timeout: 5000,
+				validateStatus: (status) => status === 200,
+			});
+			return true;
+		} catch (err) {
+			if (attempt < maxAttempts) {
+				await new Promise((r) => setTimeout(r, delayMs));
+			}
+		}
+	}
+	return false;
+}
+
+async function discoverBackendUrl() {
+	const dockerUrl = getBackendUrlFromDocker();
+	if (dockerUrl) {
+		log(`Found ${SIGNOZ_INTEGRATION_IMAGE} container, trying ${dockerUrl}...`);
+		if (await checkBackendHealth(dockerUrl)) {
+			log(`Backend found at ${dockerUrl} (from py-test-setup)`);
+			return dockerUrl;
+		}
+		log(`Backend at ${dockerUrl} is not responding`);
+	}
+
+	log(`Trying local backend at ${LOCAL_BACKEND_URL}...`);
+	if (await checkBackendHealth(LOCAL_BACKEND_URL)) {
+		log(`Backend found at ${LOCAL_BACKEND_URL}`);
+		return LOCAL_BACKEND_URL;
+	}
+
+	return null;
+}
+
+async function fetchResources(backendUrl) {
+	log('Fetching resources from API...');
+	const resourcesUrl = `${backendUrl}/api/v1/authz/resources`;
+
+	const { data: response } = await axios.get(resourcesUrl);
+
+	return response;
+}
+
+function transformResponse(apiResponse) {
+	if (!apiResponse.data) {
+		throw new Error('Invalid API response: missing data field');
+	}
+
+	const { resources, relations } = apiResponse.data;
+
+	return {
+		status: apiResponse.status || 'success',
+		data: {
+			resources: resources,
+			relations: relations,
+		},
+	};
+}
+
+function generateTypeScriptFile(data) {
+	const resourcesStr = data.data.resources
+		.map(
+			(r) =>
+				`\t\t\t{\n\t\t\t\tname: '${r.name}',\n\t\t\t\ttype: '${r.type}',\n\t\t\t},`,
+		)
+		.join('\n');
+
+	const relationsStr = Object.entries(data.data.relations)
+		.map(
+			([type, relations]) =>
+				`\t\t\t${type}: [${relations.map((r) => `'${r}'`).join(', ')}],`,
+		)
+		.join('\n');
+
+	return `// AUTO GENERATED FILE - DO NOT EDIT - GENERATED BY scripts/generate-permissions-type
+export default {
+\tstatus: '${data.status}',
+\tdata: {
+\t\tresources: [
+${resourcesStr}
+\t\t],
+\t\trelations: {
+${relationsStr}
+\t\t},
+\t},
+} as const;
+`;
+}
+
+async function main() {
+	try {
+		log('Starting permissions type generation...');
+
+		const backendUrl = await discoverBackendUrl();
+
+		if (!backendUrl) {
+			console.error('\n' + '='.repeat(80));
+			console.error('ERROR: No running SigNoz backend found!');
+			console.error('='.repeat(80));
+			console.error(
+				'\nThe permissions type generator requires a running SigNoz backend.',
+			);
+			console.error('\nFor local development, start the backend with:');
+			console.error('  make go-run-enterprise');
+			console.error(
+				'\nFor CI or integration testing, start the test environment with:',
+			);
+			console.error('  make py-test-setup');
+			console.error(
+				'\nIf running in CI and seeing this error, check that the py-test-setup',
+			);
+			console.error('step completed successfully before this step runs.');
+			console.error('='.repeat(80) + '\n');
+			process.exit(1);
+		}
+
+		log('Fetching resources...');
+		const apiResponse = await fetchResources(backendUrl);
+
+		log('Transforming response...');
+		const transformed = transformResponse(apiResponse);
+
+		log('Generating TypeScript file...');
+		const content = generateTypeScriptFile(transformed);
+
+		log(`Writing to ${PERMISSIONS_TYPE_FILE}...`);
+		fs.writeFileSync(PERMISSIONS_TYPE_FILE, content, 'utf8');
+
+		const rootDir = path.join(__dirname, '../..');
+		const relativePath = path.relative(
+			path.join(rootDir, 'frontend'),
+			PERMISSIONS_TYPE_FILE,
+		);
+		log('Linting generated file...');
+		execSync(`cd frontend && yarn oxlint ${relativePath}`, {
+			cwd: rootDir,
+			stdio: 'inherit',
+		});
+
+		log('Successfully generated permissions.type.ts');
+	} catch (error) {
+		log(`Error: ${error.message}`);
+		process.exit(1);
+	}
+}
+
+if (require.main === module) {
+	main();
+}
+
+module.exports = { main };

frontend/scripts/post-types-generation.sh

@@ -16,7 +16,7 @@ echo "\n✅ Tag files renamed to index.ts"
 
