diff --git a/.github/scripts/package.json b/.github/scripts/package.json
index cd67711fa4c29..80bf0baf11043 100644
--- a/.github/scripts/package.json
+++ b/.github/scripts/package.json
@@ -5,7 +5,7 @@
     "debug": "4.3.4",
     "glob": "10.3.10",
     "p-limit": "3.1.0",
-    "picocolors": "1.0.0",
+    "picocolors": "1.0.1",
     "semver": "7.5.4",
     "tempfile": "5.0.0",
     "typescript": "*"
diff --git a/.github/workflows/test-workflows.yml b/.github/workflows/test-workflows.yml
index 8ba22b590cb62..2bb91dd065eb7 100644
--- a/.github/workflows/test-workflows.yml
+++ b/.github/workflows/test-workflows.yml
@@ -73,6 +73,7 @@ jobs:
         env:
           N8N_ENCRYPTION_KEY: ${{secrets.ENCRYPTION_KEY}}
           SKIP_STATISTICS_EVENTS: true
+          DB_SQLITE_POOL_SIZE: 4
       # -
       #   name: Export credentials
       #   if: always()
diff --git a/.github/workflows/units-tests-reusable.yml b/.github/workflows/units-tests-reusable.yml
index fe270b1de004c..1f64b2e27c6c3 100644
--- a/.github/workflows/units-tests-reusable.yml
+++ b/.github/workflows/units-tests-reusable.yml
@@ -50,6 +50,7 @@ jobs:
         run: pnpm install --frozen-lockfile
 
       - name: Setup build cache
+        if: inputs.collectCoverage != true
         uses: rharkor/caching-for-turbo@v1.5
 
       - name: Build
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 986b85b0682ea..99120642fe416 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,44 @@
+# [1.54.0](https://github.com/n8n-io/n8n/compare/n8n@1.53.0...n8n@1.54.0) (2024-08-07)
+
+
+### Bug Fixes
+
+* **core:** Ensure OAuth token data is not stubbed in source control ([#10302](https://github.com/n8n-io/n8n/issues/10302)) ([98115e9](https://github.com/n8n-io/n8n/commit/98115e95df8289a8ec400a570a7f256382f8e286))
+* **core:** Fix expressions in webhook nodes(Form, Webhook) to access previous node's data ([#10247](https://github.com/n8n-io/n8n/issues/10247)) ([88a1701](https://github.com/n8n-io/n8n/commit/88a170176a3447e7f847e9cf145aeb867b1c5fcf))
+* **core:** Fix user telemetry bugs ([#10293](https://github.com/n8n-io/n8n/issues/10293)) ([42a0b59](https://github.com/n8n-io/n8n/commit/42a0b594d6ea2527c55a2aa9976c904cf70ecf92))
+* **core:** Make execution and its data creation atomic ([#10276](https://github.com/n8n-io/n8n/issues/10276)) ([ae50bb9](https://github.com/n8n-io/n8n/commit/ae50bb95a8e5bf1cdbf9483da54b84094b82e260))
+* **core:** Make OAuth1/OAuth2 callback not require auth ([#10263](https://github.com/n8n-io/n8n/issues/10263)) ([a8e2774](https://github.com/n8n-io/n8n/commit/a8e2774f5382e202556b5506c7788265786aa973))
+* **core:** Revert transactions until we remove the legacy sqlite driver  ([#10299](https://github.com/n8n-io/n8n/issues/10299)) ([1eba7c3](https://github.com/n8n-io/n8n/commit/1eba7c3c763ac5b6b28c1c6fc43fc8c215249292))
+* **core:** Surface enterprise trial error message ([#10267](https://github.com/n8n-io/n8n/issues/10267)) ([432ac1d](https://github.com/n8n-io/n8n/commit/432ac1da59e173ce4c0f2abbc416743d9953ba70))
+* **core:** Upgrade tournament to address some XSS vulnerabilities ([#10277](https://github.com/n8n-io/n8n/issues/10277)) ([43ae159](https://github.com/n8n-io/n8n/commit/43ae159ea40c574f8e41bdfd221ab2bf3268eee7))
+* **core:** VM2 sandbox should not throw on `new Promise` ([#10298](https://github.com/n8n-io/n8n/issues/10298)) ([7e95f9e](https://github.com/n8n-io/n8n/commit/7e95f9e2e40a99871f1b6abcdacb39ac5f857332))
+* **core:** Webhook and form baseUrl missing ([#10290](https://github.com/n8n-io/n8n/issues/10290)) ([8131d66](https://github.com/n8n-io/n8n/commit/8131d66f8ca1b1da00597a12859ee4372148a0c9))
+* **editor:** Enable moving resources only if team projects are available by the license ([#10271](https://github.com/n8n-io/n8n/issues/10271)) ([42ba884](https://github.com/n8n-io/n8n/commit/42ba8841c401126c77158a53dc8fcbb45dfce8fd))
+* **editor:** Fix execution retry button ([#10275](https://github.com/n8n-io/n8n/issues/10275)) ([55f2ffe](https://github.com/n8n-io/n8n/commit/55f2ffe256c91a028cee95c3bbb37a093a1c0f81))
+* **editor:** Update design system Avatar component to show initials also when only firstName or lastName is given ([#10308](https://github.com/n8n-io/n8n/issues/10308)) ([46bbf09](https://github.com/n8n-io/n8n/commit/46bbf09beacad12472d91786b91d845fe2afb26d))
+* **editor:** Update tags filter/editor to not show non existing tag as a selectable option ([#10297](https://github.com/n8n-io/n8n/issues/10297)) ([557a76e](https://github.com/n8n-io/n8n/commit/557a76ec2326de72fb7a8b46fc4353f8fd9b591d))
+* **Invoice Ninja Node:** Fix payment types ([#10196](https://github.com/n8n-io/n8n/issues/10196)) ([c5acbb7](https://github.com/n8n-io/n8n/commit/c5acbb7ec0d24ec9b30c221fa3b2fb615fb9ec7f))
+* Loop node no input data shown ([#10224](https://github.com/n8n-io/n8n/issues/10224)) ([c8ee852](https://github.com/n8n-io/n8n/commit/c8ee852159207be0cfe2c3e0ee8e7b29d838aa35))
+
+
+### Features
+
+* **core:** Allow filtering executions and users by project in Public API  ([#10250](https://github.com/n8n-io/n8n/issues/10250)) ([7056e50](https://github.com/n8n-io/n8n/commit/7056e50b006bda665f64ce6234c5c1967891c415))
+* **core:** Allow transferring credentials in Public API ([#10259](https://github.com/n8n-io/n8n/issues/10259)) ([07d7b24](https://github.com/n8n-io/n8n/commit/07d7b247f02a9d7185beca7817deb779a3d665dd))
+* **core:** Show sub-node error on the logs pane. Open logs pane on sub-node error ([#10248](https://github.com/n8n-io/n8n/issues/10248)) ([57d1c9a](https://github.com/n8n-io/n8n/commit/57d1c9a99e97308f2f1b8ae05ac3861a835e8e5a))
+* **core:** Support community packages in scaling-mode  ([#10228](https://github.com/n8n-io/n8n/issues/10228)) ([88086a4](https://github.com/n8n-io/n8n/commit/88086a41ff5b804b35aa9d9503dc2d48836fe4ec))
+* **core:** Support create, delete, edit role for users in Public API ([#10279](https://github.com/n8n-io/n8n/issues/10279)) ([84efbd9](https://github.com/n8n-io/n8n/commit/84efbd9b9c51f536b21a4f969ab607d277bef692))
+* **core:** Support create, read, update, delete projects in Public API ([#10269](https://github.com/n8n-io/n8n/issues/10269)) ([489ce10](https://github.com/n8n-io/n8n/commit/489ce100634c3af678fb300e9a39d273042542e6))
+* **editor:** Auto-add LLM chain for new LLM nodes on empty canvas ([#10245](https://github.com/n8n-io/n8n/issues/10245)) ([06419d9](https://github.com/n8n-io/n8n/commit/06419d9483ae916e79aace6d8c17e265b419b15d))
+* **Elasticsearch Node:** Add bulk operations for Elasticsearch ([#9940](https://github.com/n8n-io/n8n/issues/9940)) ([bf8f848](https://github.com/n8n-io/n8n/commit/bf8f848645dfd31527713a55bd1fc93865327017))
+* **Lemlist Trigger Node:** Update Trigger events ([#10311](https://github.com/n8n-io/n8n/issues/10311)) ([15f10ec](https://github.com/n8n-io/n8n/commit/15f10ec325cb5eda0f952bed3a5f171dd91bc639))
+* **MongoDB Node:** Add projection to query options on Find ([#9972](https://github.com/n8n-io/n8n/issues/9972)) ([0a84e0d](https://github.com/n8n-io/n8n/commit/0a84e0d8b047669f5cf023c21383d01c929c5b4f))
+* **Postgres Chat Memory, Redis Chat Memory, Xata:** Add support for context window length ([#10203](https://github.com/n8n-io/n8n/issues/10203)) ([e3edeaa](https://github.com/n8n-io/n8n/commit/e3edeaa03526f041d15d1099ea91869e38a0decc))
+* **Stripe Trigger Node:** Add Stripe webhook descriptions based on the workflow ID and name ([#9956](https://github.com/n8n-io/n8n/issues/9956)) ([3433465](https://github.com/n8n-io/n8n/commit/34334651e0e6874736a437a894176bed4590e5a7))
+* **Webflow Node:** Update to use the v2 API ([#9996](https://github.com/n8n-io/n8n/issues/9996)) ([6d8323f](https://github.com/n8n-io/n8n/commit/6d8323fadea8af04483eb1a873df0cf3ccc2a891))
+
+
+
 # [1.53.0](https://github.com/n8n-io/n8n/compare/n8n@1.52.0...n8n@1.53.0) (2024-07-31)
 
 
diff --git a/README.md b/README.md
index 145ecab8c62d6..d51ac596cad65 100644
--- a/README.md
+++ b/README.md
@@ -95,8 +95,8 @@ development environment ready in minutes.
 ## License
 
 n8n is [fair-code](https://faircode.io) distributed under the
-[**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md) and the
-[**n8n Enterprise License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE_EE.md).
+[**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/LICENSE.md) and the
+[**n8n Enterprise License**](https://github.com/n8n-io/n8n/blob/master/LICENSE_EE.md).
 
 Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
 
diff --git a/cypress/composables/projects.ts b/cypress/composables/projects.ts
index 6fa2c6f502a3e..84379088d1a39 100644
--- a/cypress/composables/projects.ts
+++ b/cypress/composables/projects.ts
@@ -1,41 +1,45 @@
 import { CredentialsModal, WorkflowPage } from '../pages';
+import { getVisibleSelect } from '../utils';
 
 const workflowPage = new WorkflowPage();
 const credentialsModal = new CredentialsModal();
 
 export const getHomeButton = () => cy.getByTestId('project-home-menu-item');
 export const getMenuItems = () => cy.getByTestId('project-menu-item');
-export const getAddProjectButton = () => cy.getByTestId('add-project-menu-item');
+export const getAddProjectButton = () =>
+	cy.getByTestId('add-project-menu-item').should('contain', 'Add project').should('be.visible');
 export const getProjectTabs = () => cy.getByTestId('project-tabs').find('a');
 export const getProjectTabWorkflows = () => getProjectTabs().filter('a[href$="/workflows"]');
 export const getProjectTabCredentials = () => getProjectTabs().filter('a[href$="/credentials"]');
 export const getProjectTabSettings = () => getProjectTabs().filter('a[href$="/settings"]');
-export const getProjectSettingsNameInput = () => cy.getByTestId('project-settings-name-input');
+export const getProjectSettingsNameInput = () =>
+	cy.getByTestId('project-settings-name-input').find('input');
 export const getProjectSettingsSaveButton = () => cy.getByTestId('project-settings-save-button');
 export const getProjectSettingsCancelButton = () =>
 	cy.getByTestId('project-settings-cancel-button');
 export const getProjectSettingsDeleteButton = () =>
 	cy.getByTestId('project-settings-delete-button');
 export const getProjectMembersSelect = () => cy.getByTestId('project-members-select');
-export const addProjectMember = (email: string) => {
+export const addProjectMember = (email: string, role?: string) => {
 	getProjectMembersSelect().click();
 	getProjectMembersSelect().get('.el-select-dropdown__item').contains(email.toLowerCase()).click();
+
+	if (role) {
+		cy.getByTestId(`user-list-item-${email}`)
+			.find('[data-test-id="projects-settings-user-role-select"]')
+			.click();
+		getVisibleSelect().find('li').contains(role).click();
+	}
 };
-export const getProjectNameInput = () => cy.get('#projectName').find('input');
 export const getResourceMoveModal = () => cy.getByTestId('project-move-resource-modal');
 export const getResourceMoveConfirmModal = () =>
 	cy.getByTestId('project-move-resource-confirm-modal');
 export const getProjectMoveSelect = () => cy.getByTestId('project-move-resource-modal-select');
 
 export function createProject(name: string) {
-	getAddProjectButton().should('be.visible').click();
+	getAddProjectButton().click();
 
-	getProjectNameInput()
-		.should('be.visible')
-		.should('be.focused')
-		.should('have.value', 'My project')
-		.clear()
-		.type(name);
+	getProjectSettingsNameInput().should('be.visible').clear().type(name);
 	getProjectSettingsSaveButton().click();
 }
 
@@ -46,7 +50,7 @@ export function createWorkflow(fixtureKey: string, name: string) {
 	workflowPage.actions.zoomToFit();
 }
 
-export function createCredential(name: string) {
+export function createCredential(name: string, closeModal = true) {
 	credentialsModal.getters.newCredentialModal().should('be.visible');
 	credentialsModal.getters.newCredentialTypeSelect().should('be.visible');
 	credentialsModal.getters.newCredentialTypeOption('Notion API').click();
@@ -54,13 +58,8 @@ export function createCredential(name: string) {
 	credentialsModal.getters.connectionParameter('Internal Integration Secret').type('1234567890');
 	credentialsModal.actions.setName(name);
 	credentialsModal.actions.save();
-	credentialsModal.actions.close();
-}
 
-export const actions = {
-	createProject: (name: string) => {
-		getAddProjectButton().click();
-		getProjectSettingsNameInput().type(name);
-		getProjectSettingsSaveButton().click();
-	},
-};
+	if (closeModal) {
+		credentialsModal.actions.close();
+	}
+}
diff --git a/cypress/constants.ts b/cypress/constants.ts
index 8439952ac7b81..6f7e7b978d317 100644
--- a/cypress/constants.ts
+++ b/cypress/constants.ts
@@ -37,6 +37,7 @@ export const INSTANCE_MEMBERS = [
 export const MANUAL_TRIGGER_NODE_NAME = 'Manual Trigger';
 export const MANUAL_TRIGGER_NODE_DISPLAY_NAME = 'When clicking ‘Test workflow’';
 export const MANUAL_CHAT_TRIGGER_NODE_NAME = 'Chat Trigger';
+export const CHAT_TRIGGER_NODE_DISPLAY_NAME = 'When chat message received';
 export const SCHEDULE_TRIGGER_NODE_NAME = 'Schedule Trigger';
 export const CODE_NODE_NAME = 'Code';
 export const SET_NODE_NAME = 'Set';
@@ -57,6 +58,7 @@ export const AI_TOOL_CODE_NODE_NAME = 'Code Tool';
 export const AI_TOOL_WIKIPEDIA_NODE_NAME = 'Wikipedia';
 export const AI_TOOL_HTTP_NODE_NAME = 'HTTP Request Tool';
 export const AI_LANGUAGE_MODEL_OPENAI_CHAT_MODEL_NODE_NAME = 'OpenAI Chat Model';
+export const AI_MEMORY_POSTGRES_NODE_NAME = 'Postgres Chat Memory';
 export const AI_OUTPUT_PARSER_AUTO_FIXING_NODE_NAME = 'Auto-fixing Output Parser';
 export const WEBHOOK_NODE_NAME = 'Webhook';
 
diff --git a/cypress/e2e/12-canvas-actions.cy.ts b/cypress/e2e/12-canvas-actions.cy.ts
index 9b05cb84d4130..53dad1cc89669 100644
--- a/cypress/e2e/12-canvas-actions.cy.ts
+++ b/cypress/e2e/12-canvas-actions.cy.ts
@@ -145,7 +145,16 @@ describe('Canvas Actions', () => {
 		});
 	});
 
-	it('should delete connections by pressing the delete button', () => {
+	it('should delete node by pressing keyboard backspace', () => {
+		WorkflowPage.actions.addNodeToCanvas(MANUAL_TRIGGER_NODE_NAME);
+		WorkflowPage.getters.canvasNodeByName(MANUAL_TRIGGER_NODE_DISPLAY_NAME).click();
+		WorkflowPage.actions.addNodeToCanvas(CODE_NODE_NAME);
+		WorkflowPage.getters.canvasNodeByName(CODE_NODE_NAME).click();
+		cy.get('body').type('{backspace}');
+		WorkflowPage.getters.nodeConnections().should('have.length', 0);
+	});
+
+	it('should delete connections by clicking on the delete button', () => {
 		WorkflowPage.actions.addNodeToCanvas(MANUAL_TRIGGER_NODE_NAME);
 		WorkflowPage.getters.canvasNodeByName(MANUAL_TRIGGER_NODE_DISPLAY_NAME).click();
 		WorkflowPage.actions.addNodeToCanvas(CODE_NODE_NAME);
diff --git a/cypress/e2e/14-mapping.cy.ts b/cypress/e2e/14-mapping.cy.ts
index 2a33aee5c0ee1..2e405e69e88c4 100644
--- a/cypress/e2e/14-mapping.cy.ts
+++ b/cypress/e2e/14-mapping.cy.ts
@@ -44,7 +44,7 @@ describe('Data mapping', () => {
 		ndv.actions.mapDataFromHeader(2, 'value');
 		ndv.getters
 			.inlineExpressionEditorInput()
-			.should('have.text', "{{ $json.timestamp }} {{ $json['Readable date'] }}");
+			.should('have.text', "{{ $json['Readable date'] }}{{ $json.timestamp }}");
 	});
 
 	it('maps expressions from table json, and resolves value based on hover', () => {
@@ -145,8 +145,8 @@ describe('Data mapping', () => {
 		ndv.actions.mapToParameter('value');
 		ndv.getters
 			.inlineExpressionEditorInput()
-			.should('have.text', '{{ $json.input[0].count }} {{ $json.input }}');
-		ndv.actions.validateExpressionPreview('value', '0 [object Object]');
+			.should('have.text', '{{ $json.input }}{{ $json.input[0].count }}');
+		ndv.actions.validateExpressionPreview('value', '[object Object]0');
 	});
 
 	it('maps expressions from schema view', () => {
@@ -170,8 +170,8 @@ describe('Data mapping', () => {
 		ndv.actions.mapToParameter('value');
 		ndv.getters
 			.inlineExpressionEditorInput()
-			.should('have.text', '{{ $json.input[0].count }} {{ $json.input }}');
-		ndv.actions.validateExpressionPreview('value', '0 [object Object]');
+			.should('have.text', '{{ $json.input }}{{ $json.input[0].count }}');
+		ndv.actions.validateExpressionPreview('value', '[object Object]0');
 	});
 
 	it('maps expressions from previous nodes', () => {
@@ -200,17 +200,17 @@ describe('Data mapping', () => {
 			.inlineExpressionEditorInput()
 			.should(
 				'have.text',
-				`{{ $('${SCHEDULE_TRIGGER_NODE_NAME}').item.json.input[0].count }} {{ $('${SCHEDULE_TRIGGER_NODE_NAME}').item.json.input }}`,
+				`{{ $('${SCHEDULE_TRIGGER_NODE_NAME}').item.json.input }}{{ $('${SCHEDULE_TRIGGER_NODE_NAME}').item.json.input[0].count }}`,
 			);
 
 		ndv.actions.selectInputNode('Set');
 
 		ndv.getters.executingLoader().should('not.exist');
 		ndv.getters.inputDataContainer().should('exist');
-		ndv.actions.validateExpressionPreview('value', '0 [object Object]');
+		ndv.actions.validateExpressionPreview('value', '[object Object]0');
 
 		ndv.getters.inputTbodyCell(2, 0).realHover();
-		ndv.actions.validateExpressionPreview('value', '1 [object Object]');
+		ndv.actions.validateExpressionPreview('value', '[object Object]1');
 	});
 
 	it('maps keys to path', () => {
@@ -284,8 +284,8 @@ describe('Data mapping', () => {
 		ndv.actions.mapToParameter('value');
 		ndv.getters
 			.inlineExpressionEditorInput()
-			.should('have.text', '{{ $json.input[0].count }} {{ $json.input }}');
-		ndv.actions.validateExpressionPreview('value', '0 [object Object]');
+			.should('have.text', '{{ $json.input }}{{ $json.input[0].count }}');
+		ndv.actions.validateExpressionPreview('value', '[object Object]0');
 	});
 
 	it('renders expression preview when a previous node is selected', () => {
@@ -342,4 +342,27 @@ describe('Data mapping', () => {
 			.invoke('css', 'border')
 			.should('include', 'dashed rgb(90, 76, 194)');
 	});
+
+	it('maps expressions to a specific location in the editor', () => {
+		cy.fixture('Test_workflow_3.json').then((data) => {
+			cy.get('body').paste(JSON.stringify(data));
+		});
+		workflowPage.actions.zoomToFit();
+
+		workflowPage.actions.openNode('Set');
+		ndv.actions.clearParameterInput('value');
+		ndv.actions.typeIntoParameterInput('value', '=');
+		ndv.actions.typeIntoParameterInput('value', 'hello world{enter}{enter}newline');
+
+		ndv.getters.inputDataContainer().should('exist').find('span').contains('count').realMouseDown();
+
+		ndv.actions.mapToParameter('value');
+
+		ndv.getters.inputDataContainer().find('span').contains('input').realMouseDown();
+		ndv.actions.mapToParameter('value', 'bottom');
+
+		ndv.getters
+			.inlineExpressionEditorInput()
+			.should('have.text', '{{ $json.input[0].count }}hello worldnewline{{ $json.input }}');
+	});
 });
diff --git a/cypress/e2e/17-sharing.cy.ts b/cypress/e2e/17-sharing.cy.ts
index 54c5e6efe202c..64769ae1935b8 100644
--- a/cypress/e2e/17-sharing.cy.ts
+++ b/cypress/e2e/17-sharing.cy.ts
@@ -7,7 +7,7 @@ import {
 	WorkflowSharingModal,
 	WorkflowsPage,
 } from '../pages';
-import { getVisibleSelect } from '../utils';
+import { getVisibleDropdown, getVisibleSelect } from '../utils';
 import * as projects from '../composables/projects';
 
 /**
@@ -192,11 +192,79 @@ describe('Sharing', { disableAutoLogin: true }, () => {
 		credentialsModal.actions.saveSharing();
 		credentialsModal.actions.close();
 	});
+
+	it('credentials should work between team and personal projects', () => {
+		cy.resetDatabase();
+		cy.enableFeature('sharing');
+		cy.enableFeature('advancedPermissions');
+		cy.enableFeature('projectRole:admin');
+		cy.enableFeature('projectRole:editor');
+		cy.changeQuota('maxTeamProjects', -1);
+
+		cy.signinAsOwner();
+		cy.visit('/');
+
+		projects.createProject('Development');
+
+		projects.getHomeButton().click();
+		workflowsPage.getters.newWorkflowButtonCard().click();
+		projects.createWorkflow('Test_workflow_1.json', 'Test workflow');
+
+		projects.getHomeButton().click();
+		projects.getProjectTabCredentials().click();
+		credentialsPage.getters.emptyListCreateCredentialButton().click();
+		projects.createCredential('Notion API');
+
+		credentialsPage.getters.credentialCard('Notion API').click();
+		credentialsModal.actions.changeTab('Sharing');
+		credentialsModal.getters.usersSelect().click();
+		getVisibleSelect()
+			.find('li')
+			.should('have.length', 4)
+			.filter(':contains("Development")')
+			.should('have.length', 1)
+			.click();
+		credentialsModal.getters.saveButton().click();
+		credentialsModal.actions.close();
+
+		projects.getProjectTabWorkflows().click();
+		workflowsPage.getters.workflowCardActions('Test workflow').click();
+		getVisibleDropdown().find('li').contains('Share').click();
+
+		workflowSharingModal.getters.usersSelect().filter(':visible').click();
+		getVisibleSelect().find('li').should('have.length', 3).first().click();
+		workflowSharingModal.getters.saveButton().click();
+
+		projects.getMenuItems().first().click();
+		workflowsPage.getters.newWorkflowButtonCard().click();
+		projects.createWorkflow('Test_workflow_1.json', 'Test workflow 2');
+		workflowPage.actions.openShareModal();
+		workflowSharingModal.getters.usersSelect().should('not.exist');
+
+		cy.get('body').type('{esc}');
+
+		projects.getMenuItems().first().click();
+		projects.getProjectTabCredentials().click();
+		credentialsPage.getters.createCredentialButton().click();
+		projects.createCredential('Notion API 2', false);
+		credentialsModal.actions.changeTab('Sharing');
+		credentialsModal.getters.usersSelect().click();
+		getVisibleSelect().find('li').should('have.length', 4).first().click();
+		credentialsModal.getters.saveButton().click();
+		credentialsModal.actions.close();
+
+		credentialsPage.getters
+			.credentialCards()
+			.should('have.length', 2)
+			.filter(':contains("Owned by me")')
+			.should('have.length', 1);
+	});
 });
 
 describe('Credential Usage in Cross Shared Workflows', () => {
 	beforeEach(() => {
 		cy.resetDatabase();
+		cy.enableFeature('sharing');
 		cy.enableFeature('advancedPermissions');
 		cy.enableFeature('projectRole:admin');
 		cy.enableFeature('projectRole:editor');
@@ -207,23 +275,18 @@ describe('Credential Usage in Cross Shared Workflows', () => {
 	});
 
 	it('should only show credentials from the same team project', () => {
-		cy.enableFeature('advancedPermissions');
-		cy.enableFeature('projectRole:admin');
-		cy.enableFeature('projectRole:editor');
-		cy.changeQuota('maxTeamProjects', -1);
-
 		// Create a notion credential in the home project
 		credentialsPage.getters.emptyListCreateCredentialButton().click();
 		credentialsModal.actions.createNewCredential('Notion API');
 
 		// Create a notion credential in one project
-		projects.actions.createProject('Development');
+		projects.createProject('Development');
 		projects.getProjectTabCredentials().click();
 		credentialsPage.getters.emptyListCreateCredentialButton().click();
 		credentialsModal.actions.createNewCredential('Notion API');
 
 		// Create a notion credential in another project
-		projects.actions.createProject('Test');
+		projects.createProject('Test');
 		projects.getProjectTabCredentials().click();
 		credentialsPage.getters.emptyListCreateCredentialButton().click();
 		credentialsModal.actions.createNewCredential('Notion API');
@@ -238,10 +301,36 @@ describe('Credential Usage in Cross Shared Workflows', () => {
 		getVisibleSelect().find('li').should('have.length', 2);
 	});
 
+	it('should only show credentials in their personal project for members', () => {
+		// Create a notion credential as the owner
+		credentialsPage.getters.emptyListCreateCredentialButton().click();
+		credentialsModal.actions.createNewCredential('Notion API');
+
+		// Create another notion credential as the owner, but share it with member
+		// 0
+		credentialsPage.getters.createCredentialButton().click();
+		credentialsModal.actions.createNewCredential('Notion API', false);
+		credentialsModal.actions.changeTab('Sharing');
+		credentialsModal.actions.addUser(INSTANCE_MEMBERS[0].email);
+		credentialsModal.actions.saveSharing();
+
+		// As the member, create a new notion credential and a workflow
+		cy.signinAsMember();
+		cy.visit(credentialsPage.url);
+		credentialsPage.getters.createCredentialButton().click();
+		credentialsModal.actions.createNewCredential('Notion API');
+		cy.visit(workflowsPage.url);
+		workflowsPage.actions.createWorkflowFromCard();
+		workflowPage.actions.addNodeToCanvas(NOTION_NODE_NAME, true, true);
+
+		// Only the own credential the shared one (+ the 'Create new' option)
+		// should be in the dropdown
+		workflowPage.getters.nodeCredentialsSelect().click();
+		getVisibleSelect().find('li').should('have.length', 3);
+	});
+
 	it('should only show credentials in their personal project for members if the workflow was shared with them', () => {
 		const workflowName = 'Test workflow';
-		cy.enableFeature('sharing');
-		cy.reload();
 
 		// Create a notion credential as the owner and a workflow that is shared
 		// with member 0
@@ -272,7 +361,6 @@ describe('Credential Usage in Cross Shared Workflows', () => {
 
 	it("should show all credentials from all personal projects the workflow's been shared into for the global owner", () => {
 		const workflowName = 'Test workflow';
-		cy.enableFeature('sharing');
 
 		// As member 1, create a new notion credential. This should not show up.
 		cy.signinAsMember(1);
@@ -317,8 +405,6 @@ describe('Credential Usage in Cross Shared Workflows', () => {
 	});
 
 	it('should show all personal credentials if the global owner owns the workflow', () => {
-		cy.enableFeature('sharing');
-
 		// As member 0, create a new notion credential.
 		cy.signinAsMember();
 		cy.visit(credentialsPage.url);
diff --git a/cypress/e2e/17-workflow-tags.cy.ts b/cypress/e2e/17-workflow-tags.cy.ts
index 86b18560eb2f5..b9b8137d9eb79 100644
--- a/cypress/e2e/17-workflow-tags.cy.ts
+++ b/cypress/e2e/17-workflow-tags.cy.ts
@@ -1,4 +1,5 @@
 import { WorkflowPage } from '../pages';
+import { getVisibleSelect } from '../utils';
 
 const wf = new WorkflowPage();
 
@@ -68,4 +69,20 @@ describe('Workflow tags', () => {
 		cy.get('body').click(0, 0);
 		wf.getters.tagPills().should('have.length', TEST_TAGS.length - 1);
 	});
+
+	it('should not show non existing tag as a selectable option', () => {
+		const NON_EXISTING_TAG = 'My Test Tag';
+
+		wf.getters.createTagButton().click();
+		wf.actions.addTags(TEST_TAGS);
+		cy.get('body').click(0, 0);
+		wf.getters.workflowTags().click();
+		wf.getters.tagsDropdown().find('input:focus').type(NON_EXISTING_TAG);
+
+		getVisibleSelect()
+			.find('li')
+			.should('have.length', 2)
+			.filter(`:contains("${NON_EXISTING_TAG}")`)
+			.should('not.have.length');
+	});
 });
diff --git a/cypress/e2e/233-AI-switch-to-logs-on-error.cy.ts b/cypress/e2e/233-AI-switch-to-logs-on-error.cy.ts
new file mode 100644
index 0000000000000..4c733df90dc48
--- /dev/null
+++ b/cypress/e2e/233-AI-switch-to-logs-on-error.cy.ts
@@ -0,0 +1,279 @@
+import type { ExecutionError } from 'n8n-workflow/src';
+import { NDV, WorkflowPage as WorkflowPageClass } from '../pages';
+import {
+	addLanguageModelNodeToParent,
+	addMemoryNodeToParent,
+	addNodeToCanvas,
+	addToolNodeToParent,
+	navigateToNewWorkflowPage,
+	openNode,
+} from '../composables/workflow';
+import {
+	AGENT_NODE_NAME,
+	AI_LANGUAGE_MODEL_OPENAI_CHAT_MODEL_NODE_NAME,
+	AI_MEMORY_POSTGRES_NODE_NAME,
+	AI_TOOL_CALCULATOR_NODE_NAME,
+	CHAT_TRIGGER_NODE_DISPLAY_NAME,
+	MANUAL_CHAT_TRIGGER_NODE_NAME,
+	MANUAL_TRIGGER_NODE_DISPLAY_NAME,
+	MANUAL_TRIGGER_NODE_NAME,
+} from '../constants';
+import {
+	clickCreateNewCredential,
+	clickExecuteNode,
+	clickGetBackToCanvas,
+} from '../composables/ndv';
+import { setCredentialValues } from '../composables/modals/credential-modal';
+import {
+	closeManualChatModal,
+	getManualChatMessages,
+	getManualChatModalLogs,
+	getManualChatModalLogsEntries,
+	sendManualChatMessage,
+} from '../composables/modals/chat-modal';
+import { createMockNodeExecutionData, getVisibleSelect, runMockWorkflowExecution } from '../utils';
+
+const ndv = new NDV();
+const WorkflowPage = new WorkflowPageClass();
+
+function createRunDataWithError(inputMessage: string) {
+	return [
+		createMockNodeExecutionData(MANUAL_CHAT_TRIGGER_NODE_NAME, {
+			jsonData: {
+				main: { input: inputMessage },
+			},
+		}),
+		createMockNodeExecutionData(AI_MEMORY_POSTGRES_NODE_NAME, {
+			jsonData: {
+				ai_memory: {
+					json: {
+						action: 'loadMemoryVariables',
+						values: {
+							input: inputMessage,
+							system_message: 'You are a helpful assistant',
+							formatting_instructions:
+								'IMPORTANT: Always call `format_final_response` to format your final response!',
+						},
+					},
+				},
+			},
+			inputOverride: {
+				ai_memory: [
+					[
+						{
+							json: {
+								action: 'loadMemoryVariables',
+								values: {
+									input: inputMessage,
+									system_message: 'You are a helpful assistant',
+									formatting_instructions:
+										'IMPORTANT: Always call `format_final_response` to format your final response!',
+								},
+							},
+						},
+					],
+				],
+			},
+			error: {
+				message: 'Internal error',
+				timestamp: 1722591723244,
+				name: 'NodeOperationError',
+				description: 'Internal error',
+				context: {},
+				cause: {
+					name: 'error',
+					severity: 'FATAL',
+					code: '3D000',
+					file: 'postinit.c',
+					line: '885',
+					routine: 'InitPostgres',
+				} as unknown as Error,
+			} as ExecutionError,
+		}),
+		createMockNodeExecutionData(AGENT_NODE_NAME, {
+			executionStatus: 'error',
+			error: {
+				level: 'error',
+				tags: {
+					packageName: 'workflow',
+				},
+				context: {},
+				functionality: 'configuration-node',
+				name: 'NodeOperationError',
+				timestamp: 1722591723244,
+				node: {
+					parameters: {
+						notice: '',
+						sessionIdType: 'fromInput',
+						tableName: 'n8n_chat_histories',
+					},
+					id: '6b9141da-0135-4e9d-94d1-2d658cbf48b5',
+					name: 'Postgres Chat Memory',
+					type: '@n8n/n8n-nodes-langchain.memoryPostgresChat',
+					typeVersion: 1,
+					position: [1140, 500],
+					credentials: {
+						postgres: {
+							id: 'RkyZetVpGsSfEAhQ',
+							name: 'Postgres account',
+						},
+					},
+				},
+				messages: ['database "chat11" does not exist'],
+				description: 'Internal error',
+				message: 'Internal error',
+			} as unknown as ExecutionError,
+			metadata: {
+				subRun: [
+					{
+						node: 'Postgres Chat Memory',
+						runIndex: 0,
+					},
+				],
+			},
+		}),
+	];
+}
+
+function setupTestWorkflow(chatTrigger: boolean = false) {
+	// Setup test workflow with AI Agent, Postgres Memory Node (source of error), Calculator Tool, and OpenAI Chat Model
+	if (chatTrigger) {
+		addNodeToCanvas(MANUAL_CHAT_TRIGGER_NODE_NAME, true);
+	} else {
+		addNodeToCanvas(MANUAL_TRIGGER_NODE_NAME, true);
+	}
+
+	addNodeToCanvas(AGENT_NODE_NAME, true);
+
+	if (!chatTrigger) {
+		// Remove chat trigger
+		WorkflowPage.getters
+			.canvasNodeByName(CHAT_TRIGGER_NODE_DISPLAY_NAME)
+			.find('[data-test-id="delete-node-button"]')
+			.click({ force: true });
+
+		// Set manual trigger to output standard pinned data
+		openNode(MANUAL_TRIGGER_NODE_DISPLAY_NAME);
+		ndv.actions.editPinnedData();
+		ndv.actions.savePinnedData();
+		ndv.actions.close();
+	}
+
+	// Calculator is added just to make OpenAI Chat Model work (tools can not be empty with OpenAI model)
+	addToolNodeToParent(AI_TOOL_CALCULATOR_NODE_NAME, AGENT_NODE_NAME);
+	clickGetBackToCanvas();
+
+	addMemoryNodeToParent(AI_MEMORY_POSTGRES_NODE_NAME, AGENT_NODE_NAME);
+
+	clickCreateNewCredential();
+	setCredentialValues({
+		password: 'testtesttest',
+	});
+
+	ndv.getters.parameterInput('sessionIdType').click();
+	getVisibleSelect().contains('Define below').click();
+	ndv.getters.parameterInput('sessionKey').type('asdasd');
+
+	clickGetBackToCanvas();
+
+	addLanguageModelNodeToParent(
+		AI_LANGUAGE_MODEL_OPENAI_CHAT_MODEL_NODE_NAME,
+		AGENT_NODE_NAME,
+		true,
+	);
+
+	clickCreateNewCredential();
+	setCredentialValues({
+		apiKey: 'sk_test_123',
+	});
+	clickGetBackToCanvas();
+
+	WorkflowPage.actions.zoomToFit();
+}
+
+function checkMessages(inputMessage: string, outputMessage: string) {
+	const messages = getManualChatMessages();
+	messages.should('have.length', 2);
+	messages.should('contain', inputMessage);
+	messages.should('contain', outputMessage);
+
+	getManualChatModalLogs().should('exist');
+	getManualChatModalLogsEntries()
+		.should('have.length', 1)
+		.should('contain', AI_MEMORY_POSTGRES_NODE_NAME);
+}
+
+describe("AI-233 Make root node's logs pane active in case of an error in sub-nodes", () => {
+	beforeEach(() => {
+		navigateToNewWorkflowPage();
+	});
+
+	it('should open logs tab by default when there was an error', () => {
+		setupTestWorkflow(true);
+
+		openNode(AGENT_NODE_NAME);
+
+		const inputMessage = 'Test the code tool';
+
+		clickExecuteNode();
+		runMockWorkflowExecution({
+			trigger: () => sendManualChatMessage(inputMessage),
+			runData: createRunDataWithError(inputMessage),
+			lastNodeExecuted: AGENT_NODE_NAME,
+		});
+
+		checkMessages(inputMessage, '[ERROR: Internal error]');
+		closeManualChatModal();
+
+		// Open the AI Agent node to see the logs
+		openNode(AGENT_NODE_NAME);
+
+		// Finally check that logs pane is opened by default
+		ndv.getters.outputDataContainer().should('be.visible');
+
+		ndv.getters.aiOutputModeToggle().should('be.visible');
+		ndv.getters
+			.aiOutputModeToggle()
+			.find('[role="radio"]')
+			.should('have.length', 2)
+			.eq(1)
+			.should('have.attr', 'aria-checked', 'true');
+
+		ndv.getters
+			.outputPanel()
+			.findChildByTestId('node-error-message')
+			.should('be.visible')
+			.should('contain', 'Error in sub-node');
+	});
+
+	it('should switch to logs tab on error, when NDV is already opened', () => {
+		setupTestWorkflow(false);
+
+		openNode(AGENT_NODE_NAME);
+
+		const inputMessage = 'Test the code tool';
+
+		runMockWorkflowExecution({
+			trigger: () => clickExecuteNode(),
+			runData: createRunDataWithError(inputMessage),
+			lastNodeExecuted: AGENT_NODE_NAME,
+		});
+
+		// Check that logs pane is opened by default
+		ndv.getters.outputDataContainer().should('be.visible');
+
+		ndv.getters.aiOutputModeToggle().should('be.visible');
+		ndv.getters
+			.aiOutputModeToggle()
+			.find('[role="radio"]')
+			.should('have.length', 2)
+			.eq(1)
+			.should('have.attr', 'aria-checked', 'true');
+
+		ndv.getters
+			.outputPanel()
+			.findChildByTestId('node-error-message')
+			.should('be.visible')
+			.should('contain', 'Error in sub-node');
+	});
+});
diff --git a/cypress/e2e/30-langchain.cy.ts b/cypress/e2e/30-langchain.cy.ts
index c1409a34f379b..c6d0f4ab4d3e7 100644
--- a/cypress/e2e/30-langchain.cy.ts
+++ b/cypress/e2e/30-langchain.cy.ts
@@ -10,7 +10,9 @@ import {
 	disableNode,
 	getExecuteWorkflowButton,
 	navigateToNewWorkflowPage,
+	getNodes,
 	openNode,
+	getConnectionBySourceAndTarget,
 } from '../composables/workflow';
 import {
 	clickCreateNewCredential,
@@ -41,6 +43,7 @@ import {
 	AI_TOOL_WIKIPEDIA_NODE_NAME,
 	BASIC_LLM_CHAIN_NODE_NAME,
 	EDIT_FIELDS_SET_NODE_NAME,
+	CHAT_TRIGGER_NODE_DISPLAY_NAME,
 } from './../constants';
 
 describe('Langchain Integration', () => {
@@ -331,4 +334,27 @@ describe('Langchain Integration', () => {
 
 		closeManualChatModal();
 	});
+
+	it('should auto-add chat trigger and basic LLM chain when adding LLM node', () => {
+		addNodeToCanvas(AI_LANGUAGE_MODEL_OPENAI_CHAT_MODEL_NODE_NAME, true);
+
+		getConnectionBySourceAndTarget(
+			CHAT_TRIGGER_NODE_DISPLAY_NAME,
+			BASIC_LLM_CHAIN_NODE_NAME,
+		).should('exist');
+
+		getConnectionBySourceAndTarget(
+			AI_LANGUAGE_MODEL_OPENAI_CHAT_MODEL_NODE_NAME,
+			BASIC_LLM_CHAIN_NODE_NAME,
+		).should('exist');
+		getNodes().should('have.length', 3);
+	});
+
+	it('should not auto-add nodes if AI nodes are already present', () => {
+		addNodeToCanvas(AGENT_NODE_NAME, true);
+
+		addNodeToCanvas(AI_LANGUAGE_MODEL_OPENAI_CHAT_MODEL_NODE_NAME, true);
+		getConnectionBySourceAndTarget(CHAT_TRIGGER_NODE_DISPLAY_NAME, AGENT_NODE_NAME).should('exist');
+		getNodes().should('have.length', 3);
+	});
 });
diff --git a/cypress/e2e/39-projects.cy.ts b/cypress/e2e/39-projects.cy.ts
index 94a6384233c2c..e2bf63df7dc46 100644
--- a/cypress/e2e/39-projects.cy.ts
+++ b/cypress/e2e/39-projects.cy.ts
@@ -1,9 +1,4 @@
-import {
-	INSTANCE_MEMBERS,
-	INSTANCE_OWNER,
-	MANUAL_TRIGGER_NODE_NAME,
-	NOTION_NODE_NAME,
-} from '../constants';
+import { INSTANCE_MEMBERS, MANUAL_TRIGGER_NODE_NAME, NOTION_NODE_NAME } from '../constants';
 import {
 	WorkflowsPage,
 	WorkflowPage,
@@ -11,9 +6,10 @@ import {
 	CredentialsPage,
 	WorkflowExecutionsTab,
 	NDV,
+	MainSidebar,
 } from '../pages';
 import * as projects from '../composables/projects';
-import { getVisibleSelect } from '../utils';
+import { getVisibleDropdown, getVisibleModalOverlay, getVisibleSelect } from '../utils';
 
 const workflowsPage = new WorkflowsPage();
 const workflowPage = new WorkflowPage();
@@ -21,6 +17,7 @@ const credentialsPage = new CredentialsPage();
 const credentialsModal = new CredentialsModal();
 const executionsTab = new WorkflowExecutionsTab();
 const ndv = new NDV();
+const mainSidebar = new MainSidebar();
 
 describe('Projects', { disableAutoLogin: true }, () => {
 	before(() => {
@@ -237,10 +234,30 @@ describe('Projects', { disableAutoLogin: true }, () => {
 		cy.signinAsMember(1);
 		cy.visit(workflowsPage.url);
 
-		projects.getAddProjectButton().should('not.exist');
+		cy.getByTestId('add-project-menu-item').should('not.exist');
 		projects.getMenuItems().should('not.exist');
 	});
 
+	it('should not show viewer role if not licensed', () => {
+		cy.signinAsOwner();
+		cy.visit(workflowsPage.url);
+
+		projects.getMenuItems().first().click();
+		projects.getProjectTabSettings().click();
+
+		cy.get(
+			`[data-test-id="user-list-item-${INSTANCE_MEMBERS[0].email}"] [data-test-id="projects-settings-user-role-select"]`,
+		).click();
+
+		cy.get('.el-select-dropdown__item.is-disabled')
+			.should('contain.text', 'Viewer')
+			.get('span:contains("Upgrade")')
+			.filter(':visible')
+			.click();
+
+		getVisibleModalOverlay().should('contain.text', 'Upgrade to unlock additional roles');
+	});
+
 	describe('when starting from scratch', () => {
 		beforeEach(() => {
 			cy.resetDatabase();
@@ -257,7 +274,7 @@ describe('Projects', { disableAutoLogin: true }, () => {
 
 			// Create a project and add a credential to it
 			cy.intercept('POST', '/rest/projects').as('projectCreate');
-			projects.getAddProjectButton().should('contain', 'Add project').should('be.visible').click();
+			projects.getAddProjectButton().click();
 			cy.wait('@projectCreate');
 			projects.getMenuItems().should('have.length', 1);
 			projects.getMenuItems().first().click();
@@ -418,7 +435,7 @@ describe('Projects', { disableAutoLogin: true }, () => {
 		});
 
 		it('should move resources between projects', () => {
-			cy.signin(INSTANCE_OWNER);
+			cy.signinAsOwner();
 			cy.visit(workflowsPage.url);
 
 			// Create a workflow and a credential in the Home project
@@ -563,5 +580,80 @@ describe('Projects', { disableAutoLogin: true }, () => {
 			projects.getProjectTabCredentials().click();
 			credentialsPage.getters.credentialCards().should('have.length', 2);
 		});
+
+		it('should handle viewer role', () => {
+			cy.enableFeature('projectRole:viewer');
+			cy.signinAsOwner();
+			cy.visit(workflowsPage.url);
+
+			projects.createProject('Development');
+			projects.addProjectMember(INSTANCE_MEMBERS[0].email, 'Viewer');
+			projects.getProjectSettingsSaveButton().click();
+
+			projects.getProjectTabWorkflows().click();
+			workflowsPage.getters.newWorkflowButtonCard().click();
+			projects.createWorkflow('Test_workflow_4_executions_view.json', 'WF with random error');
+			executionsTab.actions.createManualExecutions(2);
+			executionsTab.actions.toggleNodeEnabled('Error');
+			executionsTab.actions.createManualExecutions(2);
+			workflowPage.actions.saveWorkflowUsingKeyboardShortcut();
+
+			projects.getMenuItems().first().click();
+			projects.getProjectTabCredentials().click();
+			credentialsPage.getters.emptyListCreateCredentialButton().click();
+			projects.createCredential('Notion API');
+
+			mainSidebar.actions.openUserMenu();
+			cy.getByTestId('user-menu-item-logout').click();
+
+			cy.get('input[name="email"]').type(INSTANCE_MEMBERS[0].email);
+			cy.get('input[name="password"]').type(INSTANCE_MEMBERS[0].password);
+			cy.getByTestId('form-submit-button').click();
+
+			mainSidebar.getters.executions().click();
+			cy.getByTestId('global-execution-list-item').first().find('td:last button').click();
+			getVisibleDropdown()
+				.find('li')
+				.filter(':contains("Retry")')
+				.should('have.class', 'is-disabled');
+			getVisibleDropdown()
+				.find('li')
+				.filter(':contains("Delete")')
+				.should('have.class', 'is-disabled');
+
+			projects.getMenuItems().first().click();
+			cy.getByTestId('workflow-card-name').should('be.visible').first().click();
+			workflowPage.getters.nodeViewRoot().should('be.visible');
+			workflowPage.getters.executeWorkflowButton().should('not.exist');
+			workflowPage.getters.nodeCreatorPlusButton().should('not.exist');
+			workflowPage.getters.canvasNodes().should('have.length', 3).last().click();
+			cy.get('body').type('{backspace}');
+			workflowPage.getters.canvasNodes().should('have.length', 3).last().rightclick();
+			getVisibleDropdown()
+				.find('li')
+				.should('be.visible')
+				.filter(
+					':contains("Open"), :contains("Copy"), :contains("Select all"), :contains("Clear selection")',
+				)
+				.should('not.have.class', 'is-disabled');
+			cy.get('body').type('{esc}');
+
+			executionsTab.actions.switchToExecutionsTab();
+			cy.getByTestId('retry-execution-button')
+				.should('be.visible')
+				.find('.is-disabled')
+				.should('exist');
+			cy.get('button:contains("Debug")').should('be.disabled');
+			cy.get('button[title="Retry execution"]').should('be.disabled');
+			cy.get('button[title="Delete this execution"]').should('be.disabled');
+
+			projects.getMenuItems().first().click();
+			projects.getProjectTabCredentials().click();
+			credentialsPage.getters.credentialCards().filter(':contains("Notion")').click();
+			cy.getByTestId('node-credentials-config-container')
+				.should('be.visible')
+				.find('input')
+				.should('not.have.length');
+		});
 	});
 });
diff --git a/cypress/pages/ndv.ts b/cypress/pages/ndv.ts
index 018ec43a5de9c..1a80d79707c6d 100644
--- a/cypress/pages/ndv.ts
+++ b/cypress/pages/ndv.ts
@@ -24,6 +24,7 @@ export class NDV extends BasePage {
 		editPinnedDataButton: () => cy.getByTestId('ndv-edit-pinned-data'),
 		pinnedDataEditor: () => this.getters.outputPanel().find('.cm-editor .cm-scroller .cm-content'),
 		runDataPaneHeader: () => cy.getByTestId('run-data-pane-header'),
+		aiOutputModeToggle: () => cy.getByTestId('ai-output-mode-select'),
 		nodeOutputHint: () => cy.getByTestId('ndv-output-run-node-hint'),
 		savePinnedDataButton: () =>
 			this.getters.runDataPaneHeader().find('button').filter(':visible').contains('Save'),
@@ -204,9 +205,9 @@ export class NDV extends BasePage {
 			const droppable = `[data-test-id="parameter-input-${parameterName}"]`;
 			cy.draganddrop(draggable, droppable);
 		},
-		mapToParameter: (parameterName: string) => {
+		mapToParameter: (parameterName: string, position?: 'top' | 'center' | 'bottom') => {
 			const droppable = `[data-test-id="parameter-input-${parameterName}"]`;
-			cy.draganddrop('', droppable);
+			cy.draganddrop('', droppable, { position });
 		},
 		switchInputMode: (type: 'Schema' | 'Table' | 'JSON' | 'Binary') => {
 			this.getters.inputDisplayMode().find('label').contains(type).click({ force: true });
diff --git a/cypress/support/commands.ts b/cypress/support/commands.ts
index a7fa994289029..1f353ab7c51ce 100644
--- a/cypress/support/commands.ts
+++ b/cypress/support/commands.ts
@@ -175,7 +175,7 @@ Cypress.Commands.add('drag', (selector, pos, options) => {
 	});
 });
 
-Cypress.Commands.add('draganddrop', (draggableSelector, droppableSelector) => {
+Cypress.Commands.add('draganddrop', (draggableSelector, droppableSelector, options) => {
 	if (draggableSelector) {
 		cy.get(draggableSelector).should('exist');
 	}
@@ -197,7 +197,7 @@ Cypress.Commands.add('draganddrop', (draggableSelector, droppableSelector) => {
 			cy.get(droppableSelector).realMouseMove(0, 0);
 			cy.get(droppableSelector).realMouseMove(pageX, pageY);
 			cy.get(droppableSelector).realHover();
-			cy.get(droppableSelector).realMouseUp();
+			cy.get(droppableSelector).realMouseUp({ position: options?.position ?? 'top' });
 			if (draggableSelector) {
 				cy.get(draggableSelector).realMouseUp();
 			}
diff --git a/cypress/support/index.ts b/cypress/support/index.ts
index 9819e7c3a1d6b..7c1897b11f27e 100644
--- a/cypress/support/index.ts
+++ b/cypress/support/index.ts
@@ -12,6 +12,10 @@ interface SigninPayload {
 	password: string;
 }
 