 # Format generated files
 echo "\n\n---\nRunning prettier...\n"
-if ! pnpm prettify src/api/generated; then
+if ! yarn prettify src/api/generated; then
   echo "Formatting failed!"
   exit 1
 fi
@@ -25,7 +25,7 @@ echo "\n✅ Formatting successful"
 
 # Fix linting issues
 echo "\n\n---\nRunning lint...\n"
-if ! pnpm lint:generated; then
+if ! yarn lint:generated; then
   echo "Lint check failed! Please fix linting errors before proceeding."
   exit 1
 fi

frontend/scripts/typecheck-staged.sh

@@ -0,0 +1,25 @@
+files="";
+
+# lint-staged will pass all files in $1 $2 $3 etc. iterate and concat.
+for var in "$@"
+do
+    files="$files \"$var\","
+done
+
+# create temporary tsconfig which includes only passed files
+str="{
+  \"extends\": \"./tsconfig.json\",
+  \"include\": [ \"src/typings/**/*.ts\",\"src/**/*.d.ts\", \"./babel.config.js\", \"./jest.config.ts\", \"./.eslintrc.js\",\"./__mocks__\",\"./public\",\"./tests\",\"./commitlint.config.ts\",\"./webpack.config.js\",\"./webpack.config.prod.js\",\"./jest.setup.ts\",\"./**/*.d.ts\",$files]
+}"
+echo $str > tsconfig.tmp
+
+# run typecheck using temp config
+tsc -p ./tsconfig.tmp
+
+# capture exit code of tsc
+code=$?
+
+# delete temp config
+rm ./tsconfig.tmp
+
+exit $code

frontend/src/AppRoutes/__tests__/Private.test.tsx

@@ -105,7 +105,7 @@ function createMockLicense(
 			status: '',
 			updated_at: '0',
 		},
-		state: LicenseState.ACTIVATED,
+		state: LicenseState.ACTIVE,
 		status: LicenseStatus.VALID,
 		platform: LicensePlatform.CLOUD,
 		created_at: '0',
@@ -931,7 +931,7 @@ describe('PrivateRoute', () => {
 					isFetchingActiveLicense: false,
 					activeLicense: createMockLicense({
 						platform: LicensePlatform.CLOUD,
-						state: LicenseState.ACTIVATED,
+						state: LicenseState.ACTIVE,
 					}),
 				},
 				isCloudUser: true,
@@ -1522,7 +1522,7 @@ describe('PrivateRoute', () => {
 					isFetchingActiveLicense: false,
 					activeLicense: createMockLicense({
 						platform: LicensePlatform.CLOUD,
-						state: LicenseState.ACTIVATED,
+						state: LicenseState.ACTIVE,
 					}),
 					trialInfo: createMockTrialInfo({ workSpaceBlock: false }),
 					user: createMockUser({ role: USER_ROLES.ADMIN as ROLES }),

frontend/src/AppRoutes/index.tsx

@@ -327,11 +327,6 @@ function App(): JSX.Element {
 					replaysSessionSampleRate: 0.1, // This sets the sample rate at 10%. You may want to change it to 100% while in development and then sample at a lower rate in production.
 					replaysOnErrorSampleRate: 1.0, // If you're not already sampling the entire session, change the sample rate to 100% when sampling sessions where errors occur.
 					beforeSend(event) {
-						// Drop the event if its level is 'warning' or 'info'
-						if (event.level === 'warning' || event.level === 'info') {
-							return null;
-						}
-
 						const sessionReplayUrl = posthog.get_session_replay_url?.({
 							withTimestamp: true,
 						});

frontend/src/AppRoutes/pageComponents.ts

@@ -65,13 +65,6 @@ export const TraceDetail = Loadable(
 		),
 );
 
-export const TraceDetailV3 = Loadable(
-	() =>
-		import(
-			/* webpackChunkName: "TraceDetailV3 Page" */ 'pages/TraceDetailV3Page/index'
-		),
-);
-
 export const UsageExplorerPage = Loadable(
 	() => import(/* webpackChunkName: "UsageExplorerPage" */ 'modules/Usage'),
 );

frontend/src/AppRoutes/routes.ts

@@ -48,7 +48,6 @@ import {
 	StatusPage,
 	SupportPage,
 	TraceDetail,
-	TraceDetailV3,
 	TraceFilter,
 	TracesExplorer,
 	TracesFunnelDetails,
@@ -139,9 +138,6 @@ const routes: AppRoutes[] = [
 		exact: true,
 		key: 'LOGS_SAVE_VIEWS',
 	},
-	// V3 trace details is gated until release: /trace serves V2 (public),
-	// /trace-old serves V3 (URL-only access). Flip the two `component`
-	// values back to release V3.
 	{
 		path: ROUTES.TRACE_DETAIL,
 		exact: true,
@@ -149,13 +145,6 @@ const routes: AppRoutes[] = [
 		isPrivate: true,
 		key: 'TRACE_DETAIL',
 	},
-	{
-		path: ROUTES.TRACE_DETAIL_OLD,
-		exact: true,
-		component: TraceDetailV3,
-		isPrivate: true,
-		key: 'TRACE_DETAIL_OLD',
-	},
 	{
 		path: ROUTES.SETTINGS,
 		exact: false,

frontend/src/ReactI18/index.tsx

@@ -2,7 +2,6 @@ import { initReactI18next } from 'react-i18next';
 import i18n from 'i18next';
 import LanguageDetector from 'i18next-browser-languagedetector';
 import Backend from 'i18next-http-backend';
-import { getBasePath } from 'utils/basePath';
 
 import cacheBursting from '../../i18n-translations-hash.json';
 
@@ -25,7 +24,7 @@ i18n
 				const ns = namespace[0];
 				const pathkey = `/${language}/${ns}`;
 				const hash = cacheBursting[pathkey as keyof typeof cacheBursting] || '';
-				return `${getBasePath()}locales/${language}/${namespace}.json?h=${hash}`;
+				return `/locales/${language}/${namespace}.json?h=${hash}`;
 			},
 		},
 		react: {

frontend/src/api/browser/localstorage/__tests__/get.test.ts

@@ -1,130 +0,0 @@
-/**
- * localstorage/get — lazy migration tests.
- *
- * basePath is memoized at module init, so each describe block re-imports the
- * module with a fresh DOM state via jest.isolateModules.
- */
-
-type GetModule = typeof import('../get');
-
-function loadGetModule(href: string): GetModule {
-	const base = document.createElement('base');
-	base.setAttribute('href', href);
-	document.head.append(base);
-
-	let mod!: GetModule;
-	jest.isolateModules(() => {
-		// oxlint-disable-next-line typescript-eslint/no-require-imports, typescript-eslint/no-var-requires
-		mod = require('../get');
-	});
-	return mod;
-}
-
-afterEach(() => {
-	for (const el of document.head.querySelectorAll('base')) {
-		el.remove();
-	}
-	localStorage.clear();
-});
-
-describe('get — root path "/"', () => {
-	it('reads the bare key', () => {
-		const { default: get } = loadGetModule('/');
-		localStorage.setItem('AUTH_TOKEN', 'tok');
-		expect(get('AUTH_TOKEN')).toBe('tok');
-	});
-
-	it('returns null when key is absent', () => {
-		const { default: get } = loadGetModule('/');
-		expect(get('MISSING')).toBeNull();
-	});
-
-	it('does NOT promote bare keys (no-op at root)', () => {
-		const { default: get } = loadGetModule('/');
-		localStorage.setItem('THEME', 'light');
-		get('THEME');
-		// bare key must still be present — no migration at root
-		expect(localStorage.getItem('THEME')).toBe('light');
-	});
-});
-
-describe('get — prefixed path "/signoz/"', () => {
-	it('reads an already-scoped key directly', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		localStorage.setItem('/signoz/AUTH_TOKEN', 'scoped-tok');
-		expect(get('AUTH_TOKEN')).toBe('scoped-tok');
-	});
-
-	it('returns null when neither scoped nor bare key exists', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		expect(get('MISSING')).toBeNull();
-	});
-
-	it('lazy-migrates bare key to scoped key on first read', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		localStorage.setItem('AUTH_TOKEN', 'old-tok');
-
-		const result = get('AUTH_TOKEN');
-
-		expect(result).toBe('old-tok');
-		expect(localStorage.getItem('/signoz/AUTH_TOKEN')).toBe('old-tok');
-		expect(localStorage.getItem('AUTH_TOKEN')).toBeNull();
-	});
-
-	it('scoped key takes precedence over bare key', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		localStorage.setItem('AUTH_TOKEN', 'bare-tok');
-		localStorage.setItem('/signoz/AUTH_TOKEN', 'scoped-tok');
-
-		expect(get('AUTH_TOKEN')).toBe('scoped-tok');
-		// bare key left untouched — scoped already existed
-		expect(localStorage.getItem('AUTH_TOKEN')).toBe('bare-tok');
-	});
-
-	it('subsequent reads after migration use scoped key (no double-write)', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		localStorage.setItem('THEME', 'dark');
-
-		get('THEME'); // triggers migration
-		localStorage.removeItem('THEME'); // simulate bare key gone
-
-		// second read still finds the scoped key
-		expect(get('THEME')).toBe('dark');
-	});
-});
-
-describe('get — two-prefix isolation', () => {
-	it('/signoz/ and /testing/ do not share migrated values', () => {
-		localStorage.setItem('THEME', 'light');
-
-		const base1 = document.createElement('base');
-		base1.setAttribute('href', '/signoz/');
-		document.head.append(base1);
-		let getSignoz!: GetModule['default'];
-		jest.isolateModules(() => {
-			// oxlint-disable-next-line typescript-eslint/no-require-imports, typescript-eslint/no-var-requires
-			getSignoz = require('../get').default;
-		});
-		base1.remove();
-
-		// migrate bare → /signoz/THEME
-		getSignoz('THEME');
-
-		const base2 = document.createElement('base');
-		base2.setAttribute('href', '/testing/');
-		document.head.append(base2);
-		let getTesting!: GetModule['default'];
-		jest.isolateModules(() => {
-			// oxlint-disable-next-line typescript-eslint/no-require-imports, typescript-eslint/no-var-requires
-			getTesting = require('../get').default;
-		});
-		base2.remove();
-
-		// /testing/ prefix: bare key already gone, scoped key does not exist
-		expect(getTesting('THEME')).toBeNull();
-		expect(localStorage.getItem('/signoz/THEME')).toBe('light');
-		expect(localStorage.getItem('/testing/THEME')).toBeNull();
-	});
-});
-
-export {};