+interface DragAndDropOptions {
+	position: 'top' | 'center' | 'bottom';
+}
+
 declare global {
 	namespace Cypress {
 		interface SuiteConfigOverrides {
@@ -56,7 +60,11 @@ declare global {
 				target: [number, number],
 				options?: { abs?: boolean; index?: number; realMouse?: boolean; clickToFinish?: boolean },
 			): void;
-			draganddrop(draggableSelector: string, droppableSelector: string): void;
+			draganddrop(
+				draggableSelector: string,
+				droppableSelector: string,
+				options?: Partial<DragAndDropOptions>,
+			): void;
 			push(type: string, data: unknown): void;
 			shouldNotHaveConsoleErrors(): void;
 			window(): Chainable<
diff --git a/docker/images/n8n/README.md b/docker/images/n8n/README.md
index d65459615086e..f7b45f9467502 100644
--- a/docker/images/n8n/README.md
+++ b/docker/images/n8n/README.md
@@ -230,6 +230,4 @@ Before you upgrade to the latest version make sure to check here if there are an
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/package.json b/package.json
index e05eeb9845f1b..5744497d771cd 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-monorepo",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "private": true,
   "engines": {
     "node": ">=20.15",
@@ -63,7 +63,7 @@
     ],
     "overrides": {
       "@types/node": "^18.16.16",
-      "axios": "1.6.7",
+      "axios": "1.7.3",
       "chokidar": "3.5.2",
       "esbuild": "^0.20.2",
       "formidable": "3.5.1",
diff --git a/packages/@n8n/chat/README.md b/packages/@n8n/chat/README.md
index 538d72ce0af91..0ed53a5774082 100644
--- a/packages/@n8n/chat/README.md
+++ b/packages/@n8n/chat/README.md
@@ -260,10 +260,5 @@ body,
 ```
 
 ## License
-n8n Chat is [fair-code](https://faircode.io) distributed under the
-[**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
 
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license model can be found in the
-[docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/@n8n/chat/package.json b/packages/@n8n/chat/package.json
index 5ba8a1c39f201..ea2cd454388b0 100644
--- a/packages/@n8n/chat/package.json
+++ b/packages/@n8n/chat/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@n8n/chat",
-  "version": "0.22.0",
+  "version": "0.23.0",
   "scripts": {
     "dev": "pnpm run storybook",
     "build": "pnpm build:vite && pnpm build:bundle",
@@ -40,12 +40,11 @@
     "markdown-it-link-attributes": "^4.0.1",
     "uuid": "catalog:",
     "vue": "catalog:frontend",
-    "vue-markdown-render": "^2.1.1"
+    "vue-markdown-render": "catalog:frontend"
   },
   "devDependencies": {
     "@iconify-json/mdi": "^1.1.54",
     "@n8n/storybook": "workspace:*",
-    "@types/markdown-it": "^12.2.3",
     "@vitest/coverage-v8": "catalog:frontend",
     "unplugin-icons": "^0.19.0",
     "vite": "catalog:frontend",
diff --git a/packages/@n8n/chat/src/components/Input.vue b/packages/@n8n/chat/src/components/Input.vue
index 04153960825b6..af4b3343b7a38 100644
--- a/packages/@n8n/chat/src/components/Input.vue
+++ b/packages/@n8n/chat/src/components/Input.vue
@@ -247,6 +247,10 @@ function onOpenFileDialog() {
 	justify-content: center;
 	transition: color var(--chat--transition-duration) ease;
 
+	svg {
+		min-width: fit-content;
+	}
+
 	&:hover,
 	&:focus {
 		background: var(
diff --git a/packages/@n8n/config/package.json b/packages/@n8n/config/package.json
index a4abfa677adc1..e28090e49b9d2 100644
--- a/packages/@n8n/config/package.json
+++ b/packages/@n8n/config/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@n8n/config",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "scripts": {
     "clean": "rimraf dist .turbo",
     "dev": "pnpm watch",
diff --git a/packages/@n8n/config/src/configs/cache.ts b/packages/@n8n/config/src/configs/cache.ts
new file mode 100644
index 0000000000000..8a24bdc18beff
--- /dev/null
+++ b/packages/@n8n/config/src/configs/cache.ts
@@ -0,0 +1,36 @@
+import { Config, Env, Nested } from '../decorators';
+
+@Config
+class MemoryConfig {
+	/** Max size of memory cache in bytes */
+	@Env('N8N_CACHE_MEMORY_MAX_SIZE')
+	maxSize = 3 * 1024 * 1024; // 3 MiB
+
+	/** Time to live (in milliseconds) for data cached in memory. */
+	@Env('N8N_CACHE_MEMORY_TTL')
+	ttl = 3600 * 1000; // 1 hour
+}
+
+@Config
+class RedisConfig {
+	/** Prefix for cache keys in Redis. */
+	@Env('N8N_CACHE_REDIS_KEY_PREFIX')
+	prefix = 'redis';
+
+	/** Time to live (in milliseconds) for data cached in Redis. 0 for no TTL. */
+	@Env('N8N_CACHE_REDIS_TTL')
+	ttl = 3600 * 1000; // 1 hour
+}
+
+@Config
+export class CacheConfig {
+	/** Backend to use for caching. */
+	@Env('N8N_CACHE_BACKEND')
+	backend: 'memory' | 'redis' | 'auto' = 'auto';
+
+	@Nested
+	memory: MemoryConfig;
+
+	@Nested
+	redis: RedisConfig;
+}
diff --git a/packages/@n8n/config/src/configs/credentials.ts b/packages/@n8n/config/src/configs/credentials.ts
index 9659061c05e20..ee5f78a681ae6 100644
--- a/packages/@n8n/config/src/configs/credentials.ts
+++ b/packages/@n8n/config/src/configs/credentials.ts
@@ -7,19 +7,19 @@ class CredentialsOverwrite {
 	 * Format: { CREDENTIAL_NAME: { PARAMETER: VALUE }}
 	 */
 	@Env('CREDENTIALS_OVERWRITE_DATA')
-	readonly data: string = '{}';
+	data = '{}';
 
 	/** Internal API endpoint to fetch overwritten credential types from. */
 	@Env('CREDENTIALS_OVERWRITE_ENDPOINT')
-	readonly endpoint: string = '';
+	endpoint = '';
 }
 
 @Config
 export class CredentialsConfig {
 	/** Default name for credentials */
 	@Env('CREDENTIALS_DEFAULT_NAME')
-	readonly defaultName: string = 'My credentials';
+	defaultName = 'My credentials';
 
 	@Nested
-	readonly overwrite: CredentialsOverwrite;
+	overwrite: CredentialsOverwrite;
 }
diff --git a/packages/@n8n/config/src/configs/database.ts b/packages/@n8n/config/src/configs/database.ts
index 384ecb1fb065c..06a3f85465929 100644
--- a/packages/@n8n/config/src/configs/database.ts
+++ b/packages/@n8n/config/src/configs/database.ts
@@ -4,19 +4,19 @@ import { Config, Env, Nested } from '../decorators';
 class LoggingConfig {
 	/** Whether database logging is enabled. */
 	@Env('DB_LOGGING_ENABLED')
-	readonly enabled: boolean = false;
+	enabled = false;
 
 	/**
 	 * Database logging level. Requires `DB_LOGGING_MAX_EXECUTION_TIME` to be higher than `0`.
 	 */
 	@Env('DB_LOGGING_OPTIONS')
-	readonly options: 'query' | 'error' | 'schema' | 'warn' | 'info' | 'log' | 'all' = 'error';
+	options: 'query' | 'error' | 'schema' | 'warn' | 'info' | 'log' | 'all' = 'error';
 
 	/**
 	 * Only queries that exceed this time (ms) will be logged. Set `0` to disable.
 	 */
 	@Env('DB_LOGGING_MAX_EXECUTION_TIME')
-	readonly maxQueryExecutionTime: number = 0;
+	maxQueryExecutionTime = 0;
 }
 
 @Config
@@ -26,97 +26,97 @@ class PostgresSSLConfig {
 	 * If `DB_POSTGRESDB_SSL_CA`, `DB_POSTGRESDB_SSL_CERT`, or `DB_POSTGRESDB_SSL_KEY` are defined, `DB_POSTGRESDB_SSL_ENABLED` defaults to `true`.
 	 */
 	@Env('DB_POSTGRESDB_SSL_ENABLED')
-	readonly enabled: boolean = false;
+	enabled = false;
 
 	/** SSL certificate authority */
 	@Env('DB_POSTGRESDB_SSL_CA')
-	readonly ca: string = '';
+	ca = '';
 
 	/** SSL certificate */
 	@Env('DB_POSTGRESDB_SSL_CERT')
-	readonly cert: string = '';
+	cert = '';
 
 	/** SSL key */
 	@Env('DB_POSTGRESDB_SSL_KEY')
-	readonly key: string = '';
+	key = '';
 
 	/** If unauthorized SSL connections should be rejected */
 	@Env('DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED')
-	readonly rejectUnauthorized: boolean = true;
+	rejectUnauthorized = true;
 }
 
 @Config
 class PostgresConfig {
 	/** Postgres database name */
 	@Env('DB_POSTGRESDB_DATABASE')
-	database: string = 'n8n';
+	database = 'n8n';
 
 	/** Postgres database host */
 	@Env('DB_POSTGRESDB_HOST')
-	readonly host: string = 'localhost';
+	host = 'localhost';
 
 	/** Postgres database password */
 	@Env('DB_POSTGRESDB_PASSWORD')
-	readonly password: string = '';
+	password = '';
 
 	/** Postgres database port */
 	@Env('DB_POSTGRESDB_PORT')
-	readonly port: number = 5432;
+	port: number = 5432;
 
 	/** Postgres database user */
 	@Env('DB_POSTGRESDB_USER')
-	readonly user: string = 'postgres';
+	user = 'postgres';
 
 	/** Postgres database schema */
 	@Env('DB_POSTGRESDB_SCHEMA')
-	readonly schema: string = 'public';
+	schema = 'public';
 
 	/** Postgres database pool size */
 	@Env('DB_POSTGRESDB_POOL_SIZE')
-	readonly poolSize = 2;
+	poolSize = 2;
 
 	@Nested
-	readonly ssl: PostgresSSLConfig;
+	ssl: PostgresSSLConfig;
 }
 
 @Config
 class MysqlConfig {
 	/** @deprecated MySQL database name */
 	@Env('DB_MYSQLDB_DATABASE')
-	database: string = 'n8n';
+	database = 'n8n';
 
 	/** MySQL database host */
 	@Env('DB_MYSQLDB_HOST')
-	readonly host: string = 'localhost';
+	host = 'localhost';
 
 	/** MySQL database password */
 	@Env('DB_MYSQLDB_PASSWORD')
-	readonly password: string = '';
+	password = '';
 
 	/** MySQL database port */
 	@Env('DB_MYSQLDB_PORT')
-	readonly port: number = 3306;
+	port: number = 3306;
 
 	/** MySQL database user */
 	@Env('DB_MYSQLDB_USER')
-	readonly user: string = 'root';
+	user = 'root';
 }
 
 @Config
 class SqliteConfig {
 	/** SQLite database file name */
 	@Env('DB_SQLITE_DATABASE')
-	readonly database: string = 'database.sqlite';
+	database = 'database.sqlite';
 
 	/** SQLite database pool size. Set to `0` to disable pooling. */
 	@Env('DB_SQLITE_POOL_SIZE')
-	readonly poolSize: number = 0;
+	poolSize: number = 0;
 
 	/**
 	 * Enable SQLite WAL mode.
 	 */
 	@Env('DB_SQLITE_ENABLE_WAL')
-	readonly enableWAL: boolean = this.poolSize > 1;
+	enableWAL = this.poolSize > 1;
 
 	/**
 	 * Run `VACUUM` on startup to rebuild the database, reducing file size and optimizing indexes.
@@ -124,7 +124,7 @@ class SqliteConfig {
 	 * @warning Long-running blocking operation that will increase startup time.
 	 */
 	@Env('DB_SQLITE_VACUUM_ON_STARTUP')
-	readonly executeVacuumOnStartup: boolean = false;
+	executeVacuumOnStartup = false;
 }
 
 @Config
@@ -135,17 +135,17 @@ export class DatabaseConfig {
 
 	/** Prefix for table names */
 	@Env('DB_TABLE_PREFIX')
-	readonly tablePrefix: string = '';
+	tablePrefix = '';
 
 	@Nested
-	readonly logging: LoggingConfig;
+	logging: LoggingConfig;
 
 	@Nested
-	readonly postgresdb: PostgresConfig;
+	postgresdb: PostgresConfig;
 
 	@Nested
-	readonly mysqldb: MysqlConfig;
+	mysqldb: MysqlConfig;
 
 	@Nested
-	readonly sqlite: SqliteConfig;
+	sqlite: SqliteConfig;
 }
diff --git a/packages/@n8n/config/src/configs/email.ts b/packages/@n8n/config/src/configs/email.ts
index 318c35238070f..f0e130c3b48be 100644
--- a/packages/@n8n/config/src/configs/email.ts
+++ b/packages/@n8n/config/src/configs/email.ts
@@ -4,75 +4,75 @@ import { Config, Env, Nested } from '../decorators';
 export class SmtpAuth {
 	/** SMTP login username */
 	@Env('N8N_SMTP_USER')
-	readonly user: string = '';
+	user = '';
 
 	/** SMTP login password */
 	@Env('N8N_SMTP_PASS')
-	readonly pass: string = '';
+	pass = '';
 
 	/** SMTP OAuth Service Client */
 	@Env('N8N_SMTP_OAUTH_SERVICE_CLIENT')
-	readonly serviceClient: string = '';
+	serviceClient = '';
 
 	/** SMTP OAuth Private Key */
 	@Env('N8N_SMTP_OAUTH_PRIVATE_KEY')
-	readonly privateKey: string = '';
+	privateKey = '';
 }
 
 @Config
 export class SmtpConfig {
 	/** SMTP server host */
 	@Env('N8N_SMTP_HOST')
-	readonly host: string = '';
+	host = '';
 
 	/** SMTP server port */
 	@Env('N8N_SMTP_PORT')
-	readonly port: number = 465;
+	port: number = 465;
 
 	/** Whether to use SSL for SMTP */
 	@Env('N8N_SMTP_SSL')
-	readonly secure: boolean = true;
+	secure: boolean = true;
 
 	/** Whether to use STARTTLS for SMTP when SSL is disabled */
 	@Env('N8N_SMTP_STARTTLS')
-	readonly startTLS: boolean = true;
+	startTLS: boolean = true;
 
 	/** How to display sender name */
 	@Env('N8N_SMTP_SENDER')
-	readonly sender: string = '';
+	sender = '';
 
 	@Nested
-	readonly auth: SmtpAuth;
+	auth: SmtpAuth;
 }
 
 @Config
 export class TemplateConfig {
 	/** Overrides default HTML template for inviting new people (use full path) */
 	@Env('N8N_UM_EMAIL_TEMPLATES_INVITE')
-	readonly invite: string = '';
+	invite = '';
 
 	/** Overrides default HTML template for resetting password (use full path) */
 	@Env('N8N_UM_EMAIL_TEMPLATES_PWRESET')
-	readonly passwordReset: string = '';
+	passwordReset = '';
 
 	/** Overrides default HTML template for notifying that a workflow was shared (use full path) */
 	@Env('N8N_UM_EMAIL_TEMPLATES_WORKFLOW_SHARED')
-	readonly workflowShared: string = '';
+	workflowShared = '';
 
 	/** Overrides default HTML template for notifying that credentials were shared (use full path) */
 	@Env('N8N_UM_EMAIL_TEMPLATES_CREDENTIALS_SHARED')
-	readonly credentialsShared: string = '';
+	credentialsShared = '';
 }
 
 @Config
 export class EmailConfig {
 	/** How to send emails */
 	@Env('N8N_EMAIL_MODE')
-	readonly mode: '' | 'smtp' = 'smtp';
+	mode: '' | 'smtp' = 'smtp';
 
 	@Nested
-	readonly smtp: SmtpConfig;
+	smtp: SmtpConfig;
 
 	@Nested
-	readonly template: TemplateConfig;
+	template: TemplateConfig;
 }
diff --git a/packages/@n8n/config/src/configs/endpoints.ts b/packages/@n8n/config/src/configs/endpoints.ts
index 7a04a8249f692..4957c5afa58d6 100644
--- a/packages/@n8n/config/src/configs/endpoints.ts
+++ b/packages/@n8n/config/src/configs/endpoints.ts
@@ -4,99 +4,99 @@ import { Config, Env, Nested } from '../decorators';
 class PrometheusMetricsConfig {
 	/** Whether to enable the `/metrics` endpoint to expose Prometheus metrics. */
 	@Env('N8N_METRICS')
-	readonly enable: boolean = false;
+	enable = false;
 
 	/** Prefix for Prometheus metric names. */
 	@Env('N8N_METRICS_PREFIX')
-	readonly prefix: string = 'n8n_';
+	prefix = 'n8n_';
 
 	/** Whether to expose system and Node.js metrics. See: https://www.npmjs.com/package/prom-client */
 	@Env('N8N_METRICS_INCLUDE_DEFAULT_METRICS')
-	readonly includeDefaultMetrics = true;
+	includeDefaultMetrics = true;
 
 	/** Whether to include a label for workflow ID on workflow metrics. */
 	@Env('N8N_METRICS_INCLUDE_WORKFLOW_ID_LABEL')
-	readonly includeWorkflowIdLabel: boolean = false;
+	includeWorkflowIdLabel = false;
 
 	/** Whether to include a label for node type on node metrics. */
 	@Env('N8N_METRICS_INCLUDE_NODE_TYPE_LABEL')
-	readonly includeNodeTypeLabel: boolean = false;
+	includeNodeTypeLabel = false;
 
 	/** Whether to include a label for credential type on credential metrics. */
 	@Env('N8N_METRICS_INCLUDE_CREDENTIAL_TYPE_LABEL')
-	readonly includeCredentialTypeLabel: boolean = false;
+	includeCredentialTypeLabel = false;
 
 	/** Whether to expose metrics for API endpoints. See: https://www.npmjs.com/package/express-prom-bundle */
 	@Env('N8N_METRICS_INCLUDE_API_ENDPOINTS')
-	readonly includeApiEndpoints: boolean = false;
+	includeApiEndpoints = false;
 
 	/** Whether to include a label for the path of API endpoint calls. */
 	@Env('N8N_METRICS_INCLUDE_API_PATH_LABEL')
-	readonly includeApiPathLabel: boolean = false;
+	includeApiPathLabel = false;
 
 	/** Whether to include a label for the HTTP method of API endpoint calls. */
 	@Env('N8N_METRICS_INCLUDE_API_METHOD_LABEL')
-	readonly includeApiMethodLabel: boolean = false;
+	includeApiMethodLabel = false;
 
 	/** Whether to include a label for the status code of API endpoint calls. */
 	@Env('N8N_METRICS_INCLUDE_API_STATUS_CODE_LABEL')
-	readonly includeApiStatusCodeLabel: boolean = false;
+	includeApiStatusCodeLabel = false;
 
 	/** Whether to include metrics for cache hits and misses. */
 	@Env('N8N_METRICS_INCLUDE_CACHE_METRICS')
-	readonly includeCacheMetrics: boolean = false;
+	includeCacheMetrics = false;
 
 	/** Whether to include metrics derived from n8n's internal events */
 	@Env('N8N_METRICS_INCLUDE_MESSAGE_EVENT_BUS_METRICS')
-	readonly includeMessageEventBusMetrics: boolean = false;
+	includeMessageEventBusMetrics = false;
 }
 
 @Config
 export class EndpointsConfig {
 	/** Max payload size in MiB */
 	@Env('N8N_PAYLOAD_SIZE_MAX')
-	readonly payloadSizeMax: number = 16;
+	payloadSizeMax: number = 16;
 
 	@Nested
-	readonly metrics: PrometheusMetricsConfig;
+	metrics: PrometheusMetricsConfig;
 
 	/** Path segment for REST API endpoints. */
 	@Env('N8N_ENDPOINT_REST')
-	readonly rest: string = 'rest';
+	rest = 'rest';
 
 	/** Path segment for form endpoints. */
 	@Env('N8N_ENDPOINT_FORM')
-	readonly form: string = 'form';
+	form = 'form';
 
 	/** Path segment for test form endpoints. */
 	@Env('N8N_ENDPOINT_FORM_TEST')
-	readonly formTest: string = 'form-test';
+	formTest = 'form-test';
 
 	/** Path segment for waiting form endpoints. */
 	@Env('N8N_ENDPOINT_FORM_WAIT')
-	readonly formWaiting: string = 'form-waiting';
+	formWaiting = 'form-waiting';
 
 	/** Path segment for webhook endpoints. */
 	@Env('N8N_ENDPOINT_WEBHOOK')
-	readonly webhook: string = 'webhook';
+	webhook = 'webhook';
 
 	/** Path segment for test webhook endpoints. */
 	@Env('N8N_ENDPOINT_WEBHOOK_TEST')
-	readonly webhookTest: string = 'webhook-test';
+	webhookTest = 'webhook-test';
 
 	/** Path segment for waiting webhook endpoints. */
 	@Env('N8N_ENDPOINT_WEBHOOK_WAIT')
-	readonly webhookWaiting: string = 'webhook-waiting';
+	webhookWaiting = 'webhook-waiting';
 
 	/** Whether to disable n8n's UI (frontend). */
 	@Env('N8N_DISABLE_UI')
-	readonly disableUi: boolean = false;
+	disableUi = false;
 
 	/** Whether to disable production webhooks on the main process, when using webhook-specific processes. */
 	@Env('N8N_DISABLE_PRODUCTION_MAIN_PROCESS')
-	readonly disableProductionWebhooksOnMainProcess: boolean = false;
+	disableProductionWebhooksOnMainProcess = false;
 
 	/** Colon-delimited list of additional endpoints to not open the UI on. */
 	@Env('N8N_ADDITIONAL_NON_UI_ROUTES')
-	readonly additionalNonUIRoutes: string = '';
+	additionalNonUIRoutes = '';
 }
diff --git a/packages/@n8n/config/src/configs/event-bus.ts b/packages/@n8n/config/src/configs/event-bus.ts
index ed1226fa923ac..87db613e63968 100644
--- a/packages/@n8n/config/src/configs/event-bus.ts
+++ b/packages/@n8n/config/src/configs/event-bus.ts
@@ -2,30 +2,30 @@ import { Config, Env, Nested } from '../decorators';
 
 @Config
 class LogWriterConfig {
-	/** Number of event log files to keep */
+	/* of event log files to keep */
 	@Env('N8N_EVENTBUS_LOGWRITER_KEEPLOGCOUNT')
-	readonly keepLogCount: number = 3;
+	keepLogCount = 3;
 
 	/** Max size (in KB) of an event log file before a new one is started */
 	@Env('N8N_EVENTBUS_LOGWRITER_MAXFILESIZEINKB')
-	readonly maxFileSizeInKB: number = 10240; // 10 MB
+	maxFileSizeInKB = 10240; // 10 MB
 
 	/** Basename of event log file */
 	@Env('N8N_EVENTBUS_LOGWRITER_LOGBASENAME')
-	readonly logBaseName: string = 'n8nEventLog';
+	logBaseName = 'n8nEventLog';
 }
 
 @Config
 export class EventBusConfig {
 	/** How often (in ms) to check for unsent event messages. Can in rare cases cause a message to be sent twice. `0` to disable */
 	@Env('N8N_EVENTBUS_CHECKUNSENTINTERVAL')
-	readonly checkUnsentInterval: number = 0;
+	checkUnsentInterval = 0;
 
 	/** Endpoint to retrieve n8n version information from */
 	@Nested
-	readonly logWriter: LogWriterConfig;
+	logWriter: LogWriterConfig;
 
 	/** Whether to recover execution details after a crash or only mark status executions as crashed. */
 	@Env('N8N_EVENTBUS_RECOVERY_MODE')
-	readonly crashRecoveryMode: 'simple' | 'extensive' = 'extensive';
+	crashRecoveryMode: 'simple' | 'extensive' = 'extensive';
 }
diff --git a/packages/@n8n/config/src/configs/external-secrets.ts b/packages/@n8n/config/src/configs/external-secrets.ts
index a5310d675e373..2e51be87bc6c0 100644
--- a/packages/@n8n/config/src/configs/external-secrets.ts
+++ b/packages/@n8n/config/src/configs/external-secrets.ts
@@ -4,9 +4,9 @@ import { Config, Env } from '../decorators';
 export class ExternalSecretsConfig {
 	/** How often (in seconds) to check for secret updates */
 	@Env('N8N_EXTERNAL_SECRETS_UPDATE_INTERVAL')
-	readonly updateInterval: number = 300;
+	updateInterval = 300;
 
 	/** Whether to prefer GET over LIST when fetching secrets from Hashicorp Vault */
 	@Env('N8N_EXTERNAL_SECRETS_PREFER_GET')
-	readonly preferGet: boolean = false;
+	preferGet = false;
 }
diff --git a/packages/@n8n/config/src/configs/external-storage.ts b/packages/@n8n/config/src/configs/external-storage.ts
index c876e0ee34465..3dd1448b44e38 100644
--- a/packages/@n8n/config/src/configs/external-storage.ts
+++ b/packages/@n8n/config/src/configs/external-storage.ts
@@ -4,39 +4,39 @@ import { Config, Env, Nested } from '../decorators';
 class S3BucketConfig {
 	/** Name of the n8n bucket in S3-compatible external storage */
 	@Env('N8N_EXTERNAL_STORAGE_S3_BUCKET_NAME')
-	readonly name: string = '';
+	name = '';
 
 	/** Region of the n8n bucket in S3-compatible external storage @example "us-east-1" */
 	@Env('N8N_EXTERNAL_STORAGE_S3_BUCKET_REGION')
-	readonly region: string = '';
+	region = '';
 }
 
 @Config
 class S3CredentialsConfig {
 	/** Access key in S3-compatible external storage */
 	@Env('N8N_EXTERNAL_STORAGE_S3_ACCESS_KEY')
-	readonly accessKey: string = '';
+	accessKey = '';
 
 	/** Access secret in S3-compatible external storage */
 	@Env('N8N_EXTERNAL_STORAGE_S3_ACCESS_SECRET')
-	readonly accessSecret: string = '';
+	accessSecret = '';
 }
 
 @Config
 class S3Config {
 	/** Host of the n8n bucket in S3-compatible external storage @example "s3.us-east-1.amazonaws.com" */
 	@Env('N8N_EXTERNAL_STORAGE_S3_HOST')
-	readonly host: string = '';
+	host = '';
 
 	@Nested
-	readonly bucket: S3BucketConfig;
+	bucket: S3BucketConfig;
 
 	@Nested
-	readonly credentials: S3CredentialsConfig;
+	credentials: S3CredentialsConfig;
 }
 
 @Config
 export class ExternalStorageConfig {
 	@Nested
-	readonly s3: S3Config;
+	s3: S3Config;
 }
diff --git a/packages/@n8n/config/src/configs/nodes.ts b/packages/@n8n/config/src/configs/nodes.ts
index f845607a8c0f0..cf8407762cb17 100644
--- a/packages/@n8n/config/src/configs/nodes.ts
+++ b/packages/@n8n/config/src/configs/nodes.ts
@@ -25,22 +25,30 @@ class CommunityPackagesConfig {
 	/** Whether to enable community packages */
 	@Env('N8N_COMMUNITY_PACKAGES_ENABLED')
 	enabled: boolean = true;
+
+	/** NPM registry URL to pull community packages from */
+	@Env('N8N_COMMUNITY_PACKAGES_REGISTRY')
+	registry: string = 'https://registry.npmjs.org';
+
+	/** Whether to reinstall any missing community packages */
+	@Env('N8N_REINSTALL_MISSING_PACKAGES')
+	reinstallMissing: boolean = false;
 }
 
 @Config
 export class NodesConfig {
 	/** Node types to load. Includes all if unspecified. @example '["n8n-nodes-base.hackerNews"]' */
 	@Env('NODES_INCLUDE')
-	readonly include: JsonStringArray = [];
+	include: JsonStringArray = [];
 
 	/** Node types not to load. Excludes none if unspecified. @example '["n8n-nodes-base.hackerNews"]' */
 	@Env('NODES_EXCLUDE')
-	readonly exclude: JsonStringArray = [];
+	exclude: JsonStringArray = [];
 
 	/** Node type to use as error trigger */
 	@Env('NODES_ERROR_TRIGGER_TYPE')
-	readonly errorTriggerType: string = 'n8n-nodes-base.errorTrigger';
+	errorTriggerType = 'n8n-nodes-base.errorTrigger';
 
 	@Nested
-	readonly communityPackages: CommunityPackagesConfig;
+	communityPackages: CommunityPackagesConfig;
 }
diff --git a/packages/@n8n/config/src/configs/public-api.ts b/packages/@n8n/config/src/configs/public-api.ts
index 33e3bf3fc38bc..b62cac68c7834 100644
--- a/packages/@n8n/config/src/configs/public-api.ts
+++ b/packages/@n8n/config/src/configs/public-api.ts
@@ -4,13 +4,13 @@ import { Config, Env } from '../decorators';
 export class PublicApiConfig {
 	/** Whether to disable the Public API */
 	@Env('N8N_PUBLIC_API_DISABLED')
-	readonly disabled: boolean = false;
+	disabled = false;
 
 	/** Path segment for the Public API */
 	@Env('N8N_PUBLIC_API_ENDPOINT')
-	readonly path: string = 'api';
+	path = 'api';
 
 	/** Whether to disable the Swagger UI for the Public API */
 	@Env('N8N_PUBLIC_API_SWAGGERUI_DISABLED')
-	readonly swaggerUiDisabled: boolean = false;
+	swaggerUiDisabled = false;
 }
diff --git a/packages/@n8n/config/src/configs/scaling-mode.config.ts b/packages/@n8n/config/src/configs/scaling-mode.config.ts
new file mode 100644
index 0000000000000..6ff331eedd8c2
--- /dev/null
+++ b/packages/@n8n/config/src/configs/scaling-mode.config.ts
@@ -0,0 +1,96 @@
+import { Config, Env, Nested } from '../decorators';
+
+@Config
+class HealthConfig {
+	/** Whether to enable the worker health check endpoint `/healthz`. */
+	@Env('QUEUE_HEALTH_CHECK_ACTIVE')
+	active = false;
+
+	/** Port for worker to respond to health checks requests on, if enabled. */
+	@Env('QUEUE_HEALTH_CHECK_PORT')
+	port = 5678;
+}
+
+@Config
+class RedisConfig {
+	/** Redis database for Bull queue. */
+	@Env('QUEUE_BULL_REDIS_DB')
+	db = 0;
+
+	/** Redis host for Bull queue. */
+	@Env('QUEUE_BULL_REDIS_HOST')
+	host = 'localhost';
+
+	/** Password to authenticate with Redis. */
+	@Env('QUEUE_BULL_REDIS_PASSWORD')
+	password = '';
+
+	/** Port for Redis to listen on. */
+	@Env('QUEUE_BULL_REDIS_PORT')
+	port = 6379;
+
+	/** Max cumulative timeout (in milliseconds) of connection retries before process exit. */
+	@Env('QUEUE_BULL_REDIS_TIMEOUT_THRESHOLD')
+	timeoutThreshold = 10_000;
+
+	/** Redis username. Redis 6.0 or higher required. */
+	@Env('QUEUE_BULL_REDIS_USERNAME')
+	username = '';
+
+	/** Redis cluster startup nodes, as comma-separated list of `{host}:{port}` pairs. @example 'redis-1:6379,redis-2:6379' */
+	@Env('QUEUE_BULL_REDIS_CLUSTER_NODES')
+	clusterNodes = '';
+
+	/** Whether to enable TLS on Redis connections. */
+	@Env('QUEUE_BULL_REDIS_TLS')
+	tls = false;
+}
+
+@Config
+class SettingsConfig {
+	/** How long (in milliseconds) is the lease period for a worker processing a job. */
+	@Env('QUEUE_WORKER_LOCK_DURATION')
+	lockDuration = 30_000;
+
+	/** How often (in milliseconds) a worker must renew the lease. */
+	@Env('QUEUE_WORKER_LOCK_RENEW_TIME')
+	lockRenewTime = 15_000;
+
+	/** How often (in milliseconds) Bull must check for stalled jobs. `0` to disable. */
+	@Env('QUEUE_WORKER_STALLED_INTERVAL')
+	stalledInterval = 30_000;
+
+	/** Max number of times a stalled job will be re-processed. See Bull's [documentation](https://docs.bullmq.io/guide/workers/stalled-jobs). */
+	@Env('QUEUE_WORKER_MAX_STALLED_COUNT')
+	maxStalledCount = 1;
+}
+
+@Config
+class BullConfig {
+	/** Prefix for Bull keys on Redis. @example 'bull:jobs:23' */
+	@Env('QUEUE_BULL_PREFIX')
+	prefix = 'bull';
+
+	@Nested
+	redis: RedisConfig;
+
+	/** How often (in seconds) to poll the Bull queue to identify executions finished during a Redis crash. `0` to disable. May increase Redis traffic significantly. */
+	@Env('QUEUE_RECOVERY_INTERVAL')
+	queueRecoveryInterval = 60; // watchdog interval
+
+	/** @deprecated How long (in seconds) a worker must wait for active executions to finish before exiting. Use `N8N_GRACEFUL_SHUTDOWN_TIMEOUT` instead */
+	@Env('QUEUE_WORKER_TIMEOUT')
+	gracefulShutdownTimeout = 30;
+
+	@Nested
+	settings: SettingsConfig;
+}
+
+@Config
+export class ScalingModeConfig {
+	@Nested
+	health: HealthConfig;
+
+	@Nested
+	bull: BullConfig;
+}
diff --git a/packages/@n8n/config/src/configs/templates.ts b/packages/@n8n/config/src/configs/templates.ts
index 3e10c892b3469..3b05048b36301 100644
--- a/packages/@n8n/config/src/configs/templates.ts
+++ b/packages/@n8n/config/src/configs/templates.ts
@@ -4,9 +4,9 @@ import { Config, Env } from '../decorators';
 export class TemplatesConfig {
 	/** Whether to load workflow templates. */
 	@Env('N8N_TEMPLATES_ENABLED')
-	readonly enabled: boolean = true;
+	enabled = true;
 
 	/** Host to retrieve workflow templates from endpoints. */
 	@Env('N8N_TEMPLATES_HOST')
-	readonly host: string = 'https://api.n8n.io/api/';
+	host = 'https://api.n8n.io/api/';
 }
diff --git a/packages/@n8n/config/src/configs/version-notifications.ts b/packages/@n8n/config/src/configs/version-notifications.ts
index 1aa693228d494..5fe495ed6c02e 100644
--- a/packages/@n8n/config/src/configs/version-notifications.ts
+++ b/packages/@n8n/config/src/configs/version-notifications.ts
@@ -4,13 +4,13 @@ import { Config, Env } from '../decorators';
 export class VersionNotificationsConfig {
 	/** Whether to request notifications about new n8n versions */
 	@Env('N8N_VERSION_NOTIFICATIONS_ENABLED')
-	readonly enabled: boolean = true;
+	enabled = true;
 
 	/** Endpoint to retrieve n8n version information from */
 	@Env('N8N_VERSION_NOTIFICATIONS_ENDPOINT')
-	readonly endpoint: string = 'https://api.n8n.io/api/versions/';
+	endpoint = 'https://api.n8n.io/api/versions/';
 
 	/** URL for versions panel to page instructing user on how to update n8n instance */
 	@Env('N8N_VERSION_NOTIFICATIONS_INFO_URL')
-	readonly infoUrl: string = 'https://docs.n8n.io/hosting/installation/updating/';
+	infoUrl = 'https://docs.n8n.io/hosting/installation/updating/';
 }
diff --git a/packages/@n8n/config/src/configs/workflows.ts b/packages/@n8n/config/src/configs/workflows.ts
index b19f4bc95d7e0..9ca004c886b58 100644
--- a/packages/@n8n/config/src/configs/workflows.ts
+++ b/packages/@n8n/config/src/configs/workflows.ts
@@ -4,17 +4,14 @@ import { Config, Env } from '../decorators';
 export class WorkflowsConfig {
 	/** Default name for workflow */
 	@Env('WORKFLOWS_DEFAULT_NAME')
-	readonly defaultName: string = 'My workflow';
+	defaultName = 'My workflow';
 
 	/** Show onboarding flow in new workflow */
 	@Env('N8N_ONBOARDING_FLOW_DISABLED')
-	readonly onboardingFlowDisabled: boolean = false;
+	onboardingFlowDisabled = false;
 
 	/** Default option for which workflows may call the current workflow */
 	@Env('N8N_WORKFLOW_CALLER_POLICY_DEFAULT_OPTION')
-	readonly callerPolicyDefaultOption:
-		| 'any'
-		| 'none'
-		| 'workflowsFromAList'
-		| 'workflowsFromSameOwner' = 'workflowsFromSameOwner';
+	callerPolicyDefaultOption: 'any' | 'none' | 'workflowsFromAList' | 'workflowsFromSameOwner' =
+		'workflowsFromSameOwner';
 }
diff --git a/packages/@n8n/config/src/index.ts b/packages/@n8n/config/src/index.ts
index d7bb09889d5ab..88e6fb01170d8 100644
--- a/packages/@n8n/config/src/index.ts
+++ b/packages/@n8n/config/src/index.ts
@@ -11,6 +11,8 @@ import { NodesConfig } from './configs/nodes';
 import { ExternalStorageConfig } from './configs/external-storage';
 import { WorkflowsConfig } from './configs/workflows';
 import { EndpointsConfig } from './configs/endpoints';
+import { CacheConfig } from './configs/cache';
+import { ScalingModeConfig } from './configs/scaling-mode.config';
 
 @Config
 class UserManagementConfig {
@@ -75,4 +77,10 @@ export class GlobalConfig {
 
 	@Nested
 	readonly endpoints: EndpointsConfig;
+
+	@Nested
+	readonly cache: CacheConfig;
+
+	@Nested
+	queue: ScalingModeConfig;
 }
diff --git a/packages/@n8n/config/test/config.test.ts b/packages/@n8n/config/test/config.test.ts
index a36a74d1e25c7..b8e89d0ab7f0d 100644
--- a/packages/@n8n/config/test/config.test.ts
+++ b/packages/@n8n/config/test/config.test.ts
@@ -108,6 +108,8 @@ describe('GlobalConfig', () => {
 		nodes: {
 			communityPackages: {
 				enabled: true,
+				registry: 'https://registry.npmjs.org',
+				reinstallMissing: false,
 			},
 			errorTriggerType: 'n8n-nodes-base.errorTrigger',
 			include: [],
@@ -172,6 +174,44 @@ describe('GlobalConfig', () => {
 			webhookTest: 'webhook-test',
 			webhookWaiting: 'webhook-waiting',
 		},
+		cache: {
+			backend: 'auto',
+			memory: {
+				maxSize: 3145728,
+				ttl: 3600000,
+			},
+			redis: {
+				prefix: 'redis',
+				ttl: 3600000,
+			},
+		},
+		queue: {
+			health: {
+				active: false,
+				port: 5678,
+			},
+			bull: {
+				redis: {
+					db: 0,
+					host: 'localhost',
+					password: '',
+					port: 6379,
+					timeoutThreshold: 10_000,
+					username: '',
+					clusterNodes: '',
+					tls: false,
+				},
+				queueRecoveryInterval: 60,
+				gracefulShutdownTimeout: 30,
+				prefix: 'bull',
+				settings: {
+					lockDuration: 30_000,
+					lockRenewTime: 15_000,
+					stalledInterval: 30_000,
+					maxStalledCount: 1,
+				},
+			},
+		},
 	};
 
 	it('should use all default values when no env variables are defined', () => {
diff --git a/packages/@n8n/nodes-langchain/README.md b/packages/@n8n/nodes-langchain/README.md
index e5761628cf67b..03a23d21865d8 100644
--- a/packages/@n8n/nodes-langchain/README.md
+++ b/packages/@n8n/nodes-langchain/README.md
@@ -8,6 +8,4 @@ These nodes are still in Beta state and are only compatible with the Docker imag
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/OpenAiFunctionsAgent/execute.ts b/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/OpenAiFunctionsAgent/execute.ts
index a027829e3a7d8..3c4ff28f06a10 100644
--- a/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/OpenAiFunctionsAgent/execute.ts
+++ b/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/OpenAiFunctionsAgent/execute.ts
@@ -38,7 +38,7 @@ export async function openAiFunctionsAgentExecute(
 	const memory = (await this.getInputConnectionData(NodeConnectionType.AiMemory, 0)) as
 		| BaseChatMemory
 		| undefined;
-	const tools = await getConnectedTools(this, nodeVersion >= 1.5);
+	const tools = await getConnectedTools(this, nodeVersion >= 1.5, false);
 	const outputParsers = await getOptionalOutputParsers(this);
 	const options = this.getNodeParameter('options', 0, {}) as {
 		systemMessage?: string;
diff --git a/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/ToolsAgent/execute.ts b/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/ToolsAgent/execute.ts
index 81ac6bad5db43..e0da7f1e315f9 100644
--- a/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/ToolsAgent/execute.ts
+++ b/packages/@n8n/nodes-langchain/nodes/agents/Agent/agents/ToolsAgent/execute.ts
@@ -90,7 +90,7 @@ export async function toolsAgentExecute(this: IExecuteFunctions): Promise<INodeE
 		| BaseChatMemory
 		| undefined;
 
-	const tools = (await getConnectedTools(this, true)) as Array<DynamicStructuredTool | Tool>;
+	const tools = (await getConnectedTools(this, true, false)) as Array<DynamicStructuredTool | Tool>;
 	const outputParser = (await getOptionalOutputParsers(this))?.[0];
 	let structuredOutputParserTool: DynamicStructuredTool | undefined;
 
diff --git a/packages/@n8n/nodes-langchain/nodes/agents/OpenAiAssistant/OpenAiAssistant.node.ts b/packages/@n8n/nodes-langchain/nodes/agents/OpenAiAssistant/OpenAiAssistant.node.ts
index f56ce7c5c4484..8f05faccb0274 100644
--- a/packages/@n8n/nodes-langchain/nodes/agents/OpenAiAssistant/OpenAiAssistant.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/agents/OpenAiAssistant/OpenAiAssistant.node.ts
@@ -313,7 +313,7 @@ export class OpenAiAssistant implements INodeType {
 
 	async execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
 		const nodeVersion = this.getNode().typeVersion;
-		const tools = await getConnectedTools(this, nodeVersion > 1);
+		const tools = await getConnectedTools(this, nodeVersion > 1, false);
 		const credentials = await this.getCredentials('openAiApi');
 
 		const items = this.getInputData();
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMChatAnthropic/LmChatAnthropic.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMChatAnthropic/LmChatAnthropic.node.ts
index 241efadb6d392..ecc14e1344341 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMChatAnthropic/LmChatAnthropic.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMChatAnthropic/LmChatAnthropic.node.ts
@@ -74,7 +74,7 @@ export class LmChatAnthropic implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMChatOllama/LmChatOllama.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMChatOllama/LmChatOllama.node.ts
index f0f9e5f630e29..b4fc474dd2ecf 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMChatOllama/LmChatOllama.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMChatOllama/LmChatOllama.node.ts
@@ -28,7 +28,7 @@ export class LmChatOllama implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMChatOpenAi/LmChatOpenAi.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMChatOpenAi/LmChatOpenAi.node.ts
index 264c594d1bd87..1f39c082290e4 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMChatOpenAi/LmChatOpenAi.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMChatOpenAi/LmChatOpenAi.node.ts
@@ -26,7 +26,7 @@ export class LmChatOpenAi implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMCohere/LmCohere.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMCohere/LmCohere.node.ts
index ee5163a78f1a3..191209bb3363b 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMCohere/LmCohere.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMCohere/LmCohere.node.ts
@@ -26,7 +26,7 @@ export class LmCohere implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Text Completion Models'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMOllama/LmOllama.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMOllama/LmOllama.node.ts
index 95024ad4b2f39..5492a51a97914 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMOllama/LmOllama.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMOllama/LmOllama.node.ts
@@ -27,7 +27,7 @@ export class LmOllama implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Text Completion Models'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMOpenAi/LmOpenAi.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMOpenAi/LmOpenAi.node.ts
index 2f0e3480d8701..a46ad429a2963 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMOpenAi/LmOpenAi.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMOpenAi/LmOpenAi.node.ts
@@ -38,7 +38,7 @@ export class LmOpenAi implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Text Completion Models'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LMOpenHuggingFaceInference/LmOpenHuggingFaceInference.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LMOpenHuggingFaceInference/LmOpenHuggingFaceInference.node.ts
index 9a30ef74d73ae..7b2c821f9c34c 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LMOpenHuggingFaceInference/LmOpenHuggingFaceInference.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LMOpenHuggingFaceInference/LmOpenHuggingFaceInference.node.ts
@@ -26,7 +26,7 @@ export class LmOpenHuggingFaceInference implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Text Completion Models'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatAwsBedrock/LmChatAwsBedrock.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatAwsBedrock/LmChatAwsBedrock.node.ts
index d313ba53b54e4..4e1c27bfde8c2 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatAwsBedrock/LmChatAwsBedrock.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatAwsBedrock/LmChatAwsBedrock.node.ts
@@ -29,7 +29,7 @@ export class LmChatAwsBedrock implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatAzureOpenAi/LmChatAzureOpenAi.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatAzureOpenAi/LmChatAzureOpenAi.node.ts
index 2e05b4770d99d..5770387158b1e 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatAzureOpenAi/LmChatAzureOpenAi.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatAzureOpenAi/LmChatAzureOpenAi.node.ts
@@ -27,7 +27,7 @@ export class LmChatAzureOpenAi implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleGemini/LmChatGoogleGemini.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleGemini/LmChatGoogleGemini.node.ts
index d3d3d1ea2c218..ce08a650f203f 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleGemini/LmChatGoogleGemini.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleGemini/LmChatGoogleGemini.node.ts
@@ -27,7 +27,7 @@ export class LmChatGoogleGemini implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGooglePalm/LmChatGooglePalm.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGooglePalm/LmChatGooglePalm.node.ts
index a32a5e959cdb5..6195d4d98763b 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGooglePalm/LmChatGooglePalm.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGooglePalm/LmChatGooglePalm.node.ts
@@ -25,7 +25,7 @@ export class LmChatGooglePalm implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleVertex/LmChatGoogleVertex.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleVertex/LmChatGoogleVertex.node.ts
index 1e3837818fb5b..044428c01adc3 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleVertex/LmChatGoogleVertex.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGoogleVertex/LmChatGoogleVertex.node.ts
@@ -32,7 +32,7 @@ export class LmChatGoogleVertex implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGroq/LmChatGroq.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGroq/LmChatGroq.node.ts
index 3354ac030f404..d0a28715e1010 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatGroq/LmChatGroq.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatGroq/LmChatGroq.node.ts
@@ -26,7 +26,7 @@ export class LmChatGroq implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmChatMistralCloud/LmChatMistralCloud.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmChatMistralCloud/LmChatMistralCloud.node.ts
index 32364545d2073..129beeadfe5eb 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmChatMistralCloud/LmChatMistralCloud.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmChatMistralCloud/LmChatMistralCloud.node.ts
@@ -27,7 +27,7 @@ export class LmChatMistralCloud implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Chat Models (Recommended)'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/llms/LmGooglePalm/LmGooglePalm.node.ts b/packages/@n8n/nodes-langchain/nodes/llms/LmGooglePalm/LmGooglePalm.node.ts
index d79f74be02fe6..e4681803fe59a 100644
--- a/packages/@n8n/nodes-langchain/nodes/llms/LmGooglePalm/LmGooglePalm.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/llms/LmGooglePalm/LmGooglePalm.node.ts
@@ -25,7 +25,7 @@ export class LmGooglePalm implements INodeType {
 		codex: {
 			categories: ['AI'],
 			subcategories: {
-				AI: ['Language Models'],
+				AI: ['Language Models', 'Root Nodes'],
 				'Language Models': ['Text Completion Models'],
 			},
 			resources: {
diff --git a/packages/@n8n/nodes-langchain/nodes/memory/MemoryBufferWindow/MemoryBufferWindow.node.ts b/packages/@n8n/nodes-langchain/nodes/memory/MemoryBufferWindow/MemoryBufferWindow.node.ts
index 2b7e205de63fb..b8eea7a5e2c82 100644
--- a/packages/@n8n/nodes-langchain/nodes/memory/MemoryBufferWindow/MemoryBufferWindow.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/memory/MemoryBufferWindow/MemoryBufferWindow.node.ts
@@ -10,7 +10,7 @@ import type { BufferWindowMemoryInput } from 'langchain/memory';
 import { BufferWindowMemory } from 'langchain/memory';
 import { logWrapper } from '../../../utils/logWrapper';
 import { getConnectionHintNoticeField } from '../../../utils/sharedFields';
-import { sessionIdOption, sessionKeyProperty } from '../descriptions';
+import { sessionIdOption, sessionKeyProperty, contextWindowLengthProperty } from '../descriptions';
 import { getSessionId } from '../../../utils/helpers';
 
 class MemoryChatBufferSingleton {
@@ -130,13 +130,7 @@ export class MemoryBufferWindow implements INodeType {
 				},
 			},
 			sessionKeyProperty,
-			{
-				displayName: 'Context Window Length',
-				name: 'contextWindowLength',
-				type: 'number',
-				default: 5,
-				description: 'The number of previous messages to consider for context',
-			},
+			contextWindowLengthProperty,
 		],
 	};
 
diff --git a/packages/@n8n/nodes-langchain/nodes/memory/MemoryPostgresChat/MemoryPostgresChat.node.ts b/packages/@n8n/nodes-langchain/nodes/memory/MemoryPostgresChat/MemoryPostgresChat.node.ts
index ea3ed3c33ea6b..b1a9cd7aeaec5 100644
--- a/packages/@n8n/nodes-langchain/nodes/memory/MemoryPostgresChat/MemoryPostgresChat.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/memory/MemoryPostgresChat/MemoryPostgresChat.node.ts
@@ -1,7 +1,7 @@
 /* eslint-disable n8n-nodes-base/node-dirname-against-convention */
 import type { IExecuteFunctions, INodeType, INodeTypeDescription, SupplyData } from 'n8n-workflow';
 import { NodeConnectionType } from 'n8n-workflow';
-import { BufferMemory } from 'langchain/memory';
+import { BufferMemory, BufferWindowMemory } from 'langchain/memory';
 import { PostgresChatMessageHistory } from '@langchain/community/stores/message/postgres';
 import type pg from 'pg';
 import { configurePostgres } from 'n8n-nodes-base/dist/nodes/Postgres/v2/transport';
@@ -9,7 +9,7 @@ import type { PostgresNodeCredentials } from 'n8n-nodes-base/dist/nodes/Postgres
 import { postgresConnectionTest } from 'n8n-nodes-base/dist/nodes/Postgres/v2/methods/credentialTest';
 import { logWrapper } from '../../../utils/logWrapper';
 import { getConnectionHintNoticeField } from '../../../utils/sharedFields';
-import { sessionIdOption, sessionKeyProperty } from '../descriptions';
+import { sessionIdOption, sessionKeyProperty, contextWindowLengthProperty } from '../descriptions';
 import { getSessionId } from '../../../utils/helpers';
 
 export class MemoryPostgresChat implements INodeType {
@@ -18,7 +18,7 @@ export class MemoryPostgresChat implements INodeType {
 		name: 'memoryPostgresChat',
 		icon: 'file:postgres.svg',
 		group: ['transform'],
-		version: [1],
+		version: [1, 1.1],
 		description: 'Stores the chat history in Postgres table.',
 		defaults: {
 			name: 'Postgres Chat Memory',
@@ -60,6 +60,10 @@ export class MemoryPostgresChat implements INodeType {
 				description:
 					'The table name to store the chat history in. If table does not exist, it will be created.',
 			},
+			{
+				...contextWindowLengthProperty,
+				displayOptions: { hide: { '@version': [{ _cnd: { lt: 1.1 } }] } },
+			},
 		],
 	};
 
@@ -83,12 +87,19 @@ export class MemoryPostgresChat implements INodeType {
 			tableName,
 		});
 
-		const memory = new BufferMemory({
+		const memClass = this.getNode().typeVersion < 1.1 ? BufferMemory : BufferWindowMemory;
+		const kOptions =
+			this.getNode().typeVersion < 1.1
+				? {}
+				: { k: this.getNodeParameter('contextWindowLength', itemIndex) };
+
+		const memory = new memClass({
 			memoryKey: 'chat_history',
 			chatHistory: pgChatHistory,
 			returnMessages: true,
 			inputKey: 'input',
 			outputKey: 'output',
+			...kOptions,
 		});
 
 		async function closeFunction() {
diff --git a/packages/@n8n/nodes-langchain/nodes/memory/MemoryRedisChat/MemoryRedisChat.node.ts b/packages/@n8n/nodes-langchain/nodes/memory/MemoryRedisChat/MemoryRedisChat.node.ts
index d139bd31e365a..da57ede1d2315 100644
--- a/packages/@n8n/nodes-langchain/nodes/memory/MemoryRedisChat/MemoryRedisChat.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/memory/MemoryRedisChat/MemoryRedisChat.node.ts
@@ -7,14 +7,14 @@ import {
 	type SupplyData,
 	NodeConnectionType,
 } from 'n8n-workflow';
-import { BufferMemory } from 'langchain/memory';
+import { BufferMemory, BufferWindowMemory } from 'langchain/memory';
 import type { RedisChatMessageHistoryInput } from '@langchain/redis';
 import { RedisChatMessageHistory } from '@langchain/redis';
 import type { RedisClientOptions } from 'redis';
 import { createClient } from 'redis';
 import { logWrapper } from '../../../utils/logWrapper';
 import { getConnectionHintNoticeField } from '../../../utils/sharedFields';
-import { sessionIdOption, sessionKeyProperty } from '../descriptions';
+import { sessionIdOption, sessionKeyProperty, contextWindowLengthProperty } from '../descriptions';
 import { getSessionId } from '../../../utils/helpers';
 
 export class MemoryRedisChat implements INodeType {
@@ -23,7 +23,7 @@ export class MemoryRedisChat implements INodeType {
 		name: 'memoryRedisChat',
 		icon: 'file:redis.svg',
 		group: ['transform'],
-		version: [1, 1.1, 1.2],
+		version: [1, 1.1, 1.2, 1.3],
 		description: 'Stores the chat history in Redis.',
 		defaults: {
 			name: 'Redis Chat Memory',
@@ -95,6 +95,10 @@ export class MemoryRedisChat implements INodeType {
 				description:
 					'For how long the session should be stored in seconds. If set to 0 it will not expire.',
 			},
+			{
+				...contextWindowLengthProperty,
+				displayOptions: { hide: { '@version': [{ _cnd: { lt: 1.3 } }] } },
+			},
 		],
 	};
 
@@ -143,12 +147,19 @@ export class MemoryRedisChat implements INodeType {
 		}
 		const redisChatHistory = new RedisChatMessageHistory(redisChatConfig);
 
-		const memory = new BufferMemory({
+		const memClass = this.getNode().typeVersion < 1.3 ? BufferMemory : BufferWindowMemory;
+		const kOptions =
+			this.getNode().typeVersion < 1.3
+				? {}
+				: { k: this.getNodeParameter('contextWindowLength', itemIndex) };
+
+		const memory = new memClass({
 			memoryKey: 'chat_history',
 			chatHistory: redisChatHistory,
 			returnMessages: true,
 			inputKey: 'input',
 			outputKey: 'output',
+			...kOptions,
 		});
 
 		async function closeFunction() {
diff --git a/packages/@n8n/nodes-langchain/nodes/memory/MemoryXata/MemoryXata.node.ts b/packages/@n8n/nodes-langchain/nodes/memory/MemoryXata/MemoryXata.node.ts
index e5c9dc4c35611..f0177d9e75e8b 100644