frontend/src/api/browser/localstorage/get.ts

@@ -1,26 +1,7 @@
-/* oxlint-disable no-restricted-globals */
-import { getBasePath } from 'utils/basePath';
-import { getScopedKey } from 'utils/storage';
-
 const get = (key: string): string | null => {
 	try {
-		const scopedKey = getScopedKey(key);
-		const value = localStorage.getItem(scopedKey);
-
-		// Lazy migration: if running under a URL prefix and the scoped key doesn't
-		// exist yet, fall back to the bare key (written by a previous root deployment).
-		// Promote it to the scoped key and remove the bare key so future reads are fast.
-		if (value === null && getBasePath() !== '/') {
-			const bare = localStorage.getItem(key);
-			if (bare !== null) {
-				localStorage.setItem(scopedKey, bare);
-				localStorage.removeItem(key);
-				return bare;
-			}
-		}
-
-		return value;
-	} catch {
+		return localStorage.getItem(key);
+	} catch (e) {
 		return '';
 	}
 };

frontend/src/api/browser/localstorage/remove.ts

@@ -1,11 +1,8 @@
-/* oxlint-disable no-restricted-globals */
-import { getScopedKey } from 'utils/storage';
-
 const remove = (key: string): boolean => {
 	try {
-		localStorage.removeItem(getScopedKey(key));
+		window.localStorage.removeItem(key);
 		return true;
-	} catch {
+	} catch (e) {
 		return false;
 	}
 };

frontend/src/api/browser/localstorage/set.ts

@@ -1,11 +1,8 @@
-/* oxlint-disable no-restricted-globals */
-import { getScopedKey } from 'utils/storage';
-
 const set = (key: string, value: string): boolean => {
 	try {
-		localStorage.setItem(getScopedKey(key), value);
+		localStorage.setItem(key, value);
 		return true;
-	} catch {
+	} catch (e) {
 		return false;
 	}
 };