--- a/packages/@n8n/nodes-langchain/nodes/memory/MemoryXata/MemoryXata.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/memory/MemoryXata/MemoryXata.node.ts
@@ -2,11 +2,11 @@
 import { NodeConnectionType, NodeOperationError } from 'n8n-workflow';
 import type { IExecuteFunctions, INodeType, INodeTypeDescription, SupplyData } from 'n8n-workflow';
 import { XataChatMessageHistory } from '@langchain/community/stores/message/xata';
-import { BufferMemory } from 'langchain/memory';
+import { BufferMemory, BufferWindowMemory } from 'langchain/memory';
 import { BaseClient } from '@xata.io/client';
 import { logWrapper } from '../../../utils/logWrapper';
 import { getConnectionHintNoticeField } from '../../../utils/sharedFields';
-import { sessionIdOption, sessionKeyProperty } from '../descriptions';
+import { sessionIdOption, sessionKeyProperty, contextWindowLengthProperty } from '../descriptions';
 import { getSessionId } from '../../../utils/helpers';
 
 export class MemoryXata implements INodeType {
@@ -15,7 +15,7 @@ export class MemoryXata implements INodeType {
 		name: 'memoryXata',
 		icon: 'file:xata.svg',
 		group: ['transform'],
-		version: [1, 1.1, 1.2],
+		version: [1, 1.1, 1.2, 1.3],
 		description: 'Use Xata Memory',
 		defaults: {
 			name: 'Xata',
@@ -81,6 +81,10 @@ export class MemoryXata implements INodeType {
 				},
 			},
 			sessionKeyProperty,
+			{
+				...contextWindowLengthProperty,
+				displayOptions: { hide: { '@version': [{ _cnd: { lt: 1.3 } }] } },
+			},
 		],
 	};
 
@@ -120,12 +124,19 @@ export class MemoryXata implements INodeType {
 			apiKey: credentials.apiKey as string,
 		});
 
-		const memory = new BufferMemory({
+		const memClass = this.getNode().typeVersion < 1.3 ? BufferMemory : BufferWindowMemory;
+		const kOptions =
+			this.getNode().typeVersion < 1.3
+				? {}
+				: { k: this.getNodeParameter('contextWindowLength', itemIndex) };
+
+		const memory = new memClass({
 			chatHistory,
 			memoryKey: 'chat_history',
 			returnMessages: true,
 			inputKey: 'input',
 			outputKey: 'output',
+			...kOptions,
 		});
 
 		return {
diff --git a/packages/@n8n/nodes-langchain/nodes/memory/descriptions.ts b/packages/@n8n/nodes-langchain/nodes/memory/descriptions.ts
index 5f722c4647828..354d134fb7c42 100644
--- a/packages/@n8n/nodes-langchain/nodes/memory/descriptions.ts
+++ b/packages/@n8n/nodes-langchain/nodes/memory/descriptions.ts
@@ -33,3 +33,11 @@ export const sessionKeyProperty: INodeProperties = {
 		},
 	},
 };
+
+export const contextWindowLengthProperty: INodeProperties = {
+	displayName: 'Context Window Length',
+	name: 'contextWindowLength',
+	type: 'number',
+	default: 5,
+	hint: 'How many past interactions the model receives as context',
+};
diff --git a/packages/@n8n/nodes-langchain/nodes/tools/ToolCode/ToolCode.node.ts b/packages/@n8n/nodes-langchain/nodes/tools/ToolCode/ToolCode.node.ts
index 492284b190c78..6ae5a8807539b 100644
--- a/packages/@n8n/nodes-langchain/nodes/tools/ToolCode/ToolCode.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/tools/ToolCode/ToolCode.node.ts
@@ -6,6 +6,7 @@ import type {
 	SupplyData,
 	ExecutionError,
 } from 'n8n-workflow';
+
 import { NodeConnectionType, NodeOperationError } from 'n8n-workflow';
 import type { Sandbox } from 'n8n-nodes-base/dist/nodes/Code/Sandbox';
 import { getSandboxContext } from 'n8n-nodes-base/dist/nodes/Code/Sandbox';
@@ -208,7 +209,7 @@ export class ToolCode implements INodeType {
 					try {
 						response = await runFunction(query);
 					} catch (error: unknown) {
-						executionError = error as ExecutionError;
+						executionError = new NodeOperationError(this.getNode(), error as ExecutionError);
 						response = `There was an error: "${executionError.message}"`;
 					}
 
@@ -229,6 +230,7 @@ export class ToolCode implements INodeType {
 					} else {
 						void this.addOutputData(NodeConnectionType.AiTool, index, [[{ json: { response } }]]);
 					}
+
 					return response;
 				},
 			}),
diff --git a/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/ToolHttpRequest.node.ts b/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/ToolHttpRequest.node.ts
index 1d391f313ef36..421e85e1b5b8c 100644
--- a/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/ToolHttpRequest.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/ToolHttpRequest.node.ts
@@ -12,6 +12,7 @@ import { NodeConnectionType, NodeOperationError, tryToParseAlphanumericString }
 import { DynamicTool } from '@langchain/core/tools';
 import { getConnectionHintNoticeField } from '../../../utils/sharedFields';
 
+import { N8nTool } from '../../../utils/N8nTool';
 import {
 	configureHttpRequestFunction,
 	configureResponseOptimizer,
@@ -19,6 +20,7 @@ import {
 	prepareToolDescription,
 	configureToolFunction,
 	updateParametersAndOptions,
+	makeToolInputSchema,
 } from './utils';
 
 import {
@@ -38,7 +40,7 @@ export class ToolHttpRequest implements INodeType {
 		name: 'toolHttpRequest',
 		icon: { light: 'file:httprequest.svg', dark: 'file:httprequest.dark.svg' },
 		group: ['output'],
-		version: 1,
+		version: [1, 1.1],
 		description: 'Makes an HTTP request and returns the response data',
 		subtitle: '={{ $parameter.toolDescription }}',
 		defaults: {
@@ -394,9 +396,24 @@ export class ToolHttpRequest implements INodeType {
 			optimizeResponse,
 		);
 
-		const description = prepareToolDescription(toolDescription, toolParameters);
+		let tool: DynamicTool | N8nTool;
 
-		const tool = new DynamicTool({ name, description, func });
+		// If the node version is 1.1 or higher, we use the N8nTool wrapper:
+		// it allows to use tool as a DynamicStructuredTool and have a fallback to DynamicTool
+		if (this.getNode().typeVersion >= 1.1) {
+			const schema = makeToolInputSchema(toolParameters);
+
+			tool = new N8nTool(this, {
+				name,
+				description: toolDescription,
+				func,
+				schema,
+			});
+		} else {
+			// Keep the old behavior for nodes with version 1.0
+			const description = prepareToolDescription(toolDescription, toolParameters);
+			tool = new DynamicTool({ name, description, func });
+		}
 
 		return {
 			response: tool,
diff --git a/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/utils.ts b/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/utils.ts
index 28015b588a101..96ae0d8492a33 100644
--- a/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/utils.ts
+++ b/packages/@n8n/nodes-langchain/nodes/tools/ToolHttpRequest/utils.ts
@@ -27,6 +27,8 @@ import type {
 	SendIn,
 	ToolParameter,
 } from './interfaces';
+import type { DynamicZodObject } from '../../../types/zod.types';
+import { z } from 'zod';
 
 const genericCredentialRequest = async (ctx: IExecuteFunctions, itemIndex: number) => {
 	const genericType = ctx.getNodeParameter('genericAuthType', itemIndex) as string;
@@ -566,7 +568,7 @@ export const configureToolFunction = (
 	httpRequest: (options: IHttpRequestOptions) => Promise<any>,
 	optimizeResponse: (response: string) => string,
 ) => {
-	return async (query: string): Promise<string> => {
+	return async (query: string | IDataObject): Promise<string> => {
 		const { index } = ctx.addInputData(NodeConnectionType.AiTool, [[{ json: { query } }]]);
 
 		let response: string = '';
@@ -581,18 +583,22 @@ export const configureToolFunction = (
 			if (query) {
 				let dataFromModel;
 
-				try {
-					dataFromModel = jsonParse<IDataObject>(query);
-				} catch (error) {
-					if (toolParameters.length === 1) {
-						dataFromModel = { [toolParameters[0].name]: query };
-					} else {
-						throw new NodeOperationError(
-							ctx.getNode(),
-							`Input is not a valid JSON: ${error.message}`,
-							{ itemIndex },
-						);
+				if (typeof query === 'string') {
+					try {
+						dataFromModel = jsonParse<IDataObject>(query);
+					} catch (error) {
+						if (toolParameters.length === 1) {
+							dataFromModel = { [toolParameters[0].name]: query };
+						} else {
+							throw new NodeOperationError(
+								ctx.getNode(),
+								`Input is not a valid JSON: ${error.message}`,
+								{ itemIndex },
+							);
+						}
 					}
+				} else {
+					dataFromModel = query;
 				}
 
 				for (const parameter of toolParameters) {
@@ -727,6 +733,8 @@ export const configureToolFunction = (
 				}
 			}
 		} catch (error) {
+			console.error(error);
+
 			const errorMessage = 'Input provided by model is not valid';
 
 			if (error instanceof NodeOperationError) {
@@ -765,3 +773,38 @@ export const configureToolFunction = (
 		return response;
 	};
 };
+
+function makeParameterZodSchema(parameter: ToolParameter) {
+	let schema: z.ZodTypeAny;
+
+	if (parameter.type === 'string') {
+		schema = z.string();
+	} else if (parameter.type === 'number') {
+		schema = z.number();
+	} else if (parameter.type === 'boolean') {
+		schema = z.boolean();
+	} else if (parameter.type === 'json') {
+		schema = z.record(z.any());
+	} else {
+		schema = z.string();
+	}
+
+	if (!parameter.required) {
+		schema = schema.optional();
+	}
+
+	if (parameter.description) {
+		schema = schema.describe(parameter.description);
+	}
+
+	return schema;
+}
+
+export function makeToolInputSchema(parameters: ToolParameter[]): DynamicZodObject {
+	const schemaEntries = parameters.map((parameter) => [
+		parameter.name,
+		makeParameterZodSchema(parameter),
+	]);
+
+	return z.object(Object.fromEntries(schemaEntries));
+}
diff --git a/packages/@n8n/nodes-langchain/nodes/tools/ToolWorkflow/ToolWorkflow.node.ts b/packages/@n8n/nodes-langchain/nodes/tools/ToolWorkflow/ToolWorkflow.node.ts
index 54b8318f5b8b8..5ed96cbd60123 100644
--- a/packages/@n8n/nodes-langchain/nodes/tools/ToolWorkflow/ToolWorkflow.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/tools/ToolWorkflow/ToolWorkflow.node.ts
@@ -493,7 +493,7 @@ export class ToolWorkflow implements INodeType {
 		if (useSchema) {
 			try {
 				// We initialize these even though one of them will always be empty
-				// it makes it easer to navigate the ternary operator
+				// it makes it easier to navigate the ternary operator
 				const jsonExample = this.getNodeParameter('jsonSchemaExample', itemIndex, '') as string;
 				const inputSchema = this.getNodeParameter('inputSchema', itemIndex, '') as string;
 
diff --git a/packages/@n8n/nodes-langchain/nodes/trigger/ManualChatTrigger/ManualChatTrigger.node.ts b/packages/@n8n/nodes-langchain/nodes/trigger/ManualChatTrigger/ManualChatTrigger.node.ts
index 272213d5390c2..816b56b59ad40 100644
--- a/packages/@n8n/nodes-langchain/nodes/trigger/ManualChatTrigger/ManualChatTrigger.node.ts
+++ b/packages/@n8n/nodes-langchain/nodes/trigger/ManualChatTrigger/ManualChatTrigger.node.ts
@@ -50,7 +50,9 @@ export class ManualChatTrigger implements INodeType {
 				name: 'openChat',
 				type: 'button',
 				typeOptions: {
-					action: 'openChat',
+					buttonConfig: {
+						action: 'openChat',
+					},
 				},
 				default: '',
 			},
diff --git a/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/assistant/message.operation.ts b/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/assistant/message.operation.ts
index da2770d05f2eb..134e8a1167924 100644
--- a/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/assistant/message.operation.ts
+++ b/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/assistant/message.operation.ts
@@ -163,7 +163,7 @@ export async function execute(this: IExecuteFunctions, i: number): Promise<INode
 
 	const agent = new OpenAIAssistantRunnable({ assistantId, client, asAgent: true });
 
-	const tools = await getConnectedTools(this, nodeVersion > 1);
+	const tools = await getConnectedTools(this, nodeVersion > 1, false);
 	let assistantTools;
 
 	if (tools.length) {
diff --git a/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/text/message.operation.ts b/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/text/message.operation.ts
index 4cf72e9f5f48c..d37be5a065e6d 100644
--- a/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/text/message.operation.ts
+++ b/packages/@n8n/nodes-langchain/nodes/vendors/OpenAi/actions/text/message.operation.ts
@@ -219,7 +219,7 @@ export async function execute(this: IExecuteFunctions, i: number): Promise<INode
 
 	if (hideTools !== 'hide') {
 		const enforceUniqueNames = nodeVersion > 1;
-		externalTools = await getConnectedTools(this, enforceUniqueNames);
+		externalTools = await getConnectedTools(this, enforceUniqueNames, false);
 	}
 
 	if (externalTools.length) {
diff --git a/packages/@n8n/nodes-langchain/package.json b/packages/@n8n/nodes-langchain/package.json
index 3a328af0ae880..d1478e1d22347 100644
--- a/packages/@n8n/nodes-langchain/package.json
+++ b/packages/@n8n/nodes-langchain/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@n8n/n8n-nodes-langchain",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "description": "",
   "main": "index.js",
   "scripts": {
@@ -153,11 +153,11 @@
     "@langchain/textsplitters": "0.0.3",
     "@mozilla/readability": "^0.5.0",
     "@n8n/typeorm": "0.3.20-10",
-    "@n8n/vm2": "3.9.24",
+    "@n8n/vm2": "3.9.25",
     "@pinecone-database/pinecone": "3.0.0",
     "@qdrant/js-client-rest": "1.9.0",
     "@supabase/supabase-js": "2.43.4",
-    "@types/pg": "^8.11.3",
+    "@types/pg": "^8.11.6",
     "@xata.io/client": "0.28.4",
     "basic-auth": "catalog:",
     "cheerio": "1.0.0-rc.12",
@@ -176,7 +176,7 @@
     "n8n-workflow": "workspace:*",
     "openai": "4.53.0",
     "pdf-parse": "1.1.1",
-    "pg": "8.11.3",
+    "pg": "8.12.0",
     "redis": "4.6.12",
     "sqlite3": "5.1.7",
     "temp": "0.9.4",
diff --git a/packages/@n8n/nodes-langchain/utils/N8nTool.test.ts b/packages/@n8n/nodes-langchain/utils/N8nTool.test.ts
new file mode 100644
index 0000000000000..6f12b18079551
--- /dev/null
+++ b/packages/@n8n/nodes-langchain/utils/N8nTool.test.ts
@@ -0,0 +1,169 @@
+import { N8nTool } from './N8nTool';
+import { createMockExecuteFunction } from 'n8n-nodes-base/test/nodes/Helpers';
+import { z } from 'zod';
+import type { INode } from 'n8n-workflow';
+import { DynamicStructuredTool, DynamicTool } from '@langchain/core/tools';
+
+const mockNode: INode = {
+	id: '1',
+	name: 'Mock node',
+	typeVersion: 2,
+	type: 'n8n-nodes-base.mock',
+	position: [60, 760],
+	parameters: {
+		operation: 'test',
+	},
+};
+
+describe('Test N8nTool wrapper as DynamicStructuredTool', () => {
+	it('should wrap a tool', () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({
+				foo: z.string(),
+			}),
+		});
+
+		expect(tool).toBeInstanceOf(DynamicStructuredTool);
+	});
+});
+
+describe('Test N8nTool wrapper - DynamicTool fallback', () => {
+	it('should convert the tool to a dynamic tool', () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({
+				foo: z.string(),
+			}),
+		});
+
+		const dynamicTool = tool.asDynamicTool();
+
+		expect(dynamicTool).toBeInstanceOf(DynamicTool);
+	});
+
+	it('should format fallback description correctly', () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({
+				foo: z.string(),
+				bar: z.number().optional(),
+				qwe: z.boolean().describe('Boolean description'),
+			}),
+		});
+
+		const dynamicTool = tool.asDynamicTool();
+
+		expect(dynamicTool.description).toContain('foo: (description: , type: string, required: true)');
+		expect(dynamicTool.description).toContain(
+			'bar: (description: , type: number, required: false)',
+		);
+
+		expect(dynamicTool.description).toContain(
+			'qwe: (description: Boolean description, type: boolean, required: true)',
+		);
+	});
+
+	it('should handle empty parameter list correctly', () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({}),
+		});
+
+		const dynamicTool = tool.asDynamicTool();
+
+		expect(dynamicTool.description).toEqual('A dummy tool for testing');
+	});
+
+	it('should parse correct parameters', async () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({
+				foo: z.string().describe('Foo description'),
+				bar: z.number().optional(),
+			}),
+		});
+
+		const dynamicTool = tool.asDynamicTool();
+
+		const testParameters = { foo: 'some value' };
+
+		await dynamicTool.func(JSON.stringify(testParameters));
+
+		expect(func).toHaveBeenCalledWith(testParameters);
+	});
+
+	it('should recover when 1 parameter is passed directly', async () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({
+				foo: z.string().describe('Foo description'),
+			}),
+		});
+
+		const dynamicTool = tool.asDynamicTool();
+
+		const testParameter = 'some value';
+
+		await dynamicTool.func(testParameter);
+
+		expect(func).toHaveBeenCalledWith({ foo: testParameter });
+	});
+
+	it('should recover when JS object is passed instead of JSON', async () => {
+		const func = jest.fn();
+
+		const ctx = createMockExecuteFunction({}, mockNode);
+
+		const tool = new N8nTool(ctx, {
+			name: 'Dummy Tool',
+			description: 'A dummy tool for testing',
+			func,
+			schema: z.object({
+				foo: z.string().describe('Foo description'),
+			}),
+		});
+
+		const dynamicTool = tool.asDynamicTool();
+
+		await dynamicTool.func('{ foo: "some value" }');
+
+		expect(func).toHaveBeenCalledWith({ foo: 'some value' });
+	});
+});
diff --git a/packages/@n8n/nodes-langchain/utils/N8nTool.ts b/packages/@n8n/nodes-langchain/utils/N8nTool.ts
new file mode 100644
index 0000000000000..bb8bab08bd4fb
--- /dev/null
+++ b/packages/@n8n/nodes-langchain/utils/N8nTool.ts
@@ -0,0 +1,113 @@
+import type { DynamicStructuredToolInput } from '@langchain/core/tools';
+import { DynamicStructuredTool, DynamicTool } from '@langchain/core/tools';
+import type { IExecuteFunctions, IDataObject } from 'n8n-workflow';
+import { NodeConnectionType, jsonParse, NodeOperationError } from 'n8n-workflow';
+import { StructuredOutputParser } from 'langchain/output_parsers';
+import type { ZodTypeAny } from 'zod';
+import { ZodBoolean, ZodNullable, ZodNumber, ZodObject, ZodOptional } from 'zod';
+
+const getSimplifiedType = (schema: ZodTypeAny) => {
+	if (schema instanceof ZodObject) {
+		return 'object';
+	} else if (schema instanceof ZodNumber) {
+		return 'number';
+	} else if (schema instanceof ZodBoolean) {
+		return 'boolean';
+	} else if (schema instanceof ZodNullable || schema instanceof ZodOptional) {
+		return getSimplifiedType(schema.unwrap());
+	}
+
+	return 'string';
+};
+
+const getParametersDescription = (parameters: Array<[string, ZodTypeAny]>) =>
+	parameters
+		.map(
+			([name, schema]) =>
+				`${name}: (description: ${schema.description ?? ''}, type: ${getSimplifiedType(schema)}, required: ${!schema.isOptional()})`,
+		)
+		.join(',\n ');
+
+export const prepareFallbackToolDescription = (toolDescription: string, schema: ZodObject<any>) => {
+	let description = `${toolDescription}`;
+
+	const toolParameters = Object.entries<ZodTypeAny>(schema.shape);
+
+	if (toolParameters.length) {
+		description += `
+Tool expects valid stringified JSON object with ${toolParameters.length} properties.
+Property names with description, type and required status:
+${getParametersDescription(toolParameters)}
+ALL parameters marked as required must be provided`;
+	}
+
+	return description;
+};
+
+export class N8nTool extends DynamicStructuredTool {
+	private context: IExecuteFunctions;
+
+	constructor(context: IExecuteFunctions, fields: DynamicStructuredToolInput) {
+		super(fields);
+
+		this.context = context;
+	}
+
+	asDynamicTool(): DynamicTool {
+		const { name, func, schema, context, description } = this;
+
+		const parser = new StructuredOutputParser(schema);
+
+		const wrappedFunc = async function (query: string) {
+			let parsedQuery: object;
+
+			// First we try to parse the query using the structured parser (Zod schema)
+			try {
+				parsedQuery = await parser.parse(query);
+			} catch (e) {
+				// If we were unable to parse the query using the schema, we try to gracefully handle it
+				let dataFromModel;
+
+				try {
+					// First we try to parse a JSON with more relaxed rules
+					dataFromModel = jsonParse<IDataObject>(query, { acceptJSObject: true });
+				} catch (error) {
+					// In case of error,
+					// If model supplied a simple string instead of an object AND only one parameter expected, we try to recover the object structure
+					if (Object.keys(schema.shape).length === 1) {
+						const parameterName = Object.keys(schema.shape)[0];
+						dataFromModel = { [parameterName]: query };
+					} else {
+						// Finally throw an error if we were unable to parse the query
+						throw new NodeOperationError(
+							context.getNode(),
+							`Input is not a valid JSON: ${error.message}`,
+						);
+					}
+				}
+
+				// If we were able to parse the query with a fallback, we try to validate it using the schema
+				// Here we will throw an error if the data still does not match the schema
+				parsedQuery = schema.parse(dataFromModel);
+			}
+
+			try {
+				// Call tool function with parsed query
+				const result = await func(parsedQuery);
+
+				return result;
+			} catch (e) {
+				const { index } = context.addInputData(NodeConnectionType.AiTool, [[{ json: { query } }]]);
+				void context.addOutputData(NodeConnectionType.AiTool, index, e);
+
+				return e.toString();
+			}
+		};
+
+		return new DynamicTool({
+			name,
+			description: prepareFallbackToolDescription(description, schema),
+			func: wrappedFunc,
+		});
+	}
+}
diff --git a/packages/@n8n/nodes-langchain/utils/helpers.ts b/packages/@n8n/nodes-langchain/utils/helpers.ts
index c6d27ee2f69f3..673fa0402c483 100644
--- a/packages/@n8n/nodes-langchain/utils/helpers.ts
+++ b/packages/@n8n/nodes-langchain/utils/helpers.ts
@@ -1,17 +1,19 @@
-import { NodeConnectionType, NodeOperationError, jsonStringify } from 'n8n-workflow';
 import type {
 	EventNamesAiNodesType,
 	IDataObject,
 	IExecuteFunctions,
 	IWebhookFunctions,
 } from 'n8n-workflow';
+import { NodeConnectionType, NodeOperationError, jsonStringify } from 'n8n-workflow';
 import type { BaseChatModel } from '@langchain/core/language_models/chat_models';
 import type { BaseOutputParser } from '@langchain/core/output_parsers';
 import type { BaseMessage } from '@langchain/core/messages';
-import { DynamicTool, type Tool } from '@langchain/core/tools';
+import type { Tool } from '@langchain/core/tools';
 import type { BaseLLM } from '@langchain/core/language_models/llms';
 import type { BaseChatMemory } from 'langchain/memory';
 import type { BaseChatMessageHistory } from '@langchain/core/chat_history';
+import { N8nTool } from './N8nTool';
+import { DynamicTool } from '@langchain/core/tools';
 
 function hasMethods<T>(obj: unknown, ...methodNames: Array<string | symbol>): obj is T {
 	return methodNames.every(
@@ -178,7 +180,11 @@ export function serializeChatHistory(chatHistory: BaseMessage[]): string {
 		.join('\n');
 }
 
-export const getConnectedTools = async (ctx: IExecuteFunctions, enforceUniqueNames: boolean) => {
+export const getConnectedTools = async (
+	ctx: IExecuteFunctions,
+	enforceUniqueNames: boolean,
+	convertStructuredTool: boolean = true,
+) => {
 	const connectedTools =
 		((await ctx.getInputConnectionData(NodeConnectionType.AiTool, 0)) as Tool[]) || [];
 
@@ -186,8 +192,10 @@ export const getConnectedTools = async (ctx: IExecuteFunctions, enforceUniqueNam
 
 	const seenNames = new Set<string>();
 
+	const finalTools = [];
+
 	for (const tool of connectedTools) {
-		if (!(tool instanceof DynamicTool)) continue;
+		if (!(tool instanceof DynamicTool) && !(tool instanceof N8nTool)) continue;
 
 		const { name } = tool;
 		if (seenNames.has(name)) {
@@ -197,7 +205,13 @@ export const getConnectedTools = async (ctx: IExecuteFunctions, enforceUniqueNam
 			);
 		}
 		seenNames.add(name);
+
+		if (convertStructuredTool && tool instanceof N8nTool) {
+			finalTools.push(tool.asDynamicTool());
+		} else {
+			finalTools.push(tool);
+		}
 	}
 
-	return connectedTools;
+	return finalTools;
 };
diff --git a/packages/@n8n/permissions/src/constants.ts b/packages/@n8n/permissions/src/constants.ts
new file mode 100644
index 0000000000000..de027891c59e9
--- /dev/null
+++ b/packages/@n8n/permissions/src/constants.ts
@@ -0,0 +1,23 @@
+export const DEFAULT_OPERATIONS = ['create', 'read', 'update', 'delete', 'list'] as const;
+export const RESOURCES = {
+	auditLogs: ['manage'] as const,
+	banner: ['dismiss'] as const,
+	communityPackage: ['install', 'uninstall', 'update', 'list', 'manage'] as const,
+	credential: ['share', 'move', ...DEFAULT_OPERATIONS] as const,
+	externalSecretsProvider: ['sync', ...DEFAULT_OPERATIONS] as const,
+	externalSecret: ['list', 'use'] as const,
+	eventBusDestination: ['test', ...DEFAULT_OPERATIONS] as const,
+	ldap: ['sync', 'manage'] as const,
+	license: ['manage'] as const,
+	logStreaming: ['manage'] as const,
+	orchestration: ['read', 'list'] as const,
+	project: [...DEFAULT_OPERATIONS] as const,
+	saml: ['manage'] as const,
+	securityAudit: ['generate'] as const,
+	sourceControl: ['pull', 'push', 'manage'] as const,
+	tag: [...DEFAULT_OPERATIONS] as const,
+	user: ['resetPassword', 'changeRole', ...DEFAULT_OPERATIONS] as const,
+	variable: [...DEFAULT_OPERATIONS] as const,
+	workersView: ['manage'] as const,
+	workflow: ['share', 'execute', 'move', ...DEFAULT_OPERATIONS] as const,
+} as const;
diff --git a/packages/@n8n/permissions/src/index.ts b/packages/@n8n/permissions/src/index.ts
index 0d3e510abe67a..f04f2e4ef68ac 100644
--- a/packages/@n8n/permissions/src/index.ts
+++ b/packages/@n8n/permissions/src/index.ts
@@ -1,3 +1,4 @@
 export type * from './types';
+export * from './constants';
 export * from './hasScope';
 export * from './combineScopes';
diff --git a/packages/@n8n/permissions/src/types.ts b/packages/@n8n/permissions/src/types.ts
index 2720272e6fd75..bc714734d35aa 100644
--- a/packages/@n8n/permissions/src/types.ts
+++ b/packages/@n8n/permissions/src/types.ts
@@ -1,25 +1,7 @@
-export type DefaultOperations = 'create' | 'read' | 'update' | 'delete' | 'list';
-export type Resource =
-	| 'auditLogs'
-	| 'banner'
-	| 'communityPackage'
-	| 'credential'
-	| 'externalSecretsProvider'
-	| 'externalSecret'
-	| 'eventBusDestination'
-	| 'ldap'
-	| 'license'
-	| 'logStreaming'
-	| 'orchestration'
-	| 'project'
-	| 'saml'
-	| 'securityAudit'
-	| 'sourceControl'
-	| 'tag'
-	| 'user'
-	| 'variable'
-	| 'workersView'
-	| 'workflow';
+import type { DEFAULT_OPERATIONS, RESOURCES } from './constants';
+
+export type DefaultOperations = (typeof DEFAULT_OPERATIONS)[number];
+export type Resource = keyof typeof RESOURCES;
 
 export type ResourceScope<
 	R extends Resource,
diff --git a/packages/@n8n_io/eslint-config/local-rules.js b/packages/@n8n_io/eslint-config/local-rules.js
index c9b533a032e1e..09a9c00f0f852 100644
--- a/packages/@n8n_io/eslint-config/local-rules.js
+++ b/packages/@n8n_io/eslint-config/local-rules.js
@@ -182,12 +182,14 @@ module.exports = {
 			messages: {
 				removeSkip: 'Remove `.skip()` call',
 				removeOnly: 'Remove `.only()` call',
+				removeXPrefix: 'Remove `x` prefix',
 			},
 			fixable: 'code',
 		},
 		create(context) {
 			const TESTING_FUNCTIONS = new Set(['test', 'it', 'describe']);
 			const SKIPPING_METHODS = new Set(['skip', 'only']);
+			const PREFIXED_TESTING_FUNCTIONS = new Set(['xtest', 'xit', 'xdescribe']);
 			const toMessageId = (s) => 'remove' + s.charAt(0).toUpperCase() + s.slice(1);
 
 			return {
@@ -208,6 +210,18 @@ module.exports = {
 						});
 					}
 				},
+				CallExpression(node) {
+					if (
+						node.callee.type === 'Identifier' &&
+						PREFIXED_TESTING_FUNCTIONS.has(node.callee.name)
+					) {
+						context.report({
+							messageId: 'removeXPrefix',
+							node,
+							fix: (fixer) => fixer.replaceText(node.callee, 'test'),
+						});
+					}
+				},
 			};
 		},
 	},
@@ -448,6 +462,36 @@ module.exports = {
 			};
 		},
 	},
+
+	'no-type-unsafe-event-emitter': {
+		meta: {
+			type: 'problem',
+			docs: {
+				description: 'Disallow extending from `EventEmitter`, which is not type-safe.',
+				recommended: 'error',
+			},
+			messages: {
+				noExtendsEventEmitter: 'Extend from the type-safe `TypedEmitter` class instead.',
+			},
+		},
+		create(context) {
+			return {
+				ClassDeclaration(node) {
+					if (
+						node.superClass &&
+						node.superClass.type === 'Identifier' &&
+						node.superClass.name === 'EventEmitter' &&
+						node.id.name !== 'TypedEmitter'
+					) {
+						context.report({
+							node: node.superClass,
+							messageId: 'noExtendsEventEmitter',
+						});
+					}
+				},
+			};
+		},
+	},
 };
 
 const isJsonParseCall = (node) =>
diff --git a/packages/cli/.eslintrc.js b/packages/cli/.eslintrc.js
index ac66574887551..17ecfee499ae9 100644
--- a/packages/cli/.eslintrc.js
+++ b/packages/cli/.eslintrc.js
@@ -21,6 +21,7 @@ module.exports = {
 	rules: {
 		'n8n-local-rules/no-dynamic-import-template': 'error',
 		'n8n-local-rules/misplaced-n8n-typeorm-import': 'error',
+		'n8n-local-rules/no-type-unsafe-event-emitter': 'error',
 		complexity: 'error',
 
 		// TODO: Remove this
@@ -39,11 +40,17 @@ module.exports = {
 
 	overrides: [
 		{
-			files: ['./src/databases/**/*.ts', './test/**/*.ts'],
+			files: ['./src/databases/**/*.ts', './test/**/*.ts', './src/**/__tests__/**/*.ts'],
 			rules: {
 				'n8n-local-rules/misplaced-n8n-typeorm-import': 'off',
 			},
 		},
+		{
+			files: ['./test/**/*.ts', './src/**/__tests__/**/*.ts'],
+			rules: {
+				'n8n-local-rules/no-type-unsafe-event-emitter': 'off',
+			},
+		},
 		{
 			files: ['./src/decorators/**/*.ts'],
 			rules: {
diff --git a/packages/cli/BREAKING-CHANGES.md b/packages/cli/BREAKING-CHANGES.md
index 4797def42288b..869ace642e35b 100644
--- a/packages/cli/BREAKING-CHANGES.md
+++ b/packages/cli/BREAKING-CHANGES.md
@@ -2,6 +2,16 @@
 
 This list shows all the versions which include breaking changes and how to upgrade.
 
+## 1.55.0
+
+### What changed?
+
+The `N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES` environment variable now also blocks access to n8n's static cache directory at `~/.cache/n8n/public`.
+
+### When is action necessary?
+
+If you are writing to or reading from a file at n8n's static cache directory via a node, e.g. `Read/Write Files from Disk`, please update your node to use a different path.
+
 ## 1.52.0
 
 ### What changed?
diff --git a/packages/cli/README.md b/packages/cli/README.md
index beeac69369b2f..526f4631676de 100644
--- a/packages/cli/README.md
+++ b/packages/cli/README.md
@@ -147,8 +147,4 @@ You can also find breaking changes here: [Breaking Changes](./BREAKING-CHANGES.m
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/cli/package.json b/packages/cli/package.json
index ca8f192e40152..d0f1fc34c3f83 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "description": "n8n Workflow Automation Tool",
   "main": "dist/index",
   "types": "dist/index.d.ts",
@@ -86,7 +86,7 @@
     "@google-cloud/secret-manager": "^5.6.0",
     "@n8n/client-oauth2": "workspace:*",
     "@n8n/config": "workspace:*",
-    "@n8n/localtunnel": "2.1.0",
+    "@n8n/localtunnel": "3.0.0",
     "@n8n/n8n-nodes-langchain": "workspace:*",
     "@n8n/permissions": "workspace:*",
     "@n8n/typeorm": "0.3.20-10",
@@ -113,7 +113,7 @@
     "express": "4.19.2",
     "express-async-errors": "3.1.1",
     "express-handlebars": "7.1.2",
-    "express-openapi-validator": "5.1.6",
+    "express-openapi-validator": "5.3.1",
     "express-prom-bundle": "6.6.0",
     "express-rate-limit": "7.2.0",
     "fast-glob": "catalog:",
@@ -131,7 +131,7 @@
     "ldapts": "4.2.6",
     "lodash": "catalog:",
     "luxon": "catalog:",
-    "mysql2": "3.10.0",
+    "mysql2": "3.11.0",
     "n8n-core": "workspace:*",
     "n8n-editor-ui": "workspace:*",
     "n8n-nodes-base": "workspace:*",
@@ -144,8 +144,8 @@
     "otpauth": "9.1.1",
     "p-cancelable": "2.1.1",
     "p-lazy": "3.1.0",
-    "pg": "8.11.3",
-    "picocolors": "1.0.0",
+    "pg": "8.12.0",
+    "picocolors": "1.0.1",
     "pkce-challenge": "3.0.0",
     "posthog-node": "3.2.1",
     "prom-client": "13.2.0",
diff --git a/packages/cli/src/AbstractServer.ts b/packages/cli/src/AbstractServer.ts
index ab150e2947328..93ecb500c698c 100644
--- a/packages/cli/src/AbstractServer.ts
+++ b/packages/cli/src/AbstractServer.ts
@@ -13,15 +13,15 @@ import { N8nInstanceType } from '@/Interfaces';
 import { ExternalHooks } from '@/ExternalHooks';
 import { send, sendErrorResponse } from '@/ResponseHelper';
 import { rawBodyReader, bodyParser, corsMiddleware } from '@/middlewares';
-import { TestWebhooks } from '@/TestWebhooks';
 import { WaitingForms } from '@/WaitingForms';
-import { WaitingWebhooks } from '@/WaitingWebhooks';
-import { webhookRequestHandler } from '@/WebhookHelpers';
+import { TestWebhooks } from '@/webhooks/TestWebhooks';
+import { WaitingWebhooks } from '@/webhooks/WaitingWebhooks';
+import { createWebhookHandlerFor } from '@/webhooks/WebhookRequestHandler';
+import { LiveWebhooks } from '@/webhooks/LiveWebhooks';
 import { generateHostInstanceId } from './databases/utils/generators';
 import { Logger } from '@/Logger';
 import { ServiceUnavailableError } from './errors/response-errors/service-unavailable.error';
 import { OnShutdown } from '@/decorators/OnShutdown';
-import { ActiveWebhooks } from '@/ActiveWebhooks';
 import { GlobalConfig } from '@n8n/config';
 
 @Service()
@@ -181,33 +181,32 @@ export abstract class AbstractServer {
 
 		// Setup webhook handlers before bodyParser, to let the Webhook node handle binary data in requests
 		if (this.webhooksEnabled) {
-			const activeWebhooks = Container.get(ActiveWebhooks);
+			const liveWebhooksRequestHandler = createWebhookHandlerFor(Container.get(LiveWebhooks));
+			// Register a handler for live forms
+			this.app.all(`/${this.endpointForm}/:path(*)`, liveWebhooksRequestHandler);
 
-			// Register a handler for active forms
-			this.app.all(`/${this.endpointForm}/:path(*)`, webhookRequestHandler(activeWebhooks));
-
-			// Register a handler for active webhooks
-			this.app.all(`/${this.endpointWebhook}/:path(*)`, webhookRequestHandler(activeWebhooks));
+			// Register a handler for live webhooks
+			this.app.all(`/${this.endpointWebhook}/:path(*)`, liveWebhooksRequestHandler);
 
 			// Register a handler for waiting forms
 			this.app.all(
 				`/${this.endpointFormWaiting}/:path/:suffix?`,
-				webhookRequestHandler(Container.get(WaitingForms)),
+				createWebhookHandlerFor(Container.get(WaitingForms)),
 			);
 
 			// Register a handler for waiting webhooks
 			this.app.all(
 				`/${this.endpointWebhookWaiting}/:path/:suffix?`,
-				webhookRequestHandler(Container.get(WaitingWebhooks)),
+				createWebhookHandlerFor(Container.get(WaitingWebhooks)),
 			);
 		}
 
 		if (this.testWebhooksEnabled) {
-			const testWebhooks = Container.get(TestWebhooks);
+			const testWebhooksRequestHandler = createWebhookHandlerFor(Container.get(TestWebhooks));
 
 			// Register a handler
-			this.app.all(`/${this.endpointFormTest}/:path(*)`, webhookRequestHandler(testWebhooks));
-			this.app.all(`/${this.endpointWebhookTest}/:path(*)`, webhookRequestHandler(testWebhooks));
+			this.app.all(`/${this.endpointFormTest}/:path(*)`, testWebhooksRequestHandler);
+			this.app.all(`/${this.endpointWebhookTest}/:path(*)`, testWebhooksRequestHandler);
 		}
 
 		// Block bots from scanning the application
diff --git a/packages/cli/src/ActiveExecutions.ts b/packages/cli/src/ActiveExecutions.ts
index 97313d5cb2f07..c1a6e8ffd65a9 100644
--- a/packages/cli/src/ActiveExecutions.ts
+++ b/packages/cli/src/ActiveExecutions.ts
@@ -12,6 +12,7 @@ import {
 	ExecutionCancelledError,
 	sleep,
 } from 'n8n-workflow';
+import { strict as assert } from 'node:assert';
 
 import type {
 	ExecutionPayload,
@@ -74,9 +75,7 @@ export class ActiveExecutions {
 			}
 
 			executionId = await this.executionRepository.createNewExecution(fullExecutionData);
-			if (executionId === undefined) {
-				throw new ApplicationError('There was an issue assigning an execution id to the execution');
-			}
+			assert(executionId);
 
 			await this.concurrencyControl.throttle({ mode, executionId });
 			executionStatus = 'running';
diff --git a/packages/cli/src/ActiveWorkflowManager.ts b/packages/cli/src/ActiveWorkflowManager.ts
index 1d5050e4d1ca5..fac6e9d9faa2e 100644
--- a/packages/cli/src/ActiveWorkflowManager.ts
+++ b/packages/cli/src/ActiveWorkflowManager.ts
@@ -27,7 +27,7 @@ import {
 } from 'n8n-workflow';
 
 import type { IWorkflowDb } from '@/Interfaces';
-import * as WebhookHelpers from '@/WebhookHelpers';
+import * as WebhookHelpers from '@/webhooks/WebhookHelpers';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
 
 import type { WorkflowEntity } from '@db/entities/WorkflowEntity';
@@ -40,7 +40,7 @@ import {
 } from '@/constants';
 import { NodeTypes } from '@/NodeTypes';
 import { ExternalHooks } from '@/ExternalHooks';
-import { WebhookService } from './services/webhook.service';
+import { WebhookService } from '@/webhooks/webhook.service';
 import { Logger } from './Logger';
 import { WorkflowRepository } from '@db/repositories/workflow.repository';
 import { OrchestrationService } from '@/services/orchestration.service';
diff --git a/packages/cli/src/ErrorReporting.ts b/packages/cli/src/ErrorReporting.ts
index ceb67fe7fb7cc..a8b25c891dbe2 100644
--- a/packages/cli/src/ErrorReporting.ts
+++ b/packages/cli/src/ErrorReporting.ts
@@ -69,7 +69,7 @@ export const initErrorHandling = async () => {
 
 		if (
 			originalException instanceof QueryFailedError &&
-			originalException.message.includes('SQLITE_FULL')
+			['SQLITE_FULL', 'SQLITE_IOERR'].some((errMsg) => originalException.message.includes(errMsg))
 		) {
 			return null;
 		}
diff --git a/packages/cli/src/ExternalSecrets/ExternalSecretsManager.ee.ts b/packages/cli/src/ExternalSecrets/ExternalSecretsManager.ee.ts
index 03436f3d7acaf..2ae33be62aa9e 100644
--- a/packages/cli/src/ExternalSecrets/ExternalSecretsManager.ee.ts
+++ b/packages/cli/src/ExternalSecrets/ExternalSecretsManager.ee.ts
@@ -13,7 +13,7 @@ import { Logger } from '@/Logger';
 import { jsonParse, type IDataObject, ApplicationError } from 'n8n-workflow';
 import { EXTERNAL_SECRETS_INITIAL_BACKOFF, EXTERNAL_SECRETS_MAX_BACKOFF } from './constants';
 import { License } from '@/License';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 import { updateIntervalTime } from './externalSecretsHelper.ee';
 import { ExternalSecretsProviders } from './ExternalSecretsProviders.ee';
 import { OrchestrationService } from '@/services/orchestration.service';
diff --git a/packages/cli/test/unit/ExternalSecrets/ExternalSecretsManager.test.ts b/packages/cli/src/ExternalSecrets/__tests__/ExternalSecretsManager.ee.test.ts
similarity index 95%
rename from packages/cli/test/unit/ExternalSecrets/ExternalSecretsManager.test.ts
rename to packages/cli/src/ExternalSecrets/__tests__/ExternalSecretsManager.ee.test.ts
index cf72688d24397..7df8d6d323558 100644
--- a/packages/cli/test/unit/ExternalSecrets/ExternalSecretsManager.test.ts
+++ b/packages/cli/src/ExternalSecrets/__tests__/ExternalSecretsManager.ee.test.ts
@@ -5,14 +5,13 @@ import type { ExternalSecretsSettings } from '@/Interfaces';
 import { License } from '@/License';
 import { ExternalSecretsManager } from '@/ExternalSecrets/ExternalSecretsManager.ee';
 import { ExternalSecretsProviders } from '@/ExternalSecrets/ExternalSecretsProviders.ee';
-import { InternalHooks } from '@/InternalHooks';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import {
 	DummyProvider,
 	ErrorProvider,
 	FailedProvider,
 	MockProviders,
-} from '../../shared/ExternalSecrets/utils';
+} from '@test/ExternalSecrets/utils';
 import { mock } from 'jest-mock-extended';
 
 describe('External Secrets Manager', () => {
@@ -22,7 +21,6 @@ describe('External Secrets Manager', () => {
 	const mockProvidersInstance = new MockProviders();
 	const license = mockInstance(License);
 	const settingsRepo = mockInstance(SettingsRepository);
-	mockInstance(InternalHooks);
 	const cipher = Container.get(Cipher);
 
 	let providersMock: ExternalSecretsProviders;
diff --git a/packages/cli/src/GenericHelpers.ts b/packages/cli/src/GenericHelpers.ts
index 13762e5dfd672..300f24f9f9355 100644
--- a/packages/cli/src/GenericHelpers.ts
+++ b/packages/cli/src/GenericHelpers.ts
@@ -1,10 +1,15 @@
-import { validate } from 'class-validator';
+import { ValidationError, validate } from 'class-validator';
 import type { WorkflowEntity } from '@db/entities/WorkflowEntity';
 import type { CredentialsEntity } from '@db/entities/CredentialsEntity';
 import type { TagEntity } from '@db/entities/TagEntity';
 import type { User } from '@db/entities/User';
-import type { UserRoleChangePayload, UserUpdatePayload } from '@/requests';
+import type {
+	UserRoleChangePayload,
+	UserSettingsUpdatePayload,
+	UserUpdatePayload,
+} from '@/requests';
 import { BadRequestError } from './errors/response-errors/bad-request.error';
+import { NoXss } from './databases/utils/customValidators';
 
 export async function validateEntity(
 	entity:
@@ -13,7 +18,8 @@ export async function validateEntity(
 		| TagEntity
 		| User
 		| UserUpdatePayload
-		| UserRoleChangePayload,
+		| UserRoleChangePayload
+		| UserSettingsUpdatePayload,
 ): Promise<void> {
 	const errors = await validate(entity);
 
@@ -31,3 +37,37 @@ export async function validateEntity(
 }
 
 export const DEFAULT_EXECUTIONS_GET_ALL_LIMIT = 20;
+
+class StringWithNoXss {
+	@NoXss()
+	value: string;
+
+	constructor(value: string) {
+		this.value = value;
+	}
+}
+
+// Temporary solution until we implement payload validation middleware
+export async function validateRecordNoXss(record: Record<string, string>) {
+	const errors: ValidationError[] = [];
+
+	for (const [key, value] of Object.entries(record)) {
+		const stringWithNoXss = new StringWithNoXss(value);
+		const validationErrors = await validate(stringWithNoXss);
+
+		if (validationErrors.length > 0) {
+			const error = new ValidationError();
+			error.property = key;
+			error.constraints = validationErrors[0].constraints;
+			errors.push(error);
+		}
+	}
+
+	if (errors.length > 0) {
+		const errorMessages = errors
+			.map((error) => `${error.property}: ${Object.values(error.constraints ?? {}).join(', ')}`)
+			.join(' | ');
+
+		throw new BadRequestError(errorMessages);
+	}
+}
diff --git a/packages/cli/src/Interfaces.ts b/packages/cli/src/Interfaces.ts
index 25f758185aea9..73b1e99ec6559 100644
--- a/packages/cli/src/Interfaces.ts
+++ b/packages/cli/src/Interfaces.ts
@@ -1,4 +1,4 @@
-import type { Application, Request, Response } from 'express';
+import type { Application } from 'express';
 import type {
 	ExecutionError,
 	ICredentialDataDecryptedObject,
@@ -22,7 +22,6 @@ import type {
 	FeatureFlags,
 	INodeProperties,
 	IUserSettings,
-	IHttpRequestMethods,
 	StartNodeData,
 } from 'n8n-workflow';
 
@@ -43,7 +42,7 @@ import type { WorkflowRepository } from '@db/repositories/workflow.repository';
 import type { ExternalHooks } from './ExternalHooks';
 import type { LICENSE_FEATURES, LICENSE_QUOTAS } from './constants';
 import type { WorkflowWithSharingsAndCredentials } from './workflows/workflows.types';
-import type { WorkerJobStatusSummary } from './services/orchestration/worker/types';
+import type { RunningJobSummary } from './scaling/types';
 import type { Scope } from '@n8n/permissions';
 
 export interface ICredentialsTypeData {
@@ -239,42 +238,6 @@ export interface IExternalHooksFunctions {
 	};
 }
 
-export type WebhookCORSRequest = Request & { method: 'OPTIONS' };
-
-export type WebhookRequest = Request<{ path: string }> & {
-	method: IHttpRequestMethods;
-	params: Record<string, string>;
-};
-
-export type WaitingWebhookRequest = WebhookRequest & {
-	params: WebhookRequest['path'] & { suffix?: string };
-};
-
-export interface WebhookAccessControlOptions {
-	allowedOrigins?: string;
-}
-
-export interface IWebhookManager {
-	/** Gets all request methods associated with a webhook path*/
-	getWebhookMethods?: (path: string) => Promise<IHttpRequestMethods[]>;
-
-	/** Find the CORS options matching a path and method */
-	findAccessControlOptions?: (
-		path: string,
-		httpMethod: IHttpRequestMethods,
-	) => Promise<WebhookAccessControlOptions | undefined>;
-
-	executeWebhook(req: WebhookRequest, res: Response): Promise<IResponseCallbackData>;
-}
-
-export interface ITelemetryUserDeletionData {
-	user_id: string;
-	target_user_old_status: 'active' | 'invited';
-	migration_strategy?: 'transfer_data' | 'delete_data';
-	target_user_id?: string;
-	migration_user_id?: string;
-}
-
 export interface IVersionNotificationSettings {
 	enabled: boolean;
 	endpoint: string;
@@ -457,7 +420,7 @@ export interface IPushDataWorkerStatusMessage {
 
 export interface IPushDataWorkerStatusPayload {
 	workerId: string;
-	runningJobsSummary: WorkerJobStatusSummary[];
+	runningJobsSummary: RunningJobSummary[];
 	freeMem: number;
 	totalMem: number;
 	uptime: number;
@@ -474,13 +437,6 @@ export interface IPushDataWorkerStatusPayload {
 	version: string;
 }
 
-export interface IResponseCallbackData {
-	data?: IDataObject | IDataObject[];
-	headers?: object;
-	noWebhookResponse?: boolean;
-	responseCode?: number;
-}
-
 export interface INodesTypeData {
 	[key: string]: {
 		className: string;
diff --git a/packages/cli/src/InternalHooks.ts b/packages/cli/src/InternalHooks.ts
index fda2c3f21dfc7..b3d45b67c0acd 100644
--- a/packages/cli/src/InternalHooks.ts
+++ b/packages/cli/src/InternalHooks.ts
@@ -1,374 +1,24 @@
 import { Service } from 'typedi';
-import { snakeCase } from 'change-case';
-import { get as pslGet } from 'psl';
-import type {
-	ExecutionStatus,
-	INodesGraphResult,
-	IRun,
-	ITelemetryTrackProperties,
-	IWorkflowBase,
-} from 'n8n-workflow';
-import { TelemetryHelpers } from 'n8n-workflow';
-
-import { N8N_VERSION } from '@/constants';
-import type { AuthProviderType } from '@db/entities/AuthIdentity';
-import type { User } from '@db/entities/User';
-import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
-import { determineFinalExecutionStatus } from '@/executionLifecycleHooks/shared/sharedHookFunctions';
-import type { ITelemetryUserDeletionData, IExecutionTrackProperties } from '@/Interfaces';
-import { WorkflowStatisticsService } from '@/services/workflow-statistics.service';
-import { NodeTypes } from '@/NodeTypes';
 import { Telemetry } from '@/telemetry';
 import { MessageEventBus } from './eventbus/MessageEventBus/MessageEventBus';
 
 /**
- * @deprecated Do not add to this class. To add audit or telemetry events, use
- * `EventService` to emit the event and then use the `AuditEventRelay` or
+ * @deprecated Do not add to this class. It will be removed once we remove
+ * further dep cycles. To add log streaming or telemetry events, use
+ * `EventService` to emit the event and then use the `LogStreamingEventRelay` or
  * `TelemetryEventRelay` to forward them to the event bus or telemetry.
  */
 @Service()
 export class InternalHooks {
 	constructor(
 		private readonly telemetry: Telemetry,
-		private readonly nodeTypes: NodeTypes,
-		private readonly sharedWorkflowRepository: SharedWorkflowRepository,
-		workflowStatisticsService: WorkflowStatisticsService,
 		// Can't use @ts-expect-error because only dev time tsconfig considers this as an error, but not build time
 		// eslint-disable-next-line @typescript-eslint/ban-ts-comment
 		// @ts-ignore - needed until we decouple telemetry
 		private readonly _eventBus: MessageEventBus, // needed until we decouple telemetry
-	) {
-		workflowStatisticsService.on('telemetry.onFirstProductionWorkflowSuccess', (metrics) =>
-			this.onFirstProductionWorkflowSuccess(metrics),
-		);
-		workflowStatisticsService.on('telemetry.onFirstWorkflowDataLoad', (metrics) =>
-			this.onFirstWorkflowDataLoad(metrics),
-		);
-	}
+	) {}
 
 	async init() {
 		await this.telemetry.init();
 	}
-
-	onFrontendSettingsAPI(pushRef?: string): void {
-		this.telemetry.track('Session started', { session_id: pushRef });
-	}
-
-	onPersonalizationSurveySubmitted(userId: string, answers: Record<string, string>): void {
-		const camelCaseKeys = Object.keys(answers);
-		const personalizationSurveyData = { user_id: userId } as Record<string, string | string[]>;
-		camelCaseKeys.forEach((camelCaseKey) => {
-			personalizationSurveyData[snakeCase(camelCaseKey)] = answers[camelCaseKey];
-		});
-
-		this.telemetry.track('User responded to personalization questions', personalizationSurveyData);
-	}
-
-	// eslint-disable-next-line complexity
-	async onWorkflowPostExecute(
-		_executionId: string,
-		workflow: IWorkflowBase,
-		runData?: IRun,
-		userId?: string,
-	) {
-		if (!workflow.id) {
-			return;
-		}
-
-		if (runData?.status === 'waiting') {
-			// No need to send telemetry or logs when the workflow hasn't finished yet.
-			return;
-		}
-
-		const telemetryProperties: IExecutionTrackProperties = {
-			workflow_id: workflow.id,
-			is_manual: false,
-			version_cli: N8N_VERSION,