frontend/src/api/browser/sessionstorage/__tests__/get.test.ts

@@ -1,81 +0,0 @@
-/**
- * sessionstorage/get — lazy migration tests.
- * Mirrors the localStorage get tests; same logic, different storage.
- */
-
-type GetModule = typeof import('../get');
-
-function loadGetModule(href: string): GetModule {
-	const base = document.createElement('base');
-	base.setAttribute('href', href);
-	document.head.append(base);
-
-	let mod!: GetModule;
-	jest.isolateModules(() => {
-		// oxlint-disable-next-line typescript-eslint/no-require-imports, typescript-eslint/no-var-requires
-		mod = require('../get');
-	});
-	return mod;
-}
-
-afterEach(() => {
-	for (const el of document.head.querySelectorAll('base')) {
-		el.remove();
-	}
-	sessionStorage.clear();
-});
-
-describe('get — root path "/"', () => {
-	it('reads the bare key', () => {
-		const { default: get } = loadGetModule('/');
-		sessionStorage.setItem('retry-lazy-refreshed', 'true');
-		expect(get('retry-lazy-refreshed')).toBe('true');
-	});
-
-	it('returns null when key is absent', () => {
-		const { default: get } = loadGetModule('/');
-		expect(get('MISSING')).toBeNull();
-	});
-
-	it('does NOT promote bare keys at root', () => {
-		const { default: get } = loadGetModule('/');
-		sessionStorage.setItem('retry-lazy-refreshed', 'true');
-		get('retry-lazy-refreshed');
-		expect(sessionStorage.getItem('retry-lazy-refreshed')).toBe('true');
-	});
-});
-
-describe('get — prefixed path "/signoz/"', () => {
-	it('reads an already-scoped key directly', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		sessionStorage.setItem('/signoz/retry-lazy-refreshed', 'true');
-		expect(get('retry-lazy-refreshed')).toBe('true');
-	});
-
-	it('returns null when neither scoped nor bare key exists', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		expect(get('MISSING')).toBeNull();
-	});
-
-	it('lazy-migrates bare key to scoped key on first read', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		sessionStorage.setItem('retry-lazy-refreshed', 'true');
-
-		const result = get('retry-lazy-refreshed');
-
-		expect(result).toBe('true');
-		expect(sessionStorage.getItem('/signoz/retry-lazy-refreshed')).toBe('true');
-		expect(sessionStorage.getItem('retry-lazy-refreshed')).toBeNull();
-	});
-
-	it('scoped key takes precedence over bare key', () => {
-		const { default: get } = loadGetModule('/signoz/');
-		sessionStorage.setItem('retry-lazy-refreshed', 'bare');
-		sessionStorage.setItem('/signoz/retry-lazy-refreshed', 'scoped');
-
-		expect(get('retry-lazy-refreshed')).toBe('scoped');
-		expect(sessionStorage.getItem('retry-lazy-refreshed')).toBe('bare');
-	});
-});
-
-export {};

frontend/src/api/browser/sessionstorage/get.ts

@@ -1,27 +0,0 @@
-/* oxlint-disable no-restricted-globals */
-import { getBasePath } from 'utils/basePath';
-import { getScopedKey } from 'utils/storage';
-
-const get = (key: string): string | null => {
-	try {
-		const scopedKey = getScopedKey(key);
-		const value = sessionStorage.getItem(scopedKey);
-
-		// Lazy migration: same pattern as localStorage — promote bare keys written
-		// by a previous root deployment to the scoped key on first read.
-		if (value === null && getBasePath() !== '/') {
-			const bare = sessionStorage.getItem(key);
-			if (bare !== null) {
-				sessionStorage.setItem(scopedKey, bare);
-				sessionStorage.removeItem(key);
-				return bare;
-			}
-		}
-
-		return value;
-	} catch {
-		return '';
-	}
-};
-
-export default get;

frontend/src/api/browser/sessionstorage/remove.ts

@@ -1,13 +0,0 @@
-/* oxlint-disable no-restricted-globals */
-import { getScopedKey } from 'utils/storage';
-
-const remove = (key: string): boolean => {
-	try {
-		sessionStorage.removeItem(getScopedKey(key));
-		return true;
-	} catch {
-		return false;
-	}
-};
-
-export default remove;

frontend/src/api/browser/sessionstorage/set.ts

@@ -1,13 +0,0 @@
-/* oxlint-disable no-restricted-globals */
-import { getScopedKey } from 'utils/storage';
-
-const set = (key: string, value: string): boolean => {
-	try {
-		sessionStorage.setItem(getScopedKey(key), value);
-		return true;
-	} catch {
-		return false;
-	}
-};
-
-export default set;

frontend/src/api/dashboard/queryRangeFormat.ts

@@ -0,0 +1,15 @@
+import { ApiV3Instance as axios } from 'api';
+import { ApiResponse } from 'types/api';
+import { ICompositeMetricQuery } from 'types/api/alerts/compositeQuery';
+import { QueryRangePayload } from 'types/api/metrics/getQueryRange';
+
+interface IQueryRangeFormat {
+	compositeQuery: ICompositeMetricQuery;
+}
+
+export const getQueryRangeFormat = (
+	props?: Partial<QueryRangePayload>,
+): Promise<IQueryRangeFormat> =>
+	axios
+		.post<ApiResponse<IQueryRangeFormat>>('/query_range/format', props)
+		.then((res) => res.data.data);

frontend/src/api/dynamicConfigs/getDynamicConfigs.ts

@@ -0,0 +1,24 @@
+import axios from 'api';
+import { ErrorResponseHandler } from 'api/ErrorResponseHandler';
+import { AxiosError } from 'axios';
+import { ErrorResponse, SuccessResponse } from 'types/api';
+import { PayloadProps } from 'types/api/dynamicConfigs/getDynamicConfigs';
+
+const getDynamicConfigs = async (): Promise<
+	SuccessResponse<PayloadProps> | ErrorResponse
+> => {
+	try {
+		const response = await axios.get(`/configs`);
+
+		return {
+			statusCode: 200,
+			error: null,
+			message: response.data.status,
+			payload: response.data.data,
+		};
+	} catch (error) {
+		return ErrorResponseHandler(error as AxiosError);
+	}
+};
+
+export default getDynamicConfigs;

frontend/src/api/dynamicVariables/__tests__/getFieldKeys.test.ts

@@ -104,7 +104,7 @@ describe('getFieldKeys API', () => {
 		const result = await getFieldKeys('traces');
 