-			success: false,
-		};
-
-		if (userId) {
-			telemetryProperties.user_id = userId;
-		}
-
-		if (runData?.data.resultData.error?.message?.includes('canceled')) {
-			runData.status = 'canceled';
-		}
-
-		telemetryProperties.success = !!runData?.finished;
-
-		// const executionStatus: ExecutionStatus = runData?.status ?? 'unknown';
-		const executionStatus: ExecutionStatus = runData
-			? determineFinalExecutionStatus(runData)
-			: 'unknown';
-
-		if (runData !== undefined) {
-			telemetryProperties.execution_mode = runData.mode;
-			telemetryProperties.is_manual = runData.mode === 'manual';
-
-			let nodeGraphResult: INodesGraphResult | null = null;
-
-			if (!telemetryProperties.success && runData?.data.resultData.error) {
-				telemetryProperties.error_message = runData?.data.resultData.error.message;
-				let errorNodeName =
-					'node' in runData?.data.resultData.error
-						? runData?.data.resultData.error.node?.name
-						: undefined;
-				telemetryProperties.error_node_type =
-					'node' in runData?.data.resultData.error
-						? runData?.data.resultData.error.node?.type
-						: undefined;
-
-				if (runData.data.resultData.lastNodeExecuted) {
-					const lastNode = TelemetryHelpers.getNodeTypeForName(
-						workflow,
-						runData.data.resultData.lastNodeExecuted,
-					);
-
-					if (lastNode !== undefined) {
-						telemetryProperties.error_node_type = lastNode.type;
-						errorNodeName = lastNode.name;
-					}
-				}
-
-				if (telemetryProperties.is_manual) {
-					nodeGraphResult = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
-					telemetryProperties.node_graph = nodeGraphResult.nodeGraph;
-					telemetryProperties.node_graph_string = JSON.stringify(nodeGraphResult.nodeGraph);
-
-					if (errorNodeName) {
-						telemetryProperties.error_node_id = nodeGraphResult.nameIndices[errorNodeName];
-					}
-				}
-			}
-
-			if (telemetryProperties.is_manual) {
-				if (!nodeGraphResult) {
-					nodeGraphResult = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
-				}
-
-				let userRole: 'owner' | 'sharee' | undefined = undefined;
-				if (userId) {
-					const role = await this.sharedWorkflowRepository.findSharingRole(userId, workflow.id);
-					if (role) {
-						userRole = role === 'workflow:owner' ? 'owner' : 'sharee';
-					}
-				}
-
-				const manualExecEventProperties: ITelemetryTrackProperties = {
-					user_id: userId,
-					workflow_id: workflow.id,
-					status: executionStatus,
-					executionStatus: runData?.status ?? 'unknown',
-					error_message: telemetryProperties.error_message as string,
-					error_node_type: telemetryProperties.error_node_type,
-					node_graph_string: telemetryProperties.node_graph_string as string,
-					error_node_id: telemetryProperties.error_node_id as string,
-					webhook_domain: null,
-					sharing_role: userRole,
-				};
-
-				if (!manualExecEventProperties.node_graph_string) {
-					nodeGraphResult = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
-					manualExecEventProperties.node_graph_string = JSON.stringify(nodeGraphResult.nodeGraph);
-				}
-
-				if (runData.data.startData?.destinationNode) {
-					const telemetryPayload = {
-						...manualExecEventProperties,
-						node_type: TelemetryHelpers.getNodeTypeForName(
-							workflow,
-							runData.data.startData?.destinationNode,
-						)?.type,
-						node_id: nodeGraphResult.nameIndices[runData.data.startData?.destinationNode],
-					};
-
-					this.telemetry.track('Manual node exec finished', telemetryPayload);
-				} else {
-					nodeGraphResult.webhookNodeNames.forEach((name: string) => {
-						const execJson = runData.data.resultData.runData[name]?.[0]?.data?.main?.[0]?.[0]
-							?.json as { headers?: { origin?: string } };
-						if (execJson?.headers?.origin && execJson.headers.origin !== '') {
-							manualExecEventProperties.webhook_domain = pslGet(
-								execJson.headers.origin.replace(/^https?:\/\//, ''),
-							);
-						}
-					});
-
-					this.telemetry.track('Manual workflow exec finished', manualExecEventProperties);
-				}
-			}
-		}
-
-		this.telemetry.trackWorkflowExecution(telemetryProperties);
-	}
-
-	onWorkflowSharingUpdate(workflowId: string, userId: string, userList: string[]) {
-		const properties: ITelemetryTrackProperties = {
-			workflow_id: workflowId,
-			user_id_sharer: userId,
-			user_id_list: userList,
-		};
-
-		this.telemetry.track('User updated workflow sharing', properties);
-	}
-
-	async onN8nStop(): Promise<void> {
-		const timeoutPromise = new Promise<void>((resolve) => {
-			setTimeout(resolve, 3000);
-		});
-
-		return await Promise.race([timeoutPromise, this.telemetry.trackN8nStop()]);
-	}
-
-	onUserDeletion(userDeletionData: {
-		user: User;
-		telemetryData: ITelemetryUserDeletionData;
-		publicApi: boolean;
-	}) {
-		this.telemetry.track('User deleted user', {
-			...userDeletionData.telemetryData,
-			user_id: userDeletionData.user.id,
-			public_api: userDeletionData.publicApi,
-		});
-	}
-
-	onUserInvite(userInviteData: {
-		user: User;
-		target_user_id: string[];
-		public_api: boolean;
-		email_sent: boolean;
-		invitee_role: string;
-	}) {
-		this.telemetry.track('User invited new user', {
-			user_id: userInviteData.user.id,
-			target_user_id: userInviteData.target_user_id,
-			public_api: userInviteData.public_api,
-			email_sent: userInviteData.email_sent,
-			invitee_role: userInviteData.invitee_role,
-		});
-	}
-
-	onUserRoleChange(userRoleChangeData: {
-		user: User;
-		target_user_id: string;
-		public_api: boolean;
-		target_user_new_role: string;
-	}) {
-		const { user, ...rest } = userRoleChangeData;
-
-		this.telemetry.track('User changed role', { user_id: user.id, ...rest });
-	}
-
-	onUserRetrievedUser(userRetrievedData: { user_id: string; public_api: boolean }) {
-		this.telemetry.track('User retrieved user', userRetrievedData);
-	}
-
-	onUserRetrievedAllUsers(userRetrievedData: { user_id: string; public_api: boolean }) {
-		this.telemetry.track('User retrieved all users', userRetrievedData);
-	}
-
-	onUserRetrievedExecution(userRetrievedData: { user_id: string; public_api: boolean }) {
-		this.telemetry.track('User retrieved execution', userRetrievedData);
-	}
-
-	onUserRetrievedAllExecutions(userRetrievedData: { user_id: string; public_api: boolean }) {
-		this.telemetry.track('User retrieved all executions', userRetrievedData);
-	}
-
-	onUserRetrievedWorkflow(userRetrievedData: { user_id: string; public_api: boolean }) {
-		this.telemetry.track('User retrieved workflow', userRetrievedData);
-	}
-
-	onUserRetrievedAllWorkflows(userRetrievedData: { user_id: string; public_api: boolean }) {
-		this.telemetry.track('User retrieved all workflows', userRetrievedData);
-	}
-
-	onUserUpdate(userUpdateData: { user: User; fields_changed: string[] }) {
-		this.telemetry.track('User changed personal settings', {
-			user_id: userUpdateData.user.id,
-			fields_changed: userUpdateData.fields_changed,
-		});
-	}
-
-	onUserInviteEmailClick(userInviteClickData: { inviter: User; invitee: User }) {
-		this.telemetry.track('User clicked invite link from email', {
-			user_id: userInviteClickData.invitee.id,
-		});
-	}
-
-	onUserPasswordResetEmailClick(userPasswordResetData: { user: User }) {
-		this.telemetry.track('User clicked password reset link from email', {
-			user_id: userPasswordResetData.user.id,
-		});
-	}
-
-	onUserTransactionalEmail(userTransactionalEmailData: {
-		user_id: string;
-		message_type:
-			| 'Reset password'
-			| 'New user invite'
-			| 'Resend invite'
-			| 'Workflow shared'
-			| 'Credentials shared';
-		public_api: boolean;
-	}) {
-		this.telemetry.track('Instance sent transactional email to user', userTransactionalEmailData);
-	}
-
-	onUserPasswordResetRequestClick(userPasswordResetData: { user: User }) {
-		this.telemetry.track('User requested password reset while logged out', {
-			user_id: userPasswordResetData.user.id,
-		});
-	}
-
-	onInstanceOwnerSetup(instanceOwnerSetupData: { user_id: string }) {
-		this.telemetry.track('Owner finished instance setup', instanceOwnerSetupData);
-	}
-
-	onUserSignup(
-		user: User,
-		userSignupData: {
-			user_type: AuthProviderType;
-			was_disabled_ldap_user: boolean;
-		},
-	) {
-		this.telemetry.track('User signed up', {
-			user_id: user.id,
-			...userSignupData,
-		});
-	}
-
-	onEmailFailed(failedEmailData: {
-		user: User;
-		message_type:
-			| 'Reset password'
-			| 'New user invite'
-			| 'Resend invite'
-			| 'Workflow shared'
-			| 'Credentials shared';
-		public_api: boolean;
-	}) {
-		this.telemetry.track('Instance failed to send transactional email to user', {
-			user_id: failedEmailData.user.id,
-		});
-	}
-
-	/*
-	 * Execution Statistics
-	 */
-	onFirstProductionWorkflowSuccess(data: { user_id: string; workflow_id: string }) {
-		this.telemetry.track('Workflow first prod success', data);
-	}
-
-	onFirstWorkflowDataLoad(data: {
-		user_id: string;
-		workflow_id: string;
-		node_type: string;
-		node_id: string;
-		credential_type?: string;
-		credential_id?: string;
-	}) {
-		this.telemetry.track('Workflow first data fetched', data);
-	}
 }
diff --git a/packages/cli/test/unit/Ldap/helpers.test.ts b/packages/cli/src/Ldap/__tests__/helpers.test.ts
similarity index 96%
rename from packages/cli/test/unit/Ldap/helpers.test.ts
rename to packages/cli/src/Ldap/__tests__/helpers.test.ts
index debb96da382d1..719adea76c5a7 100644
--- a/packages/cli/test/unit/Ldap/helpers.test.ts
+++ b/packages/cli/src/Ldap/__tests__/helpers.test.ts
@@ -1,5 +1,5 @@
 import { UserRepository } from '@/databases/repositories/user.repository';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import * as helpers from '@/Ldap/helpers.ee';
 import { AuthIdentity } from '@/databases/entities/AuthIdentity';
 import { User } from '@/databases/entities/User';
diff --git a/packages/cli/src/Ldap/ldap.controller.ee.ts b/packages/cli/src/Ldap/ldap.controller.ee.ts
index 9bdbea39b2d99..7a56d8049d9ca 100644
--- a/packages/cli/src/Ldap/ldap.controller.ee.ts
+++ b/packages/cli/src/Ldap/ldap.controller.ee.ts
@@ -6,7 +6,7 @@ import { NON_SENSIBLE_LDAP_CONFIG_PROPERTIES } from './constants';
 import { getLdapSynchronizations } from './helpers.ee';
 import { LdapConfiguration } from './types';
 import { LdapService } from './ldap.service.ee';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController('/ldap')
 export class LdapController {
diff --git a/packages/cli/src/Ldap/ldap.service.ee.ts b/packages/cli/src/Ldap/ldap.service.ee.ts
index 85c8c6c636ea6..32c3152fb5f47 100644
--- a/packages/cli/src/Ldap/ldap.service.ee.ts
+++ b/packages/cli/src/Ldap/ldap.service.ee.ts
@@ -44,7 +44,7 @@ import {
 	LDAP_LOGIN_ENABLED,
 	LDAP_LOGIN_LABEL,
 } from './constants';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @Service()
 export class LdapService {
diff --git a/packages/cli/src/License.ts b/packages/cli/src/License.ts
index 9a2740ce7cbb7..fc0d2cd45a235 100644
--- a/packages/cli/src/License.ts
+++ b/packages/cli/src/License.ts
@@ -55,7 +55,7 @@ export class License {
 		 * This ensures the mains do not cause a 429 (too many requests) on license init.
 		 */
 		if (config.getEnv('multiMainSetup.enabled')) {
-			return autoRenewEnabled && config.getEnv('instanceRole') === 'leader';
+			return autoRenewEnabled && this.instanceSettings.isLeader;
 		}
 
 		return autoRenewEnabled;
@@ -305,6 +305,10 @@ export class License {
 		return this.isFeatureEnabled(LICENSE_FEATURES.PROJECT_ROLE_VIEWER);
 	}
 
+	isCustomNpmRegistryEnabled() {
+		return this.isFeatureEnabled(LICENSE_FEATURES.COMMUNITY_NODES_CUSTOM_REGISTRY);
+	}
+
 	getCurrentEntitlements() {
 		return this.manager?.getCurrentEntitlements() ?? [];
 	}
diff --git a/packages/cli/src/Mfa/mfa.service.ts b/packages/cli/src/Mfa/mfa.service.ts
index 91270cf4ab27d..aa6fddb5a93ce 100644
--- a/packages/cli/src/Mfa/mfa.service.ts
+++ b/packages/cli/src/Mfa/mfa.service.ts
@@ -3,6 +3,7 @@ import { Service } from 'typedi';
 import { Cipher } from 'n8n-core';
 import { AuthUserRepository } from '@db/repositories/authUser.repository';
 import { TOTPService } from './totp.service';
+import { InvalidMfaCodeError } from '@/errors/response-errors/invalid-mfa-code.error';
 
 @Service()
 export class MfaService {
@@ -60,7 +61,9 @@ export class MfaService {
 		if (mfaToken) {
 			const decryptedSecret = this.cipher.decrypt(user.mfaSecret!);
 			return this.totp.verifySecret({ secret: decryptedSecret, token: mfaToken });
-		} else if (mfaRecoveryCode) {
+		}
+
+		if (mfaRecoveryCode) {
 			const validCodes = user.mfaRecoveryCodes.map((code) => this.cipher.decrypt(code));
 			const index = validCodes.indexOf(mfaRecoveryCode);
 			if (index === -1) return false;
@@ -70,6 +73,7 @@ export class MfaService {
 			await this.authUserRepository.save(user);
 			return true;
 		}
+
 		return false;
 	}
 
@@ -79,11 +83,16 @@ export class MfaService {
 		return await this.authUserRepository.save(user);
 	}
 
-	async disableMfa(userId: string) {
-		const user = await this.authUserRepository.findOneByOrFail({ id: userId });
-		user.mfaEnabled = false;
-		user.mfaSecret = null;
-		user.mfaRecoveryCodes = [];
-		return await this.authUserRepository.save(user);
+	async disableMfa(userId: string, mfaToken: string) {
+		const isValidToken = await this.validateMfa(userId, mfaToken, undefined);
+		if (!isValidToken) {
+			throw new InvalidMfaCodeError();
+		}
+
+		await this.authUserRepository.update(userId, {
+			mfaEnabled: false,
+			mfaSecret: null,
+			mfaRecoveryCodes: [],
+		});
 	}
 }
diff --git a/packages/cli/src/PublicApi/index.ts b/packages/cli/src/PublicApi/index.ts
index d484a34e36941..af4fc97fc7907 100644
--- a/packages/cli/src/PublicApi/index.ts
+++ b/packages/cli/src/PublicApi/index.ts
@@ -15,7 +15,7 @@ import { UserRepository } from '@db/repositories/user.repository';
 import { UrlService } from '@/services/url.service';
 import type { AuthenticatedRequest } from '@/requests';
 import { GlobalConfig } from '@n8n/config';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 async function createApiRouter(
 	version: string,
diff --git a/packages/cli/src/PublicApi/types.ts b/packages/cli/src/PublicApi/types.ts
index f58b521e04a88..631a8c09d7236 100644
--- a/packages/cli/src/PublicApi/types.ts
+++ b/packages/cli/src/PublicApi/types.ts
@@ -29,6 +29,7 @@ export declare namespace ExecutionRequest {
 			includeData?: boolean;
 			workflowId?: string;
 			lastId?: string;
+			projectId?: string;
 		}
 	>;
 
@@ -142,6 +143,12 @@ export declare namespace CredentialRequest {
 	>;
 
 	type Delete = AuthenticatedRequest<{ id: string }, {}, {}, Record<string, string>>;
+
+	type Transfer = AuthenticatedRequest<
+		{ workflowId: string },
+		{},
+		{ destinationProjectId: string }
+	>;
 }
 
 export type OperationID = 'getUsers' | 'getUser';
diff --git a/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.handler.ts b/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.handler.ts
index 4da7635831340..57b6bd66f6841 100644
--- a/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.handler.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.handler.ts
@@ -19,6 +19,8 @@ import {
 	toJsonSchema,
 } from './credentials.service';
 import { Container } from 'typedi';
+import { z } from 'zod';
+import { EnterpriseCredentialsService } from '@/credentials/credentials.service.ee';
 
 export = {
 	createCredential: [
@@ -44,6 +46,20 @@ export = {
 			}
 		},
 	],
+	transferCredential: [
+		projectScope('credential:move', 'credential'),
+		async (req: CredentialRequest.Transfer, res: express.Response) => {
+			const body = z.object({ destinationProjectId: z.string() }).parse(req.body);
+
+			await Container.get(EnterpriseCredentialsService).transferOne(
+				req.user,
+				req.params.workflowId,
+				body.destinationProjectId,
+			);
+
+			res.status(204).send();
+		},
+	],
 	deleteCredential: [
 		projectScope('credential:delete', 'credential'),
 		async (
diff --git a/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.service.ts b/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.service.ts
index 668424530a516..2c4a35a6aa177 100644
--- a/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.service.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.service.ts
@@ -17,7 +17,7 @@ import { Container } from 'typedi';
 import { CredentialsRepository } from '@db/repositories/credentials.repository';
 import { SharedCredentialsRepository } from '@db/repositories/sharedCredentials.repository';
 import { ProjectRepository } from '@/databases/repositories/project.repository';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 export async function getCredentials(credentialId: string): Promise<ICredentialsDb | null> {
 	return await Container.get(CredentialsRepository).findOneBy({ id: credentialId });
diff --git a/packages/cli/src/PublicApi/v1/handlers/credentials/spec/paths/credentials.id.transfer.yml b/packages/cli/src/PublicApi/v1/handlers/credentials/spec/paths/credentials.id.transfer.yml
new file mode 100644
index 0000000000000..a9e9c5cf7c229
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/credentials/spec/paths/credentials.id.transfer.yml
@@ -0,0 +1,31 @@
+put:
+  x-eov-operation-id: transferCredential
+  x-eov-operation-handler: v1/handlers/credentials/credentials.handler
+  tags:
+    - Workflow
+  summary: Transfer a credential to another project.
+  description: Transfer a credential to another project.
+  parameters:
+    - $ref: '../schemas/parameters/credentialId.yml'
+  requestBody:
+    description: Destination project for the credential transfer.
+    content:
+      application/json:
+        schema:
+          type: object
+          properties:
+            destinationProjectId:
+              type: string
+              description: The ID of the project to transfer the credential to.
+          required:
+            - destinationProjectId
+    required: true
+  responses:
+    '200':
+      description: Operation successful.
+    '400':
+      $ref: '../../../../shared/spec/responses/badRequest.yml'
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+    '404':
+      $ref: '../../../../shared/spec/responses/notFound.yml'
diff --git a/packages/cli/src/PublicApi/v1/handlers/credentials/spec/schemas/parameters/credentialId.yml b/packages/cli/src/PublicApi/v1/handlers/credentials/spec/schemas/parameters/credentialId.yml
new file mode 100644
index 0000000000000..f16676ce0b96c
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/credentials/spec/schemas/parameters/credentialId.yml
@@ -0,0 +1,6 @@
+name: id
+in: path
+description: The ID of the credential.
+required: true
+schema:
+  type: string
diff --git a/packages/cli/src/PublicApi/v1/handlers/executions/executions.handler.ts b/packages/cli/src/PublicApi/v1/handlers/executions/executions.handler.ts
index 16ca8093cb325..ab6927724c1aa 100644
--- a/packages/cli/src/PublicApi/v1/handlers/executions/executions.handler.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/executions/executions.handler.ts
@@ -7,7 +7,7 @@ import { validCursor } from '../../shared/middlewares/global.middleware';
 import type { ExecutionRequest } from '../../../types';
 import { getSharedWorkflowIds } from '../workflows/workflows.service';
 import { encodeNextCursor } from '../../shared/services/pagination.service';
-import { InternalHooks } from '@/InternalHooks';
+import { EventService } from '@/events/event.service';
 import { ExecutionRepository } from '@db/repositories/execution.repository';
 import { ConcurrencyControlService } from '@/concurrency/concurrency-control.service';
 
@@ -78,9 +78,9 @@ export = {
 				return res.status(404).json({ message: 'Not Found' });
 			}
 
-			Container.get(InternalHooks).onUserRetrievedExecution({
-				user_id: req.user.id,
-				public_api: true,
+			Container.get(EventService).emit('user-retrieved-execution', {
+				userId: req.user.id,
+				publicApi: true,
 			});
 
 			return res.json(replaceCircularReferences(execution));
@@ -95,9 +95,10 @@ export = {
 				status = undefined,
 				includeData = false,
 				workflowId = undefined,
+				projectId,
 			} = req.query;
 
-			const sharedWorkflowsIds = await getSharedWorkflowIds(req.user, ['workflow:read']);
+			const sharedWorkflowsIds = await getSharedWorkflowIds(req.user, ['workflow:read'], projectId);
 
 			// user does not have workflows hence no executions
 			// or the execution they are trying to access belongs to a workflow they do not own
@@ -129,9 +130,9 @@ export = {
 			const count =
 				await Container.get(ExecutionRepository).getExecutionsCountForPublicApi(filters);
 
-			Container.get(InternalHooks).onUserRetrievedAllExecutions({
-				user_id: req.user.id,
-				public_api: true,
+			Container.get(EventService).emit('user-retrieved-all-executions', {
+				userId: req.user.id,
+				publicApi: true,
 			});
 
 			return res.json({
diff --git a/packages/cli/src/PublicApi/v1/handlers/executions/spec/paths/executions.yml b/packages/cli/src/PublicApi/v1/handlers/executions/spec/paths/executions.yml
index 8d26492ec30bf..6fcdaf356e4bb 100644
--- a/packages/cli/src/PublicApi/v1/handlers/executions/spec/paths/executions.yml
+++ b/packages/cli/src/PublicApi/v1/handlers/executions/spec/paths/executions.yml
@@ -21,6 +21,14 @@ get:
       schema:
         type: string
         example: '1000'
+    - name: projectId
+      in: query
+      required: false
+      explode: false
+      allowReserved: true
+      schema:
+        type: string
+        example: VmwOO9HeTEj20kxM
     - $ref: '../../../../shared/spec/parameters/limit.yml'
     - $ref: '../../../../shared/spec/parameters/cursor.yml'
   responses:
diff --git a/packages/cli/src/PublicApi/v1/handlers/projects/projects.handler.ts b/packages/cli/src/PublicApi/v1/handlers/projects/projects.handler.ts
new file mode 100644
index 0000000000000..e61e808daf301
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/projects/projects.handler.ts
@@ -0,0 +1,65 @@
+import { globalScope, isLicensed, validCursor } from '../../shared/middlewares/global.middleware';
+import type { Response } from 'express';
+import type { ProjectRequest } from '@/requests';
+import type { PaginatedRequest } from '@/PublicApi/types';
+import Container from 'typedi';
+import { ProjectController } from '@/controllers/project.controller';
+import { ProjectRepository } from '@/databases/repositories/project.repository';
+import { encodeNextCursor } from '../../shared/services/pagination.service';
+
+type Create = ProjectRequest.Create;
+type Update = ProjectRequest.Update;
+type Delete = ProjectRequest.Delete;
+type GetAll = PaginatedRequest;
+
+export = {
+	createProject: [
+		isLicensed('feat:projectRole:admin'),
+		globalScope('project:create'),
+		async (req: Create, res: Response) => {
+			const project = await Container.get(ProjectController).createProject(req);
+
+			return res.status(201).json(project);
+		},
+	],
+	updateProject: [
+		isLicensed('feat:projectRole:admin'),
+		globalScope('project:update'),
+		async (req: Update, res: Response) => {
+			await Container.get(ProjectController).updateProject(req);
+
+			return res.status(204).send();
+		},
+	],
+	deleteProject: [
+		isLicensed('feat:projectRole:admin'),
+		globalScope('project:delete'),
+		async (req: Delete, res: Response) => {
+			await Container.get(ProjectController).deleteProject(req);
+
+			return res.status(204).send();
+		},
+	],
+	getProjects: [
+		isLicensed('feat:projectRole:admin'),
+		globalScope('project:list'),
+		validCursor,
+		async (req: GetAll, res: Response) => {
+			const { offset = 0, limit = 100 } = req.query;
+
+			const [projects, count] = await Container.get(ProjectRepository).findAndCount({
+				skip: offset,
+				take: limit,
+			});
+
+			return res.json({
+				data: projects,
+				nextCursor: encodeNextCursor({
+					offset,
+					limit,
+					numberOfTotalRecords: count,
+				}),
+			});
+		},
+	],
+};
diff --git a/packages/cli/src/PublicApi/v1/handlers/projects/spec/paths/projects.projectId.yml b/packages/cli/src/PublicApi/v1/handlers/projects/spec/paths/projects.projectId.yml
new file mode 100644
index 0000000000000..a5aab19b3d6ed
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/projects/spec/paths/projects.projectId.yml
@@ -0,0 +1,43 @@
+delete:
+  x-eov-operation-id: deleteProject
+  x-eov-operation-handler: v1/handlers/projects/projects.handler
+  tags:
+    - Projects
+  summary: Delete a project
+  description: Delete a project from your instance.
+  parameters:
+    - $ref: '../schemas/parameters/projectId.yml'
+  responses:
+    '204':
+      description: Operation successful.
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+    '403':
+      $ref: '../../../../shared/spec/responses/forbidden.yml'
+    '404':
+      $ref: '../../../../shared/spec/responses/notFound.yml'
+put:
+  x-eov-operation-id: updateProject
+  x-eov-operation-handler: v1/handlers/projects/projects.handler
+  tags:
+    - Project
+  summary: Update a project
+  description: Update a project.
+  requestBody:
+    description: Updated project object.
+    content:
+      application/json:
+        schema:
+          $ref: '../schemas/project.yml'
+    required: true
+  responses:
+    '204':
+      description: Operation successful.
+    '400':
+      $ref: '../../../../shared/spec/responses/badRequest.yml'
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+    '403':
+      $ref: '../../../../shared/spec/responses/forbidden.yml'
+    '404':
+      $ref: '../../../../shared/spec/responses/notFound.yml'
diff --git a/packages/cli/src/PublicApi/v1/handlers/projects/spec/paths/projects.yml b/packages/cli/src/PublicApi/v1/handlers/projects/spec/paths/projects.yml
new file mode 100644
index 0000000000000..1babd3dd6ea03
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/projects/spec/paths/projects.yml
@@ -0,0 +1,40 @@
+post:
+  x-eov-operation-id: createProject
+  x-eov-operation-handler: v1/handlers/projects/projects.handler
+  tags:
+    - Projects
+  summary: Create a project
+  description: Create a project in your instance.
+  requestBody:
+    description: Payload for project to create.
+    content:
+      application/json:
+        schema:
+          $ref: '../schemas/project.yml'
+    required: true
+  responses:
+    '201':
+      description: Operation successful.
+    '400':
+      $ref: '../../../../shared/spec/responses/badRequest.yml'
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+get:
+  x-eov-operation-id: getProjects
+  x-eov-operation-handler: v1/handlers/projects/projects.handler
+  tags:
+    - Projects
+  summary: Retrieve projects
+  description: Retrieve projects from your instance.
+  parameters:
+    - $ref: '../../../../shared/spec/parameters/limit.yml'
+    - $ref: '../../../../shared/spec/parameters/cursor.yml'
+  responses:
+    '200':
+      description: Operation successful.
+      content:
+        application/json:
+          schema:
+            $ref: '../schemas/projectList.yml'
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
diff --git a/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/parameters/projectId.yml b/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/parameters/projectId.yml
new file mode 100644
index 0000000000000..32961f46016f9
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/parameters/projectId.yml
@@ -0,0 +1,6 @@
+name: projectId
+in: path
+description: The ID of the project.
+required: true
+schema:
+  type: string
diff --git a/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/project.yml b/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/project.yml
new file mode 100644
index 0000000000000..7a4d2ec432bdd
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/project.yml
@@ -0,0 +1,13 @@
+type: object
+additionalProperties: false
+required:
+  - name
+properties:
+  id:
+    type: string
+    readOnly: true
+  name:
+    type: string
+  type:
+    type: string
+    readOnly: true
diff --git a/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/projectList.yml b/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/projectList.yml
new file mode 100644
index 0000000000000..7d88be72fb008
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/projects/spec/schemas/projectList.yml
@@ -0,0 +1,11 @@
+type: object
+properties:
+  data:
+    type: array
+    items:
+      $ref: './project.yml'
+  nextCursor:
+    type: string
+    description: Paginate through projects by setting the cursor parameter to a nextCursor attribute returned by a previous request. Default value fetches the first "page" of the collection.
+    nullable: true
+    example: MTIzZTQ1NjctZTg5Yi0xMmQzLWE0NTYtNDI2NjE0MTc0MDA
diff --git a/packages/cli/src/PublicApi/v1/handlers/sourceControl/sourceControl.handler.ts b/packages/cli/src/PublicApi/v1/handlers/sourceControl/sourceControl.handler.ts
index f54e8bd95d8e2..7a3cf08ec0eb5 100644
--- a/packages/cli/src/PublicApi/v1/handlers/sourceControl/sourceControl.handler.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/sourceControl/sourceControl.handler.ts
@@ -10,7 +10,7 @@ import {
 	getTrackingInformationFromPullResult,
 	isSourceControlLicensed,
 } from '@/environments/sourceControl/sourceControlHelper.ee';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 export = {
 	pull: [
diff --git a/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.role.yml b/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.role.yml
new file mode 100644
index 0000000000000..92993adf7f9d4
--- /dev/null
+++ b/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.role.yml
@@ -0,0 +1,31 @@
+patch:
+  x-eov-operation-id: changeRole
+  x-eov-operation-handler: v1/handlers/users/users.handler.ee
+  tags:
+    - User
+  summary: Change a user's global role
+  description: Change a user's global role
+  parameters:
+    - $ref: '../schemas/parameters/userIdentifier.yml'
+  requestBody:
+    description: New role for the user
+    required: true
+    content:
+      application/json:
+        schema:
+          type: object
+          properties:
+            newRoleName:
+              type: string
+              enum: [global:admin, global:member]
+          required:
+            - newRoleName
+  responses:
+    '200':
+      description: Operation successful.
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+    '403':
+      $ref: '../../../../shared/spec/responses/forbidden.yml'
+    '404':
+      $ref: '../../../../shared/spec/responses/notFound.yml'
diff --git a/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.yml b/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.yml
index 0d3c86c4cef97..f3dcae00534c4 100644
--- a/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.yml
+++ b/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.id.yml
@@ -17,3 +17,21 @@ get:
             $ref: '../schemas/user.yml'
     '401':
       $ref: '../../../../shared/spec/responses/unauthorized.yml'
+delete:
+  x-eov-operation-id: deleteUser
+  x-eov-operation-handler: v1/handlers/users/users.handler.ee
+  tags:
+    - User
+  summary: Delete a user
+  description: Delete a user from your instance.
+  parameters:
+    - $ref: '../schemas/parameters/userIdentifier.yml'
+  responses:
+    '204':
+      description: Operation successful.
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+    '403':
+      $ref: '../../../../shared/spec/responses/forbidden.yml'
+    '404':
+      $ref: '../../../../shared/spec/responses/notFound.yml'
diff --git a/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.yml b/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.yml
index 1d618435531b5..e767ab33cc16b 100644
--- a/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.yml
+++ b/packages/cli/src/PublicApi/v1/handlers/users/spec/paths/users.yml
@@ -9,6 +9,14 @@ get:
     - $ref: '../../../../shared/spec/parameters/limit.yml'
     - $ref: '../../../../shared/spec/parameters/cursor.yml'
     - $ref: '../schemas/parameters/includeRole.yml'
+    - name: projectId
+      in: query
+      required: false
+      explode: false
+      allowReserved: true
+      schema:
+        type: string
+        example: VmwOO9HeTEj20kxM
   responses:
     '200':
       description: Operation successful.
@@ -18,3 +26,53 @@ get:
             $ref: '../schemas/userList.yml'
     '401':
       $ref: '../../../../shared/spec/responses/unauthorized.yml'
+post:
+  x-eov-operation-id: createUser
+  x-eov-operation-handler: v1/handlers/users/users.handler.ee
+  tags:
+    - User
+  summary: Create multiple users
+  description: Create one or more users.
+  requestBody:
+    description: Array of users to be created.
+    required: true
+    content:
+      application/json:
+        schema:
+          type: array
+          items:
+            type: object
+            properties:
+              email:
+                type: string
+                format: email
+              role:
+                type: string
+                enum: [global:admin, global:member]
+            required:
+              - email
+  responses:
+    '200':
+      description: Operation successful.
+      content:
+        application/json:
+          schema:
+            type: object
+            properties:
+              user:
+                type: object
+                properties:
+                  id:
+                    type: string
+                  email:
+                    type: string
+                  inviteAcceptUrl:
+                    type: string
+                  emailSent:
+                    type: boolean
+              error:
+                type: string
+    '401':
+      $ref: '../../../../shared/spec/responses/unauthorized.yml'
+    '403':
+      $ref: '../../../../shared/spec/responses/forbidden.yml'
diff --git a/packages/cli/src/PublicApi/v1/handlers/users/users.handler.ee.ts b/packages/cli/src/PublicApi/v1/handlers/users/users.handler.ee.ts
index 0df22ec4aa9ef..59a7a4c3e3f42 100644
--- a/packages/cli/src/PublicApi/v1/handlers/users/users.handler.ee.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/users/users.handler.ee.ts
@@ -6,11 +6,20 @@ import { clean, getAllUsersAndCount, getUser } from './users.service.ee';
 import { encodeNextCursor } from '../../shared/services/pagination.service';
 import {
 	globalScope,
+	isLicensed,
 	validCursor,
 	validLicenseWithUserQuota,
 } from '../../shared/middlewares/global.middleware';
 import type { UserRequest } from '@/requests';
-import { InternalHooks } from '@/InternalHooks';
+import { EventService } from '@/events/event.service';
+import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
+import type { Response } from 'express';
+import { InvitationController } from '@/controllers/invitation.controller';
+import { UsersController } from '@/controllers/users.controller';
+
+type Create = UserRequest.Invite;
+type Delete = UserRequest.Delete;
+type ChangeRole = UserRequest.ChangeRole;
 
 export = {
 	getUser: [
@@ -28,12 +37,10 @@ export = {
 				});
 			}
 
-			const telemetryData = {
-				user_id: req.user.id,
-				public_api: true,
-			};
-
-			Container.get(InternalHooks).onUserRetrievedUser(telemetryData);
+			Container.get(EventService).emit('user-retrieved-user', {
+				userId: req.user.id,
+				publicApi: true,
+			});
 
 			return res.json(clean(user, { includeRole }));
 		},
@@ -43,20 +50,23 @@ export = {
 		validCursor,
 		globalScope(['user:list', 'user:read']),
 		async (req: UserRequest.Get, res: express.Response) => {
-			const { offset = 0, limit = 100, includeRole = false } = req.query;
+			const { offset = 0, limit = 100, includeRole = false, projectId } = req.query;
+
+			const _in = projectId
+				? await Container.get(ProjectRelationRepository).findUserIdsByProjectId(projectId)
+				: undefined;
 
 			const [users, count] = await getAllUsersAndCount({
 				includeRole,
 				limit,
 				offset,
+				in: _in,
 			});
 
-			const telemetryData = {
-				user_id: req.user.id,
-				public_api: true,
-			};
-
-			Container.get(InternalHooks).onUserRetrievedAllUsers(telemetryData);
+			Container.get(EventService).emit('user-retrieved-all-users', {
+				userId: req.user.id,
+				publicApi: true,
+			});
 
 			return res.json({
 				data: clean(users, { includeRole }),
@@ -68,4 +78,29 @@ export = {
 			});
 		},
 	],
+	createUser: [
+		globalScope('user:create'),
+		async (req: Create, res: Response) => {
+			const usersInvited = await Container.get(InvitationController).inviteUser(req);
+
+			return res.status(201).json(usersInvited);
+		},
+	],
+	deleteUser: [
+		globalScope('user:delete'),
+		async (req: Delete, res: Response) => {
+			await Container.get(UsersController).deleteUser(req);
+
+			return res.status(204).send();
+		},
+	],
+	changeRole: [
+		isLicensed('feat:advancedPermissions'),
+		globalScope('user:changeRole'),
+		async (req: ChangeRole, res: Response) => {
+			await Container.get(UsersController).changeGlobalRole(req);
+
+			return res.status(204).send();
+		},
+	],
 };
diff --git a/packages/cli/src/PublicApi/v1/handlers/users/users.service.ee.ts b/packages/cli/src/PublicApi/v1/handlers/users/users.service.ee.ts
index f7bf6618168f0..e62c9465747ed 100644
--- a/packages/cli/src/PublicApi/v1/handlers/users/users.service.ee.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/users/users.service.ee.ts
@@ -3,6 +3,8 @@ import { UserRepository } from '@db/repositories/user.repository';
 import type { User } from '@db/entities/User';
 import pick from 'lodash/pick';
 import { validate as uuidValidate } from 'uuid';
+// eslint-disable-next-line n8n-local-rules/misplaced-n8n-typeorm-import
+import { In } from '@n8n/typeorm';
 
 export async function getUser(data: {
 	withIdentifier: string;
@@ -25,9 +27,12 @@ export async function getAllUsersAndCount(data: {
 	includeRole?: boolean;
 	limit?: number;
 	offset?: number;
+	in?: string[];
 }): Promise<[User[], number]> {
+	const { in: _in } = data;
+
 	const users = await Container.get(UserRepository).find({
-		where: {},
+		where: { ...(_in && { id: In(_in) }) },
 		skip: data.offset,
 		take: data.limit,
 	});
diff --git a/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.handler.ts b/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.handler.ts
index 4063d0b611d35..8515548dea16b 100644
--- a/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.handler.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.handler.ts
@@ -26,13 +26,12 @@ import {
 	updateTags,
 } from './workflows.service';
 import { WorkflowService } from '@/workflows/workflow.service';
-import { InternalHooks } from '@/InternalHooks';
 import { WorkflowHistoryService } from '@/workflows/workflowHistory/workflowHistory.service.ee';
 import { SharedWorkflowRepository } from '@/databases/repositories/sharedWorkflow.repository';
 import { TagRepository } from '@/databases/repositories/tag.repository';
 import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
 import { ProjectRepository } from '@/databases/repositories/project.repository';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 import { z } from 'zod';
 import { EnterpriseWorkflowService } from '@/workflows/workflow.service.ee';
 
@@ -119,9 +118,9 @@ export = {
 				return res.status(404).json({ message: 'Not Found' });
 			}
 
-			Container.get(InternalHooks).onUserRetrievedWorkflow({
-				user_id: req.user.id,
-				public_api: true,
+			Container.get(EventService).emit('user-retrieved-workflow', {
+				userId: req.user.id,
+				publicApi: true,
 			});
 
 			return res.json(workflow);
@@ -144,6 +143,19 @@ export = {
 					);
 					where.id = In(workflowIds);
 				}
+
+				if (projectId) {
+					const workflows = await Container.get(SharedWorkflowRepository).findAllWorkflowsForUser(
+						req.user,
+						['workflow:read'],
+					);
+
+					const workflowIds = workflows
+						.filter((workflow) => workflow.projectId === projectId)
+						.map((workflow) => workflow.id);
+
+					where.id = In(workflowIds);
+				}
 			} else {
 				const options: { workflowIds?: string[] } = {};
 
@@ -185,9 +197,9 @@ export = {
 				...(!config.getEnv('workflowTagsDisabled') && { relations: ['tags'] }),
 			});
 
-			Container.get(InternalHooks).onUserRetrievedAllWorkflows({
-				user_id: req.user.id,
-				public_api: true,
+			Container.get(EventService).emit('user-retrieved-all-workflows', {
+				userId: req.user.id,
+				publicApi: true,
 			});
 
 			return res.json({
diff --git a/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.service.ts b/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.service.ts
index d301e61c93966..3e3afc078ed92 100644
--- a/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.service.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/workflows/workflows.service.ts
@@ -17,15 +17,21 @@ function insertIf(condition: boolean, elements: string[]): string[] {
 	return condition ? elements : [];
 }
 
-export async function getSharedWorkflowIds(user: User, scopes: Scope[]): Promise<string[]> {
+export async function getSharedWorkflowIds(
+	user: User,
+	scopes: Scope[],
+	projectId?: string,
+): Promise<string[]> {
 	if (Container.get(License).isSharingEnabled()) {
 		return await Container.get(WorkflowSharingService).getSharedWorkflowIds(user, {
 			scopes,
+			projectId,
 		});
 	} else {
 		return await Container.get(WorkflowSharingService).getSharedWorkflowIds(user, {
 			workflowRoles: ['workflow:owner'],
 			projectRoles: ['project:personalOwner'],
+			projectId,
 		});
 	}
 }
diff --git a/packages/cli/src/PublicApi/v1/openapi.yml b/packages/cli/src/PublicApi/v1/openapi.yml
index fd3b286a17fb5..0a84925734c7b 100644
--- a/packages/cli/src/PublicApi/v1/openapi.yml
+++ b/packages/cli/src/PublicApi/v1/openapi.yml
@@ -8,7 +8,7 @@ info:
     email: hello@n8n.io
   license:
     name: Sustainable Use License
-    url: https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md
+    url: https://github.com/n8n-io/n8n/blob/master/LICENSE.md
   version: 1.1.1
 externalDocs:
   description: n8n API documentation
@@ -32,6 +32,8 @@ tags:
     description: Operations about source control
   - name: Variables
     description: Operations about variables
+  - name: Projects
+    description: Operations about projects
 
 paths:
   /audit:
@@ -60,18 +62,26 @@ paths:
     $ref: './handlers/workflows/spec/paths/workflows.id.deactivate.yml'
   /workflows/{id}/transfer:
     $ref: './handlers/workflows/spec/paths/workflows.id.transfer.yml'
+  /credentials/{id}/transfer:
+    $ref: './handlers/credentials/spec/paths/credentials.id.transfer.yml'
   /workflows/{id}/tags:
     $ref: './handlers/workflows/spec/paths/workflows.id.tags.yml'
   /users:
     $ref: './handlers/users/spec/paths/users.yml'
   /users/{id}:
     $ref: './handlers/users/spec/paths/users.id.yml'
+  /users/{id}/role:
+    $ref: './handlers/users/spec/paths/users.id.role.yml'
   /source-control/pull:
     $ref: './handlers/sourceControl/spec/paths/sourceControl.yml'
   /variables:
     $ref: './handlers/variables/spec/paths/variables.yml'
   /variables/{id}:
     $ref: './handlers/variables/spec/paths/variables.id.yml'
+  /projects:
+    $ref: './handlers/projects/spec/paths/projects.yml'
+  /projects/{projectId}:
+    $ref: './handlers/projects/spec/paths/projects.projectId.yml'
 components:
   schemas:
     $ref: './shared/spec/schemas/_index.yml'
diff --git a/packages/cli/src/Queue.ts b/packages/cli/src/Queue.ts
deleted file mode 100644
index 11cfed839bee7..0000000000000
--- a/packages/cli/src/Queue.ts
+++ /dev/null
@@ -1,166 +0,0 @@
-import type Bull from 'bull';
-import Container, { Service } from 'typedi';
-import {
-	ApplicationError,
-	BINARY_ENCODING,
-	type IDataObject,
-	type ExecutionError,
-	type IExecuteResponsePromiseData,
-} from 'n8n-workflow';
-import { ActiveExecutions } from '@/ActiveExecutions';
-import config from '@/config';
-import { OnShutdown } from './decorators/OnShutdown';
-import { HIGHEST_SHUTDOWN_PRIORITY } from './constants';
-
-export type JobId = Bull.JobId;
-export type Job = Bull.Job<JobData>;
-export type JobQueue = Bull.Queue<JobData>;
-
-export interface JobData {
-	executionId: string;
-	loadStaticData: boolean;
-}
-
-export interface JobResponse {
-	success: boolean;
-	error?: ExecutionError;
-}
-
-export interface WebhookResponse {
-	executionId: string;
-	response: IExecuteResponsePromiseData;
-}
-
-@Service()
-export class Queue {
-	private jobQueue: JobQueue;
-
-	/**
-	 * The number of jobs a single server can process concurrently
-	 * Any worker that wants to process executions must first set this to a non-zero value
-	 */
-	private concurrency = 0;
-
-	setConcurrency(concurrency: number) {
-		this.concurrency = concurrency;
-		// This sets the max event listeners on the jobQueue EventEmitter to prevent the logs getting flooded with MaxListenersExceededWarning
-		// see: https://github.com/OptimalBits/bull/blob/develop/lib/job.js#L497-L521
-		this.jobQueue.setMaxListeners(
-			4 + // `close`
-				2 + // `error`
-				2 + // `global:progress`
-				concurrency * 2, // 2 global events for every call to `job.finished()`
-		);
-	}
-
-	constructor(private activeExecutions: ActiveExecutions) {}
-
-	async init() {
-		const { default: Bull } = await import('bull');
-		const { RedisClientService } = await import('@/services/redis/redis-client.service');
-
-		const redisClientService = Container.get(RedisClientService);
-
-		const bullPrefix = config.getEnv('queue.bull.prefix');
-		const prefix = redisClientService.toValidPrefix(bullPrefix);
-
-		this.jobQueue = new Bull('jobs', {
-			prefix,
-			settings: config.get('queue.bull.settings'),
-			createClient: (type) => redisClientService.createClient({ type: `${type}(bull)` }),
-		});
-
-		this.jobQueue.on('global:progress', (_jobId, progress: WebhookResponse) => {
-			this.activeExecutions.resolveResponsePromise(
-				progress.executionId,
-				this.decodeWebhookResponse(progress.response),
-			);
-		});
-	}
-
-	async findRunningJobBy({ executionId }: { executionId: string }) {
-		const activeOrWaitingJobs = await this.getJobs(['active', 'waiting']);
-
-		return activeOrWaitingJobs.find(({ data }) => data.executionId === executionId) ?? null;
-	}
-
-	decodeWebhookResponse(response: IExecuteResponsePromiseData): IExecuteResponsePromiseData {
-		if (
-			typeof response === 'object' &&
-			typeof response.body === 'object' &&
-			(response.body as IDataObject)['__@N8nEncodedBuffer@__']
-		) {
-			response.body = Buffer.from(
-				(response.body as IDataObject)['__@N8nEncodedBuffer@__'] as string,
-				BINARY_ENCODING,
-			);
-		}
-
-		return response;
-	}
-
-	async add(jobData: JobData, jobOptions: object): Promise<Job> {
-		return await this.jobQueue.add(jobData, jobOptions);
-	}
-
-	async getJob(jobId: JobId): Promise<Job | null> {
-		return await this.jobQueue.getJob(jobId);
-	}
-
-	async getJobs(jobTypes: Bull.JobStatus[]): Promise<Job[]> {
-		return await this.jobQueue.getJobs(jobTypes);
-	}
-
-	/**
-	 * Get IDs of executions that are currently in progress in the queue.
-	 */
-	async getInProgressExecutionIds() {
-		const inProgressJobs = await this.getJobs(['active', 'waiting']);
-
-		return new Set(inProgressJobs.map((job) => job.data.executionId));
-	}
-
-	async process(fn: Bull.ProcessCallbackFunction<JobData>): Promise<void> {
-		return await this.jobQueue.process(this.concurrency, fn);
-	}
-
-	async ping(): Promise<string> {
-		return await this.jobQueue.client.ping();
-	}
-
-	@OnShutdown(HIGHEST_SHUTDOWN_PRIORITY)
-	// Stop accepting new jobs, `doNotWaitActive` allows reporting progress
-	async pause(): Promise<void> {
-		return await this.jobQueue?.pause(true, true);
-	}
-
-	getBullObjectInstance(): JobQueue {
-		if (this.jobQueue === undefined) {
-			// if queue is not initialized yet throw an error, since we do not want to hand around an undefined queue
-			throw new ApplicationError('Queue is not initialized yet!');
-		}
-		return this.jobQueue;
-	}
-
-	/**
-	 *
-	 * @param job A Job instance
-	 * @returns boolean true if we were able to securely stop the job
-	 */
-	async stopJob(job: Job): Promise<boolean> {
-		if (await job.isActive()) {
-			// Job is already running so tell it to stop
-			await job.progress(-1);
-			return true;
-		}
-		// Job did not get started yet so remove from queue
-		try {
-			await job.remove();
-			return true;
-		} catch (e) {
-			await job.progress(-1);
-		}
-
-		return false;
-	}
-}
diff --git a/packages/cli/src/Server.ts b/packages/cli/src/Server.ts
index 4c9628bc1bf1d..777472b99fa42 100644
--- a/packages/cli/src/Server.ts
+++ b/packages/cli/src/Server.ts
@@ -35,7 +35,7 @@ import { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
 import { handleMfaDisable, isMfaFeatureEnabled } from '@/Mfa/helpers';
 import type { FrontendService } from '@/services/frontend.service';
 import { OrchestrationService } from '@/services/orchestration.service';
-import { AuditEventRelay } from './eventbus/audit-event-relay.service';
+import { LogStreamingEventRelay } from '@/events/log-streaming-event-relay';
 
 import '@/controllers/activeWorkflows.controller';
 import '@/controllers/auth.controller';
@@ -64,7 +64,7 @@ import '@/ExternalSecrets/ExternalSecrets.controller.ee';
 import '@/license/license.controller';
 import '@/workflows/workflowHistory/workflowHistory.controller.ee';
 import '@/workflows/workflows.controller';
-import { EventService } from './eventbus/event.service';
+import { EventService } from './events/event.service';
 
 const exec = promisify(callbackExec);
 
@@ -211,8 +211,8 @@ export class Server extends AbstractServer {
 		setupPushHandler(restEndpoint, app);
 
 		if (config.getEnv('executions.mode') === 'queue') {
-			const { Queue } = await import('@/Queue');
-			await Container.get(Queue).init();
+			const { ScalingService } = await import('@/scaling/scaling.service');
+			await Container.get(ScalingService).setupQueue();
 		}
 
 		await handleMfaDisable();
@@ -250,7 +250,7 @@ export class Server extends AbstractServer {
 		// ----------------------------------------
 		const eventBus = Container.get(MessageEventBus);
 		await eventBus.initialize();
-		Container.get(AuditEventRelay).init();
+		Container.get(LogStreamingEventRelay).init();
 
 		if (this.endpointPresetCredentials !== '') {
 			// POST endpoint to set preset credentials
diff --git a/packages/cli/src/UserManagement/email/UserManagementMailer.ts b/packages/cli/src/UserManagement/email/UserManagementMailer.ts
index 6d60c3b4907e1..7d5e8d254865e 100644
--- a/packages/cli/src/UserManagement/email/UserManagementMailer.ts
+++ b/packages/cli/src/UserManagement/email/UserManagementMailer.ts
@@ -8,7 +8,6 @@ import { GlobalConfig } from '@n8n/config';
 import type { User } from '@db/entities/User';
 import type { WorkflowEntity } from '@db/entities/WorkflowEntity';
 import { UserRepository } from '@db/repositories/user.repository';
-import { InternalHooks } from '@/InternalHooks';
 import { Logger } from '@/Logger';
 import { UrlService } from '@/services/url.service';
 import { InternalServerError } from '@/errors/response-errors/internal-server.error';
@@ -16,7 +15,7 @@ import { toError } from '@/utils';
 
 import type { InviteEmailData, PasswordResetData, SendEmailResult } from './Interfaces';
 import { NodeMailer } from './NodeMailer';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 type Template = HandlebarsTemplateDelegate<unknown>;
 type TemplateName = 'invite' | 'passwordReset' | 'workflowShared' | 'credentialsShared';
@@ -112,22 +111,18 @@ export class UserManagementMailer {
 
 			this.logger.info('Sent workflow shared email successfully', { sharerId: sharer.id });
 
-			Container.get(InternalHooks).onUserTransactionalEmail({
-				user_id: sharer.id,
-				message_type: 'Workflow shared',
-				public_api: false,
+			Container.get(EventService).emit('user-transactional-email-sent', {
+				userId: sharer.id,
+				messageType: 'Workflow shared',
+				publicApi: false,
 			});
 
 			return result;
 		} catch (e) {
-			Container.get(InternalHooks).onEmailFailed({
-				user: sharer,
-				message_type: 'Workflow shared',
-				public_api: false,
-			});
 			Container.get(EventService).emit('email-failed', {
 				user: sharer,
 				messageType: 'Workflow shared',
+				publicApi: false,
 			});
 
 			const error = toError(e);
@@ -171,22 +166,18 @@ export class UserManagementMailer {
 
 			this.logger.info('Sent credentials shared email successfully', { sharerId: sharer.id });
 
-			Container.get(InternalHooks).onUserTransactionalEmail({
-				user_id: sharer.id,
-				message_type: 'Credentials shared',
-				public_api: false,
+			Container.get(EventService).emit('user-transactional-email-sent', {
+				userId: sharer.id,
+				messageType: 'Credentials shared',
+				publicApi: false,
 			});
 
 			return result;
 		} catch (e) {
-			Container.get(InternalHooks).onEmailFailed({
-				user: sharer,
-				message_type: 'Credentials shared',
-				public_api: false,
-			});
 			Container.get(EventService).emit('email-failed', {
 				user: sharer,
 				messageType: 'Credentials shared',
+				publicApi: false,
 			});
 
 			const error = toError(e);
diff --git a/packages/cli/test/unit/UserManagementMailer.test.ts b/packages/cli/src/UserManagement/email/__tests__/UserManagementMailer.test.ts
similarity index 100%
rename from packages/cli/test/unit/UserManagementMailer.test.ts
rename to packages/cli/src/UserManagement/email/__tests__/UserManagementMailer.test.ts
diff --git a/packages/cli/src/WaitingForms.ts b/packages/cli/src/WaitingForms.ts
index 0625acd7e40c4..bf0ab7dedb161 100644
--- a/packages/cli/src/WaitingForms.ts
+++ b/packages/cli/src/WaitingForms.ts
@@ -1,7 +1,7 @@
 import { Service } from 'typedi';
 
 import type { IExecutionResponse } from '@/Interfaces';
-import { WaitingWebhooks } from '@/WaitingWebhooks';
+import { WaitingWebhooks } from '@/webhooks/WaitingWebhooks';
 
 @Service()
 export class WaitingForms extends WaitingWebhooks {
diff --git a/packages/cli/src/WorkflowExecuteAdditionalData.ts b/packages/cli/src/WorkflowExecuteAdditionalData.ts
index f4acd61b6aa55..127e0cc817393 100644
--- a/packages/cli/src/WorkflowExecuteAdditionalData.ts
+++ b/packages/cli/src/WorkflowExecuteAdditionalData.ts
@@ -52,7 +52,6 @@ import { Push } from '@/push';
 import * as WorkflowHelpers from '@/WorkflowHelpers';
 import { findSubworkflowStart, isWorkflowIdValid } from '@/utils';
 import { PermissionChecker } from './UserManagement/PermissionChecker';
-import { InternalHooks } from '@/InternalHooks';
 import { ExecutionRepository } from '@db/repositories/execution.repository';
 import { WorkflowStatisticsService } from '@/services/workflow-statistics.service';
 import { SecretsHelper } from './SecretsHelpers';
@@ -71,7 +70,7 @@ import { WorkflowRepository } from './databases/repositories/workflow.repository
 import { UrlService } from './services/url.service';
 import { WorkflowExecutionService } from './workflows/workflowExecution.service';
 import { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
-import { EventService } from './eventbus/event.service';
+import { EventService } from './events/event.service';
 import { GlobalConfig } from '@n8n/config';
 import { SubworkflowPolicyChecker } from './subworkflows/subworkflow-policy-checker.service';
 
@@ -548,7 +547,6 @@ function hookFunctionsSave(): IWorkflowExecuteHooks {
  */
 function hookFunctionsSaveWorker(): IWorkflowExecuteHooks {
 	const logger = Container.get(Logger);
-	const internalHooks = Container.get(InternalHooks);
 	const workflowStatisticsService = Container.get(WorkflowStatisticsService);
 	const eventService = Container.get(EventService);
 	return {
@@ -644,13 +642,9 @@ function hookFunctionsSaveWorker(): IWorkflowExecuteHooks {
 			async function (this: WorkflowHooks, runData: IRun): Promise<void> {
 				const { executionId, workflowData: workflow } = this;
 
-				void internalHooks.onWorkflowPostExecute(executionId, workflow, runData);
 				eventService.emit('workflow-post-execute', {
-					workflowId: workflow.id,
-					workflowName: workflow.name,
+					workflow,
 					executionId,
-					success: runData.status === 'success',
-					isManual: runData.mode === 'manual',
 					runData,
 				});
 			},
@@ -723,7 +717,6 @@ export async function getRunData(
 	const runData: IWorkflowExecutionDataProcess = {
 		executionMode: mode,
 		executionData: runExecutionData,
-		// @ts-ignore
 		workflowData,
 	};
 
@@ -787,7 +780,6 @@ async function executeWorkflow(
 		parentCallbackManager?: CallbackManager;
 	},
 ): Promise<Array<INodeExecutionData[] | null> | IWorkflowExecuteProcess> {
-	const internalHooks = Container.get(InternalHooks);
 	const externalHooks = Container.get(ExternalHooks);
 	await externalHooks.init();
 
@@ -933,13 +925,9 @@ async function executeWorkflow(
 
 	await externalHooks.run('workflow.postExecute', [data, workflowData, executionId]);
 
-	void internalHooks.onWorkflowPostExecute(executionId, workflowData, data, additionalData.userId);
 	eventService.emit('workflow-post-execute', {
-		workflowId: workflowData.id,
-		workflowName: workflowData.name,
+		workflow: workflowData,
 		executionId,
-		success: data.status === 'success',
-		isManual: data.mode === 'manual',
 		userId: additionalData.userId,
 		runData: data,
 	});
@@ -1011,10 +999,10 @@ export async function getBase(
 		executeWorkflow,
 		restApiUrl: urlBaseWebhook + globalConfig.endpoints.rest,
 		instanceBaseUrl: urlBaseWebhook,
-		formWaitingBaseUrl: globalConfig.endpoints.formWaiting,
-		webhookBaseUrl: globalConfig.endpoints.webhook,
-		webhookWaitingBaseUrl: globalConfig.endpoints.webhookWaiting,
-		webhookTestBaseUrl: globalConfig.endpoints.webhookTest,
+		formWaitingBaseUrl: urlBaseWebhook + globalConfig.endpoints.formWaiting,
+		webhookBaseUrl: urlBaseWebhook + globalConfig.endpoints.webhook,
+		webhookWaitingBaseUrl: urlBaseWebhook + globalConfig.endpoints.webhookWaiting,
+		webhookTestBaseUrl: urlBaseWebhook + globalConfig.endpoints.webhookTest,
 		currentNodeParameters,
 		executionTimeoutTimestamp,
 		userId,
diff --git a/packages/cli/src/WorkflowRunner.ts b/packages/cli/src/WorkflowRunner.ts
index 3318dd283cd60..9ff1de8f35242 100644
--- a/packages/cli/src/WorkflowRunner.ts
+++ b/packages/cli/src/WorkflowRunner.ts
@@ -28,20 +28,20 @@ import { ExecutionRepository } from '@db/repositories/execution.repository';
 import { ExternalHooks } from '@/ExternalHooks';
 import type { IExecutionResponse, IWorkflowExecutionDataProcess } from '@/Interfaces';
 import { NodeTypes } from '@/NodeTypes';
-import type { Job, JobData, JobResponse } from '@/Queue';
-import { Queue } from '@/Queue';
+import type { Job, JobData, JobResult } from '@/scaling/types';
+import type { ScalingService } from '@/scaling/scaling.service';
 import * as WorkflowHelpers from '@/WorkflowHelpers';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
 import { generateFailedExecutionFromError } from '@/WorkflowHelpers';
 import { PermissionChecker } from '@/UserManagement/PermissionChecker';
-import { InternalHooks } from '@/InternalHooks';
 import { Logger } from '@/Logger';
 import { WorkflowStaticDataService } from '@/workflows/workflowStaticData.service';
-import { EventService } from './eventbus/event.service';
+import { EventService } from './events/event.service';
+import { GlobalConfig } from '@n8n/config';
 
 @Service()
 export class WorkflowRunner {
-	private jobQueue: Queue;
+	private scalingService: ScalingService;
 
 	private executionsMode = config.getEnv('executions.mode');
 
@@ -54,11 +54,7 @@ export class WorkflowRunner {
 		private readonly nodeTypes: NodeTypes,
 		private readonly permissionChecker: PermissionChecker,
 		private readonly eventService: EventService,
-	) {
-		if (this.executionsMode === 'queue') {
-			this.jobQueue = Container.get(Queue);
-		}
-	}
+	) {}
 
 	/** The process did error */
 	async processError(
@@ -160,18 +156,9 @@ export class WorkflowRunner {
 			const postExecutePromise = this.activeExecutions.getPostExecutePromise(executionId);
 			postExecutePromise
 				.then(async (executionData) => {
-					void Container.get(InternalHooks).onWorkflowPostExecute(
-						executionId,
-						data.workflowData,
-						executionData,
-						data.userId,
-					);
 					this.eventService.emit('workflow-post-execute', {
-						workflowId: data.workflowData.id,
-						workflowName: data.workflowData.name,
+						workflow: data.workflowData,
 						executionId,
-						success: executionData?.status === 'success',
-						isManual: data.executionMode === 'manual',
 						userId: data.userId,
 						runData: executionData,
 					});
@@ -370,6 +357,11 @@ export class WorkflowRunner {
 			loadStaticData: !!loadStaticData,
 		};
 
+		if (!this.scalingService) {
+			const { ScalingService } = await import('@/scaling/scaling.service');
+			this.scalingService = Container.get(ScalingService);
+		}
+
 		let priority = 100;
 		if (realtime === true) {
 			// Jobs which require a direct response get a higher priority
@@ -385,9 +377,7 @@ export class WorkflowRunner {
 		let job: Job;
 		let hooks: WorkflowHooks;
 		try {
-			job = await this.jobQueue.add(jobData, jobOptions);
-
-			this.logger.info(`Started with job ID: ${job.id.toString()} (Execution ID: ${executionId})`);
+			job = await this.scalingService.addJob(jobData, jobOptions);
 
 			hooks = WorkflowExecuteAdditionalData.getWorkflowHooksWorkerMain(
 				data.executionMode,
@@ -416,8 +406,7 @@ export class WorkflowRunner {
 			async (resolve, reject, onCancel) => {
 				onCancel.shouldReject = false;
 				onCancel(async () => {
-					const queue = Container.get(Queue);
-					await queue.stopJob(job);
+					await this.scalingService.stopJob(job);
 
 					// We use "getWorkflowHooksWorkerExecuter" as "getWorkflowHooksWorkerMain" does not contain the
 					// "workflowExecuteAfter" which we require.
@@ -434,11 +423,11 @@ export class WorkflowRunner {
 					reject(error);
 				});
 
-				const jobData: Promise<JobResponse> = job.finished();
+				const jobData: Promise<JobResult> = job.finished();
 
-				const queueRecoveryInterval = config.getEnv('queue.bull.queueRecoveryInterval');
+				const { queueRecoveryInterval } = Container.get(GlobalConfig).queue.bull;
 
-				const racingPromises: Array<Promise<JobResponse>> = [jobData];
+				const racingPromises: Array<Promise<JobResult>> = [jobData];
 
 				let clearWatchdogInterval;
 				if (queueRecoveryInterval > 0) {
@@ -456,9 +445,9 @@ export class WorkflowRunner {
 					 ************************************************ */
 					let watchDogInterval: NodeJS.Timeout | undefined;
 
-					const watchDog: Promise<JobResponse> = new Promise((res) => {
+					const watchDog: Promise<JobResult> = new Promise((res) => {
 						watchDogInterval = setInterval(async () => {
-							const currentJob = await this.jobQueue.getJob(job.id);
+							const currentJob = await this.scalingService.getJob(job.id);
 							// When null means job is finished (not found in queue)
 							if (currentJob === null) {
 								// Mimic worker's success message
diff --git a/packages/cli/test/unit/ActiveExecutions.test.ts b/packages/cli/src/__tests__/ActiveExecutions.test.ts
similarity index 100%
rename from packages/cli/test/unit/ActiveExecutions.test.ts
rename to packages/cli/src/__tests__/ActiveExecutions.test.ts
diff --git a/packages/cli/test/unit/CredentialTypes.test.ts b/packages/cli/src/__tests__/CredentialTypes.test.ts
similarity index 95%
rename from packages/cli/test/unit/CredentialTypes.test.ts
rename to packages/cli/src/__tests__/CredentialTypes.test.ts
index 0ee99c9f8ae6e..2a8e6a939a045 100644
--- a/packages/cli/test/unit/CredentialTypes.test.ts
+++ b/packages/cli/src/__tests__/CredentialTypes.test.ts
@@ -1,7 +1,7 @@
 import { CredentialTypes } from '@/CredentialTypes';
 import { Container } from 'typedi';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 describe('CredentialTypes', () => {
 	const mockNodesAndCredentials = mockInstance(LoadNodesAndCredentials, {
diff --git a/packages/cli/test/unit/CredentialsHelper.test.ts b/packages/cli/src/__tests__/CredentialsHelper.test.ts
similarity index 99%
rename from packages/cli/test/unit/CredentialsHelper.test.ts
rename to packages/cli/src/__tests__/CredentialsHelper.test.ts
index 19be100b02b84..88cd19ad3dc5d 100644
--- a/packages/cli/test/unit/CredentialsHelper.test.ts
+++ b/packages/cli/src/__tests__/CredentialsHelper.test.ts
@@ -14,7 +14,7 @@ import { NodeTypes } from '@/NodeTypes';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import { CredentialsRepository } from '@db/repositories/credentials.repository';
 import { SharedCredentialsRepository } from '@db/repositories/sharedCredentials.repository';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 describe('CredentialsHelper', () => {
 	mockInstance(CredentialsRepository);
diff --git a/packages/cli/test/unit/License.test.ts b/packages/cli/src/__tests__/License.test.ts
similarity index 99%
rename from packages/cli/test/unit/License.test.ts
rename to packages/cli/src/__tests__/License.test.ts
index 6d7311656c961..31effecc0eba4 100644
--- a/packages/cli/test/unit/License.test.ts
+++ b/packages/cli/src/__tests__/License.test.ts
@@ -5,7 +5,7 @@ import config from '@/config';
 import { License } from '@/License';
 import { Logger } from '@/Logger';
 import { N8N_VERSION } from '@/constants';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { OrchestrationService } from '@/services/orchestration.service';
 
 jest.mock('@n8n_io/license-sdk');
diff --git a/packages/cli/test/unit/WaitTracker.test.ts b/packages/cli/src/__tests__/WaitTracker.test.ts
similarity index 99%
rename from packages/cli/test/unit/WaitTracker.test.ts
rename to packages/cli/src/__tests__/WaitTracker.test.ts
index 0f8464e18d14d..fb51d2e25bd30 100644
--- a/packages/cli/test/unit/WaitTracker.test.ts
+++ b/packages/cli/src/__tests__/WaitTracker.test.ts
@@ -10,7 +10,7 @@ jest.useFakeTimers();
 describe('WaitTracker', () => {
 	const executionRepository = mock<ExecutionRepository>();
 	const multiMainSetup = mock<MultiMainSetup>();
-	const orchestrationService = new OrchestrationService(mock(), mock(), multiMainSetup);
+	const orchestrationService = new OrchestrationService(mock(), mock(), mock(), multiMainSetup);
 
 	const execution = mock<IExecutionResponse>({
 		id: '123',
diff --git a/packages/cli/test/unit/WorkflowExecuteAdditionalData.test.ts b/packages/cli/src/__tests__/WorkflowExecuteAdditionalData.test.ts
similarity index 96%
rename from packages/cli/test/unit/WorkflowExecuteAdditionalData.test.ts
rename to packages/cli/src/__tests__/WorkflowExecuteAdditionalData.test.ts
index 2984220637aae..eca60e56c5216 100644
--- a/packages/cli/test/unit/WorkflowExecuteAdditionalData.test.ts
+++ b/packages/cli/src/__tests__/WorkflowExecuteAdditionalData.test.ts
@@ -1,5 +1,5 @@
 import { VariablesService } from '@/environments/variables/variables.service.ee';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
 import { getBase } from '@/WorkflowExecuteAdditionalData';
 import Container from 'typedi';
diff --git a/packages/cli/test/unit/WorkflowHelpers.test.ts b/packages/cli/src/__tests__/WorkflowHelpers.test.ts
similarity index 100%
rename from packages/cli/test/unit/WorkflowHelpers.test.ts
rename to packages/cli/src/__tests__/WorkflowHelpers.test.ts
diff --git a/packages/cli/test/unit/WorkflowRunner.test.ts b/packages/cli/src/__tests__/WorkflowRunner.test.ts
similarity index 86%
rename from packages/cli/test/unit/WorkflowRunner.test.ts
rename to packages/cli/src/__tests__/WorkflowRunner.test.ts
index c972d6bb73933..668150092f60a 100644
--- a/packages/cli/test/unit/WorkflowRunner.test.ts
+++ b/packages/cli/src/__tests__/WorkflowRunner.test.ts
@@ -4,11 +4,11 @@ import type { User } from '@db/entities/User';
 import { WorkflowRunner } from '@/WorkflowRunner';
 import config from '@/config';
 
-import * as testDb from '../integration/shared/testDb';
-import { setupTestServer } from '../integration/shared/utils';
-import { createUser } from '../integration/shared/db/users';
-import { createWorkflow } from '../integration/shared/db/workflows';
-import { createExecution } from '../integration/shared/db/executions';
+import * as testDb from '@test-integration/testDb';
+import { setupTestServer } from '@test-integration/utils';
+import { createUser } from '@test-integration/db/users';
+import { createWorkflow } from '@test-integration/db/workflows';
+import { createExecution } from '@test-integration/db/executions';
 import { mockInstance } from '@test/mocking';
 import { Telemetry } from '@/telemetry';
 
diff --git a/packages/cli/test/unit/auth/auth.service.test.ts b/packages/cli/src/auth/__tests__/auth.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/auth/auth.service.test.ts
rename to packages/cli/src/auth/__tests__/auth.service.test.ts
diff --git a/packages/cli/src/auth/methods/email.ts b/packages/cli/src/auth/methods/email.ts
index a88d00186b06a..f954991974570 100644
--- a/packages/cli/src/auth/methods/email.ts
+++ b/packages/cli/src/auth/methods/email.ts
@@ -4,7 +4,7 @@ import { Container } from 'typedi';
 import { isLdapLoginEnabled } from '@/Ldap/helpers.ee';
 import { UserRepository } from '@db/repositories/user.repository';
 import { AuthError } from '@/errors/response-errors/auth.error';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 export const handleEmailLogin = async (
 	email: string,
diff --git a/packages/cli/src/auth/methods/ldap.ts b/packages/cli/src/auth/methods/ldap.ts
index c8946aec9321e..66f6f6dcd9ffe 100644
--- a/packages/cli/src/auth/methods/ldap.ts
+++ b/packages/cli/src/auth/methods/ldap.ts
@@ -1,6 +1,5 @@
 import { Container } from 'typedi';
 
-import { InternalHooks } from '@/InternalHooks';
 import { LdapService } from '@/Ldap/ldap.service.ee';
 import {
 	createLdapUserOnLocalDb,
@@ -12,7 +11,7 @@ import {
 	updateLdapUserOnLocalDb,
 } from '@/Ldap/helpers.ee';
 import type { User } from '@db/entities/User';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 export const handleLdapLogin = async (
 	loginId: string,
@@ -51,11 +50,11 @@ export const handleLdapLogin = async (
 			await updateLdapUserOnLocalDb(identity, ldapAttributesValues);
 		} else {
 			const user = await createLdapUserOnLocalDb(ldapAttributesValues, ldapId);
-			Container.get(InternalHooks).onUserSignup(user, {
-				user_type: 'ldap',
-				was_disabled_ldap_user: false,
+			Container.get(EventService).emit('user-signed-up', {
+				user,
+				userType: 'ldap',
+				wasDisabledLdapUser: false,
 			});
-			Container.get(EventService).emit('user-signed-up', { user });
 			return user;
 		}
 	} else {
diff --git a/packages/cli/src/commands/BaseCommand.ts b/packages/cli/src/commands/BaseCommand.ts
index 4cebc7fbb66f6..af3958c25a4a0 100644
--- a/packages/cli/src/commands/BaseCommand.ts
+++ b/packages/cli/src/commands/BaseCommand.ts
@@ -15,15 +15,15 @@ import { ExternalHooks } from '@/ExternalHooks';
 import { NodeTypes } from '@/NodeTypes';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import type { N8nInstanceType } from '@/Interfaces';
-import { InternalHooks } from '@/InternalHooks';
 import { PostHogClient } from '@/posthog';
+import { InternalHooks } from '@/InternalHooks';
 import { License } from '@/License';
 import { ExternalSecretsManager } from '@/ExternalSecrets/ExternalSecretsManager.ee';
 import { initExpressionEvaluator } from '@/ExpressionEvaluator';
 import { generateHostInstanceId } from '@db/utils/generators';
 import { WorkflowHistoryManager } from '@/workflows/workflowHistory/workflowHistoryManager.ee';
 import { ShutdownService } from '@/shutdown/Shutdown.service';
-import { TelemetryEventRelay } from '@/telemetry/telemetry-event-relay.service';
+import { TelemetryEventRelay } from '@/events/telemetry-event-relay';
 
 export abstract class BaseCommand extends Command {
 	protected logger = Container.get(Logger);
@@ -44,13 +44,16 @@ export abstract class BaseCommand extends Command {
 
 	protected license: License;
 
-	protected globalConfig = Container.get(GlobalConfig);
+	protected readonly globalConfig = Container.get(GlobalConfig);
 
 	/**
 	 * How long to wait for graceful shutdown before force killing the process.
 	 */
 	protected gracefulShutdownTimeoutInS = config.getEnv('generic.gracefulShutdownTimeout');
 
+	/** Whether to init community packages (if enabled) */
+	protected needsCommunityPackages = false;
+
 	async init(): Promise<void> {
 		await initErrorHandling();
 		initExpressionEvaluator();
@@ -111,6 +114,12 @@ export abstract class BaseCommand extends Command {
 			);
 		}
 
+		const { communityPackages } = this.globalConfig.nodes;
+		if (communityPackages.enabled && this.needsCommunityPackages) {
+			const { CommunityPackagesService } = await import('@/services/communityPackages.service');
+			await Container.get(CommunityPackagesService).checkForMissingPackages();
+		}
+
 		await Container.get(PostHogClient).init();
 		await Container.get(InternalHooks).init();
 		await Container.get(TelemetryEventRelay).init();
@@ -306,7 +315,7 @@ export abstract class BaseCommand extends Command {
 		this.exit(exitCode);
 	}
 
-	private onTerminationSignal(signal: string) {
+	protected onTerminationSignal(signal: string) {
 		return async () => {
 			if (this.shutdownService.isShuttingDown()) {
 				this.logger.info(`Received ${signal}. Already shutting down...`);
@@ -324,7 +333,9 @@ export abstract class BaseCommand extends Command {
 			this.logger.info(`Received ${signal}. Shutting down...`);
 			this.shutdownService.shutdown();
 
-			await Promise.all([this.stopProcess(), this.shutdownService.waitForShutdown()]);
+			await this.shutdownService.waitForShutdown();
+
+			await this.stopProcess();
 
 			clearTimeout(forceShutdownTimer);
 		};
diff --git a/packages/cli/test/unit/commands/db/revert.test.ts b/packages/cli/src/commands/db/__tests__/revert.test.ts
similarity index 98%
rename from packages/cli/test/unit/commands/db/revert.test.ts
rename to packages/cli/src/commands/db/__tests__/revert.test.ts
index cea3f89253383..13c554a786ad3 100644
--- a/packages/cli/test/unit/commands/db/revert.test.ts
+++ b/packages/cli/src/commands/db/__tests__/revert.test.ts
@@ -1,5 +1,5 @@
 import { main } from '@/commands/db/revert';
-import { mockInstance } from '../../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { Logger } from '@/Logger';
 import type { IrreversibleMigration, ReversibleMigration } from '@/databases/types';
 import type { Migration, MigrationExecutor } from '@n8n/typeorm';
diff --git a/packages/cli/src/commands/execute.ts b/packages/cli/src/commands/execute.ts
index a375d19c31034..cdf949e87ceda 100644
--- a/packages/cli/src/commands/execute.ts
+++ b/packages/cli/src/commands/execute.ts
@@ -27,6 +27,8 @@ export class Execute extends BaseCommand {
 		}),
 	};
 
+	override needsCommunityPackages = true;
+
 	async init() {
 		await super.init();
 		await this.initBinaryDataService();
diff --git a/packages/cli/src/commands/executeBatch.ts b/packages/cli/src/commands/executeBatch.ts
index d8fdbeb8a201c..227dd962efb1b 100644
--- a/packages/cli/src/commands/executeBatch.ts
+++ b/packages/cli/src/commands/executeBatch.ts
@@ -108,6 +108,8 @@ export class ExecuteBatch extends BaseCommand {
 		}),
 	};
 
+	override needsCommunityPackages = true;
+
 	/**
 	 * Gracefully handles exit.
 	 * @param {boolean} skipExit Whether to skip exit or number according to received signal
diff --git a/packages/cli/src/commands/start.ts b/packages/cli/src/commands/start.ts
index 4d7cd888b4cc0..cc4555dc5e65b 100644
--- a/packages/cli/src/commands/start.ts
+++ b/packages/cli/src/commands/start.ts
@@ -8,7 +8,6 @@ import { createReadStream, createWriteStream, existsSync } from 'fs';
 import { pipeline } from 'stream/promises';
 import replaceStream from 'replacestream';
 import glob from 'fast-glob';
-import { GlobalConfig } from '@n8n/config';
 import { jsonParse, randomString } from 'n8n-workflow';
 
 import config from '@/config';
@@ -17,7 +16,6 @@ import { ActiveWorkflowManager } from '@/ActiveWorkflowManager';
 import { Server } from '@/Server';
 import { EDITOR_UI_DIST_DIR, LICENSE_FEATURES } from '@/constants';
 import { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
-import { InternalHooks } from '@/InternalHooks';
 import { License } from '@/License';
 import { OrchestrationService } from '@/services/orchestration.service';
 import { OrchestrationHandlerMainService } from '@/services/orchestration/main/orchestration.handler.main.service';
@@ -32,8 +30,7 @@ import type { IWorkflowExecutionDataProcess } from '@/Interfaces';
 import { ExecutionService } from '@/executions/execution.service';
 import { OwnershipService } from '@/services/ownership.service';
 import { WorkflowRunner } from '@/WorkflowRunner';
-import { ExecutionRecoveryService } from '@/executions/execution-recovery.service';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-var-requires
 const open = require('open');
@@ -68,6 +65,8 @@ export class Start extends BaseCommand {
 
 	protected server = Container.get(Server);
 
+	override needsCommunityPackages = true;
+
 	constructor(argv: string[], cmdConfig: Config) {
 		super(argv, cmdConfig);
 		this.setInstanceType('main');
@@ -109,7 +108,7 @@ export class Start extends BaseCommand {
 				await Container.get(OrchestrationService).shutdown();
 			}
 
-			await Container.get(InternalHooks).onN8nStop();
+			Container.get(EventService).emit('instance-stopped');
 
 			await Container.get(ActiveExecutions).shutdown();
 
@@ -125,7 +124,6 @@ export class Start extends BaseCommand {
 	private async generateStaticAssets() {
 		// Read the index file and replace the path placeholder
 		const n8nPath = this.globalConfig.path;
-
 		const hooksUrls = config.getEnv('externalFrontendHooksUrls');
 
 		let scriptsString = '';
@@ -178,6 +176,22 @@ export class Start extends BaseCommand {
 			this.logger.debug(`Queue mode id: ${this.queueModeId}`);
 		}
 
+		const { flags } = await this.parse(Start);
+		const { communityPackages } = this.globalConfig.nodes;
+		// cli flag overrides the config env variable
+		if (flags.reinstallMissingPackages) {
+			if (communityPackages.enabled) {
+				this.logger.warn(
+					'`--reinstallMissingPackages` is deprecated: Please use the env variable `N8N_REINSTALL_MISSING_PACKAGES` instead',
+				);
+				communityPackages.reinstallMissing = true;
+			} else {
+				this.logger.warn(
+					'`--reinstallMissingPackages` was passed, but community packages are disabled',
+				);
+			}
+		}
+
 		await super.init();
 		this.activeWorkflowManager = Container.get(ActiveWorkflowManager);
 
@@ -186,7 +200,7 @@ export class Start extends BaseCommand {
 		await this.initOrchestration();
 		this.logger.debug('Orchestration init complete');
 
-		if (!config.getEnv('license.autoRenewEnabled') && config.getEnv('instanceRole') === 'leader') {
+		if (!config.getEnv('license.autoRenewEnabled') && this.instanceSettings.isLeader) {
 			this.logger.warn(
 				'Automatic license renewal is disabled. The license will not renew automatically, and access to licensed features may be lost!',
 			);
@@ -210,7 +224,7 @@ export class Start extends BaseCommand {
 
 	async initOrchestration() {
 		if (config.getEnv('executions.mode') === 'regular') {
-			config.set('instanceRole', 'leader');
+			this.instanceSettings.markAsLeader();
 			return;
 		}
 
@@ -251,18 +265,9 @@ export class Start extends BaseCommand {
 			config.set(setting.key, jsonParse(setting.value, { fallbackValue: setting.value }));
 		});
 
-		const globalConfig = Container.get(GlobalConfig);
-
-		if (globalConfig.nodes.communityPackages.enabled) {
-			const { CommunityPackagesService } = await import('@/services/communityPackages.service');
-			await Container.get(CommunityPackagesService).setMissingPackages({
-				reinstallMissingPackages: flags.reinstallMissingPackages,
-			});
-		}
-
-		const { type: dbType } = globalConfig.database;
+		const { type: dbType } = this.globalConfig.database;
 		if (dbType === 'sqlite') {
-			const shouldRunVacuum = globalConfig.database.sqlite.executeVacuumOnStartup;
+			const shouldRunVacuum = this.globalConfig.database.sqlite.executeVacuumOnStartup;
 			if (shouldRunVacuum) {
 				await Container.get(ExecutionRepository).query('VACUUM;');
 			}
@@ -282,7 +287,7 @@ export class Start extends BaseCommand {
 			}
 
 			const { default: localtunnel } = await import('@n8n/localtunnel');
-			const { port } = Container.get(GlobalConfig);
+			const { port } = this.globalConfig;
 
 			const webhookTunnel = await localtunnel(port, {
 				host: 'https://hooks.n8n.cloud',
@@ -299,7 +304,6 @@ export class Start extends BaseCommand {
 		await this.server.start();
 
 		Container.get(PruningService).init();
-		Container.get(ExecutionRecoveryService).init();
 
 		if (config.getEnv('executions.mode') === 'regular') {
 			await this.runEnqueuedExecutions();
@@ -326,7 +330,7 @@ export class Start extends BaseCommand {
 					this.openBrowser();
 				} else if (key.charCodeAt(0) === 3) {
 					// Ctrl + c got pressed
-					void this.stopProcess();
+					void this.onTerminationSignal('SIGINT')();
 				} else {
 					// When anything else got pressed, record it and send it on enter into the child process
 
diff --git a/packages/cli/src/commands/webhook.ts b/packages/cli/src/commands/webhook.ts
index 5b72c1eb86a9b..d9c197c850385 100644
--- a/packages/cli/src/commands/webhook.ts
+++ b/packages/cli/src/commands/webhook.ts
@@ -4,8 +4,7 @@ import { ApplicationError } from 'n8n-workflow';
 
 import config from '@/config';
 import { ActiveExecutions } from '@/ActiveExecutions';
-import { WebhookServer } from '@/WebhookServer';
-import { Queue } from '@/Queue';
+import { WebhookServer } from '@/webhooks/WebhookServer';
 import { BaseCommand } from './BaseCommand';
 
 import { OrchestrationWebhookService } from '@/services/orchestration/webhook/orchestration.webhook.service';
@@ -22,6 +21,8 @@ export class Webhook extends BaseCommand {
 
 	protected server = Container.get(WebhookServer);
 
+	override needsCommunityPackages = true;
+
 	constructor(argv: string[], cmdConfig: Config) {
 		super(argv, cmdConfig);
 		this.setInstanceType('webhook');
@@ -84,7 +85,7 @@ export class Webhook extends BaseCommand {
 		await this.initExternalHooks();
 		this.logger.debug('External hooks init complete');
 		await this.initExternalSecrets();
-		this.logger.debug('External seecrets init complete');
+		this.logger.debug('External secrets init complete');
 	}
 
 	async run() {
@@ -94,7 +95,8 @@ export class Webhook extends BaseCommand {
 			);
 		}
 
-		await Container.get(Queue).init();
+		const { ScalingService } = await import('@/scaling/scaling.service');
+		await Container.get(ScalingService).setupQueue();
 		await this.server.start();
 		this.logger.debug(`Webhook listener ID: ${this.server.uniqueInstanceId}`);
 		this.logger.info('Webhook listener waiting for requests.');
diff --git a/packages/cli/src/commands/worker.ts b/packages/cli/src/commands/worker.ts
index 4f582904cddbb..5e75e4792d30d 100644
--- a/packages/cli/src/commands/worker.ts
+++ b/packages/cli/src/commands/worker.ts
@@ -2,22 +2,13 @@ import { Container } from 'typedi';
 import { Flags, type Config } from '@oclif/core';
 import express from 'express';
 import http from 'http';
-import type PCancelable from 'p-cancelable';
-import { GlobalConfig } from '@n8n/config';
-import { WorkflowExecute } from 'n8n-core';
-import type { ExecutionStatus, IExecuteResponsePromiseData, INodeTypes, IRun } from 'n8n-workflow';
-import { Workflow, sleep, ApplicationError } from 'n8n-workflow';
+import { ApplicationError } from 'n8n-workflow';
 
 import * as Db from '@/Db';
 import * as ResponseHelper from '@/ResponseHelper';
-import * as WebhookHelpers from '@/WebhookHelpers';
-import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
 import config from '@/config';
-import type { Job, JobId, JobResponse, WebhookResponse } from '@/Queue';
-import { Queue } from '@/Queue';
+import type { ScalingService } from '@/scaling/scaling.service';
 import { N8N_VERSION, inTest } from '@/constants';
-import { ExecutionRepository } from '@db/repositories/execution.repository';
-import { WorkflowRepository } from '@db/repositories/workflow.repository';
 import type { ICredentialsOverwrite } from '@/Interfaces';
 import { CredentialsOverwrites } from '@/CredentialsOverwrites';
 import { rawBodyReader, bodyParser } from '@/middlewares';
@@ -26,11 +17,10 @@ import type { RedisServicePubSubSubscriber } from '@/services/redis/RedisService
 import { EventMessageGeneric } from '@/eventbus/EventMessageClasses/EventMessageGeneric';
 import { OrchestrationHandlerWorkerService } from '@/services/orchestration/worker/orchestration.handler.worker.service';
 import { OrchestrationWorkerService } from '@/services/orchestration/worker/orchestration.worker.service';
-import type { WorkerJobStatusSummary } from '@/services/orchestration/worker/types';
 import { ServiceUnavailableError } from '@/errors/response-errors/service-unavailable.error';
 import { BaseCommand } from './BaseCommand';
-import { MaxStalledCountError } from '@/errors/max-stalled-count.error';
-import { AuditEventRelay } from '@/eventbus/audit-event-relay.service';
+import { JobProcessor } from '@/scaling/job-processor';
+import { LogStreamingEventRelay } from '@/events/log-streaming-event-relay';
 
 export class Worker extends BaseCommand {
 	static description = '\nStarts a n8n worker';
@@ -45,18 +35,22 @@ export class Worker extends BaseCommand {
 		}),
 	};
 
-	static runningJobs: {
-		[key: string]: PCancelable<IRun>;
-	} = {};
+	/**
+	 * How many jobs this worker may run concurrently.
+	 *
+	 * Taken from env var `N8N_CONCURRENCY_PRODUCTION_LIMIT` if set to a value
+	 * other than -1, else taken from `--concurrency` flag.
+	 */
+	concurrency: number;
 
-	static runningJobsSummary: {
-		[jobId: string]: WorkerJobStatusSummary;
-	} = {};
+	scalingService: ScalingService;
 
-	static jobQueue: Queue;
+	jobProcessor: JobProcessor;
 
 	redisSubscriber: RedisServicePubSubSubscriber;
 
+	override needsCommunityPackages = true;
+
 	/**
 	 * Stop n8n in a graceful way.
 	 * Make for example sure that all the webhooks from third party services
@@ -67,23 +61,6 @@ export class Worker extends BaseCommand {
 
 		try {
 			await this.externalHooks?.run('n8n.stop', []);
-
-			const hardStopTimeMs = Date.now() + this.gracefulShutdownTimeoutInS * 1000;
-
-			// Wait for active workflow executions to finish
-			let count = 0;
-			while (Object.keys(Worker.runningJobs).length !== 0) {
-				if (count++ % 4 === 0) {
-					const waitLeft = Math.ceil((hardStopTimeMs - Date.now()) / 1000);
-					this.logger.info(
-						`Waiting for ${
-							Object.keys(Worker.runningJobs).length
-						} active executions to finish... (max wait ${waitLeft} more seconds)`,
-					);
-				}
-
-				await sleep(500);
-			}
 		} catch (error) {
 			await this.exitWithCrash('There was an error shutting down n8n.', error);
 		}
@@ -91,143 +68,6 @@ export class Worker extends BaseCommand {
 		await this.exitSuccessFully();
 	}
 
-	async runJob(job: Job, nodeTypes: INodeTypes): Promise<JobResponse> {
-		const { executionId, loadStaticData } = job.data;
-		const executionRepository = Container.get(ExecutionRepository);
-		const fullExecutionData = await executionRepository.findSingleExecution(executionId, {
-			includeData: true,
-			unflattenData: true,
-		});
-
-		if (!fullExecutionData) {
-			this.logger.error(
-				`Worker failed to find data of execution "${executionId}" in database. Cannot continue.`,
-				{ executionId },
-			);
-			throw new ApplicationError(
-				'Unable to find data of execution in database. Aborting execution.',
-				{ extra: { executionId } },
-			);
-		}
-		const workflowId = fullExecutionData.workflowData.id;
-
-		this.logger.info(
-			`Start job: ${job.id} (Workflow ID: ${workflowId} | Execution: ${executionId})`,
-		);
-		await executionRepository.updateStatus(executionId, 'running');
-
-		let { staticData } = fullExecutionData.workflowData;
-		if (loadStaticData) {
-			const workflowData = await Container.get(WorkflowRepository).findOne({
-				select: ['id', 'staticData'],
-				where: {
-					id: workflowId,
-				},
-			});
-			if (workflowData === null) {
-				this.logger.error(
-					'Worker execution failed because workflow could not be found in database.',
-					{ workflowId, executionId },
-				);
-				throw new ApplicationError('Workflow could not be found', { extra: { workflowId } });
-			}
-			staticData = workflowData.staticData;
-		}
-
-		const workflowSettings = fullExecutionData.workflowData.settings ?? {};
-
-		let workflowTimeout = workflowSettings.executionTimeout ?? config.getEnv('executions.timeout'); // initialize with default
-
-		let executionTimeoutTimestamp: number | undefined;
-		if (workflowTimeout > 0) {
-			workflowTimeout = Math.min(workflowTimeout, config.getEnv('executions.maxTimeout'));
-			executionTimeoutTimestamp = Date.now() + workflowTimeout * 1000;
-		}
-
-		const workflow = new Workflow({
-			id: workflowId,
-			name: fullExecutionData.workflowData.name,
-			nodes: fullExecutionData.workflowData.nodes,
-			connections: fullExecutionData.workflowData.connections,
-			active: fullExecutionData.workflowData.active,
-			nodeTypes,
-			staticData,
-			settings: fullExecutionData.workflowData.settings,
-		});
-
-		const additionalData = await WorkflowExecuteAdditionalData.getBase(
-			undefined,
-			undefined,
-			executionTimeoutTimestamp,
-		);
-		additionalData.hooks = WorkflowExecuteAdditionalData.getWorkflowHooksWorkerExecuter(
-			fullExecutionData.mode,
-			job.data.executionId,
-			fullExecutionData.workflowData,
-			{
-				retryOf: fullExecutionData.retryOf as string,
-			},
-		);
-
-		additionalData.hooks.hookFunctions.sendResponse = [
-			async (response: IExecuteResponsePromiseData): Promise<void> => {
-				const progress: WebhookResponse = {
-					executionId,
-					response: WebhookHelpers.encodeWebhookResponse(response),
-				};
-				await job.progress(progress);
-			},
-		];
-
-		additionalData.executionId = executionId;
-
-		additionalData.setExecutionStatus = (status: ExecutionStatus) => {
-			// Can't set the status directly in the queued worker, but it will happen in InternalHook.onWorkflowPostExecute
-			this.logger.debug(`Queued worker execution status for ${executionId} is "${status}"`);
-		};
-
-		let workflowExecute: WorkflowExecute;
-		let workflowRun: PCancelable<IRun>;
-		if (fullExecutionData.data !== undefined) {
-			workflowExecute = new WorkflowExecute(
-				additionalData,
-				fullExecutionData.mode,
-				fullExecutionData.data,
-			);
-			workflowRun = workflowExecute.processRunExecutionData(workflow);
-		} else {
-			// Execute all nodes
-			// Can execute without webhook so go on
-			workflowExecute = new WorkflowExecute(additionalData, fullExecutionData.mode);
-			workflowRun = workflowExecute.run(workflow);
-		}
-
-		Worker.runningJobs[job.id] = workflowRun;
-		Worker.runningJobsSummary[job.id] = {
-			jobId: job.id.toString(),
-			executionId,
-			workflowId: fullExecutionData.workflowId ?? '',
-			workflowName: fullExecutionData.workflowData.name,
-			mode: fullExecutionData.mode,
-			startedAt: fullExecutionData.startedAt,
-			retryOf: fullExecutionData.retryOf ?? '',
-			status: fullExecutionData.status,
-		};
-
-		// Wait till the execution is finished
-		await workflowRun;
-
-		delete Worker.runningJobs[job.id];
-		delete Worker.runningJobsSummary[job.id];
-
-		// do NOT call workflowExecuteAfter hook here, since it is being called from processSuccessExecution()
-		// already!
-
-		return {
-			success: true,
-		};
-	}
-
 	constructor(argv: string[], cmdConfig: Config) {
 		super(argv, cmdConfig);
 
@@ -245,7 +85,7 @@ export class Worker extends BaseCommand {
 		const { QUEUE_WORKER_TIMEOUT } = process.env;
 		if (QUEUE_WORKER_TIMEOUT) {
 			this.gracefulShutdownTimeoutInS =
-				parseInt(QUEUE_WORKER_TIMEOUT, 10) || config.default('queue.bull.gracefulShutdownTimeout');
+				parseInt(QUEUE_WORKER_TIMEOUT, 10) || this.globalConfig.queue.bull.gracefulShutdownTimeout;
 			this.logger.warn(
 				'QUEUE_WORKER_TIMEOUT has been deprecated. Rename it to N8N_GRACEFUL_SHUTDOWN_TIMEOUT.',
 			);
@@ -255,6 +95,7 @@ export class Worker extends BaseCommand {
 		this.logger.debug('Starting n8n worker...');
 		this.logger.debug(`Queue mode id: ${this.queueModeId}`);
 
+		await this.setConcurrency();
 		await super.init();
 
 		await this.initLicense();
@@ -267,8 +108,7 @@ export class Worker extends BaseCommand {
 		this.logger.debug('External secrets init complete');
 		await this.initEventBus();
 		this.logger.debug('Event bus init complete');
-		await this.initQueue();
-		this.logger.debug('Queue init complete');
+		await this.initScalingService();
 		await this.initOrchestration();
 		this.logger.debug('Orchestration init complete');
 
@@ -286,7 +126,7 @@ export class Worker extends BaseCommand {
 		await Container.get(MessageEventBus).initialize({
 			workerId: this.queueModeId,
 		});
-		Container.get(AuditEventRelay).init();
+		Container.get(LogStreamingEventRelay).init();
 	}
 
 	/**
@@ -300,84 +140,32 @@ export class Worker extends BaseCommand {
 		await Container.get(OrchestrationHandlerWorkerService).initWithOptions({
 			queueModeId: this.queueModeId,
 			redisPublisher: Container.get(OrchestrationWorkerService).redisPublisher,
-			getRunningJobIds: () => Object.keys(Worker.runningJobs),
-			getRunningJobsSummary: () => Object.values(Worker.runningJobsSummary),
+			getRunningJobIds: () => this.jobProcessor.getRunningJobIds(),
+			getRunningJobsSummary: () => this.jobProcessor.getRunningJobsSummary(),
 		});
 	}
 
-	async initQueue() {
+	async setConcurrency() {
 		const { flags } = await this.parse(Worker);
 
-		const redisConnectionTimeoutLimit = config.getEnv('queue.bull.redis.timeoutThreshold');
-
-		this.logger.debug(
-			`Opening Redis connection to listen to messages with timeout ${redisConnectionTimeoutLimit}`,
-		);
-
-		Worker.jobQueue = Container.get(Queue);
-		await Worker.jobQueue.init();
-		this.logger.debug('Queue singleton ready');
-
 		const envConcurrency = config.getEnv('executions.concurrency.productionLimit');
-		const concurrency = envConcurrency !== -1 ? envConcurrency : flags.concurrency;
-		Worker.jobQueue.setConcurrency(concurrency);
 
-		void Worker.jobQueue.process(async (job) => await this.runJob(job, this.nodeTypes));
+		this.concurrency = envConcurrency !== -1 ? envConcurrency : flags.concurrency;
+	}
 
-		Worker.jobQueue.getBullObjectInstance().on('global:progress', (jobId: JobId, progress) => {
-			// Progress of a job got updated which does get used
-			// to communicate that a job got canceled.
+	async initScalingService() {
+		const { ScalingService } = await import('@/scaling/scaling.service');
+		this.scalingService = Container.get(ScalingService);
 
-			if (progress === -1) {
-				// Job has to get canceled
-				if (Worker.runningJobs[jobId] !== undefined) {
-					// Job is processed by current worker so cancel
-					Worker.runningJobs[jobId].cancel();
-					delete Worker.runningJobs[jobId];
-				}
-			}
-		});
+		await this.scalingService.setupQueue();
 
-		let lastTimer = 0;
-		let cumulativeTimeout = 0;
-		Worker.jobQueue.getBullObjectInstance().on('error', (error: Error) => {
-			if (error.toString().includes('ECONNREFUSED')) {
-				const now = Date.now();
-				if (now - lastTimer > 30000) {
-					// Means we had no timeout at all or last timeout was temporary and we recovered
-					lastTimer = now;
-					cumulativeTimeout = 0;
-				} else {
-					cumulativeTimeout += now - lastTimer;
-					lastTimer = now;
-					if (cumulativeTimeout > redisConnectionTimeoutLimit) {
-						this.logger.error(
-							`Unable to connect to Redis after ${redisConnectionTimeoutLimit}. Exiting process.`,
-						);
-						process.exit(1);
-					}
-				}
-				this.logger.warn('Redis unavailable - trying to reconnect...');
-			} else if (error.toString().includes('Error initializing Lua scripts')) {
-				// This is a non-recoverable error
-				// Happens when worker starts and Redis is unavailable
-				// Even if Redis comes back online, worker will be zombie
-				this.logger.error('Error initializing worker.');
-				process.exit(2);
-			} else {
-				this.logger.error('Error from queue: ', error);
-
-				if (error.message.includes('job stalled more than maxStalledCount')) {
-					throw new MaxStalledCountError(error);
-				}
+		this.scalingService.setupWorker(this.concurrency);
 
-				throw error;
-			}
-		});
+		this.jobProcessor = Container.get(JobProcessor);
 	}
 
 	async setupHealthMonitor() {
-		const port = config.getEnv('queue.health.port');
+		const { port } = this.globalConfig.queue.health;
 
 		const app = express();
 		app.disable('x-powered-by');
@@ -409,7 +197,7 @@ export class Worker extends BaseCommand {
 				// if it loses the connection to redis
 				try {
 					// Redis ping
-					await Worker.jobQueue.ping();
+					await this.scalingService.pingQueue();
 				} catch (e) {
 					this.logger.error('No Redis connection!', e as Error);
 					const error = new ServiceUnavailableError('No Redis connection!');
@@ -429,8 +217,7 @@ export class Worker extends BaseCommand {
 
 		let presetCredentialsLoaded = false;
 
-		const globalConfig = Container.get(GlobalConfig);
-		const endpointPresetCredentials = globalConfig.credentials.overwrite.endpoint;
+		const endpointPresetCredentials = this.globalConfig.credentials.overwrite.endpoint;
 		if (endpointPresetCredentials !== '') {
 			// POST endpoint to set preset credentials
 			app.post(