 		// Verify the returned structure matches SuccessResponseV2 format
-		expect(result).toStrictEqual({
+		expect(result).toEqual({
 			httpStatusCode: 200,
 			data: mockSuccessResponse.data.data,
 		});

frontend/src/api/dynamicVariables/__tests__/getFieldValues.test.ts

@@ -199,7 +199,7 @@ describe('getFieldValues API', () => {
 		const result = await getFieldValues('traces', 'service.name');
 
 		// Verify the returned structure matches SuccessResponseV2 format
-		expect(result).toStrictEqual({
+		expect(result).toEqual({
 			httpStatusCode: 200,
 			data: expect.objectContaining({
 				values: expect.any(Object),

frontend/src/api/generated/services/alerts/index.ts

@@ -1,7 +1,7 @@
 /**
  * ! Do not edit manually
  * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'pnpm generate:api'
+ * * regenerate with 'yarn generate:api'
  * SigNoz
  */
 import { useQuery } from 'react-query';

frontend/src/api/generated/services/authdomains/index.ts

@@ -1,7 +1,7 @@
 /**
  * ! Do not edit manually
  * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'pnpm generate:api'
+ * * regenerate with 'yarn generate:api'
  * SigNoz
  */
 import { useMutation, useQuery } from 'react-query';
@@ -19,11 +19,9 @@ import type {
 
 import type {
 	AuthtypesPostableAuthDomainDTO,
-	AuthtypesUpdatableAuthDomainDTO,
-	CreateAuthDomain201,
+	AuthtypesUpdateableAuthDomainDTO,
+	CreateAuthDomain200,
 	DeleteAuthDomainPathParameters,
-	GetAuthDomain200,
-	GetAuthDomainPathParameters,
 	ListAuthDomains200,
 	RenderErrorResponseDTO,
 	UpdateAuthDomainPathParameters,
@@ -126,7 +124,7 @@ export const createAuthDomain = (
 	authtypesPostableAuthDomainDTO: BodyType<AuthtypesPostableAuthDomainDTO>,
 	signal?: AbortSignal,
 ) => {
-	return GeneratedAPIInstance<CreateAuthDomain201>({
+	return GeneratedAPIInstance<CreateAuthDomain200>({
 		url: `/api/v1/domains`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
@@ -279,122 +277,19 @@ export const useDeleteAuthDomain = <
 
 	return useMutation(mutationOptions);
 };
-/**
- * This endpoint returns an auth domain by ID
- * @summary Get auth domain by ID
- */
-export const getAuthDomain = (
-	{ id }: GetAuthDomainPathParameters,
-	signal?: AbortSignal,
-) => {
-	return GeneratedAPIInstance<GetAuthDomain200>({
-		url: `/api/v1/domains/${id}`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getGetAuthDomainQueryKey = ({
-	id,
-}: GetAuthDomainPathParameters) => {
-	return [`/api/v1/domains/${id}`] as const;
-};
-
-export const getGetAuthDomainQueryOptions = <
-	TData = Awaited<ReturnType<typeof getAuthDomain>>,
-	TError = ErrorType<RenderErrorResponseDTO>,
->(
-	{ id }: GetAuthDomainPathParameters,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getAuthDomain>>,
-			TError,
-			TData
-		>;
-	},
-) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey = queryOptions?.queryKey ?? getGetAuthDomainQueryKey({ id });
-
-	const queryFn: QueryFunction<Awaited<ReturnType<typeof getAuthDomain>>> = ({
-		signal,
-	}) => getAuthDomain({ id }, signal);
-
-	return {
-		queryKey,
-		queryFn,
-		enabled: !!id,
-		...queryOptions,
-	} as UseQueryOptions<
-		Awaited<ReturnType<typeof getAuthDomain>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type GetAuthDomainQueryResult = NonNullable<
-	Awaited<ReturnType<typeof getAuthDomain>>
->;
-export type GetAuthDomainQueryError = ErrorType<RenderErrorResponseDTO>;
-
-/**
- * @summary Get auth domain by ID
- */
-
-export function useGetAuthDomain<
-	TData = Awaited<ReturnType<typeof getAuthDomain>>,
-	TError = ErrorType<RenderErrorResponseDTO>,
->(
-	{ id }: GetAuthDomainPathParameters,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getAuthDomain>>,
-			TError,
-			TData
-		>;
-	},
-): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getGetAuthDomainQueryOptions({ id }, options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Get auth domain by ID
- */
-export const invalidateGetAuthDomain = async (
-	queryClient: QueryClient,
-	{ id }: GetAuthDomainPathParameters,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getGetAuthDomainQueryKey({ id }) },
-		options,
-	);
-
-	return queryClient;
-};
-
 /**
  * This endpoint updates an auth domain
  * @summary Update auth domain
  */
 export const updateAuthDomain = (
 	{ id }: UpdateAuthDomainPathParameters,
-	authtypesUpdatableAuthDomainDTO: BodyType<AuthtypesUpdatableAuthDomainDTO>,
+	authtypesUpdateableAuthDomainDTO: BodyType<AuthtypesUpdateableAuthDomainDTO>,
 ) => {
 	return GeneratedAPIInstance<void>({
 		url: `/api/v1/domains/${id}`,
 		method: 'PUT',
 		headers: { 'Content-Type': 'application/json' },
-		data: authtypesUpdatableAuthDomainDTO,
+		data: authtypesUpdateableAuthDomainDTO,
 	});
 };
 