@@ -476,18 +263,16 @@ export class Worker extends BaseCommand {
 	}
 
 	async run() {
-		const { flags } = await this.parse(Worker);
-
 		this.logger.info('\nn8n worker is now ready');
 		this.logger.info(` * Version: ${N8N_VERSION}`);
-		this.logger.info(` * Concurrency: ${flags.concurrency}`);
+		this.logger.info(` * Concurrency: ${this.concurrency}`);
 		this.logger.info('');
 
-		if (config.getEnv('queue.health.active')) {
+		if (this.globalConfig.queue.health.active) {
 			await this.setupHealthMonitor();
 		}
 
-		if (process.stdout.isTTY) {
+		if (!inTest && process.stdout.isTTY) {
 			process.stdin.setRawMode(true);
 			process.stdin.resume();
 			process.stdin.setEncoding('utf8');
diff --git a/packages/cli/src/concurrency/__tests__/concurrency-control.service.test.ts b/packages/cli/src/concurrency/__tests__/concurrency-control.service.test.ts
index c694ab29406a3..08f58ac600324 100644
--- a/packages/cli/src/concurrency/__tests__/concurrency-control.service.test.ts
+++ b/packages/cli/src/concurrency/__tests__/concurrency-control.service.test.ts
@@ -12,7 +12,7 @@ import type { WorkflowExecuteMode as ExecutionMode } from 'n8n-workflow';
 import type { ExecutionRepository } from '@/databases/repositories/execution.repository';
 import type { IExecutingWorkflowData } from '@/Interfaces';
 import type { Telemetry } from '@/telemetry';
-import type { EventService } from '@/eventbus/event.service';
+import type { EventService } from '@/events/event.service';
 
 describe('ConcurrencyControlService', () => {
 	const logger = mock<Logger>();
diff --git a/packages/cli/src/concurrency/concurrency-control.service.ts b/packages/cli/src/concurrency/concurrency-control.service.ts
index 50c73fa668b4e..6e62e9b78df54 100644
--- a/packages/cli/src/concurrency/concurrency-control.service.ts
+++ b/packages/cli/src/concurrency/concurrency-control.service.ts
@@ -8,7 +8,7 @@ import { ExecutionRepository } from '@/databases/repositories/execution.reposito
 import type { WorkflowExecuteMode as ExecutionMode } from 'n8n-workflow';
 import type { IExecutingWorkflowData } from '@/Interfaces';
 import { Telemetry } from '@/telemetry';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 export const CLOUD_TEMP_PRODUCTION_LIMIT = 999;
 export const CLOUD_TEMP_REPORTABLE_THRESHOLDS = [5, 10, 20, 50, 100, 200];
diff --git a/packages/cli/test/unit/config/index.test.ts b/packages/cli/src/config/__tests__/index.test.ts
similarity index 100%
rename from packages/cli/test/unit/config/index.test.ts
rename to packages/cli/src/config/__tests__/index.test.ts
diff --git a/packages/cli/src/config/schema.ts b/packages/cli/src/config/schema.ts
index 068317e4918f6..a0db9a4c36d16 100644
--- a/packages/cli/src/config/schema.ts
+++ b/packages/cli/src/config/schema.ts
@@ -4,6 +4,7 @@ import { Container } from 'typedi';
 import { InstanceSettings } from 'n8n-core';
 import { LOG_LEVELS } from 'n8n-workflow';
 import { ensureStringArray } from './utils';
+import { GlobalConfig } from '@n8n/config';
 
 convict.addFormat({
 	name: 'comma-separated-list',
@@ -161,119 +162,6 @@ export const schema = {
 		},
 	},
 
-	queue: {
-		health: {
-			active: {
-				doc: 'If health checks should be enabled',
-				format: Boolean,
-				default: false,
-				env: 'QUEUE_HEALTH_CHECK_ACTIVE',
-			},
-			port: {
-				doc: 'Port to serve health check on if activated',
-				format: Number,
-				default: 5678,
-				env: 'QUEUE_HEALTH_CHECK_PORT',
-			},
-		},
-		bull: {
-			prefix: {
-				doc: 'Prefix for all bull queue keys',
-				format: String,
-				default: 'bull',
-				env: 'QUEUE_BULL_PREFIX',
-			},
-			redis: {
-				db: {
-					doc: 'Redis DB',
-					format: Number,
-					default: 0,
-					env: 'QUEUE_BULL_REDIS_DB',
-				},
-				host: {
-					doc: 'Redis Host',
-					format: String,
-					default: 'localhost',
-					env: 'QUEUE_BULL_REDIS_HOST',
-				},
-				password: {
-					doc: 'Redis Password',
-					format: String,
-					default: '',
-					env: 'QUEUE_BULL_REDIS_PASSWORD',
-				},
-				port: {
-					doc: 'Redis Port',
-					format: Number,
-					default: 6379,
-					env: 'QUEUE_BULL_REDIS_PORT',
-				},
-				timeoutThreshold: {
-					doc: 'Max cumulative timeout (in milliseconds) of connection retries before process exit',
-					format: Number,
-					default: 10000,
-					env: 'QUEUE_BULL_REDIS_TIMEOUT_THRESHOLD',
-				},
-				username: {
-					doc: 'Redis Username (needs Redis >= 6)',
-					format: String,
-					default: '',
-					env: 'QUEUE_BULL_REDIS_USERNAME',
-				},
-				clusterNodes: {
-					doc: 'Redis Cluster startup nodes (comma separated list of host:port pairs)',
-					format: String,
-					default: '',
-					env: 'QUEUE_BULL_REDIS_CLUSTER_NODES',
-				},
-				tls: {
-					format: Boolean,
-					default: false,
-					env: 'QUEUE_BULL_REDIS_TLS',
-					doc: 'Enable TLS on Redis connections. Default: false',
-				},
-			},
-			queueRecoveryInterval: {
-				doc: 'If > 0 enables an active polling to the queue that can recover for Redis crashes. Given in seconds; 0 is disabled. May increase Redis traffic significantly.',
-				format: Number,
-				default: 60,
-				env: 'QUEUE_RECOVERY_INTERVAL',
-			},
-			gracefulShutdownTimeout: {
-				doc: '[DEPRECATED] (Use N8N_GRACEFUL_SHUTDOWN_TIMEOUT instead) How long should n8n wait for running executions before exiting worker process (seconds)',
-				format: Number,
-				default: 30,
-				env: 'QUEUE_WORKER_TIMEOUT',
-			},
-			settings: {
-				lockDuration: {
-					doc: 'How long (ms) is the lease period for a worker to work on a message',
-					format: Number,
-					default: 30000,
-					env: 'QUEUE_WORKER_LOCK_DURATION',
-				},
-				lockRenewTime: {
-					doc: 'How frequently (ms) should a worker renew the lease time',
-					format: Number,
-					default: 15000,
-					env: 'QUEUE_WORKER_LOCK_RENEW_TIME',
-				},
-				stalledInterval: {
-					doc: 'How often check for stalled jobs (use 0 for never checking)',
-					format: Number,
-					default: 30000,
-					env: 'QUEUE_WORKER_STALLED_INTERVAL',
-				},
-				maxStalledCount: {
-					doc: 'Max amount of times a stalled job will be re-processed',
-					format: Number,
-					default: 1,
-					env: 'QUEUE_WORKER_MAX_STALLED_COUNT',
-				},
-			},
-		},
-	},
-
 	generic: {
 		// The timezone to use. Is important for nodes like "Cron" which start the
 		// workflow automatically at a specified time. This setting can also be
@@ -340,7 +228,7 @@ export const schema = {
 			env: 'N8N_RESTRICT_FILE_ACCESS_TO',
 		},
 		blockFileAccessToN8nFiles: {
-			doc: 'If set to true it will block access to all files in the ".n8n" directory and user defined config files.',
+			doc: 'If set to true it will block access to all files in the ".n8n" directory, the static cache dir at ~/.cache/n8n/public, and user defined config files.',
 			format: Boolean,
 			default: true,
 			env: 'N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES',
@@ -381,12 +269,17 @@ export const schema = {
 			default: 0,
 			env: 'N8N_USER_MANAGEMENT_JWT_REFRESH_TIMEOUT_HOURS',
 		},
+
+		/**
+		 * @important Do not remove until after cloud hooks are updated to stop using convict config.
+		 */
 		isInstanceOwnerSetUp: {
 			// n8n loads this setting from DB on startup
 			doc: "Whether the instance owner's account has been set up",
 			format: Boolean,
 			default: false,
 		},
+
 		authenticationMethod: {
 			doc: 'How to authenticate users (e.g. "email", "ldap", "saml")',
 			format: ['email', 'ldap', 'saml'] as const,
@@ -654,43 +547,19 @@ export const schema = {
 		},
 	},
 
-	cache: {
-		backend: {
-			doc: 'Backend to use for caching',
-			format: ['memory', 'redis', 'auto'] as const,
-			default: 'auto',
-			env: 'N8N_CACHE_BACKEND',
-		},
-		memory: {
-			maxSize: {
-				doc: 'Maximum size of memory cache in bytes',
-				format: Number,
-				default: 3 * 1024 * 1024, // 3 MB
-				env: 'N8N_CACHE_MEMORY_MAX_SIZE',
-			},
-			ttl: {
-				doc: 'Time to live for cached items in memory (in ms)',
-				format: Number,
-				default: 3600 * 1000, // 1 hour
-				env: 'N8N_CACHE_MEMORY_TTL',
-			},
-		},
-		redis: {
-			prefix: {
-				doc: 'Prefix for all cache keys',
-				format: String,
-				default: 'cache',
-				env: 'N8N_CACHE_REDIS_KEY_PREFIX',
-			},
-			ttl: {
-				doc: 'Time to live for cached items in redis (in ms), 0 for no TTL',
-				format: Number,
-				default: 3600 * 1000, // 1 hour
-				env: 'N8N_CACHE_REDIS_TTL',
-			},
+	/**
+	 * @important Do not remove until after cloud hooks are updated to stop using convict config.
+	 */
+	endpoints: {
+		rest: {
+			format: String,
+			default: Container.get(GlobalConfig).endpoints.rest,
 		},
 	},
 
+	/**
+	 * @important Do not remove until after cloud hooks are updated to stop using convict config.
+	 */
 	ai: {
 		enabled: {
 			doc: 'Whether AI features are enabled',
@@ -740,12 +609,6 @@ export const schema = {
 		},
 	},
 
-	instanceRole: {
-		doc: 'Always `leader` in single-main setup. `leader` or `follower` in multi-main setup.',
-		format: ['unset', 'leader', 'follower'] as const,
-		default: 'unset', // only until Start.initOrchestration
-	},
-
 	multiMainSetup: {
 		enabled: {
 			doc: 'Whether to enable multi-main setup for queue mode (license required)',
diff --git a/packages/cli/src/constants.ts b/packages/cli/src/constants.ts
index 41c95cb01ace6..dfb072576aa9f 100644
--- a/packages/cli/src/constants.ts
+++ b/packages/cli/src/constants.ts
@@ -90,6 +90,7 @@ export const LICENSE_FEATURES = {
 	PROJECT_ROLE_ADMIN: 'feat:projectRole:admin',
 	PROJECT_ROLE_EDITOR: 'feat:projectRole:editor',
 	PROJECT_ROLE_VIEWER: 'feat:projectRole:viewer',
+	COMMUNITY_NODES_CUSTOM_REGISTRY: 'feat:communityNodes:customRegistry',
 } as const;
 
 export const LICENSE_QUOTAS = {
diff --git a/packages/cli/test/unit/controllers/curl.controller.test.ts b/packages/cli/src/controllers/__tests__/curl.controller.test.ts
similarity index 100%
rename from packages/cli/test/unit/controllers/curl.controller.test.ts
rename to packages/cli/src/controllers/__tests__/curl.controller.test.ts
diff --git a/packages/cli/test/unit/controllers/dynamic-node-parameters.controller.test.ts b/packages/cli/src/controllers/__tests__/dynamic-node-parameters.controller.test.ts
similarity index 100%
rename from packages/cli/test/unit/controllers/dynamic-node-parameters.controller.test.ts
rename to packages/cli/src/controllers/__tests__/dynamic-node-parameters.controller.test.ts
diff --git a/packages/cli/test/unit/controllers/me.controller.test.ts b/packages/cli/src/controllers/__tests__/me.controller.test.ts
similarity index 72%
rename from packages/cli/test/unit/controllers/me.controller.test.ts
rename to packages/cli/src/controllers/__tests__/me.controller.test.ts
index 2416ecafbddb4..3ff4c5bbe0860 100644
--- a/packages/cli/test/unit/controllers/me.controller.test.ts
+++ b/packages/cli/src/controllers/__tests__/me.controller.test.ts
@@ -9,20 +9,25 @@ import { AUTH_COOKIE_NAME } from '@/constants';
 import type { AuthenticatedRequest, MeRequest } from '@/requests';
 import { UserService } from '@/services/user.service';
 import { ExternalHooks } from '@/ExternalHooks';
-import { InternalHooks } from '@/InternalHooks';
 import { License } from '@/License';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { UserRepository } from '@/databases/repositories/user.repository';
-import { badPasswords } from '../shared/testData';
-import { mockInstance } from '../../shared/mocking';
+import { EventService } from '@/events/event.service';
+import { badPasswords } from '@test/testData';
+import { mockInstance } from '@test/mocking';
+import { AuthUserRepository } from '@/databases/repositories/authUser.repository';
+import { MfaService } from '@/Mfa/mfa.service';
+import { InvalidMfaCodeError } from '@/errors/response-errors/invalid-mfa-code.error';
 
 const browserId = 'test-browser-id';
 
 describe('MeController', () => {
 	const externalHooks = mockInstance(ExternalHooks);
-	const internalHooks = mockInstance(InternalHooks);
+	const eventService = mockInstance(EventService);
 	const userService = mockInstance(UserService);
 	const userRepository = mockInstance(UserRepository);
+	const mockMfaService = mockInstance(MfaService);
+	mockInstance(AuthUserRepository);
 	mockInstance(License).isWithinUsersLimit.mockReturnValue(true);
 	const controller = Container.get(MeController);
 
@@ -44,6 +49,7 @@ describe('MeController', () => {
 		it('should update the user in the DB, and issue a new cookie', async () => {
 			const user = mock<User>({
 				id: '123',
+				email: 'valid@email.com',
 				password: 'password',
 				authIdentities: [],
 				role: 'global:owner',
@@ -51,6 +57,7 @@ describe('MeController', () => {
 			const reqBody = { email: 'valid@email.com', firstName: 'John', lastName: 'Potato' };
 			const req = mock<MeRequest.UserUpdate>({ user, body: reqBody, browserId });
 			const res = mock<Response>();
+			userRepository.findOneByOrFail.mockResolvedValue(user);
 			userRepository.findOneOrFail.mockResolvedValue(user);
 			jest.spyOn(jwt, 'sign').mockImplementation(() => 'signed-token');
 			userService.toPublic.mockResolvedValue({} as unknown as PublicUser);
@@ -64,7 +71,10 @@ describe('MeController', () => {
 			]);
 
 			expect(userService.update).toHaveBeenCalled();
-
+			expect(eventService.emit).toHaveBeenCalledWith('user-updated', {
+				user,
+				fieldsChanged: ['firstName', 'lastName'], // email did not change
+			});
 			expect(res.cookie).toHaveBeenCalledWith(
 				AUTH_COOKIE_NAME,
 				'signed-token',
@@ -174,7 +184,7 @@ describe('MeController', () => {
 
 		it('should update the password in the DB, and issue a new cookie', async () => {
 			const req = mock<MeRequest.Password>({
-				user: mock({ password: passwordHash }),
+				user: mock({ password: passwordHash, mfaEnabled: false }),
 				body: { currentPassword: 'old_password', newPassword: 'NewPassword123' },
 				browserId,
 			});
@@ -202,9 +212,53 @@ describe('MeController', () => {
 				req.user.password,
 			]);
 
-			expect(internalHooks.onUserUpdate).toHaveBeenCalledWith({
+			expect(eventService.emit).toHaveBeenCalledWith('user-updated', {
 				user: req.user,
-				fields_changed: ['password'],
+				fieldsChanged: ['password'],
+			});
+		});
+
+		describe('mfa enabled', () => {
+			it('should throw BadRequestError if mfa code is missing', async () => {
+				const req = mock<MeRequest.Password>({
+					user: mock({ password: passwordHash, mfaEnabled: true }),
+					body: { currentPassword: 'old_password', newPassword: 'NewPassword123' },
+				});
+
+				await expect(controller.updatePassword(req, mock())).rejects.toThrowError(
+					new BadRequestError('Two-factor code is required to change password.'),
+				);
+			});
+
+			it('should throw InvalidMfaCodeError if invalid mfa code is given', async () => {
+				const req = mock<MeRequest.Password>({
+					user: mock({ password: passwordHash, mfaEnabled: true }),
+					body: { currentPassword: 'old_password', newPassword: 'NewPassword123', mfaCode: '123' },
+				});
+				mockMfaService.validateMfa.mockResolvedValue(false);
+
+				await expect(controller.updatePassword(req, mock())).rejects.toThrow(InvalidMfaCodeError);
+			});
+
+			it('should succeed when mfa code is correct', async () => {
+				const req = mock<MeRequest.Password>({
+					user: mock({ password: passwordHash, mfaEnabled: true }),
+					body: {
+						currentPassword: 'old_password',
+						newPassword: 'NewPassword123',
+						mfaCode: 'valid',
+					},
+					browserId,
+				});
+				const res = mock<Response>();
+				userRepository.save.calledWith(req.user).mockResolvedValue(req.user);
+				jest.spyOn(jwt, 'sign').mockImplementation(() => 'new-signed-token');
+				mockMfaService.validateMfa.mockResolvedValue(true);
+
+				const result = await controller.updatePassword(req, res);
+
+				expect(result).toEqual({ success: true });
+				expect(req.user.password).not.toBe(passwordHash);
 			});
 		});
 	});
@@ -218,6 +272,26 @@ describe('MeController', () => {
 				new BadRequestError('Personalization answers are mandatory'),
 			);
 		});
+
+		it('should throw BadRequestError on XSS attempt', async () => {
+			const req = mock<MeRequest.SurveyAnswers>({
+				body: { 'test-answer': '<script>alert("XSS")</script>' },
+			});
+
+			await expect(controller.storeSurveyAnswers(req)).rejects.toThrowError(BadRequestError);
+		});
+	});
+
+	describe('updateCurrentUserSettings', () => {
+		it('should throw BadRequestError on XSS attempt', async () => {
+			const req = mock<AuthenticatedRequest>({
+				body: {
+					userActivated: '<script>alert("XSS")</script>',
+				},
+			});
+
+			await expect(controller.updateCurrentUserSettings(req)).rejects.toThrowError(BadRequestError);
+		});
 	});
 
 	describe('API Key methods', () => {
diff --git a/packages/cli/test/unit/controllers/owner.controller.test.ts b/packages/cli/src/controllers/__tests__/owner.controller.test.ts
similarity index 94%
rename from packages/cli/test/unit/controllers/owner.controller.test.ts
rename to packages/cli/src/controllers/__tests__/owner.controller.test.ts
index 0057c2370896b..8c4f00abeeab0 100644
--- a/packages/cli/test/unit/controllers/owner.controller.test.ts
+++ b/packages/cli/src/controllers/__tests__/owner.controller.test.ts
@@ -10,18 +10,16 @@ import type { User } from '@db/entities/User';
 import type { SettingsRepository } from '@db/repositories/settings.repository';
 import type { UserRepository } from '@db/repositories/user.repository';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
-import type { InternalHooks } from '@/InternalHooks';
 import { License } from '@/License';
 import type { OwnerRequest } from '@/requests';
 import type { UserService } from '@/services/user.service';
 import { PasswordUtility } from '@/services/password.utility';
 
-import { mockInstance } from '../../shared/mocking';
-import { badPasswords } from '../shared/testData';
+import { mockInstance } from '@test/mocking';
+import { badPasswords } from '@test/testData';
 
 describe('OwnerController', () => {
 	const configGetSpy = jest.spyOn(config, 'getEnv');
-	const internalHooks = mock<InternalHooks>();
 	const authService = mock<AuthService>();
 	const userService = mock<UserService>();
 	const userRepository = mock<UserRepository>();
@@ -29,7 +27,7 @@ describe('OwnerController', () => {
 	mockInstance(License).isWithinUsersLimit.mockReturnValue(true);
 	const controller = new OwnerController(
 		mock(),
-		internalHooks,
+		mock(),
 		settingsRepository,
 		authService,
 		userService,
diff --git a/packages/cli/test/unit/controllers/translation.controller.test.ts b/packages/cli/src/controllers/__tests__/translation.controller.test.ts
similarity index 100%
rename from packages/cli/test/unit/controllers/translation.controller.test.ts
rename to packages/cli/src/controllers/__tests__/translation.controller.test.ts
diff --git a/packages/cli/test/unit/controllers/userSettings.controller.test.ts b/packages/cli/src/controllers/__tests__/userSettings.controller.test.ts
similarity index 96%
rename from packages/cli/test/unit/controllers/userSettings.controller.test.ts
rename to packages/cli/src/controllers/__tests__/userSettings.controller.test.ts
index e29afb74ccc29..3794008641fa5 100644
--- a/packages/cli/test/unit/controllers/userSettings.controller.test.ts
+++ b/packages/cli/src/controllers/__tests__/userSettings.controller.test.ts
@@ -60,7 +60,7 @@ describe('UserSettingsController', () => {
 				[],
 			],
 			[
-				'updates user settings, reseting to waiting state',
+				'updates user settings, resetting to waiting state',
 				{
 					waitingForResponse: true,
 					ignoredCount: 0,
@@ -137,7 +137,7 @@ describe('UserSettingsController', () => {
 				'is waitingForResponse but missing ignoredCount',
 				{ lastShownAt: 123, waitingForResponse: true },
 			],
-		])('thows error when request payload is %s', async (_, payload) => {
+		])('throws error when request payload is %s', async (_, payload) => {
 			const req = mock<NpsSurveyRequest.NpsSurveyUpdate>();
 			req.user.id = '1';
 			req.body = payload;
diff --git a/packages/cli/src/controllers/__tests__/users.controller.test.ts b/packages/cli/src/controllers/__tests__/users.controller.test.ts
new file mode 100644
index 0000000000000..38a4399cab2ba
--- /dev/null
+++ b/packages/cli/src/controllers/__tests__/users.controller.test.ts
@@ -0,0 +1,52 @@
+import { mock } from 'jest-mock-extended';
+import { UsersController } from '../users.controller';
+import type { UserRequest } from '@/requests';
+import type { EventService } from '@/events/event.service';
+import type { User } from '@/databases/entities/User';
+import type { UserRepository } from '@/databases/repositories/user.repository';
+import type { ProjectService } from '@/services/project.service';
+
+describe('UsersController', () => {
+	const eventService = mock<EventService>();
+	const userRepository = mock<UserRepository>();
+	const projectService = mock<ProjectService>();
+	const controller = new UsersController(
+		mock(),
+		mock(),
+		mock(),
+		mock(),
+		userRepository,
+		mock(),
+		mock(),
+		mock(),
+		mock(),
+		mock(),
+		projectService,
+		eventService,
+	);
+
+	beforeEach(() => {
+		jest.restoreAllMocks();
+	});
+
+	describe('changeGlobalRole', () => {
+		it('should emit event user-changed-role', async () => {
+			const request = mock<UserRequest.ChangeRole>({
+				user: { id: '123' },
+				params: { id: '456' },
+				body: { newRoleName: 'global:member' },
+			});
+			userRepository.findOne.mockResolvedValue(mock<User>({ id: '456' }));
+			projectService.getUserOwnedOrAdminProjects.mockResolvedValue([]);
+
+			await controller.changeGlobalRole(request);
+
+			expect(eventService.emit).toHaveBeenCalledWith('user-changed-role', {
+				userId: '123',
+				targetUserId: '456',
+				targetUserNewRole: 'global:member',
+				publicApi: false,
+			});
+		});
+	});
+});
diff --git a/packages/cli/src/controllers/auth.controller.ts b/packages/cli/src/controllers/auth.controller.ts
index 7711d95177e0f..99b5c523207a1 100644
--- a/packages/cli/src/controllers/auth.controller.ts
+++ b/packages/cli/src/controllers/auth.controller.ts
@@ -14,7 +14,6 @@ import {
 	isLdapCurrentAuthenticationMethod,
 	isSamlCurrentAuthenticationMethod,
 } from '@/sso/ssoHelpers';
-import { InternalHooks } from '../InternalHooks';
 import { License } from '@/License';
 import { UserService } from '@/services/user.service';
 import { MfaService } from '@/Mfa/mfa.service';
@@ -24,13 +23,12 @@ import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
 import { ApplicationError } from 'n8n-workflow';
 import { UserRepository } from '@/databases/repositories/user.repository';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController()
 export class AuthController {
 	constructor(
 		private readonly logger: Logger,
-		private readonly internalHooks: InternalHooks,
 		private readonly authService: AuthService,
 		private readonly mfaService: MfaService,
 		private readonly userService: UserService,
@@ -179,7 +177,6 @@ export class AuthController {
 			throw new BadRequestError('Invalid request');
 		}
 
-		this.internalHooks.onUserInviteEmailClick({ inviter, invitee });
 		this.eventService.emit('user-invite-email-click', { inviter, invitee });
 
 		const { firstName, lastName } = inviter;
diff --git a/packages/cli/src/controllers/communityPackages.controller.ts b/packages/cli/src/controllers/communityPackages.controller.ts
index 1860e1df86652..d9e7f49719679 100644
--- a/packages/cli/src/controllers/communityPackages.controller.ts
+++ b/packages/cli/src/controllers/communityPackages.controller.ts
@@ -1,11 +1,9 @@
-import { Request, Response, NextFunction } from 'express';
-import config from '@/config';
 import {
 	RESPONSE_ERROR_MESSAGES,
 	STARTER_TEMPLATE_NAME,
 	UNKNOWN_FAILURE_REASON,
 } from '@/constants';
-import { Delete, Get, Middleware, Patch, Post, RestController, GlobalScope } from '@/decorators';
+import { Delete, Get, Patch, Post, RestController, GlobalScope } from '@/decorators';
 import { NodeRequest } from '@/requests';
 import type { InstalledPackages } from '@db/entities/InstalledPackages';
 import type { CommunityPackages } from '@/Interfaces';
@@ -13,7 +11,7 @@ import { Push } from '@/push';
 import { CommunityPackagesService } from '@/services/communityPackages.service';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { InternalServerError } from '@/errors/response-errors/internal-server.error';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 const {
 	PACKAGE_NOT_INSTALLED,
@@ -40,17 +38,6 @@ export class CommunityPackagesController {
 		private readonly eventService: EventService,
 	) {}
 
-	// TODO: move this into a new decorator `@IfConfig('executions.mode', 'queue')`
-	@Middleware()
-	checkIfCommunityNodesEnabled(req: Request, res: Response, next: NextFunction) {
-		if (config.getEnv('executions.mode') === 'queue' && req.method !== 'GET')
-			res.status(400).json({
-				status: 'error',
-				message: 'Package management is disabled when running in "queue" mode',
-			});
-		else next();
-	}
-
 	@Post('/')
 	@GlobalScope('communityPackage:install')
 	async installPackage(req: NodeRequest.Post) {
@@ -99,7 +86,7 @@ export class CommunityPackagesController {
 
 		let installedPackage: InstalledPackages;
 		try {
-			installedPackage = await this.communityPackagesService.installNpmModule(
+			installedPackage = await this.communityPackagesService.installPackage(
 				parsed.packageName,
 				parsed.version,
 			);
@@ -207,7 +194,7 @@ export class CommunityPackagesController {
 		}
 
 		try {
-			await this.communityPackagesService.removeNpmModule(name, installedPackage);
+			await this.communityPackagesService.removePackage(name, installedPackage);
 		} catch (error) {
 			const message = [
 				`Error removing package "${name}"`,
@@ -252,7 +239,7 @@ export class CommunityPackagesController {
 		}
 
 		try {
-			const newInstalledPackage = await this.communityPackagesService.updateNpmModule(
+			const newInstalledPackage = await this.communityPackagesService.updatePackage(
 				this.communityPackagesService.parseNpmPackageName(name).packageName,
 				previouslyInstalledPackage,
 			);
diff --git a/packages/cli/src/controllers/dynamicNodeParameters.controller.ts b/packages/cli/src/controllers/dynamicNodeParameters.controller.ts
index c6a46aa3d4eed..bfd1cf651b875 100644
--- a/packages/cli/src/controllers/dynamicNodeParameters.controller.ts
+++ b/packages/cli/src/controllers/dynamicNodeParameters.controller.ts
@@ -1,4 +1,4 @@
-import type { INodePropertyOptions } from 'n8n-workflow';
+import type { INodePropertyOptions, NodeParameterValueType } from 'n8n-workflow';
 
 import { Post, RestController } from '@/decorators';
 import { getBase } from '@/WorkflowExecuteAdditionalData';
@@ -92,4 +92,28 @@ export class DynamicNodeParametersController {
 			credentials,
 		);
 	}
+
+	@Post('/action-result')
+	async getActionResult(
+		req: DynamicNodeParametersRequest.ActionResult,
+	): Promise<NodeParameterValueType> {
+		const { currentNodeParameters, nodeTypeAndVersion, path, credentials, handler, payload } =
+			req.body;
+
+		const additionalData = await getBase(req.user.id, currentNodeParameters);
+
+		if (handler) {
+			return await this.service.getActionResult(
+				handler,
+				path,
+				additionalData,
+				nodeTypeAndVersion,
+				currentNodeParameters,
+				payload,
+				credentials,
+			);
+		}
+
+		return;
+	}
 }
diff --git a/packages/cli/src/controllers/e2e.controller.ts b/packages/cli/src/controllers/e2e.controller.ts
index 3954bb1caf891..20224795052e8 100644
--- a/packages/cli/src/controllers/e2e.controller.ts
+++ b/packages/cli/src/controllers/e2e.controller.ts
@@ -87,6 +87,7 @@ export class E2EController {
 		[LICENSE_FEATURES.PROJECT_ROLE_ADMIN]: false,
 		[LICENSE_FEATURES.PROJECT_ROLE_EDITOR]: false,
 		[LICENSE_FEATURES.PROJECT_ROLE_VIEWER]: false,
+		[LICENSE_FEATURES.COMMUNITY_NODES_CUSTOM_REGISTRY]: false,
 	};
 
 	private numericFeatures: Record<NumericLicenseFeature, number> = {
diff --git a/packages/cli/src/controllers/invitation.controller.ts b/packages/cli/src/controllers/invitation.controller.ts
index c32bf543002fd..19bd803c5e6c0 100644
--- a/packages/cli/src/controllers/invitation.controller.ts
+++ b/packages/cli/src/controllers/invitation.controller.ts
@@ -16,15 +16,13 @@ import type { User } from '@/databases/entities/User';
 import { UserRepository } from '@db/repositories/user.repository';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
-import { InternalHooks } from '@/InternalHooks';
 import { ExternalHooks } from '@/ExternalHooks';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController('/invitations')
 export class InvitationController {
 	constructor(
 		private readonly logger: Logger,
-		private readonly internalHooks: InternalHooks,
 		private readonly externalHooks: ExternalHooks,
 		private readonly authService: AuthService,
 		private readonly userService: UserService,
@@ -168,11 +166,11 @@ export class InvitationController {
 
 		this.authService.issueCookie(res, updatedUser, req.browserId);
 
-		this.internalHooks.onUserSignup(updatedUser, {
-			user_type: 'email',
-			was_disabled_ldap_user: false,
+		this.eventService.emit('user-signed-up', {
+			user: updatedUser,
+			userType: 'email',
+			wasDisabledLdapUser: false,
 		});
-		this.eventService.emit('user-signed-up', { user: updatedUser });
 
 		const publicInvitee = await this.userService.toPublic(invitee);
 
diff --git a/packages/cli/src/controllers/me.controller.ts b/packages/cli/src/controllers/me.controller.ts
index 3f9366b441260..179076d25d224 100644
--- a/packages/cli/src/controllers/me.controller.ts
+++ b/packages/cli/src/controllers/me.controller.ts
@@ -6,7 +6,7 @@ import { randomBytes } from 'crypto';
 import { AuthService } from '@/auth/auth.service';
 import { Delete, Get, Patch, Post, RestController } from '@/decorators';
 import { PasswordUtility } from '@/services/password.utility';
-import { validateEntity } from '@/GenericHelpers';
+import { validateEntity, validateRecordNoXss } from '@/GenericHelpers';
 import type { User } from '@db/entities/User';
 import {
 	AuthenticatedRequest,
@@ -19,11 +19,12 @@ import { isSamlLicensedAndEnabled } from '@/sso/saml/samlHelpers';
 import { UserService } from '@/services/user.service';
 import { Logger } from '@/Logger';
 import { ExternalHooks } from '@/ExternalHooks';
-import { InternalHooks } from '@/InternalHooks';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { UserRepository } from '@/databases/repositories/user.repository';
 import { isApiEnabled } from '@/PublicApi';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
+import { MfaService } from '@/Mfa/mfa.service';
+import { InvalidMfaCodeError } from '@/errors/response-errors/invalid-mfa-code.error';
 
 export const API_KEY_PREFIX = 'n8n_api_';
 
@@ -40,12 +41,12 @@ export class MeController {
 	constructor(
 		private readonly logger: Logger,
 		private readonly externalHooks: ExternalHooks,
-		private readonly internalHooks: InternalHooks,
 		private readonly authService: AuthService,
 		private readonly userService: UserService,
 		private readonly passwordUtility: PasswordUtility,
 		private readonly userRepository: UserRepository,
 		private readonly eventService: EventService,
+		private readonly mfaService: MfaService,
 	) {}
 
 	/**
@@ -91,6 +92,7 @@ export class MeController {
 
 		await this.externalHooks.run('user.profile.beforeUpdate', [userId, currentEmail, payload]);
 
+		const preUpdateUser = await this.userRepository.findOneByOrFail({ id: userId });
 		await this.userService.update(userId, payload);
 		const user = await this.userRepository.findOneOrFail({
 			where: { id: userId },
@@ -100,8 +102,10 @@ export class MeController {
 
 		this.authService.issueCookie(res, user, req.browserId);
 
-		const fieldsChanged = Object.keys(payload);
-		this.internalHooks.onUserUpdate({ user, fields_changed: fieldsChanged });
+		const fieldsChanged = (Object.keys(payload) as Array<keyof UserUpdatePayload>).filter(
+			(key) => payload[key] !== preUpdateUser[key],
+		);
+
 		this.eventService.emit('user-updated', { user, fieldsChanged });
 
 		const publicUser = await this.userService.toPublic(user);
@@ -114,12 +118,12 @@ export class MeController {
 	/**
 	 * Update the logged-in user's password.
 	 */
-	@Patch('/password')
+	@Patch('/password', { rateLimit: true })
 	async updatePassword(req: MeRequest.Password, res: Response) {
 		const { user } = req;
-		const { currentPassword, newPassword } = req.body;
+		const { currentPassword, newPassword, mfaCode } = req.body;
 
-		// If SAML is enabled, we don't allow the user to change their email address
+		// If SAML is enabled, we don't allow the user to change their password
 		if (isSamlLicensedAndEnabled()) {
 			this.logger.debug('Attempted to change password for user, while SAML is enabled', {
 				userId: user.id,
@@ -144,6 +148,17 @@ export class MeController {
 
 		const validPassword = this.passwordUtility.validate(newPassword);
 
+		if (user.mfaEnabled) {
+			if (typeof mfaCode !== 'string') {
+				throw new BadRequestError('Two-factor code is required to change password.');
+			}
+
+			const isMfaTokenValid = await this.mfaService.validateMfa(user.id, mfaCode, undefined);
+			if (!isMfaTokenValid) {
+				throw new InvalidMfaCodeError();
+			}
+		}
+
 		user.password = await this.passwordUtility.hash(validPassword);
 
 		const updatedUser = await this.userRepository.save(user, { transaction: false });
@@ -151,7 +166,6 @@ export class MeController {
 
 		this.authService.issueCookie(res, updatedUser, req.browserId);
 
-		this.internalHooks.onUserUpdate({ user: updatedUser, fields_changed: ['password'] });
 		this.eventService.emit('user-updated', { user: updatedUser, fieldsChanged: ['password'] });
 
 		await this.externalHooks.run('user.password.update', [updatedUser.email, updatedUser.password]);
@@ -176,6 +190,8 @@ export class MeController {
 			throw new BadRequestError('Personalization answers are mandatory');
 		}
 
+		await validateRecordNoXss(personalizationAnswers);
+
 		await this.userRepository.save(
 			{
 				id: req.user.id,
@@ -186,7 +202,10 @@ export class MeController {
 
 		this.logger.info('User survey updated successfully', { userId: req.user.id });
 
-		this.internalHooks.onPersonalizationSurveySubmitted(req.user.id, personalizationAnswers);
+		this.eventService.emit('user-submitted-personalization-survey', {
+			userId: req.user.id,
+			answers: personalizationAnswers,
+		});
 
 		return { success: true };
 	}
@@ -234,6 +253,9 @@ export class MeController {
 		const payload = plainToInstance(UserSettingsUpdatePayload, req.body, {
 			excludeExtraneousValues: true,
 		});
+
+		await validateEntity(payload);
+
 		const { id } = req.user;
 
 		await this.userService.updateSettings(id, payload);
diff --git a/packages/cli/src/controllers/mfa.controller.ts b/packages/cli/src/controllers/mfa.controller.ts
index 3c58b944d57d0..6c228df47e90e 100644
--- a/packages/cli/src/controllers/mfa.controller.ts
+++ b/packages/cli/src/controllers/mfa.controller.ts
@@ -1,4 +1,4 @@
-import { Delete, Get, Post, RestController } from '@/decorators';
+import { Get, Post, RestController } from '@/decorators';
 import { AuthenticatedRequest, MFA } from '@/requests';
 import { MfaService } from '@/Mfa/mfa.service';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
@@ -47,7 +47,7 @@ export class MFAController {
 		};
 	}
 
-	@Post('/enable')
+	@Post('/enable', { rateLimit: true })
 	async activateMFA(req: MFA.Activate) {
 		const { token = null } = req.body;
 		const { id, mfaEnabled } = req.user;
@@ -71,14 +71,19 @@ export class MFAController {
 		await this.mfaService.enableMfa(id);
 	}
 
-	@Delete('/disable')
-	async disableMFA(req: AuthenticatedRequest) {
-		const { id } = req.user;
+	@Post('/disable', { rateLimit: true })
+	async disableMFA(req: MFA.Disable) {
+		const { id: userId } = req.user;
+		const { token = null } = req.body;
+
+		if (typeof token !== 'string' || !token) {
+			throw new BadRequestError('Token is required to disable MFA feature');
+		}
 
-		await this.mfaService.disableMfa(id);
+		await this.mfaService.disableMfa(userId, token);
 	}
 
-	@Post('/verify')
+	@Post('/verify', { rateLimit: true })
 	async verifyMFA(req: MFA.Verify) {
 		const { id } = req.user;
 		const { token } = req.body;
diff --git a/packages/cli/test/unit/controllers/oauth/oAuth1Credential.controller.test.ts b/packages/cli/src/controllers/oauth/__tests__/oAuth1Credential.controller.test.ts
similarity index 99%
rename from packages/cli/test/unit/controllers/oauth/oAuth1Credential.controller.test.ts
rename to packages/cli/src/controllers/oauth/__tests__/oAuth1Credential.controller.test.ts
index cbadc1cf87716..fae443b4ce9a2 100644
--- a/packages/cli/test/unit/controllers/oauth/oAuth1Credential.controller.test.ts
+++ b/packages/cli/src/controllers/oauth/__tests__/oAuth1Credential.controller.test.ts
@@ -19,7 +19,7 @@ import { CredentialsHelper } from '@/CredentialsHelper';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
 
-import { mockInstance } from '../../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 describe('OAuth1CredentialController', () => {
 	mockInstance(Logger);
diff --git a/packages/cli/test/unit/controllers/oauth/oAuth2Credential.controller.test.ts b/packages/cli/src/controllers/oauth/__tests__/oAuth2Credential.controller.test.ts
similarity index 99%
rename from packages/cli/test/unit/controllers/oauth/oAuth2Credential.controller.test.ts
rename to packages/cli/src/controllers/oauth/__tests__/oAuth2Credential.controller.test.ts
index f2b718fda0090..f354a1ec024e7 100644
--- a/packages/cli/test/unit/controllers/oauth/oAuth2Credential.controller.test.ts
+++ b/packages/cli/src/controllers/oauth/__tests__/oAuth2Credential.controller.test.ts
@@ -19,7 +19,7 @@ import { CredentialsHelper } from '@/CredentialsHelper';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
 
-import { mockInstance } from '../../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 describe('OAuth2CredentialController', () => {
 	mockInstance(Logger);
diff --git a/packages/cli/src/controllers/owner.controller.ts b/packages/cli/src/controllers/owner.controller.ts
index 9b86ac41ab313..c0c2e7308d311 100644
--- a/packages/cli/src/controllers/owner.controller.ts
+++ b/packages/cli/src/controllers/owner.controller.ts
@@ -13,13 +13,13 @@ import { PostHogClient } from '@/posthog';
 import { UserService } from '@/services/user.service';
 import { Logger } from '@/Logger';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
-import { InternalHooks } from '@/InternalHooks';
+import { EventService } from '@/events/event.service';
 
 @RestController('/owner')
 export class OwnerController {
 	constructor(
 		private readonly logger: Logger,
-		private readonly internalHooks: InternalHooks,
+		private readonly eventService: EventService,
 		private readonly settingsRepository: SettingsRepository,
 		private readonly authService: AuthService,
 		private readonly userService: UserService,
@@ -85,7 +85,7 @@ export class OwnerController {
 
 		this.authService.issueCookie(res, owner, req.browserId);
 
-		this.internalHooks.onInstanceOwnerSetup({ user_id: owner.id });
+		this.eventService.emit('instance-owner-setup', { userId: owner.id });
 
 		return await this.userService.toPublic(owner, { posthog: this.postHog, withScopes: true });
 	}
diff --git a/packages/cli/src/controllers/passwordReset.controller.ts b/packages/cli/src/controllers/passwordReset.controller.ts
index e17a0f15efe63..0cfe7cac19e12 100644
--- a/packages/cli/src/controllers/passwordReset.controller.ts
+++ b/packages/cli/src/controllers/passwordReset.controller.ts
@@ -13,7 +13,6 @@ import { RESPONSE_ERROR_MESSAGES } from '@/constants';
 import { MfaService } from '@/Mfa/mfa.service';
 import { Logger } from '@/Logger';
 import { ExternalHooks } from '@/ExternalHooks';
-import { InternalHooks } from '@/InternalHooks';
 import { UrlService } from '@/services/url.service';
 import { InternalServerError } from '@/errors/response-errors/internal-server.error';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
@@ -21,14 +20,13 @@ import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
 import { UnprocessableRequestError } from '@/errors/response-errors/unprocessable.error';
 import { UserRepository } from '@/databases/repositories/user.repository';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController()
 export class PasswordResetController {
 	constructor(
 		private readonly logger: Logger,
 		private readonly externalHooks: ExternalHooks,
-		private readonly internalHooks: InternalHooks,
 		private readonly mailer: UserManagementMailer,
 		private readonly authService: AuthService,
 		private readonly userService: UserService,
@@ -120,25 +118,23 @@ export class PasswordResetController {
 				domain: this.urlService.getInstanceBaseUrl(),
 			});
 		} catch (error) {
-			this.internalHooks.onEmailFailed({
+			this.eventService.emit('email-failed', {
 				user,
-				message_type: 'Reset password',
-				public_api: false,
+				messageType: 'Reset password',
+				publicApi: false,
 			});
-			this.eventService.emit('email-failed', { user, messageType: 'Reset password' });
 			if (error instanceof Error) {
 				throw new InternalServerError(`Please contact your administrator: ${error.message}`);
 			}
 		}
 
 		this.logger.info('Sent password reset email successfully', { userId: user.id, email });
-		this.internalHooks.onUserTransactionalEmail({
-			user_id: id,
-			message_type: 'Reset password',
-			public_api: false,
+		this.eventService.emit('user-transactional-email-sent', {
+			userId: id,
+			messageType: 'Reset password',
+			publicApi: false,
 		});
 
-		this.internalHooks.onUserPasswordResetRequestClick({ user });
 		this.eventService.emit('user-password-reset-request-click', { user });
 	}
 
@@ -171,7 +167,6 @@ export class PasswordResetController {
 		}
 
 		this.logger.info('Reset-password token resolved successfully', { userId: user.id });
-		this.internalHooks.onUserPasswordResetEmailClick({ user });
 		this.eventService.emit('user-password-reset-email-click', { user });
 	}
 
@@ -215,17 +210,16 @@ export class PasswordResetController {
 
 		this.authService.issueCookie(res, user, req.browserId);
 
-		this.internalHooks.onUserUpdate({ user, fields_changed: ['password'] });
 		this.eventService.emit('user-updated', { user, fieldsChanged: ['password'] });
 
-		// if this user used to be an LDAP users
+		// if this user used to be an LDAP user
 		const ldapIdentity = user?.authIdentities?.find((i) => i.providerType === 'ldap');
 		if (ldapIdentity) {
-			this.internalHooks.onUserSignup(user, {
-				user_type: 'email',
-				was_disabled_ldap_user: true,
+			this.eventService.emit('user-signed-up', {
+				user,
+				userType: 'email',
+				wasDisabledLdapUser: true,
 			});
-			this.eventService.emit('user-signed-up', { user });
 		}
 
 		await this.externalHooks.run('user.password.update', [user.email, passwordHash]);
diff --git a/packages/cli/src/controllers/project.controller.ts b/packages/cli/src/controllers/project.controller.ts
index 848ba4b84c6eb..e93b919ecb8e3 100644
--- a/packages/cli/src/controllers/project.controller.ts
+++ b/packages/cli/src/controllers/project.controller.ts
@@ -23,7 +23,7 @@ import { ProjectRepository } from '@/databases/repositories/project.repository';
 // eslint-disable-next-line n8n-local-rules/misplaced-n8n-typeorm-import
 import { In, Not } from '@n8n/typeorm';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController('/projects')
 export class ProjectController {
diff --git a/packages/cli/src/controllers/users.controller.ts b/packages/cli/src/controllers/users.controller.ts
index f0815aa54d405..f3055ee4dc179 100644
--- a/packages/cli/src/controllers/users.controller.ts
+++ b/packages/cli/src/controllers/users.controller.ts
@@ -9,7 +9,7 @@ import {
 	UserRoleChangePayload,
 	UserSettingsUpdatePayload,
 } from '@/requests';
-import type { PublicUser, ITelemetryUserDeletionData } from '@/Interfaces';
+import type { PublicUser } from '@/Interfaces';
 import { AuthIdentity } from '@db/entities/AuthIdentity';
 import { SharedCredentialsRepository } from '@db/repositories/sharedCredentials.repository';
 import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
@@ -21,21 +21,19 @@ import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { ExternalHooks } from '@/ExternalHooks';
-import { InternalHooks } from '@/InternalHooks';
 import { validateEntity } from '@/GenericHelpers';
 import { ProjectRepository } from '@/databases/repositories/project.repository';
 import { Project } from '@/databases/entities/Project';
 import { WorkflowService } from '@/workflows/workflow.service';
 import { CredentialsService } from '@/credentials/credentials.service';
 import { ProjectService } from '@/services/project.service';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController('/users')
 export class UsersController {
 	constructor(
 		private readonly logger: Logger,
 		private readonly externalHooks: ExternalHooks,
-		private readonly internalHooks: InternalHooks,
 		private readonly sharedCredentialsRepository: SharedCredentialsRepository,
 		private readonly sharedWorkflowRepository: SharedWorkflowRepository,
 		private readonly userRepository: UserRepository,
@@ -183,12 +181,7 @@ export class UsersController {
 			);
 		}
 
-		const telemetryData: ITelemetryUserDeletionData = {
-			user_id: req.user.id,
-			target_user_old_status: userToDelete.isPending ? 'invited' : 'active',
-			target_user_id: idToDelete,
-			migration_strategy: transferId ? 'transfer_data' : 'delete_data',
-		};
+		let transfereeId;
 
 		if (transferId) {
 			const transfereePersonalProject = await this.projectRepository.findOneBy({ id: transferId });
@@ -206,7 +199,7 @@ export class UsersController {
 				},
 			});
 
-			telemetryData.migration_user_id = transferee.id;
+			transfereeId = transferee.id;
 
 			await this.userService.getManager().transaction(async (trx) => {
 				await this.workflowService.transferAll(
@@ -253,12 +246,14 @@ export class UsersController {
 			await trx.delete(User, { id: userToDelete.id });
 		});
 
-		this.internalHooks.onUserDeletion({
+		this.eventService.emit('user-deleted', {
 			user: req.user,
-			telemetryData,
 			publicApi: false,
+			targetUserOldStatus: userToDelete.isPending ? 'invited' : 'active',
+			targetUserId: idToDelete,
+			migrationStrategy: transferId ? 'transfer_data' : 'delete_data',
+			migrationUserId: transfereeId,
 		});
-		this.eventService.emit('user-deleted', { user: req.user });
 
 		await this.externalHooks.run('user.deleted', [await this.userService.toPublic(userToDelete)]);
 
@@ -294,11 +289,11 @@ export class UsersController {
 
 		await this.userService.update(targetUser.id, { role: payload.newRoleName });
 
-		this.internalHooks.onUserRoleChange({
-			user: req.user,
-			target_user_id: targetUser.id,
-			target_user_new_role: ['global', payload.newRoleName].join(' '),
-			public_api: false,
+		this.eventService.emit('user-changed-role', {
+			userId: req.user.id,
+			targetUserId: targetUser.id,
+			targetUserNewRole: payload.newRoleName,
+			publicApi: false,
 		});
 
 		const projects = await this.projectService.getUserOwnedOrAdminProjects(targetUser.id);
diff --git a/packages/cli/src/credentials/__tests__/credentials.service.test.ts b/packages/cli/src/credentials/__tests__/credentials.service.test.ts
index 18216df8674ce..a5fa3ca183cb7 100644
--- a/packages/cli/src/credentials/__tests__/credentials.service.test.ts
+++ b/packages/cli/src/credentials/__tests__/credentials.service.test.ts
@@ -3,7 +3,7 @@ import { mock } from 'jest-mock-extended';
 import { CREDENTIAL_BLANKING_VALUE } from '@/constants';
 import type { CredentialsEntity } from '@db/entities/CredentialsEntity';
 import type { CredentialTypes } from '@/CredentialTypes';
-import { CredentialsService } from '../credentials.service';
+import { CredentialsService } from '@/credentials/credentials.service';
 
 describe('CredentialsService', () => {
 	const credType = mock<ICredentialType>({
diff --git a/packages/cli/src/credentials/credentials.controller.ts b/packages/cli/src/credentials/credentials.controller.ts
index 1587fbd1ca426..40f2aa8d43219 100644
--- a/packages/cli/src/credentials/credentials.controller.ts
+++ b/packages/cli/src/credentials/credentials.controller.ts
@@ -30,7 +30,7 @@ import { SharedCredentialsRepository } from '@/databases/repositories/sharedCred
 import { SharedCredentials } from '@/databases/entities/SharedCredentials';
 import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
 import { z } from 'zod';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController('/credentials')
 export class CredentialsController {
@@ -291,25 +291,22 @@ export class CredentialsController {
 		let newShareeIds: string[] = [];
 
 		await Db.transaction(async (trx) => {
-			const currentPersonalProjectIDs = credential.shared
+			const currentProjectIds = credential.shared
 				.filter((sc) => sc.role === 'credential:user')
 				.map((sc) => sc.projectId);
-			const newPersonalProjectIds = shareWithIds;
+			const newProjectIds = shareWithIds;
 
-			const toShare = utils.rightDiff(
-				[currentPersonalProjectIDs, (id) => id],
-				[newPersonalProjectIds, (id) => id],
-			);
+			const toShare = utils.rightDiff([currentProjectIds, (id) => id], [newProjectIds, (id) => id]);
 			const toUnshare = utils.rightDiff(
-				[newPersonalProjectIds, (id) => id],
-				[currentPersonalProjectIDs, (id) => id],
+				[newProjectIds, (id) => id],
+				[currentProjectIds, (id) => id],
 			);
 
 			const deleteResult = await trx.delete(SharedCredentials, {
 				credentialsId: credentialId,
 				projectId: In(toUnshare),
 			});
-			await this.enterpriseCredentialsService.shareWithProjects(credential, toShare, trx);
+			await this.enterpriseCredentialsService.shareWithProjects(req.user, credential, toShare, trx);
 
 			if (deleteResult.affected) {
 				amountRemoved = deleteResult.affected;
diff --git a/packages/cli/src/credentials/credentials.service.ee.ts b/packages/cli/src/credentials/credentials.service.ee.ts
index 981ecc5d59fc9..44fc614cbd63d 100644
--- a/packages/cli/src/credentials/credentials.service.ee.ts
+++ b/packages/cli/src/credentials/credentials.service.ee.ts
@@ -12,6 +12,7 @@ import { Project } from '@/databases/entities/Project';
 import { ProjectService } from '@/services/project.service';
 import { TransferCredentialError } from '@/errors/response-errors/transfer-credential.error';
 import { SharedCredentials } from '@/databases/entities/SharedCredentials';
+import { RoleService } from '@/services/role.service';
 
 @Service()
 export class EnterpriseCredentialsService {
@@ -20,9 +21,11 @@ export class EnterpriseCredentialsService {
 		private readonly ownershipService: OwnershipService,
 		private readonly credentialsService: CredentialsService,
 		private readonly projectService: ProjectService,
+		private readonly roleService: RoleService,
 	) {}
 
 	async shareWithProjects(
+		user: User,
 		credential: CredentialsEntity,
 		shareWithIds: string[],
 		entityManager?: EntityManager,
@@ -30,19 +33,35 @@ export class EnterpriseCredentialsService {
 		const em = entityManager ?? this.sharedCredentialsRepository.manager;
 
 		const projects = await em.find(Project, {
-			where: { id: In(shareWithIds), type: 'personal' },
+			where: [
+				{
+					id: In(shareWithIds),
+					type: 'team',
+					// if user can see all projects, don't check project access
+					// if they can't, find projects they can list
+					...(user.hasGlobalScope('project:list')
+						? {}
+						: {
+								projectRelations: {
+									userId: user.id,
+									role: In(this.roleService.rolesWithScope('project', 'project:list')),
+								},
+							}),
+				},
+				{
+					id: In(shareWithIds),
+					type: 'personal',
+				},
+			],
 		});
 
-		const newSharedCredentials = projects
-			// We filter by role === 'project:personalOwner' above and there should
-			// always only be one owner.
-			.map((project) =>
-				this.sharedCredentialsRepository.create({
-					credentialsId: credential.id,
-					role: 'credential:user',
-					projectId: project.id,
-				}),
-			);
+		const newSharedCredentials = projects.map((project) =>
+			this.sharedCredentialsRepository.create({
+				credentialsId: credential.id,
+				role: 'credential:user',
+				projectId: project.id,
+			}),
+		);
 
 		return await em.save(newSharedCredentials);
 	}
diff --git a/packages/cli/src/credentials/credentials.service.ts b/packages/cli/src/credentials/credentials.service.ts
index 0ecfd31877bf2..01517c960adad 100644
--- a/packages/cli/src/credentials/credentials.service.ts
+++ b/packages/cli/src/credentials/credentials.service.ts
@@ -90,6 +90,19 @@ export class CredentialsService {
 			let credentials = await this.credentialsRepository.findMany(options.listQueryOptions);
 
 			if (isDefaultSelect) {
+				// Since we're filtering using project ID as part of the relation,
+				// we end up filtering out all the other relations, meaning that if
+				// it's shared to a project, it won't be able to find the home project.
+				// To solve this, we have to get all the relation now, even though
+				// we're deleting them later.
+				if ((options.listQueryOptions?.filter?.shared as { projectId?: string })?.projectId) {
+					const relations = await this.sharedCredentialsRepository.getAllRelationsForCredentials(
+						credentials.map((c) => c.id),
+					);
+					credentials.forEach((c) => {
+						c.shared = relations.filter((r) => r.credentialsId === c.id);
+					});
+				}
 				credentials = credentials.map((c) => this.ownershipService.addOwnedByAndSharedWith(c));
 			}
 
@@ -130,6 +143,20 @@ export class CredentialsService {
 		);
 
 		if (isDefaultSelect) {
+			// Since we're filtering using project ID as part of the relation,
+			// we end up filtering out all the other relations, meaning that if
+			// it's shared to a project, it won't be able to find the home project.
+			// To solve this, we have to get all the relation now, even though
+			// we're deleting them later.
+			if ((options.listQueryOptions?.filter?.shared as { projectId?: string })?.projectId) {
+				const relations = await this.sharedCredentialsRepository.getAllRelationsForCredentials(
+					credentials.map((c) => c.id),
+				);
+				credentials.forEach((c) => {
+					c.shared = relations.filter((r) => r.credentialsId === c.id);
+				});
+			}
+
 			credentials = credentials.map((c) => this.ownershipService.addOwnedByAndSharedWith(c));
 		}
 
diff --git a/packages/cli/test/unit/databases/entities/user.entity.test.ts b/packages/cli/src/databases/entities/__tests__/user.entity.test.ts
similarity index 100%
rename from packages/cli/test/unit/databases/entities/user.entity.test.ts
rename to packages/cli/src/databases/entities/__tests__/user.entity.test.ts
diff --git a/packages/cli/test/unit/repositories/execution.repository.test.ts b/packages/cli/src/databases/repositories/__tests__/execution.repository.test.ts
similarity index 95%
rename from packages/cli/test/unit/repositories/execution.repository.test.ts
rename to packages/cli/src/databases/repositories/__tests__/execution.repository.test.ts
index f8aba2e8a1228..1a4929f5cdf6e 100644
--- a/packages/cli/test/unit/repositories/execution.repository.test.ts
+++ b/packages/cli/src/databases/repositories/__tests__/execution.repository.test.ts
@@ -8,8 +8,7 @@ import { mock } from 'jest-mock-extended';
 
 import { ExecutionEntity } from '@db/entities/ExecutionEntity';
 import { ExecutionRepository } from '@db/repositories/execution.repository';
-import { mockEntityManager } from '../../shared/mocking';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance, mockEntityManager } from '@test/mocking';
 
 describe('ExecutionRepository', () => {
 	const entityManager = mockEntityManager(ExecutionEntity);
diff --git a/packages/cli/test/unit/repositories/sharedCredentials.repository.test.ts b/packages/cli/src/databases/repositories/__tests__/sharedCredentials.repository.test.ts
similarity index 98%
rename from packages/cli/test/unit/repositories/sharedCredentials.repository.test.ts
rename to packages/cli/src/databases/repositories/__tests__/sharedCredentials.repository.test.ts
index 8eb8b498145ef..6fb4bad4eacf3 100644
--- a/packages/cli/test/unit/repositories/sharedCredentials.repository.test.ts
+++ b/packages/cli/src/databases/repositories/__tests__/sharedCredentials.repository.test.ts
@@ -8,7 +8,7 @@ import type { CredentialsEntity } from '@db/entities/CredentialsEntity';
 import { SharedCredentials } from '@db/entities/SharedCredentials';
 import { SharedCredentialsRepository } from '@db/repositories/sharedCredentials.repository';
 import { GLOBAL_MEMBER_SCOPES, GLOBAL_OWNER_SCOPES } from '@/permissions/global-roles';
-import { mockEntityManager } from '../../shared/mocking';
+import { mockEntityManager } from '@test/mocking';
 
 describe('SharedCredentialsRepository', () => {
 	const entityManager = mockEntityManager(SharedCredentials);
diff --git a/packages/cli/test/unit/repositories/workflowStatistics.test.ts b/packages/cli/src/databases/repositories/__tests__/workflowStatistics.test.ts
similarity index 96%
rename from packages/cli/test/unit/repositories/workflowStatistics.test.ts
rename to packages/cli/src/databases/repositories/__tests__/workflowStatistics.test.ts
index 86e0ee1c92bd1..7bed056549751 100644
--- a/packages/cli/test/unit/repositories/workflowStatistics.test.ts
+++ b/packages/cli/src/databases/repositories/__tests__/workflowStatistics.test.ts
@@ -5,7 +5,7 @@ import { mock, mockClear } from 'jest-mock-extended';
 import { StatisticsNames, WorkflowStatistics } from '@db/entities/WorkflowStatistics';
 import { WorkflowStatisticsRepository } from '@db/repositories/workflowStatistics.repository';
 
-import { mockEntityManager } from '../../shared/mocking';
+import { mockEntityManager } from '@test/mocking';
 
 describe('insertWorkflowStatistics', () => {
 	const entityManager = mockEntityManager(WorkflowStatistics);
diff --git a/packages/cli/src/databases/repositories/execution.repository.ts b/packages/cli/src/databases/repositories/execution.repository.ts
index 1ebb22d8eb4bc..5b4e515af6da3 100644
--- a/packages/cli/src/databases/repositories/execution.repository.ts
+++ b/packages/cli/src/databases/repositories/execution.repository.ts
@@ -270,6 +270,9 @@ export class ExecutionRepository extends Repository<ExecutionEntity> {
 		return rest;
 	}
 
+	/**
+	 * Insert a new execution and its execution data using a transaction.
+	 */
 	async createNewExecution(execution: ExecutionPayload): Promise<string> {
 		const { data, workflowData, ...rest } = execution;
 		const { identifiers: inserted } = await this.insert(rest);
diff --git a/packages/cli/src/databases/repositories/projectRelation.repository.ts b/packages/cli/src/databases/repositories/projectRelation.repository.ts
index bddfd6e38d66f..1f875d011fe06 100644
--- a/packages/cli/src/databases/repositories/projectRelation.repository.ts
+++ b/packages/cli/src/databases/repositories/projectRelation.repository.ts
@@ -52,4 +52,21 @@ export class ProjectRelationRepository extends Repository<ProjectRelation> {
 			{} as Record<ProjectRole, number>,
 		);
 	}
+
+	async findUserIdsByProjectId(projectId: string): Promise<string[]> {
+		const rows = await this.find({
+			select: ['userId'],
+			where: { projectId },
+		});
+
+		return [...new Set(rows.map((r) => r.userId))];
+	}
+
+	async findAllByUser(userId: string) {
+		return await this.find({
+			where: {
+				userId,
+			},
+		});
+	}
 }
diff --git a/packages/cli/src/databases/repositories/sharedCredentials.repository.ts b/packages/cli/src/databases/repositories/sharedCredentials.repository.ts
index 8d2d1fa7af586..03acc24823ac5 100644
--- a/packages/cli/src/databases/repositories/sharedCredentials.repository.ts
+++ b/packages/cli/src/databases/repositories/sharedCredentials.repository.ts
@@ -151,4 +151,13 @@ export class SharedCredentialsRepository extends Repository<SharedCredentials> {
 			})
 		)?.project;
 	}
+
+	async getAllRelationsForCredentials(credentialIds: string[]) {
+		return await this.find({
+			where: {
+				credentialsId: In(credentialIds),
+			},
+			relations: ['project'],
+		});
+	}
 }
diff --git a/packages/cli/src/databases/repositories/sharedWorkflow.repository.ts b/packages/cli/src/databases/repositories/sharedWorkflow.repository.ts
index 4dc54935cb193..d8e224fee2280 100644
--- a/packages/cli/src/databases/repositories/sharedWorkflow.repository.ts
+++ b/packages/cli/src/databases/repositories/sharedWorkflow.repository.ts
@@ -200,4 +200,13 @@ export class SharedWorkflowRepository extends Repository<SharedWorkflow> {
 			})
 		)?.project;
 	}
+
+	async getRelationsByWorkflowIdsAndProjectIds(workflowIds: string[], projectIds: string[]) {
+		return await this.find({
+			where: {
+				workflowId: In(workflowIds),
+				projectId: In(projectIds),
+			},
+		});
+	}
 }
diff --git a/packages/cli/test/unit/databases/utils/customValidators.test.ts b/packages/cli/src/databases/utils/__tests__/customValidators.test.ts
similarity index 100%
rename from packages/cli/test/unit/databases/utils/customValidators.test.ts
rename to packages/cli/src/databases/utils/__tests__/customValidators.test.ts
diff --git a/packages/cli/test/unit/databases/utils/migrationHelpers.test.ts b/packages/cli/src/databases/utils/__tests__/migrationHelpers.test.ts
similarity index 100%
rename from packages/cli/test/unit/databases/utils/migrationHelpers.test.ts
rename to packages/cli/src/databases/utils/__tests__/migrationHelpers.test.ts
diff --git a/packages/cli/src/decorators/Redactable.ts b/packages/cli/src/decorators/Redactable.ts
index e5debeb7a1507..51d02c5c3d6fc 100644
--- a/packages/cli/src/decorators/Redactable.ts
+++ b/packages/cli/src/decorators/Redactable.ts
@@ -1,5 +1,5 @@
 import { RedactableError } from '@/errors/redactable.error';
-import type { UserLike } from '@/eventbus/event.types';
+import type { UserLike } from '@/events/relay-event-map';
 
 function toRedactable(userLike: UserLike) {
 	return {
@@ -14,7 +14,7 @@ function toRedactable(userLike: UserLike) {
 type FieldName = 'user' | 'inviter' | 'invitee';
 
 /**
- * Mark redactable properties in a `{ user: UserLike }` field in an `AuditEventRelay`
+ * Mark redactable properties in a `{ user: UserLike }` field in an `LogStreamingEventRelay`
  * method arg. These properties will be later redacted by the log streaming
  * destination based on user prefs. Only for `n8n.audit.*` logs.
  *
diff --git a/packages/cli/test/unit/decorators/OnShutdown.test.ts b/packages/cli/src/decorators/__tests__/OnShutdown.test.ts
similarity index 100%
rename from packages/cli/test/unit/decorators/OnShutdown.test.ts
rename to packages/cli/src/decorators/__tests__/OnShutdown.test.ts
diff --git a/packages/cli/test/unit/decorators/controller.registry.test.ts b/packages/cli/src/decorators/__tests__/controller.registry.test.ts
similarity index 100%
rename from packages/cli/test/unit/decorators/controller.registry.test.ts
rename to packages/cli/src/decorators/__tests__/controller.registry.test.ts
diff --git a/packages/cli/src/environments/sourceControl/__tests__/source-control-export.service.test.ts b/packages/cli/src/environments/sourceControl/__tests__/source-control-export.service.test.ts
new file mode 100644
index 0000000000000..7746875f6386e
--- /dev/null
+++ b/packages/cli/src/environments/sourceControl/__tests__/source-control-export.service.test.ts
@@ -0,0 +1,85 @@
+import mock from 'jest-mock-extended/lib/Mock';
+import { SourceControlExportService } from '../sourceControlExport.service.ee';
+import type { SourceControlledFile } from '../types/sourceControlledFile';
+import { Cipher, type InstanceSettings } from 'n8n-core';
+import { SharedCredentialsRepository } from '@/databases/repositories/sharedCredentials.repository';
+import { mockInstance } from '@test/mocking';
+
+import type { SharedCredentials } from '@/databases/entities/SharedCredentials';
+import type { CredentialsEntity } from '@/databases/entities/CredentialsEntity';
+import Container from 'typedi';
+import { ApplicationError, deepCopy } from 'n8n-workflow';
+
+// https://github.com/jestjs/jest/issues/4715
+function deepSpyOn<O extends object, M extends keyof O>(object: O, methodName: M) {
+	const spy = jest.fn();
+	// eslint-disable-next-line @typescript-eslint/ban-types
+	const originalMethod = object[methodName];
+
+	if (typeof originalMethod !== 'function') {
+		throw new ApplicationError(`${methodName.toString()} is not a function`, { level: 'warning' });
+	}
+
+	object[methodName] = function (...args: unknown[]) {
+		const clonedArgs = deepCopy(args);
+		spy(...clonedArgs);
+		return originalMethod.apply(this, args);
+	} as O[M];
+
+	return spy;
+}
+
+describe('SourceControlExportService', () => {
+	const service = new SourceControlExportService(
+		mock(),
+		mock(),
+		mock(),
+		mock<InstanceSettings>({ n8nFolder: '' }),
+	);
+
+	describe('exportCredentialsToWorkFolder', () => {
+		it('should export credentials to work folder', async () => {
+			/**
+			 * Arrange
+			 */
+			// @ts-expect-error Private method
+			const replaceSpy = deepSpyOn(service, 'replaceCredentialData');
+
+			mockInstance(SharedCredentialsRepository).findByCredentialIds.mockResolvedValue([
+				mock<SharedCredentials>({
+					credentials: mock<CredentialsEntity>({
+						data: Container.get(Cipher).encrypt(
+							JSON.stringify({
+								authUrl: 'test',
+								accessTokenUrl: 'test',
+								clientId: 'test',
+								clientSecret: 'test',
+								oauthTokenData: {
+									access_token: 'test',
+									token_type: 'test',
+									expires_in: 123,
+									refresh_token: 'test',
+								},
+							}),
+						),
+					}),
+				}),
+			]);
+
+			/**
+			 * Act
+			 */
+			await service.exportCredentialsToWorkFolder([mock<SourceControlledFile>()]);
+
+			/**
+			 * Assert
+			 */
+			expect(replaceSpy).toHaveBeenCalledWith({
+				authUrl: 'test',
+				accessTokenUrl: 'test',
+				clientId: 'test',
+				clientSecret: 'test',
+			});
+		});
+	});
+});
diff --git a/packages/cli/test/unit/GitService.test.ts b/packages/cli/src/environments/sourceControl/__tests__/sourceControlGit.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/GitService.test.ts
rename to packages/cli/src/environments/sourceControl/__tests__/sourceControlGit.service.test.ts
diff --git a/packages/cli/test/unit/SourceControl.test.ts b/packages/cli/src/environments/sourceControl/__tests__/sourceControlHelper.ee.test.ts
similarity index 99%
rename from packages/cli/test/unit/SourceControl.test.ts
rename to packages/cli/src/environments/sourceControl/__tests__/sourceControlHelper.ee.test.ts
index 5eeccbb1b97f4..5141d36f2f7dd 100644
--- a/packages/cli/test/unit/SourceControl.test.ts
+++ b/packages/cli/src/environments/sourceControl/__tests__/sourceControlHelper.ee.test.ts
@@ -18,7 +18,7 @@ import {
 import { constants as fsConstants, accessSync } from 'fs';
 import type { SourceControlledFile } from '@/environments/sourceControl/types/sourceControlledFile';
 import type { SourceControlPreferences } from '@/environments/sourceControl/types/sourceControlPreferences';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 const pushResult: SourceControlledFile[] = [
 	{
diff --git a/packages/cli/src/environments/sourceControl/sourceControl.controller.ee.ts b/packages/cli/src/environments/sourceControl/sourceControl.controller.ee.ts
index 0a1db892f60c9..f92b0bfb1f02f 100644
--- a/packages/cli/src/environments/sourceControl/sourceControl.controller.ee.ts
+++ b/packages/cli/src/environments/sourceControl/sourceControl.controller.ee.ts
@@ -12,7 +12,7 @@ import type { SourceControlPreferences } from './types/sourceControlPreferences'
 import type { SourceControlledFile } from './types/sourceControlledFile';
 import { SOURCE_CONTROL_DEFAULT_BRANCH } from './constants';
 import type { ImportResult } from './types/importResult';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 import { getRepoType } from './sourceControlHelper.ee';
 import { SourceControlGetStatus } from './types/sourceControlGetStatus';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
diff --git a/packages/cli/src/environments/sourceControl/sourceControl.service.ee.ts b/packages/cli/src/environments/sourceControl/sourceControl.service.ee.ts
index ac226a1b2eacc..0c9279ffbe7a3 100644
--- a/packages/cli/src/environments/sourceControl/sourceControl.service.ee.ts
+++ b/packages/cli/src/environments/sourceControl/sourceControl.service.ee.ts
@@ -30,7 +30,7 @@ import type { TagEntity } from '@db/entities/TagEntity';
 import type { Variables } from '@db/entities/Variables';
 import type { SourceControlWorkflowVersionId } from './types/sourceControlWorkflowVersionId';
 import type { ExportableCredential } from './types/exportableCredential';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 import { TagRepository } from '@db/repositories/tag.repository';
 import { Logger } from '@/Logger';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
diff --git a/packages/cli/src/environments/sourceControl/sourceControlExport.service.ee.ts b/packages/cli/src/environments/sourceControl/sourceControlExport.service.ee.ts
index e586357093a41..65886a6d6d0d2 100644
--- a/packages/cli/src/environments/sourceControl/sourceControlExport.service.ee.ts
+++ b/packages/cli/src/environments/sourceControl/sourceControlExport.service.ee.ts
@@ -293,11 +293,18 @@ export class SourceControlExportService {
 						};
 					}
 
+					/**
+					 * Edge case: Do not export `oauthTokenData`, so that that the
+					 * pulling instance reconnects instead of trying to use stubbed values.
+					 */
+					const credentialData = credentials.getData();
+					const { oauthTokenData, ...rest } = credentialData;
+
 					const stub: ExportableCredential = {
 						id,
 						name,
 						type,
-						data: this.replaceCredentialData(credentials.getData()),
+						data: this.replaceCredentialData(rest),
 						ownedBy: owner,
 					};
 
diff --git a/packages/cli/src/environments/sourceControl/sourceControlImport.service.ee.ts b/packages/cli/src/environments/sourceControl/sourceControlImport.service.ee.ts
index d9a366b6f053e..7ff77ca7f8b44 100644
--- a/packages/cli/src/environments/sourceControl/sourceControlImport.service.ee.ts
+++ b/packages/cli/src/environments/sourceControl/sourceControlImport.service.ee.ts
@@ -326,7 +326,12 @@ export class SourceControlImportService {
 				if (existingCredential?.data) {
 					newCredentialObject.data = existingCredential.data;
 				} else {
-					newCredentialObject.setData(data);
+					/**
+					 * Edge case: Do not import `oauthTokenData`, so that that the
+					 * pulling instance reconnects instead of trying to use stubbed values.
+					 */
+					const { oauthTokenData, ...rest } = data;
+					newCredentialObject.setData(rest);
 				}
 
 				this.logger.debug(`Updating credential id ${newCredentialObject.id as string}`);
diff --git a/packages/cli/src/environments/variables/variables.service.ee.ts b/packages/cli/src/environments/variables/variables.service.ee.ts
index 94233da065839..78a3d23fbe55d 100644
--- a/packages/cli/src/environments/variables/variables.service.ee.ts
+++ b/packages/cli/src/environments/variables/variables.service.ee.ts
@@ -6,7 +6,7 @@ import { CacheService } from '@/services/cache/cache.service';
 import { VariablesRepository } from '@db/repositories/variables.repository';
 import { VariableCountLimitReachedError } from '@/errors/variable-count-limit-reached.error';
 import { VariableValidationError } from '@/errors/variable-validation.error';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @Service()
 export class VariablesService {
diff --git a/packages/cli/src/errors/max-stalled-count.error.ts b/packages/cli/src/errors/max-stalled-count.error.ts
index 6715de0ade837..653ca18eacac7 100644
--- a/packages/cli/src/errors/max-stalled-count.error.ts
+++ b/packages/cli/src/errors/max-stalled-count.error.ts
@@ -1,7 +1,7 @@
 import { ApplicationError } from 'n8n-workflow';
 
 /**
- * See https://github.com/OptimalBits/bull/blob/60fa88f08637f0325639988a3f054880a04ce402/docs/README.md?plain=1#L133
+ * @docs https://docs.bullmq.io/guide/workers/stalled-jobs
  */
 export class MaxStalledCountError extends ApplicationError {
 	constructor(cause: Error) {
diff --git a/packages/cli/src/errors/redactable.error.ts b/packages/cli/src/errors/redactable.error.ts
index 0f6697a0652d6..0d5b07ac504fb 100644
--- a/packages/cli/src/errors/redactable.error.ts
+++ b/packages/cli/src/errors/redactable.error.ts
@@ -3,7 +3,7 @@ import { ApplicationError } from 'n8n-workflow';
 export class RedactableError extends ApplicationError {
 	constructor(fieldName: string, args: string) {
 		super(
-			`Failed to find "${fieldName}" property in argument "${args.toString()}". Please set the decorator \`@Redactable()\` only on \`AuditEventRelay\` methods where the argument contains a "${fieldName}" property.`,
+			`Failed to find "${fieldName}" property in argument "${args.toString()}". Please set the decorator \`@Redactable()\` only on \`LogStreamingEventRelay\` methods where the argument contains a "${fieldName}" property.`,
 		);
 	}
 }
diff --git a/packages/cli/test/unit/utils.test.ts b/packages/cli/src/errors/response-errors/__tests__/webhook-not-found.error.test.ts
similarity index 100%
rename from packages/cli/test/unit/utils.test.ts
rename to packages/cli/src/errors/response-errors/__tests__/webhook-not-found.error.test.ts
diff --git a/packages/cli/src/errors/response-errors/invalid-mfa-code.error.ts b/packages/cli/src/errors/response-errors/invalid-mfa-code.error.ts
new file mode 100644
index 0000000000000..cc00976a84ef5
--- /dev/null
+++ b/packages/cli/src/errors/response-errors/invalid-mfa-code.error.ts
@@ -0,0 +1,7 @@
+import { ForbiddenError } from './forbidden.error';
+
+export class InvalidMfaCodeError extends ForbiddenError {
+	constructor(hint?: string) {
+		super('Invalid two-factor code.', hint);
+	}
+}
diff --git a/packages/cli/src/eventbus/MessageEventBus/MessageEventBus.ts b/packages/cli/src/eventbus/MessageEventBus/MessageEventBus.ts
index 758eeb5ae590f..eeb868798bf6b 100644
--- a/packages/cli/src/eventbus/MessageEventBus/MessageEventBus.ts
+++ b/packages/cli/src/eventbus/MessageEventBus/MessageEventBus.ts
@@ -52,6 +52,8 @@ export interface MessageEventBusInitializeOptions {
 }
 
 @Service()
+// TODO: Convert to TypedEventEmitter
+// eslint-disable-next-line n8n-local-rules/no-type-unsafe-event-emitter
 export class MessageEventBus extends EventEmitter {
 	private isInitialized = false;
 
diff --git a/packages/cli/src/eventbus/audit-event-relay.service.ts b/packages/cli/src/eventbus/audit-event-relay.service.ts
deleted file mode 100644
index f8a95a3ebf359..0000000000000
--- a/packages/cli/src/eventbus/audit-event-relay.service.ts
+++ /dev/null
@@ -1,387 +0,0 @@
-import { Service } from 'typedi';
-import { MessageEventBus } from './MessageEventBus/MessageEventBus';
-import { Redactable } from '@/decorators/Redactable';
-import { EventService } from './event.service';
-import type { Event } from './event.types';
-import type { IWorkflowBase } from 'n8n-workflow';
-
-@Service()
-export class AuditEventRelay {
-	constructor(
-		private readonly eventService: EventService,
-		private readonly eventBus: MessageEventBus,
-	) {}
-
-	init() {
-		this.setupHandlers();
-	}
-
-	private setupHandlers() {
-		this.eventService.on('workflow-created', (event) => this.workflowCreated(event));
-		this.eventService.on('workflow-deleted', (event) => this.workflowDeleted(event));
-		this.eventService.on('workflow-saved', (event) => this.workflowSaved(event));
-		this.eventService.on('workflow-pre-execute', (event) => this.workflowPreExecute(event));
-		this.eventService.on('workflow-post-execute', (event) => this.workflowPostExecute(event));
-		this.eventService.on('node-pre-execute', (event) => this.nodePreExecute(event));
-		this.eventService.on('node-post-execute', (event) => this.nodePostExecute(event));
-		this.eventService.on('user-deleted', (event) => this.userDeleted(event));
-		this.eventService.on('user-invited', (event) => this.userInvited(event));
-		this.eventService.on('user-reinvited', (event) => this.userReinvited(event));
-		this.eventService.on('user-updated', (event) => this.userUpdated(event));
-		this.eventService.on('user-signed-up', (event) => this.userSignedUp(event));
-		this.eventService.on('user-logged-in', (event) => this.userLoggedIn(event));
-		this.eventService.on('user-login-failed', (event) => this.userLoginFailed(event));
-		this.eventService.on('user-invite-email-click', (event) => this.userInviteEmailClick(event));
-		this.eventService.on('user-password-reset-email-click', (event) =>
-			this.userPasswordResetEmailClick(event),
-		);
-		this.eventService.on('user-password-reset-request-click', (event) =>
-			this.userPasswordResetRequestClick(event),
-		);
-		this.eventService.on('public-api-key-created', (event) => this.publicApiKeyCreated(event));
-		this.eventService.on('public-api-key-deleted', (event) => this.publicApiKeyDeleted(event));
-		this.eventService.on('email-failed', (event) => this.emailFailed(event));
-		this.eventService.on('credentials-created', (event) => this.credentialsCreated(event));
-		this.eventService.on('credentials-deleted', (event) => this.credentialsDeleted(event));
-		this.eventService.on('credentials-shared', (event) => this.credentialsShared(event));
-		this.eventService.on('credentials-updated', (event) => this.credentialsUpdated(event));
-		this.eventService.on('credentials-deleted', (event) => this.credentialsDeleted(event));
-		this.eventService.on('community-package-installed', (event) =>
-			this.communityPackageInstalled(event),
-		);
-		this.eventService.on('community-package-updated', (event) =>
-			this.communityPackageUpdated(event),
-		);
-		this.eventService.on('community-package-deleted', (event) =>
-			this.communityPackageDeleted(event),
-		);
-		this.eventService.on('execution-throttled', (event) => this.executionThrottled(event));
-		this.eventService.on('execution-started-during-bootup', (event) =>
-			this.executionStartedDuringBootup(event),
-		);
-	}
-
-	/**
-	 * Workflow
-	 */
-
-	@Redactable()
-	private workflowCreated({ user, workflow }: Event['workflow-created']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.workflow.created',
-			payload: {
-				...user,
-				workflowId: workflow.id,
-				workflowName: workflow.name,
-			},
-		});
-	}
-
-	@Redactable()
-	private workflowDeleted({ user, workflowId }: Event['workflow-deleted']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.workflow.deleted',
-			payload: { ...user, workflowId },
-		});
-	}
-
-	@Redactable()
-	private workflowSaved({ user, workflow }: Event['workflow-saved']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.workflow.updated',
-			payload: {
-				...user,
-				workflowId: workflow.id,
-				workflowName: workflow.name,
-			},
-		});
-	}
-
-	private workflowPreExecute({ data, executionId }: Event['workflow-pre-execute']) {
-		const payload =
-			'executionData' in data
-				? {
-						executionId,
-						userId: data.userId,
-						workflowId: data.workflowData.id,
-						isManual: data.executionMode === 'manual',
-						workflowName: data.workflowData.name,
-					}
-				: {
-						executionId,
-						userId: undefined,
-						workflowId: (data as IWorkflowBase).id,
-						isManual: false,
-						workflowName: (data as IWorkflowBase).name,
-					};
-
-		void this.eventBus.sendWorkflowEvent({
-			eventName: 'n8n.workflow.started',
-			payload,
-		});
-	}
-
-	private workflowPostExecute(event: Event['workflow-post-execute']) {
-		const { runData, ...rest } = event;
-
-		if (event.success) {
-			void this.eventBus.sendWorkflowEvent({
-				eventName: 'n8n.workflow.success',
-				payload: rest,
-			});
-
-			return;
-		}
-
-		void this.eventBus.sendWorkflowEvent({
-			eventName: 'n8n.workflow.failed',
-			payload: {
-				...rest,
-				lastNodeExecuted: runData?.data.resultData.lastNodeExecuted,
-				errorNodeType:
-					runData?.data.resultData.error && 'node' in runData?.data.resultData.error
-						? runData?.data.resultData.error.node?.type
-						: undefined,
-				errorMessage: runData?.data.resultData.error?.message.toString(),
-			},
-		});
-	}
-
-	/**
-	 * Node
-	 */
-
-	private nodePreExecute({ workflow, executionId, nodeName }: Event['node-pre-execute']) {
-		void this.eventBus.sendNodeEvent({
-			eventName: 'n8n.node.started',
-			payload: {
-				workflowId: workflow.id,
-				workflowName: workflow.name,
-				executionId,
-				nodeType: workflow.nodes.find((n) => n.name === nodeName)?.type,
-				nodeName,
-			},
-		});
-	}
-
-	private nodePostExecute({ workflow, executionId, nodeName }: Event['node-post-execute']) {
-		void this.eventBus.sendNodeEvent({
-			eventName: 'n8n.node.finished',
-			payload: {
-				workflowId: workflow.id,
-				workflowName: workflow.name,
-				executionId,
-				nodeType: workflow.nodes.find((n) => n.name === nodeName)?.type,
-				nodeName,
-			},
-		});
-	}
-
-	/**
-	 * User
-	 */
-
-	@Redactable()
-	private userDeleted({ user }: Event['user-deleted']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.deleted',
-			payload: user,
-		});
-	}
-
-	@Redactable()
-	private userInvited({ user, targetUserId }: Event['user-invited']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.invited',
-			payload: { ...user, targetUserId },
-		});
-	}
-
-	@Redactable()
-	private userReinvited({ user, targetUserId }: Event['user-reinvited']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.reinvited',
-			payload: { ...user, targetUserId },
-		});
-	}
-
-	@Redactable()
-	private userUpdated({ user, fieldsChanged }: Event['user-updated']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.updated',
-			payload: { ...user, fieldsChanged },
-		});
-	}
-
-	/**
-	 * Auth
-	 */
-
-	@Redactable()
-	private userSignedUp({ user }: Event['user-signed-up']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.signedup',
-			payload: user,
-		});
-	}
-
-	@Redactable()
-	private userLoggedIn({ user, authenticationMethod }: Event['user-logged-in']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.login.success',
-			payload: { ...user, authenticationMethod },
-		});
-	}
-
-	private userLoginFailed(
-		event: Event['user-login-failed'] /* exception: no `UserLike` to redact */,
-	) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.login.failed',
-			payload: event,
-		});
-	}
-
-	/**
-	 * Click
-	 */
-
-	@Redactable('inviter')
-	@Redactable('invitee')
-	private userInviteEmailClick(event: Event['user-invite-email-click']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.invitation.accepted',
-			payload: event,
-		});
-	}
-
-	@Redactable()
-	private userPasswordResetEmailClick({ user }: Event['user-password-reset-email-click']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.reset',
-			payload: user,
-		});
-	}
-
-	@Redactable()
-	private userPasswordResetRequestClick({ user }: Event['user-password-reset-request-click']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.reset.requested',
-			payload: user,
-		});
-	}
-
-	/**
-	 * Public API
-	 */
-
-	@Redactable()
-	private publicApiKeyCreated({ user }: Event['public-api-key-created']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.api.created',
-			payload: user,
-		});
-	}
-
-	@Redactable()
-	private publicApiKeyDeleted({ user }: Event['public-api-key-deleted']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.api.deleted',
-			payload: user,
-		});
-	}
-
-	/**
-	 * Emailing
-	 */
-
-	@Redactable()
-	private emailFailed({ user, messageType }: Event['email-failed']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.email.failed',
-			payload: { ...user, messageType },
-		});
-	}
-
-	/**
-	 * Credentials
-	 */
-
-	@Redactable()
-	private credentialsCreated({ user, ...rest }: Event['credentials-created']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.credentials.created',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	@Redactable()
-	private credentialsDeleted({ user, ...rest }: Event['credentials-deleted']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.credentials.deleted',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	@Redactable()
-	private credentialsShared({ user, ...rest }: Event['credentials-shared']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.credentials.shared',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	@Redactable()
-	private credentialsUpdated({ user, ...rest }: Event['credentials-updated']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.user.credentials.updated',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	/**
-	 * Community package
-	 */
-
-	@Redactable()
-	private communityPackageInstalled({ user, ...rest }: Event['community-package-installed']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.package.installed',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	@Redactable()
-	private communityPackageUpdated({ user, ...rest }: Event['community-package-updated']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.package.updated',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	@Redactable()
-	private communityPackageDeleted({ user, ...rest }: Event['community-package-deleted']) {
-		void this.eventBus.sendAuditEvent({
-			eventName: 'n8n.audit.package.deleted',
-			payload: { ...user, ...rest },
-		});
-	}
-
-	/**
-	 * Execution
-	 */
-
-	private executionThrottled({ executionId }: Event['execution-throttled']) {
-		void this.eventBus.sendExecutionEvent({
-			eventName: 'n8n.execution.throttled',
-			payload: { executionId },
-		});
-	}
-
-	private executionStartedDuringBootup({ executionId }: Event['execution-started-during-bootup']) {
-		void this.eventBus.sendExecutionEvent({
-			eventName: 'n8n.execution.started-during-bootup',
-			payload: { executionId },
-		});
-	}
-}
diff --git a/packages/cli/src/eventbus/event.service.ts b/packages/cli/src/eventbus/event.service.ts
deleted file mode 100644
index 2b16ff06ab40c..0000000000000
--- a/packages/cli/src/eventbus/event.service.ts
+++ /dev/null
@@ -1,6 +0,0 @@
-import { Service } from 'typedi';
-import { TypedEmitter } from '@/TypedEmitter';
-import type { Event } from './event.types';
-
-@Service()
-export class EventService extends TypedEmitter<Event> {}
diff --git a/packages/cli/src/eventbus/__tests__/audit-event-relay.service.test.ts b/packages/cli/src/events/__tests__/log-streaming-event-relay.test.ts
similarity index 61%
rename from packages/cli/src/eventbus/__tests__/audit-event-relay.service.test.ts
rename to packages/cli/src/events/__tests__/log-streaming-event-relay.test.ts
index 52b86b58e1b6b..7254f5a09bfc6 100644
--- a/packages/cli/src/eventbus/__tests__/audit-event-relay.service.test.ts
+++ b/packages/cli/src/events/__tests__/log-streaming-event-relay.test.ts
@@ -1,16 +1,15 @@
 import { mock } from 'jest-mock-extended';
-import { AuditEventRelay } from '../audit-event-relay.service';
-import type { MessageEventBus } from '../MessageEventBus/MessageEventBus';
-import type { Event } from '../event.types';
-import { EventService } from '../event.service';
+import { LogStreamingEventRelay } from '@/events/log-streaming-event-relay';
+import { EventService } from '@/events/event.service';
 import type { INode, IRun, IWorkflowBase } from 'n8n-workflow';
 import type { IWorkflowDb } from '@/Interfaces';
+import type { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
+import type { RelayEventMap } from '@/events/relay-event-map';
 
-describe('AuditEventRelay', () => {
+describe('LogStreamingEventRelay', () => {
 	const eventBus = mock<MessageEventBus>();
 	const eventService = new EventService();
-	const auditor = new AuditEventRelay(eventService, eventBus);
-	auditor.init();
+	new LogStreamingEventRelay(eventService, eventBus).init();
 
 	afterEach(() => {
 		jest.clearAllMocks();
@@ -18,7 +17,7 @@ describe('AuditEventRelay', () => {
 
 	describe('workflow events', () => {
 		it('should log on `workflow-created` event', () => {
-			const event: Event['workflow-created'] = {
+			const event: RelayEventMap['workflow-created'] = {
 				user: {
 					id: '123',
 					email: 'john@n8n.io',
@@ -52,7 +51,7 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `workflow-deleted` event', () => {
-			const event: Event['workflow-deleted'] = {
+			const event: RelayEventMap['workflow-deleted'] = {
 				user: {
 					id: '456',
 					email: 'jane@n8n.io',
@@ -80,7 +79,7 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `workflow-saved` event', () => {
-			const event: Event['workflow-saved'] = {
+			const event: RelayEventMap['workflow-saved'] = {
 				user: {
 					id: '789',
 					email: 'alex@n8n.io',
@@ -119,7 +118,7 @@ describe('AuditEventRelay', () => {
 				settings: {},
 			});
 
-			const event: Event['workflow-pre-execute'] = {
+			const event: RelayEventMap['workflow-pre-execute'] = {
 				executionId: 'exec123',
 				data: workflow,
 			};
@@ -139,29 +138,33 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `workflow-post-execute` for successful execution', () => {
-			const payload = mock<Event['workflow-post-execute']>({
+			const payload = mock<RelayEventMap['workflow-post-execute']>({
 				executionId: 'some-id',
-				success: true,
 				userId: 'some-id',
-				workflowId: 'some-id',
-				isManual: true,
-				workflowName: 'some-name',
-				metadata: {},
-				runData: mock<IRun>({ data: { resultData: {} } }),
+				workflow: mock<IWorkflowBase>({ id: 'some-id', name: 'some-name' }),
+				runData: mock<IRun>({ status: 'success', mode: 'manual', data: { resultData: {} } }),
 			});
 
 			eventService.emit('workflow-post-execute', payload);
 
-			const { runData: _, ...rest } = payload;
+			const { runData: _, workflow: __, ...rest } = payload;
 
 			expect(eventBus.sendWorkflowEvent).toHaveBeenCalledWith({
 				eventName: 'n8n.workflow.success',
-				payload: rest,
+				payload: {
+					...rest,
+					success: true,
+					isManual: true,
+					workflowName: 'some-name',
+					workflowId: 'some-id',
+				},
 			});
 		});
 
-		it('should handle `workflow-post-execute` event for unsuccessful execution', () => {
+		it('should log on `workflow-post-execute` event for unsuccessful execution', () => {
 			const runData = mock<IRun>({
+				status: 'error',
+				mode: 'manual',
 				data: {
 					resultData: {
 						lastNodeExecuted: 'some-node',
@@ -177,23 +180,23 @@ describe('AuditEventRelay', () => {
 
 			const event = {
 				executionId: 'some-id',
-				success: false,
 				userId: 'some-id',
-				workflowId: 'some-id',
-				isManual: true,
-				workflowName: 'some-name',
-				metadata: {},
+				workflow: mock<IWorkflowBase>({ id: 'some-id', name: 'some-name' }),
 				runData,
 			};
 
 			eventService.emit('workflow-post-execute', event);
 
-			const { runData: _, ...rest } = event;
+			const { runData: _, workflow: __, ...rest } = event;
 
 			expect(eventBus.sendWorkflowEvent).toHaveBeenCalledWith({
 				eventName: 'n8n.workflow.failed',
 				payload: {
 					...rest,
+					success: false,
+					isManual: true,
+					workflowName: 'some-name',
+					workflowId: 'some-id',
 					lastNodeExecuted: 'some-node',
 					errorNodeType: 'some-type',
 					errorMessage: 'some-message',
@@ -204,7 +207,7 @@ describe('AuditEventRelay', () => {
 
 	describe('user events', () => {
 		it('should log on `user-updated` event', () => {
-			const event: Event['user-updated'] = {
+			const event: RelayEventMap['user-updated'] = {
 				user: {
 					id: 'user456',
 					email: 'updated@example.com',
@@ -231,7 +234,7 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `user-deleted` event', () => {
-			const event: Event['user-deleted'] = {
+			const event: RelayEventMap['user-deleted'] = {
 				user: {
 					id: '123',
 					email: 'john@n8n.io',
@@ -239,6 +242,11 @@ describe('AuditEventRelay', () => {
 					lastName: 'Doe',
 					role: 'some-role',
 				},
+				targetUserOldStatus: 'active',
+				publicApi: false,
+				migrationStrategy: 'transfer_data',
+				targetUserId: '456',
+				migrationUserId: '789',
 			};
 
 			eventService.emit('user-deleted', event);
@@ -254,11 +262,122 @@ describe('AuditEventRelay', () => {
 				},
 			});
 		});
+
+		it('should log on `user-invited` event', () => {
+			const event: RelayEventMap['user-invited'] = {
+				user: {
+					id: 'user101',
+					email: 'inviter@example.com',
+					firstName: 'Inviter',
+					lastName: 'User',
+					role: 'global:owner',
+				},
+				targetUserId: ['newUser123'],
+				publicApi: false,
+				emailSent: true,
+				inviteeRole: 'global:member',
+			};
+
+			eventService.emit('user-invited', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.invited',
+				payload: {
+					userId: 'user101',
+					_email: 'inviter@example.com',
+					_firstName: 'Inviter',
+					_lastName: 'User',
+					globalRole: 'global:owner',
+					targetUserId: ['newUser123'],
+				},
+			});
+		});
+
+		it('should log on `user-reinvited` event', () => {
+			const event: RelayEventMap['user-reinvited'] = {
+				user: {
+					id: 'user202',
+					email: 'reinviter@example.com',
+					firstName: 'Reinviter',
+					lastName: 'User',
+					role: 'global:admin',
+				},
+				targetUserId: ['existingUser456'],
+			};
+
+			eventService.emit('user-reinvited', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.reinvited',
+				payload: {
+					userId: 'user202',
+					_email: 'reinviter@example.com',
+					_firstName: 'Reinviter',
+					_lastName: 'User',
+					globalRole: 'global:admin',
+					targetUserId: ['existingUser456'],
+				},
+			});
+		});
+
+		it('should log on `user-signed-up` event', () => {
+			const event: RelayEventMap['user-signed-up'] = {
+				user: {
+					id: 'user303',
+					email: 'newuser@example.com',
+					firstName: 'New',
+					lastName: 'User',
+					role: 'global:member',
+				},
+				userType: 'email',
+				wasDisabledLdapUser: false,
+			};
+
+			eventService.emit('user-signed-up', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.signedup',
+				payload: {
+					userId: 'user303',
+					_email: 'newuser@example.com',
+					_firstName: 'New',
+					_lastName: 'User',
+					globalRole: 'global:member',
+				},
+			});
+		});
+
+		it('should log on `user-logged-in` event', () => {
+			const event: RelayEventMap['user-logged-in'] = {
+				user: {
+					id: 'user404',
+					email: 'loggedin@example.com',
+					firstName: 'Logged',
+					lastName: 'In',
+					role: 'global:owner',
+				},
+				authenticationMethod: 'email',
+			};
+
+			eventService.emit('user-logged-in', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.login.success',
+				payload: {
+					userId: 'user404',
+					_email: 'loggedin@example.com',
+					_firstName: 'Logged',
+					_lastName: 'In',
+					globalRole: 'global:owner',
+					authenticationMethod: 'email',
+				},
+			});
+		});
 	});
 
 	describe('click events', () => {
 		it('should log on `user-password-reset-request-click` event', () => {
-			const event: Event['user-password-reset-request-click'] = {
+			const event: RelayEventMap['user-password-reset-request-click'] = {
 				user: {
 					id: 'user101',
 					email: 'user101@example.com',
@@ -283,7 +402,7 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `user-invite-email-click` event', () => {
-			const event: Event['user-invite-email-click'] = {
+			const event: RelayEventMap['user-invite-email-click'] = {
 				inviter: {
 					id: '123',
 					email: 'john@n8n.io',
@@ -322,6 +441,31 @@ describe('AuditEventRelay', () => {
 				},
 			});
 		});
+
+		it('should log on `user-password-reset-email-click` event', () => {
+			const event: RelayEventMap['user-password-reset-email-click'] = {
+				user: {
+					id: 'user505',
+					email: 'resetuser@example.com',
+					firstName: 'Reset',
+					lastName: 'User',
+					role: 'global:member',
+				},
+			};
+
+			eventService.emit('user-password-reset-email-click', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.reset',
+				payload: {
+					userId: 'user505',
+					_email: 'resetuser@example.com',
+					_firstName: 'Reset',
+					_lastName: 'User',
+					globalRole: 'global:member',
+				},
+			});
+		});
 	});
 
 	describe('node events', () => {
@@ -350,7 +494,7 @@ describe('AuditEventRelay', () => {
 				settings: {},
 			});
 
-			const event: Event['node-pre-execute'] = {
+			const event: RelayEventMap['node-pre-execute'] = {
 				executionId: 'exec456',
 				nodeName: 'HTTP Request',
 				workflow,
@@ -395,7 +539,7 @@ describe('AuditEventRelay', () => {
 				settings: {},
 			});
 
-			const event: Event['node-post-execute'] = {
+			const event: RelayEventMap['node-post-execute'] = {
 				executionId: 'exec789',
 				nodeName: 'HTTP Response',
 				workflow,
@@ -418,7 +562,7 @@ describe('AuditEventRelay', () => {
 
 	describe('credentials events', () => {
 		it('should log on `credentials-shared` event', () => {
-			const event: Event['credentials-shared'] = {
+			const event: RelayEventMap['credentials-shared'] = {
 				user: {
 					id: 'user123',
 					email: 'sharer@example.com',
@@ -453,7 +597,7 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `credentials-created` event', () => {
-			const event: Event['credentials-created'] = {
+			const event: RelayEventMap['credentials-created'] = {
 				user: {
 					id: 'user123',
 					email: 'user@example.com',