@@ -407,7 +302,7 @@ export const getUpdateAuthDomainMutationOptions = <
 		TError,
 		{
 			pathParams: UpdateAuthDomainPathParameters;
-			data: BodyType<AuthtypesUpdatableAuthDomainDTO>;
+			data: BodyType<AuthtypesUpdateableAuthDomainDTO>;
 		},
 		TContext
 	>;
@@ -416,7 +311,7 @@ export const getUpdateAuthDomainMutationOptions = <
 	TError,
 	{
 		pathParams: UpdateAuthDomainPathParameters;
-		data: BodyType<AuthtypesUpdatableAuthDomainDTO>;
+		data: BodyType<AuthtypesUpdateableAuthDomainDTO>;
 	},
 	TContext
 > => {
@@ -433,7 +328,7 @@ export const getUpdateAuthDomainMutationOptions = <
 		Awaited<ReturnType<typeof updateAuthDomain>>,
 		{
 			pathParams: UpdateAuthDomainPathParameters;
-			data: BodyType<AuthtypesUpdatableAuthDomainDTO>;
+			data: BodyType<AuthtypesUpdateableAuthDomainDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -448,7 +343,7 @@ export type UpdateAuthDomainMutationResult = NonNullable<
 	Awaited<ReturnType<typeof updateAuthDomain>>
 >;
 export type UpdateAuthDomainMutationBody =
-	BodyType<AuthtypesUpdatableAuthDomainDTO>;
+	BodyType<AuthtypesUpdateableAuthDomainDTO>;
 export type UpdateAuthDomainMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -463,7 +358,7 @@ export const useUpdateAuthDomain = <
 		TError,
 		{
 			pathParams: UpdateAuthDomainPathParameters;
-			data: BodyType<AuthtypesUpdatableAuthDomainDTO>;
+			data: BodyType<AuthtypesUpdateableAuthDomainDTO>;
 		},
 		TContext
 	>;
@@ -472,7 +367,7 @@ export const useUpdateAuthDomain = <
 	TError,
 	{
 		pathParams: UpdateAuthDomainPathParameters;
-		data: BodyType<AuthtypesUpdatableAuthDomainDTO>;
+		data: BodyType<AuthtypesUpdateableAuthDomainDTO>;
 	},
 	TContext
 > => {

frontend/src/api/generated/services/authz/index.ts

@@ -1,19 +1,26 @@
 /**
  * ! Do not edit manually
  * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'pnpm generate:api'
+ * * regenerate with 'yarn generate:api'
  * SigNoz
  */
-import { useMutation } from 'react-query';
+import { useMutation, useQuery } from 'react-query';
 import type {
+	InvalidateOptions,
 	MutationFunction,
+	QueryClient,
+	QueryFunction,
+	QueryKey,
 	UseMutationOptions,
 	UseMutationResult,
+	UseQueryOptions,
+	UseQueryResult,
 } from 'react-query';
 
 import type {
 	AuthtypesTransactionDTO,
 	AuthzCheck200,
+	AuthzResources200,
 	RenderErrorResponseDTO,
 } from '../sigNoz.schemas';
 
@@ -103,3 +110,88 @@ export const useAuthzCheck = <
 
 	return useMutation(mutationOptions);
 };
+/**
+ * Gets all the available resources
+ * @summary Get resources
+ */
+export const authzResources = (signal?: AbortSignal) => {
+	return GeneratedAPIInstance<AuthzResources200>({
+		url: `/api/v1/authz/resources`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getAuthzResourcesQueryKey = () => {
+	return [`/api/v1/authz/resources`] as const;
+};
+
+export const getAuthzResourcesQueryOptions = <
+	TData = Awaited<ReturnType<typeof authzResources>>,
+	TError = ErrorType<RenderErrorResponseDTO>,
+>(options?: {
+	query?: UseQueryOptions<
+		Awaited<ReturnType<typeof authzResources>>,
+		TError,
+		TData
+	>;
+}) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey = queryOptions?.queryKey ?? getAuthzResourcesQueryKey();
+
+	const queryFn: QueryFunction<Awaited<ReturnType<typeof authzResources>>> = ({
+		signal,
+	}) => authzResources(signal);
+
+	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
+		Awaited<ReturnType<typeof authzResources>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type AuthzResourcesQueryResult = NonNullable<
+	Awaited<ReturnType<typeof authzResources>>
+>;
+export type AuthzResourcesQueryError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Get resources
+ */
+
+export function useAuthzResources<
+	TData = Awaited<ReturnType<typeof authzResources>>,
+	TError = ErrorType<RenderErrorResponseDTO>,
+>(options?: {
+	query?: UseQueryOptions<
+		Awaited<ReturnType<typeof authzResources>>,
+		TError,
+		TData
+	>;
+}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getAuthzResourcesQueryOptions(options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary Get resources
+ */
+export const invalidateAuthzResources = async (
+	queryClient: QueryClient,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getAuthzResourcesQueryKey() },
+		options,
+	);
+
+	return queryClient;
+};

frontend/src/api/generated/services/channels/index.ts

@@ -1,7 +1,7 @@
 /**
  * ! Do not edit manually
  * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'pnpm generate:api'
+ * * regenerate with 'yarn generate:api'
  * SigNoz
  */
 import { useMutation, useQuery } from 'react-query';
@@ -18,7 +18,6 @@ import type {
 } from 'react-query';
 
 import type {
-	AlertmanagertypesPostableChannelDTO,
 	ConfigReceiverDTO,
 	CreateChannel201,
 	DeleteChannelByIDPathParameters,
@@ -123,14 +122,14 @@ export const invalidateListChannels = async (
  * @summary Create notification channel
  */
 export const createChannel = (
-	alertmanagertypesPostableChannelDTO: BodyType<AlertmanagertypesPostableChannelDTO>,
+	configReceiverDTO: BodyType<ConfigReceiverDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<CreateChannel201>({
 		url: `/api/v1/channels`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: alertmanagertypesPostableChannelDTO,
+		data: configReceiverDTO,
 		signal,
 	});
 };
@@ -142,13 +141,13 @@ export const getCreateChannelMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createChannel>>,
 		TError,
-		{ data: BodyType<AlertmanagertypesPostableChannelDTO> },
+		{ data: BodyType<ConfigReceiverDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createChannel>>,
 	TError,
-	{ data: BodyType<AlertmanagertypesPostableChannelDTO> },
+	{ data: BodyType<ConfigReceiverDTO> },
 	TContext
 > => {
 	const mutationKey = ['createChannel'];
@@ -162,7 +161,7 @@ export const getCreateChannelMutationOptions = <
 
 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createChannel>>,
-		{ data: BodyType<AlertmanagertypesPostableChannelDTO> }
+		{ data: BodyType<ConfigReceiverDTO> }
 	> = (props) => {
 		const { data } = props ?? {};
 
@@ -175,8 +174,7 @@ export const getCreateChannelMutationOptions = <
 export type CreateChannelMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createChannel>>
 >;
-export type CreateChannelMutationBody =
-	BodyType<AlertmanagertypesPostableChannelDTO>;
+export type CreateChannelMutationBody = BodyType<ConfigReceiverDTO>;
 export type CreateChannelMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -189,13 +187,13 @@ export const useCreateChannel = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createChannel>>,
 		TError,
-		{ data: BodyType<AlertmanagertypesPostableChannelDTO> },
+		{ data: BodyType<ConfigReceiverDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createChannel>>,
 	TError,
-	{ data: BodyType<AlertmanagertypesPostableChannelDTO> },
+	{ data: BodyType<ConfigReceiverDTO> },
 	TContext
 > => {
 	const mutationOptions = getCreateChannelMutationOptions(options);

frontend/src/api/generated/services/cloudintegration/index.ts

@@ -1,7 +1,7 @@
 /**
  * ! Do not edit manually
  * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'pnpm generate:api'
+ * * regenerate with 'yarn generate:api'
  * SigNoz
  */
 import { useMutation, useQuery } from 'react-query';