@@ -486,11 +630,69 @@ describe('AuditEventRelay', () => {
 				},
 			});
 		});
+
+		it('should log on `credentials-deleted` event', () => {
+			const event: RelayEventMap['credentials-deleted'] = {
+				user: {
+					id: 'user707',
+					email: 'creduser@example.com',
+					firstName: 'Cred',
+					lastName: 'User',
+					role: 'global:owner',
+				},
+				credentialId: 'cred789',
+				credentialType: 'githubApi',
+			};
+
+			eventService.emit('credentials-deleted', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.credentials.deleted',
+				payload: {
+					userId: 'user707',
+					_email: 'creduser@example.com',
+					_firstName: 'Cred',
+					_lastName: 'User',
+					globalRole: 'global:owner',
+					credentialId: 'cred789',
+					credentialType: 'githubApi',
+				},
+			});
+		});
+
+		it('should log on `credentials-updated` event', () => {
+			const event: RelayEventMap['credentials-updated'] = {
+				user: {
+					id: 'user808',
+					email: 'updatecred@example.com',
+					firstName: 'Update',
+					lastName: 'Cred',
+					role: 'global:owner',
+				},
+				credentialId: 'cred101',
+				credentialType: 'slackApi',
+			};
+
+			eventService.emit('credentials-updated', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.credentials.updated',
+				payload: {
+					userId: 'user808',
+					_email: 'updatecred@example.com',
+					_firstName: 'Update',
+					_lastName: 'Cred',
+					globalRole: 'global:owner',
+					credentialId: 'cred101',
+					credentialType: 'slackApi',
+				},
+			});
+		});
 	});
 
 	describe('auth events', () => {
 		it('should log on `user-login-failed` event', () => {
-			const event: Event['user-login-failed'] = {
+			const event: RelayEventMap['user-login-failed'] = {
 				userEmail: 'user@example.com',
 				authenticationMethod: 'email',
 				reason: 'Invalid password',
@@ -511,7 +713,7 @@ describe('AuditEventRelay', () => {
 
 	describe('community package events', () => {
 		it('should log on `community-package-updated` event', () => {
-			const event: Event['community-package-updated'] = {
+			const event: RelayEventMap['community-package-updated'] = {
 				user: {
 					id: 'user202',
 					email: 'packageupdater@example.com',
@@ -548,7 +750,7 @@ describe('AuditEventRelay', () => {
 		});
 
 		it('should log on `community-package-installed` event', () => {
-			const event: Event['community-package-installed'] = {
+			const event: RelayEventMap['community-package-installed'] = {
 				user: {
 					id: 'user789',
 					email: 'admin@example.com',
@@ -585,11 +787,46 @@ describe('AuditEventRelay', () => {
 				},
 			});
 		});
+
+		it('should log on `community-package-deleted` event', () => {
+			const event: RelayEventMap['community-package-deleted'] = {
+				user: {
+					id: 'user909',
+					email: 'packagedeleter@example.com',
+					firstName: 'Package',
+					lastName: 'Deleter',
+					role: 'global:admin',
+				},
+				packageName: 'n8n-nodes-awesome-package',
+				packageVersion: '1.0.0',
+				packageNodeNames: ['AwesomeNode1', 'AwesomeNode2'],
+				packageAuthor: 'John Doe',
+				packageAuthorEmail: 'john@example.com',
+			};
+
+			eventService.emit('community-package-deleted', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.package.deleted',
+				payload: {
+					userId: 'user909',
+					_email: 'packagedeleter@example.com',
+					_firstName: 'Package',
+					_lastName: 'Deleter',
+					globalRole: 'global:admin',
+					packageName: 'n8n-nodes-awesome-package',
+					packageVersion: '1.0.0',
+					packageNodeNames: ['AwesomeNode1', 'AwesomeNode2'],
+					packageAuthor: 'John Doe',
+					packageAuthorEmail: 'john@example.com',
+				},
+			});
+		});
 	});
 
 	describe('email events', () => {
 		it('should log on `email-failed` event', () => {
-			const event: Event['email-failed'] = {
+			const event: RelayEventMap['email-failed'] = {
 				user: {
 					id: 'user789',
 					email: 'recipient@example.com',
@@ -598,6 +835,7 @@ describe('AuditEventRelay', () => {
 					role: 'global:member',
 				},
 				messageType: 'New user invite',
+				publicApi: false,
 			};
 
 			eventService.emit('email-failed', event);
@@ -618,7 +856,7 @@ describe('AuditEventRelay', () => {
 
 	describe('public API events', () => {
 		it('should log on `public-api-key-created` event', () => {
-			const event: Event['public-api-key-created'] = {
+			const event: RelayEventMap['public-api-key-created'] = {
 				user: {
 					id: 'user101',
 					email: 'apiuser@example.com',
@@ -642,11 +880,52 @@ describe('AuditEventRelay', () => {
 				},
 			});
 		});
+
+		it('should log on `public-api-key-deleted` event', () => {
+			const event: RelayEventMap['public-api-key-deleted'] = {
+				user: {
+					id: 'user606',
+					email: 'apiuser@example.com',
+					firstName: 'API',
+					lastName: 'User',
+					role: 'global:owner',
+				},
+				publicApi: true,
+			};
+
+			eventService.emit('public-api-key-deleted', event);
+
+			expect(eventBus.sendAuditEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.audit.user.api.deleted',
+				payload: {
+					userId: 'user606',
+					_email: 'apiuser@example.com',
+					_firstName: 'API',
+					_lastName: 'User',
+					globalRole: 'global:owner',
+				},
+			});
+		});
 	});
 
 	describe('execution events', () => {
+		it('should log on `execution-started-during-bootup` event', () => {
+			const event: RelayEventMap['execution-started-during-bootup'] = {
+				executionId: 'exec101010',
+			};
+
+			eventService.emit('execution-started-during-bootup', event);
+
+			expect(eventBus.sendExecutionEvent).toHaveBeenCalledWith({
+				eventName: 'n8n.execution.started-during-bootup',
+				payload: {
+					executionId: 'exec101010',
+				},
+			});
+		});
+
 		it('should log on `execution-throttled` event', () => {
-			const event: Event['execution-throttled'] = {
+			const event: RelayEventMap['execution-throttled'] = {
 				executionId: 'exec123456',
 			};
 
diff --git a/packages/cli/src/events/event-relay.ts b/packages/cli/src/events/event-relay.ts
new file mode 100644
index 0000000000000..1a8a17b8930f2
--- /dev/null
+++ b/packages/cli/src/events/event-relay.ts
@@ -0,0 +1,20 @@
+import { EventService } from './event.service';
+import { Service } from 'typedi';
+import type { RelayEventMap } from '@/events/relay-event-map';
+
+@Service()
+export class EventRelay {
+	constructor(readonly eventService: EventService) {}
+
+	protected setupListeners<EventNames extends keyof RelayEventMap>(map: {
+		[EventName in EventNames]?: (event: RelayEventMap[EventName]) => void | Promise<void>;
+	}) {
+		for (const [eventName, handler] of Object.entries(map) as Array<
+			[EventNames, (event: RelayEventMap[EventNames]) => void | Promise<void>]
+		>) {
+			this.eventService.on(eventName, async (event) => {
+				await handler(event);
+			});
+		}
+	}
+}
diff --git a/packages/cli/src/events/event.service.ts b/packages/cli/src/events/event.service.ts
new file mode 100644
index 0000000000000..6744103a07799
--- /dev/null
+++ b/packages/cli/src/events/event.service.ts
@@ -0,0 +1,6 @@
+import { Service } from 'typedi';
+import { TypedEmitter } from '@/TypedEmitter';
+import type { RelayEventMap } from './relay-event-map';
+
+@Service()
+export class EventService extends TypedEmitter<RelayEventMap> {}
diff --git a/packages/cli/src/events/log-streaming-event-relay.ts b/packages/cli/src/events/log-streaming-event-relay.ts
new file mode 100644
index 0000000000000..85d5a8cb8fb3c
--- /dev/null
+++ b/packages/cli/src/events/log-streaming-event-relay.ts
@@ -0,0 +1,390 @@
+import { Service } from 'typedi';
+import { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
+import { Redactable } from '@/decorators/Redactable';
+import { EventRelay } from '@/events/event-relay';
+import type { RelayEventMap } from '@/events/relay-event-map';
+import type { IWorkflowBase } from 'n8n-workflow';
+import { EventService } from './event.service';
+
+@Service()
+export class LogStreamingEventRelay extends EventRelay {
+	constructor(
+		readonly eventService: EventService,
+		private readonly eventBus: MessageEventBus,
+	) {
+		super(eventService);
+	}
+
+	init() {
+		this.setupListeners({
+			'workflow-created': (event) => this.workflowCreated(event),
+			'workflow-deleted': (event) => this.workflowDeleted(event),
+			'workflow-saved': (event) => this.workflowSaved(event),
+			'workflow-pre-execute': (event) => this.workflowPreExecute(event),
+			'workflow-post-execute': (event) => this.workflowPostExecute(event),
+			'node-pre-execute': (event) => this.nodePreExecute(event),
+			'node-post-execute': (event) => this.nodePostExecute(event),
+			'user-deleted': (event) => this.userDeleted(event),
+			'user-invited': (event) => this.userInvited(event),
+			'user-reinvited': (event) => this.userReinvited(event),
+			'user-updated': (event) => this.userUpdated(event),
+			'user-signed-up': (event) => this.userSignedUp(event),
+			'user-logged-in': (event) => this.userLoggedIn(event),
+			'user-login-failed': (event) => this.userLoginFailed(event),
+			'user-invite-email-click': (event) => this.userInviteEmailClick(event),
+			'user-password-reset-email-click': (event) => this.userPasswordResetEmailClick(event),
+			'user-password-reset-request-click': (event) => this.userPasswordResetRequestClick(event),
+			'public-api-key-created': (event) => this.publicApiKeyCreated(event),
+			'public-api-key-deleted': (event) => this.publicApiKeyDeleted(event),
+			'email-failed': (event) => this.emailFailed(event),
+			'credentials-created': (event) => this.credentialsCreated(event),
+			'credentials-deleted': (event) => this.credentialsDeleted(event),
+			'credentials-shared': (event) => this.credentialsShared(event),
+			'credentials-updated': (event) => this.credentialsUpdated(event),
+			'community-package-installed': (event) => this.communityPackageInstalled(event),
+			'community-package-updated': (event) => this.communityPackageUpdated(event),
+			'community-package-deleted': (event) => this.communityPackageDeleted(event),
+			'execution-throttled': (event) => this.executionThrottled(event),
+			'execution-started-during-bootup': (event) => this.executionStartedDuringBootup(event),
+		});
+	}
+
+	// #region Workflow
+
+	@Redactable()
+	private workflowCreated({ user, workflow }: RelayEventMap['workflow-created']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.workflow.created',
+			payload: {
+				...user,
+				workflowId: workflow.id,
+				workflowName: workflow.name,
+			},
+		});
+	}
+
+	@Redactable()
+	private workflowDeleted({ user, workflowId }: RelayEventMap['workflow-deleted']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.workflow.deleted',
+			payload: { ...user, workflowId },
+		});
+	}
+
+	@Redactable()
+	private workflowSaved({ user, workflow }: RelayEventMap['workflow-saved']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.workflow.updated',
+			payload: {
+				...user,
+				workflowId: workflow.id,
+				workflowName: workflow.name,
+			},
+		});
+	}
+
+	private workflowPreExecute({ data, executionId }: RelayEventMap['workflow-pre-execute']) {
+		const payload =
+			'executionData' in data
+				? {
+						executionId,
+						userId: data.userId,
+						workflowId: data.workflowData.id,
+						isManual: data.executionMode === 'manual',
+						workflowName: data.workflowData.name,
+					}
+				: {
+						executionId,
+						userId: undefined,
+						workflowId: (data as IWorkflowBase).id,
+						isManual: false,
+						workflowName: (data as IWorkflowBase).name,
+					};
+
+		void this.eventBus.sendWorkflowEvent({
+			eventName: 'n8n.workflow.started',
+			payload,
+		});
+	}
+
+	private workflowPostExecute(event: RelayEventMap['workflow-post-execute']) {
+		const { runData, workflow, ...rest } = event;
+
+		const payload = {
+			...rest,
+			success: runData?.status === 'success',
+			isManual: runData?.mode === 'manual',
+			workflowId: workflow.id,
+			workflowName: workflow.name,
+		};
+
+		if (payload.success) {
+			void this.eventBus.sendWorkflowEvent({
+				eventName: 'n8n.workflow.success',
+				payload,
+			});
+
+			return;
+		}
+
+		void this.eventBus.sendWorkflowEvent({
+			eventName: 'n8n.workflow.failed',
+			payload: {
+				...payload,
+				lastNodeExecuted: runData?.data.resultData.lastNodeExecuted,
+				errorNodeType:
+					runData?.data.resultData.error && 'node' in runData?.data.resultData.error
+						? runData?.data.resultData.error.node?.type
+						: undefined,
+				errorMessage: runData?.data.resultData.error?.message.toString(),
+			},
+		});
+	}
+
+	// #endregion
+
+	// #region Node
+
+	private nodePreExecute({ workflow, executionId, nodeName }: RelayEventMap['node-pre-execute']) {
+		void this.eventBus.sendNodeEvent({
+			eventName: 'n8n.node.started',
+			payload: {
+				workflowId: workflow.id,
+				workflowName: workflow.name,
+				executionId,
+				nodeType: workflow.nodes.find((n) => n.name === nodeName)?.type,
+				nodeName,
+			},
+		});
+	}
+
+	private nodePostExecute({ workflow, executionId, nodeName }: RelayEventMap['node-post-execute']) {
+		void this.eventBus.sendNodeEvent({
+			eventName: 'n8n.node.finished',
+			payload: {
+				workflowId: workflow.id,
+				workflowName: workflow.name,
+				executionId,
+				nodeType: workflow.nodes.find((n) => n.name === nodeName)?.type,
+				nodeName,
+			},
+		});
+	}
+
+	// #endregion
+
+	// #region User
+
+	@Redactable()
+	private userDeleted({ user }: RelayEventMap['user-deleted']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.deleted',
+			payload: user,
+		});
+	}
+
+	@Redactable()
+	private userInvited({ user, targetUserId }: RelayEventMap['user-invited']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.invited',
+			payload: { ...user, targetUserId },
+		});
+	}
+
+	@Redactable()
+	private userReinvited({ user, targetUserId }: RelayEventMap['user-reinvited']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.reinvited',
+			payload: { ...user, targetUserId },
+		});
+	}
+
+	@Redactable()
+	private userUpdated({ user, fieldsChanged }: RelayEventMap['user-updated']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.updated',
+			payload: { ...user, fieldsChanged },
+		});
+	}
+
+	// #endregion
+
+	// #region Auth
+
+	@Redactable()
+	private userSignedUp({ user }: RelayEventMap['user-signed-up']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.signedup',
+			payload: user,
+		});
+	}
+
+	@Redactable()
+	private userLoggedIn({ user, authenticationMethod }: RelayEventMap['user-logged-in']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.login.success',
+			payload: { ...user, authenticationMethod },
+		});
+	}
+
+	private userLoginFailed(
+		event: RelayEventMap['user-login-failed'] /* exception: no `UserLike` to redact */,
+	) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.login.failed',
+			payload: event,
+		});
+	}
+
+	// #endregion
+
+	// #region Click
+
+	@Redactable('inviter')
+	@Redactable('invitee')
+	private userInviteEmailClick(event: RelayEventMap['user-invite-email-click']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.invitation.accepted',
+			payload: event,
+		});
+	}
+
+	@Redactable()
+	private userPasswordResetEmailClick({ user }: RelayEventMap['user-password-reset-email-click']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.reset',
+			payload: user,
+		});
+	}
+
+	@Redactable()
+	private userPasswordResetRequestClick({
+		user,
+	}: RelayEventMap['user-password-reset-request-click']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.reset.requested',
+			payload: user,
+		});
+	}
+
+	// #endregion
+
+	// #region Public API
+
+	@Redactable()
+	private publicApiKeyCreated({ user }: RelayEventMap['public-api-key-created']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.api.created',
+			payload: user,
+		});
+	}
+
+	@Redactable()
+	private publicApiKeyDeleted({ user }: RelayEventMap['public-api-key-deleted']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.api.deleted',
+			payload: user,
+		});
+	}
+
+	// #endregion
+
+	// #region Email
+
+	@Redactable()
+	private emailFailed({ user, messageType }: RelayEventMap['email-failed']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.email.failed',
+			payload: { ...user, messageType },
+		});
+	}
+
+	// #endregion
+
+	// #region Credentials
+
+	@Redactable()
+	private credentialsCreated({ user, ...rest }: RelayEventMap['credentials-created']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.credentials.created',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	@Redactable()
+	private credentialsDeleted({ user, ...rest }: RelayEventMap['credentials-deleted']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.credentials.deleted',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	@Redactable()
+	private credentialsShared({ user, ...rest }: RelayEventMap['credentials-shared']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.credentials.shared',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	@Redactable()
+	private credentialsUpdated({ user, ...rest }: RelayEventMap['credentials-updated']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.user.credentials.updated',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	// #endregion
+
+	// #region Community package
+
+	@Redactable()
+	private communityPackageInstalled({
+		user,
+		...rest
+	}: RelayEventMap['community-package-installed']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.package.installed',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	@Redactable()
+	private communityPackageUpdated({ user, ...rest }: RelayEventMap['community-package-updated']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.package.updated',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	@Redactable()
+	private communityPackageDeleted({ user, ...rest }: RelayEventMap['community-package-deleted']) {
+		void this.eventBus.sendAuditEvent({
+			eventName: 'n8n.audit.package.deleted',
+			payload: { ...user, ...rest },
+		});
+	}
+
+	// #endregion
+
+	// #region Execution
+
+	private executionThrottled({ executionId }: RelayEventMap['execution-throttled']) {
+		void this.eventBus.sendExecutionEvent({
+			eventName: 'n8n.execution.throttled',
+			payload: { executionId },
+		});
+	}
+
+	private executionStartedDuringBootup({
+		executionId,
+	}: RelayEventMap['execution-started-during-bootup']) {
+		void this.eventBus.sendExecutionEvent({
+			eventName: 'n8n.execution.started-during-bootup',
+			payload: { executionId },
+		});
+	}
+
+	// #endregion
+}
diff --git a/packages/cli/src/eventbus/event.types.ts b/packages/cli/src/events/relay-event-map.ts
similarity index 68%
rename from packages/cli/src/eventbus/event.types.ts
rename to packages/cli/src/events/relay-event-map.ts
index b62d3bc141031..8f0efc2fedf8c 100644
--- a/packages/cli/src/eventbus/event.types.ts
+++ b/packages/cli/src/events/relay-event-map.ts
@@ -2,6 +2,7 @@ import type { AuthenticationMethod, IRun, IWorkflowBase } from 'n8n-workflow';
 import type { IWorkflowDb, IWorkflowExecutionDataProcess } from '@/Interfaces';
 import type { ProjectRole } from '@/databases/entities/ProjectRelation';
 import type { GlobalRole } from '@/databases/entities/User';
+import type { AuthProviderType } from '@/databases/entities/AuthIdentity';
 
 export type UserLike = {
 	id: string;
@@ -11,12 +12,40 @@ export type UserLike = {
 	role: string;
 };
 
-/**
- * Events sent by `EventService` and forwarded by relays, e.g. `AuditEventRelay` and `TelemetryEventRelay`.
- */
-export type Event = {
+export type RelayEventMap = {
+	// #region Lifecycle
+
 	'server-started': {};
 
+	'session-started': {
+		pushRef?: string;
+	};
+
+	'instance-stopped': {};
+
+	'instance-owner-setup': {
+		userId: string;
+	};
+
+	'first-production-workflow-succeeded': {
+		projectId: string;
+		workflowId: string;
+		userId: string;
+	};
+
+	'first-workflow-data-loaded': {
+		userId: string;
+		workflowId: string;
+		nodeType: string;
+		nodeId: string;
+		credentialType?: string;
+		credentialId?: string;
+	};
+
+	// #endregion
+
+	// #region Workflow
+
 	'workflow-created': {
 		user: UserLike;
 		workflow: IWorkflowBase;
@@ -44,15 +73,21 @@ export type Event = {
 
 	'workflow-post-execute': {
 		executionId: string;
-		success: boolean;
 		userId?: string;
-		workflowId: string;
-		isManual: boolean;
-		workflowName: string;
-		metadata?: Record<string, string>;
+		workflow: IWorkflowBase;
 		runData?: IRun;
 	};
 
+	'workflow-sharing-updated': {
+		workflowId: string;
+		userIdSharer: string;
+		userIdList: string[];
+	};
+
+	// #endregion
+
+	// #region Node
+
 	'node-pre-execute': {
 		executionId: string;
 		workflow: IWorkflowBase;
@@ -65,13 +100,30 @@ export type Event = {
 		nodeName: string;
 	};
 
+	// #endregion
+
+	// #region User
+
+	'user-submitted-personalization-survey': {
+		userId: string;
+		answers: Record<string, string>;
+	};
+
 	'user-deleted': {
 		user: UserLike;
+		publicApi: boolean;
+		targetUserOldStatus: 'active' | 'invited';
+		migrationStrategy?: 'transfer_data' | 'delete_data';
+		targetUserId?: string;
+		migrationUserId?: string;
 	};
 
 	'user-invited': {
 		user: UserLike;
 		targetUserId: string[];
+		publicApi: boolean;
+		emailSent: boolean;
+		inviteeRole: string;
 	};
 
 	'user-reinvited': {
@@ -86,6 +138,8 @@ export type Event = {
 
 	'user-signed-up': {
 		user: UserLike;
+		userType: AuthProviderType;
+		wasDisabledLdapUser: boolean;
 	};
 
 	'user-logged-in': {
@@ -99,6 +153,47 @@ export type Event = {
 		reason?: string;
 	};
 
+	'user-changed-role': {
+		userId: string;
+		targetUserId: string;
+		publicApi: boolean;
+		targetUserNewRole: string;
+	};
+
+	'user-retrieved-user': {
+		userId: string;
+		publicApi: boolean;
+	};
+
+	'user-retrieved-all-users': {
+		userId: string;
+		publicApi: boolean;
+	};
+
+	'user-retrieved-execution': {
+		userId: string;
+		publicApi: boolean;
+	};
+
+	'user-retrieved-all-executions': {
+		userId: string;
+		publicApi: boolean;
+	};
+
+	'user-retrieved-workflow': {
+		userId: string;
+		publicApi: boolean;
+	};
+
+	'user-retrieved-all-workflows': {
+		userId: string;
+		publicApi: boolean;
+	};
+
+	// #endregion
+
+	// #region Click
+
 	'user-invite-email-click': {
 		inviter: UserLike;
 		invitee: UserLike;
@@ -112,6 +207,31 @@ export type Event = {
 		user: UserLike;
 	};
 
+	'user-transactional-email-sent': {
+		userId: string;
+		messageType:
+			| 'Reset password'
+			| 'New user invite'
+			| 'Resend invite'
+			| 'Workflow shared'
+			| 'Credentials shared';
+		publicApi: boolean;
+	};
+
+	// #endregion
+
+	// #region Public API
+
+	'public-api-key-created': {
+		user: UserLike;
+		publicApi: boolean;
+	};
+
+	'public-api-key-deleted': {
+		user: UserLike;
+		publicApi: boolean;
+	};
+
 	'public-api-invoked': {
 		userId: string;
 		path: string;
@@ -119,6 +239,10 @@ export type Event = {
 		apiVersion: string;
 	};
 
+	// #endregion
+
+	// #region Email
+
 	'email-failed': {
 		user: UserLike;
 		messageType:
@@ -127,8 +251,13 @@ export type Event = {
 			| 'Resend invite'
 			| 'Workflow shared'
 			| 'Credentials shared';
+		publicApi: boolean;
 	};
 
+	// #endregion
+
+	// #region Credentials
+
 	'credentials-created': {
 		user: UserLike;
 		credentialType: string;
@@ -159,6 +288,10 @@ export type Event = {
 		credentialId: string;
 	};
 
+	// #endregion
+
+	// #region Community package
+
 	'community-package-installed': {
 		user: UserLike;
 		inputString: string;
@@ -190,6 +323,10 @@ export type Event = {
 		packageAuthorEmail?: string;
 	};
 
+	// #endregion
+
+	// #region Execution
+
 	'execution-throttled': {
 		executionId: string;
 	};
@@ -198,6 +335,10 @@ export type Event = {
 		executionId: string;
 	};
 
+	// #endregion
+
+	// #region Project
+
 	'team-project-updated': {
 		userId: string;
 		role: GlobalRole;
@@ -221,6 +362,10 @@ export type Event = {
 		role: GlobalRole;
 	};
 
+	// #endregion
+
+	// #region Source control
+
 	'source-control-settings-updated': {
 		branchName: string;
 		readOnlyInstance: boolean;
@@ -258,12 +403,24 @@ export type Event = {
 		variablesPushed: number;
 	};
 
+	// #endregion
+
+	// #region License
+
 	'license-renewal-attempted': {
 		success: boolean;
 	};
 
+	// #endregion
+
+	// #region Variable
+
 	'variable-created': {};
 
+	// #endregion
+
+	// #region External secrets
+
 	'external-secrets-provider-settings-saved': {
 		userId?: string;
 		vaultType: string;
@@ -272,6 +429,10 @@ export type Event = {
 		errorMessage?: string;
 	};
 
+	// #endregion
+
+	// #region LDAP
+
 	'ldap-general-sync-finished': {
 		type: string;
 		succeeded: boolean;
@@ -302,17 +463,5 @@ export type Event = {
 		userId: string;
 	};
 
-	/**
-	 * Events listened to by more than one relay
-	 */
-
-	'public-api-key-created': {
-		user: UserLike; // audit and telemetry
-		publicApi: boolean; // telemetry only
-	};
-
-	'public-api-key-deleted': {
-		user: UserLike; // audit and telemetry
-		publicApi: boolean; // telemetry only
-	};
+	// #endregion
 };
diff --git a/packages/cli/src/events/telemetry-event-relay.ts b/packages/cli/src/events/telemetry-event-relay.ts
new file mode 100644
index 0000000000000..6b0ae37a44307
--- /dev/null
+++ b/packages/cli/src/events/telemetry-event-relay.ts
@@ -0,0 +1,999 @@
+import { Service } from 'typedi';
+import { EventService } from '@/events/event.service';
+import type { RelayEventMap } from '@/events/relay-event-map';
+import { Telemetry } from '../telemetry';
+import config from '@/config';
+import os from 'node:os';
+import { License } from '@/License';
+import { GlobalConfig } from '@n8n/config';
+import { N8N_VERSION } from '@/constants';
+import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
+import type { ExecutionStatus, INodesGraphResult, ITelemetryTrackProperties } from 'n8n-workflow';
+import { get as pslGet } from 'psl';
+import { TelemetryHelpers } from 'n8n-workflow';
+import { NodeTypes } from '@/NodeTypes';
+import { SharedWorkflowRepository } from '@/databases/repositories/sharedWorkflow.repository';
+import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
+import type { IExecutionTrackProperties } from '@/Interfaces';
+import { determineFinalExecutionStatus } from '@/executionLifecycleHooks/shared/sharedHookFunctions';
+import { EventRelay } from './event-relay';
+import { snakeCase } from 'change-case';
+
+@Service()
+export class TelemetryEventRelay extends EventRelay {
+	constructor(
+		readonly eventService: EventService,
+		private readonly telemetry: Telemetry,
+		private readonly license: License,
+		private readonly globalConfig: GlobalConfig,
+		private readonly workflowRepository: WorkflowRepository,
+		private readonly nodeTypes: NodeTypes,
+		private readonly sharedWorkflowRepository: SharedWorkflowRepository,
+		private readonly projectRelationRepository: ProjectRelationRepository,
+	) {
+		super(eventService);
+	}
+
+	async init() {
+		if (!config.getEnv('diagnostics.enabled')) return;
+
+		await this.telemetry.init();
+
+		this.setupListeners({
+			'team-project-updated': (event) => this.teamProjectUpdated(event),
+			'team-project-deleted': (event) => this.teamProjectDeleted(event),
+			'team-project-created': (event) => this.teamProjectCreated(event),
+			'source-control-settings-updated': (event) => this.sourceControlSettingsUpdated(event),
+			'source-control-user-started-pull-ui': (event) => this.sourceControlUserStartedPullUi(event),
+			'source-control-user-finished-pull-ui': (event) =>
+				this.sourceControlUserFinishedPullUi(event),
+			'source-control-user-pulled-api': (event) => this.sourceControlUserPulledApi(event),
+			'source-control-user-started-push-ui': (event) => this.sourceControlUserStartedPushUi(event),
+			'source-control-user-finished-push-ui': (event) =>
+				this.sourceControlUserFinishedPushUi(event),
+			'license-renewal-attempted': (event) => this.licenseRenewalAttempted(event),
+			'variable-created': () => this.variableCreated(),
+			'external-secrets-provider-settings-saved': (event) =>
+				this.externalSecretsProviderSettingsSaved(event),
+			'public-api-invoked': (event) => this.publicApiInvoked(event),
+			'public-api-key-created': (event) => this.publicApiKeyCreated(event),
+			'public-api-key-deleted': (event) => this.publicApiKeyDeleted(event),
+			'community-package-installed': (event) => this.communityPackageInstalled(event),
+			'community-package-updated': (event) => this.communityPackageUpdated(event),
+			'community-package-deleted': (event) => this.communityPackageDeleted(event),
+			'credentials-created': (event) => this.credentialsCreated(event),
+			'credentials-shared': (event) => this.credentialsShared(event),
+			'credentials-updated': (event) => this.credentialsUpdated(event),
+			'credentials-deleted': (event) => this.credentialsDeleted(event),
+			'ldap-general-sync-finished': (event) => this.ldapGeneralSyncFinished(event),
+			'ldap-settings-updated': (event) => this.ldapSettingsUpdated(event),
+			'ldap-login-sync-failed': (event) => this.ldapLoginSyncFailed(event),
+			'login-failed-due-to-ldap-disabled': (event) => this.loginFailedDueToLdapDisabled(event),
+			'workflow-created': (event) => this.workflowCreated(event),
+			'workflow-deleted': (event) => this.workflowDeleted(event),
+			'workflow-sharing-updated': (event) => this.workflowSharingUpdated(event),
+			'workflow-saved': async (event) => await this.workflowSaved(event),
+			'server-started': async () => await this.serverStarted(),
+			'session-started': (event) => this.sessionStarted(event),
+			'instance-stopped': () => this.instanceStopped(),
+			'instance-owner-setup': async (event) => await this.instanceOwnerSetup(event),
+			'first-production-workflow-succeeded': (event) =>
+				this.firstProductionWorkflowSucceeded(event),
+			'first-workflow-data-loaded': (event) => this.firstWorkflowDataLoaded(event),
+			'workflow-post-execute': async (event) => await this.workflowPostExecute(event),
+			'user-changed-role': (event) => this.userChangedRole(event),
+			'user-retrieved-user': (event) => this.userRetrievedUser(event),
+			'user-retrieved-all-users': (event) => this.userRetrievedAllUsers(event),
+			'user-retrieved-execution': (event) => this.userRetrievedExecution(event),
+			'user-retrieved-all-executions': (event) => this.userRetrievedAllExecutions(event),
+			'user-retrieved-workflow': (event) => this.userRetrievedWorkflow(event),
+			'user-retrieved-all-workflows': (event) => this.userRetrievedAllWorkflows(event),
+			'user-updated': (event) => this.userUpdated(event),
+			'user-deleted': (event) => this.userDeleted(event),
+			'user-invited': (event) => this.userInvited(event),
+			'user-signed-up': (event) => this.userSignedUp(event),
+			'user-submitted-personalization-survey': (event) =>
+				this.userSubmittedPersonalizationSurvey(event),
+			'email-failed': (event) => this.emailFailed(event),
+			'user-transactional-email-sent': (event) => this.userTransactionalEmailSent(event),
+			'user-invite-email-click': (event) => this.userInviteEmailClick(event),
+			'user-password-reset-email-click': (event) => this.userPasswordResetEmailClick(event),
+			'user-password-reset-request-click': (event) => this.userPasswordResetRequestClick(event),
+		});
+	}
+
+	// #endregion
+
+	// #region Team
+
+	private teamProjectUpdated({
+		userId,
+		role,
+		members,
+		projectId,
+	}: RelayEventMap['team-project-updated']) {
+		this.telemetry.track('Project settings updated', {
+			user_id: userId,
+			role,
+			// eslint-disable-next-line @typescript-eslint/no-shadow
+			members: members.map(({ userId: user_id, role }) => ({ user_id, role })),
+			project_id: projectId,
+		});
+	}
+
+	private teamProjectDeleted({
+		userId,
+		role,
+		projectId,
+		removalType,
+		targetProjectId,
+	}: RelayEventMap['team-project-deleted']) {
+		this.telemetry.track('User deleted project', {
+			user_id: userId,
+			role,
+			project_id: projectId,
+			removal_type: removalType,
+			target_project_id: targetProjectId,
+		});
+	}
+
+	private teamProjectCreated({ userId, role }: RelayEventMap['team-project-created']) {
+		this.telemetry.track('User created project', {
+			user_id: userId,
+			role,
+		});
+	}
+
+	// #endregion
+
+	// #region Source control
+
+	private sourceControlSettingsUpdated({
+		branchName,
+		readOnlyInstance,
+		repoType,
+		connected,
+	}: RelayEventMap['source-control-settings-updated']) {
+		this.telemetry.track('User updated source control settings', {
+			branch_name: branchName,
+			read_only_instance: readOnlyInstance,
+			repo_type: repoType,
+			connected,
+		});
+	}
+
+	private sourceControlUserStartedPullUi({
+		workflowUpdates,
+		workflowConflicts,
+		credConflicts,
+	}: RelayEventMap['source-control-user-started-pull-ui']) {
+		this.telemetry.track('User started pull via UI', {
+			workflow_updates: workflowUpdates,
+			workflow_conflicts: workflowConflicts,
+			cred_conflicts: credConflicts,
+		});
+	}
+
+	private sourceControlUserFinishedPullUi({
+		workflowUpdates,
+	}: RelayEventMap['source-control-user-finished-pull-ui']) {
+		this.telemetry.track('User finished pull via UI', {
+			workflow_updates: workflowUpdates,
+		});
+	}
+
+	private sourceControlUserPulledApi({
+		workflowUpdates,
+		forced,
+	}: RelayEventMap['source-control-user-pulled-api']) {
+		this.telemetry.track('User pulled via API', {
+			workflow_updates: workflowUpdates,
+			forced,
+		});
+	}
+
+	private sourceControlUserStartedPushUi({
+		workflowsEligible,
+		workflowsEligibleWithConflicts,
+		credsEligible,
+		credsEligibleWithConflicts,
+		variablesEligible,
+	}: RelayEventMap['source-control-user-started-push-ui']) {
+		this.telemetry.track('User started push via UI', {
+			workflows_eligible: workflowsEligible,
+			workflows_eligible_with_conflicts: workflowsEligibleWithConflicts,
+			creds_eligible: credsEligible,
+			creds_eligible_with_conflicts: credsEligibleWithConflicts,
+			variables_eligible: variablesEligible,
+		});
+	}
+
+	private sourceControlUserFinishedPushUi({
+		workflowsEligible,
+		workflowsPushed,
+		credsPushed,
+		variablesPushed,
+	}: RelayEventMap['source-control-user-finished-push-ui']) {
+		this.telemetry.track('User finished push via UI', {
+			workflows_eligible: workflowsEligible,
+			workflows_pushed: workflowsPushed,
+			creds_pushed: credsPushed,
+			variables_pushed: variablesPushed,
+		});
+	}
+
+	// #endregion
+
+	// #region License
+
+	private licenseRenewalAttempted({ success }: RelayEventMap['license-renewal-attempted']) {
+		this.telemetry.track('Instance attempted to refresh license', {
+			success,
+		});
+	}
+
+	// #endregion
+
+	// #region Variable
+
+	private variableCreated() {
+		this.telemetry.track('User created variable');
+	}
+
+	// #endregion
+
+	// #region External secrets
+
+	private externalSecretsProviderSettingsSaved({
+		userId,
+		vaultType,
+		isValid,
+		isNew,
+		errorMessage,
+	}: RelayEventMap['external-secrets-provider-settings-saved']) {
+		this.telemetry.track('User updated external secrets settings', {
+			user_id: userId,
+			vault_type: vaultType,
+			is_valid: isValid,
+			is_new: isNew,
+			error_message: errorMessage,
+		});
+	}
+
+	// #endregion
+
+	// #region Public API
+
+	private publicApiInvoked({
+		userId,
+		path,
+		method,
+		apiVersion,
+	}: RelayEventMap['public-api-invoked']) {
+		this.telemetry.track('User invoked API', {
+			user_id: userId,
+			path,
+			method,
+			api_version: apiVersion,
+		});
+	}
+
+	private publicApiKeyCreated(event: RelayEventMap['public-api-key-created']) {
+		const { user, publicApi } = event;
+
+		this.telemetry.track('API key created', {
+			user_id: user.id,
+			public_api: publicApi,
+		});
+	}
+
+	private publicApiKeyDeleted(event: RelayEventMap['public-api-key-deleted']) {
+		const { user, publicApi } = event;
+
+		this.telemetry.track('API key deleted', {
+			user_id: user.id,
+			public_api: publicApi,
+		});
+	}
+
+	// #endregion
+
+	// #region Community package
+
+	private communityPackageInstalled({
+		user,
+		inputString,
+		packageName,
+		success,
+		packageVersion,
+		packageNodeNames,
+		packageAuthor,
+		packageAuthorEmail,
+		failureReason,
+	}: RelayEventMap['community-package-installed']) {
+		this.telemetry.track('cnr package install finished', {
+			user_id: user.id,
+			input_string: inputString,
+			package_name: packageName,
+			success,
+			package_version: packageVersion,
+			package_node_names: packageNodeNames,
+			package_author: packageAuthor,
+			package_author_email: packageAuthorEmail,
+			failure_reason: failureReason,
+		});
+	}
+
+	private communityPackageUpdated({
+		user,
+		packageName,
+		packageVersionCurrent,
+		packageVersionNew,
+		packageNodeNames,
+		packageAuthor,
+		packageAuthorEmail,
+	}: RelayEventMap['community-package-updated']) {
+		this.telemetry.track('cnr package updated', {
+			user_id: user.id,
+			package_name: packageName,
+			package_version_current: packageVersionCurrent,
+			package_version_new: packageVersionNew,
+			package_node_names: packageNodeNames,
+			package_author: packageAuthor,
+			package_author_email: packageAuthorEmail,
+		});
+	}
+
+	private communityPackageDeleted({
+		user,
+		packageName,
+		packageVersion,
+		packageNodeNames,
+		packageAuthor,
+		packageAuthorEmail,
+	}: RelayEventMap['community-package-deleted']) {
+		this.telemetry.track('cnr package deleted', {
+			user_id: user.id,
+			package_name: packageName,
+			package_version: packageVersion,
+			package_node_names: packageNodeNames,
+			package_author: packageAuthor,
+			package_author_email: packageAuthorEmail,
+		});
+	}
+
+	// #endregion
+
+	// #region Credentials
+
+	private credentialsCreated({
+		user,
+		credentialType,
+		credentialId,
+		projectId,
+		projectType,
+	}: RelayEventMap['credentials-created']) {
+		this.telemetry.track('User created credentials', {
+			user_id: user.id,
+			credential_type: credentialType,
+			credential_id: credentialId,
+			project_id: projectId,
+			project_type: projectType,
+		});
+	}
+
+	private credentialsShared({
+		user,
+		credentialType,
+		credentialId,
+		userIdSharer,
+		userIdsShareesAdded,
+		shareesRemoved,
+	}: RelayEventMap['credentials-shared']) {
+		this.telemetry.track('User updated cred sharing', {
+			user_id: user.id,
+			credential_type: credentialType,
+			credential_id: credentialId,
+			user_id_sharer: userIdSharer,
+			user_ids_sharees_added: userIdsShareesAdded,
+			sharees_removed: shareesRemoved,
+		});
+	}
+
+	private credentialsUpdated({
+		user,
+		credentialId,
+		credentialType,
+	}: RelayEventMap['credentials-updated']) {
+		this.telemetry.track('User updated credentials', {
+			user_id: user.id,
+			credential_type: credentialType,
+			credential_id: credentialId,
+		});
+	}
+
+	private credentialsDeleted({
+		user,
+		credentialId,
+		credentialType,
+	}: RelayEventMap['credentials-deleted']) {
+		this.telemetry.track('User deleted credentials', {
+			user_id: user.id,
+			credential_type: credentialType,
+			credential_id: credentialId,
+		});
+	}
+
+	// #endregion
+
+	// #region LDAP
+
+	private ldapGeneralSyncFinished({
+		type,
+		succeeded,
+		usersSynced,
+		error,
+	}: RelayEventMap['ldap-general-sync-finished']) {
+		this.telemetry.track('Ldap general sync finished', {
+			type,
+			succeeded,
+			users_synced: usersSynced,
+			error,
+		});
+	}
+
+	private ldapSettingsUpdated({
+		userId,
+		loginIdAttribute,
+		firstNameAttribute,
+		lastNameAttribute,
+		emailAttribute,
+		ldapIdAttribute,
+		searchPageSize,
+		searchTimeout,
+		synchronizationEnabled,
+		synchronizationInterval,
+		loginLabel,
+		loginEnabled,
+	}: RelayEventMap['ldap-settings-updated']) {
+		this.telemetry.track('User updated Ldap settings', {
+			user_id: userId,
+			loginIdAttribute,
+			firstNameAttribute,
+			lastNameAttribute,
+			emailAttribute,
+			ldapIdAttribute,
+			searchPageSize,
+			searchTimeout,
+			synchronizationEnabled,
+			synchronizationInterval,
+			loginLabel,
+			loginEnabled,
+		});
+	}
+
+	private ldapLoginSyncFailed({ error }: RelayEventMap['ldap-login-sync-failed']) {
+		this.telemetry.track('Ldap login sync failed', { error });
+	}
+
+	private loginFailedDueToLdapDisabled({
+		userId,
+	}: RelayEventMap['login-failed-due-to-ldap-disabled']) {
+		this.telemetry.track('User login failed since ldap disabled', { user_ud: userId });
+	}
+
+	// #endregion
+
+	// #region Workflow
+
+	private workflowCreated({
+		user,
+		workflow,
+		publicApi,
+		projectId,
+		projectType,
+	}: RelayEventMap['workflow-created']) {
+		const { nodeGraph } = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
+
+		this.telemetry.track('User created workflow', {
+			user_id: user.id,
+			workflow_id: workflow.id,
+			node_graph_string: JSON.stringify(nodeGraph),
+			public_api: publicApi,
+			project_id: projectId,
+			project_type: projectType,
+		});
+	}
+
+	private workflowDeleted({ user, workflowId, publicApi }: RelayEventMap['workflow-deleted']) {
+		this.telemetry.track('User deleted workflow', {
+			user_id: user.id,
+			workflow_id: workflowId,
+			public_api: publicApi,
+		});
+	}
+
+	private workflowSharingUpdated({
+		workflowId,
+		userIdSharer,
+		userIdList,
+	}: RelayEventMap['workflow-sharing-updated']) {
+		this.telemetry.track('User updated workflow sharing', {
+			workflow_id: workflowId,
+			user_id_sharer: userIdSharer,
+			user_id_list: userIdList,
+		});
+	}
+
+	private async workflowSaved({ user, workflow, publicApi }: RelayEventMap['workflow-saved']) {
+		const isCloudDeployment = config.getEnv('deployment.type') === 'cloud';
+
+		const { nodeGraph } = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes, {
+			isCloudDeployment,
+		});
+
+		let userRole: 'owner' | 'sharee' | 'member' | undefined = undefined;
+		const role = await this.sharedWorkflowRepository.findSharingRole(user.id, workflow.id);
+		if (role) {
+			userRole = role === 'workflow:owner' ? 'owner' : 'sharee';
+		} else {
+			const workflowOwner = await this.sharedWorkflowRepository.getWorkflowOwningProject(
+				workflow.id,
+			);
+
+			if (workflowOwner) {
+				const projectRole = await this.projectRelationRepository.findProjectRole({
+					userId: user.id,
+					projectId: workflowOwner.id,
+				});
+
+				if (projectRole && projectRole !== 'project:personalOwner') {
+					userRole = 'member';
+				}
+			}
+		}
+
+		const notesCount = Object.keys(nodeGraph.notes).length;
+		const overlappingCount = Object.values(nodeGraph.notes).filter(
+			(note) => note.overlapping,
+		).length;
+
+		this.telemetry.track('User saved workflow', {
+			user_id: user.id,
+			workflow_id: workflow.id,
+			node_graph_string: JSON.stringify(nodeGraph),
+			notes_count_overlapping: overlappingCount,
+			notes_count_non_overlapping: notesCount - overlappingCount,
+			version_cli: N8N_VERSION,
+			num_tags: workflow.tags?.length ?? 0,
+			public_api: publicApi,
+			sharing_role: userRole,
+		});
+	}
+
+	// eslint-disable-next-line complexity
+	private async workflowPostExecute({
+		workflow,
+		runData,
+		userId,
+	}: RelayEventMap['workflow-post-execute']) {
+		if (!workflow.id) {
+			return;
+		}
+
+		if (runData?.status === 'waiting') {
+			// No need to send telemetry or logs when the workflow hasn't finished yet.
+			return;
+		}
+
+		const telemetryProperties: IExecutionTrackProperties = {
+			workflow_id: workflow.id,
+			is_manual: false,
+			version_cli: N8N_VERSION,
+			success: false,
+		};
+
+		if (userId) {
+			telemetryProperties.user_id = userId;
+		}
+
+		if (runData?.data.resultData.error?.message?.includes('canceled')) {
+			runData.status = 'canceled';
+		}
+
+		telemetryProperties.success = !!runData?.finished;
+
+		// const executionStatus: ExecutionStatus = runData?.status ?? 'unknown';
+		const executionStatus: ExecutionStatus = runData
+			? determineFinalExecutionStatus(runData)
+			: 'unknown';
+
+		if (runData !== undefined) {
+			telemetryProperties.execution_mode = runData.mode;
+			telemetryProperties.is_manual = runData.mode === 'manual';
+
+			let nodeGraphResult: INodesGraphResult | null = null;
+
+			if (!telemetryProperties.success && runData?.data.resultData.error) {
+				telemetryProperties.error_message = runData?.data.resultData.error.message;
+				let errorNodeName =
+					'node' in runData?.data.resultData.error
+						? runData?.data.resultData.error.node?.name
+						: undefined;
+				telemetryProperties.error_node_type =
+					'node' in runData?.data.resultData.error
+						? runData?.data.resultData.error.node?.type
+						: undefined;
+
+				if (runData.data.resultData.lastNodeExecuted) {
+					const lastNode = TelemetryHelpers.getNodeTypeForName(
+						workflow,
+						runData.data.resultData.lastNodeExecuted,
+					);
+
+					if (lastNode !== undefined) {
+						telemetryProperties.error_node_type = lastNode.type;
+						errorNodeName = lastNode.name;
+					}
+				}
+
+				if (telemetryProperties.is_manual) {
+					nodeGraphResult = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
+					telemetryProperties.node_graph = nodeGraphResult.nodeGraph;
+					telemetryProperties.node_graph_string = JSON.stringify(nodeGraphResult.nodeGraph);
+
+					if (errorNodeName) {
+						telemetryProperties.error_node_id = nodeGraphResult.nameIndices[errorNodeName];
+					}
+				}
+			}
+
+			if (telemetryProperties.is_manual) {
+				if (!nodeGraphResult) {
+					nodeGraphResult = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
+				}
+
+				let userRole: 'owner' | 'sharee' | undefined = undefined;
+				if (userId) {
+					const role = await this.sharedWorkflowRepository.findSharingRole(userId, workflow.id);
+					if (role) {
+						userRole = role === 'workflow:owner' ? 'owner' : 'sharee';
+					}
+				}
+
+				const manualExecEventProperties: ITelemetryTrackProperties = {
+					user_id: userId,
+					workflow_id: workflow.id,
+					status: executionStatus,
+					executionStatus: runData?.status ?? 'unknown',
+					error_message: telemetryProperties.error_message as string,
+					error_node_type: telemetryProperties.error_node_type,
+					node_graph_string: telemetryProperties.node_graph_string as string,
+					error_node_id: telemetryProperties.error_node_id as string,
+					webhook_domain: null,
+					sharing_role: userRole,
+				};
+
+				if (!manualExecEventProperties.node_graph_string) {
+					nodeGraphResult = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
+					manualExecEventProperties.node_graph_string = JSON.stringify(nodeGraphResult.nodeGraph);
+				}
+
+				if (runData.data.startData?.destinationNode) {
+					const telemetryPayload = {
+						...manualExecEventProperties,
+						node_type: TelemetryHelpers.getNodeTypeForName(
+							workflow,
+							runData.data.startData?.destinationNode,
+						)?.type,
+						node_id: nodeGraphResult.nameIndices[runData.data.startData?.destinationNode],
+					};
+
+					this.telemetry.track('Manual node exec finished', telemetryPayload);
+				} else {
+					nodeGraphResult.webhookNodeNames.forEach((name: string) => {
+						const execJson = runData.data.resultData.runData[name]?.[0]?.data?.main?.[0]?.[0]
+							?.json as { headers?: { origin?: string } };
+						if (execJson?.headers?.origin && execJson.headers.origin !== '') {
+							manualExecEventProperties.webhook_domain = pslGet(
+								execJson.headers.origin.replace(/^https?:\/\//, ''),
+							);
+						}
+					});
+
+					this.telemetry.track('Manual workflow exec finished', manualExecEventProperties);
+				}
+			}
+		}
+
+		this.telemetry.trackWorkflowExecution(telemetryProperties);
+	}
+
+	// #endregion
+
+	// #region Lifecycle
+
+	private async serverStarted() {
+		const cpus = os.cpus();
+		const binaryDataConfig = config.getEnv('binaryDataManager');
+
+		const isS3Selected = config.getEnv('binaryDataManager.mode') === 's3';
+		const isS3Available = config.getEnv('binaryDataManager.availableModes').includes('s3');
+		const isS3Licensed = this.license.isBinaryDataS3Licensed();
+		const authenticationMethod = config.getEnv('userManagement.authenticationMethod');
+
+		const info = {
+			version_cli: N8N_VERSION,
+			db_type: this.globalConfig.database.type,
+			n8n_version_notifications_enabled: this.globalConfig.versionNotifications.enabled,
+			n8n_disable_production_main_process:
+				this.globalConfig.endpoints.disableProductionWebhooksOnMainProcess,
+			system_info: {
+				os: {
+					type: os.type(),
+					version: os.version(),
+				},
+				memory: os.totalmem() / 1024,
+				cpus: {
+					count: cpus.length,
+					model: cpus[0].model,
+					speed: cpus[0].speed,
+				},
+			},
+			execution_variables: {
+				executions_mode: config.getEnv('executions.mode'),
+				executions_timeout: config.getEnv('executions.timeout'),
+				executions_timeout_max: config.getEnv('executions.maxTimeout'),
+				executions_data_save_on_error: config.getEnv('executions.saveDataOnError'),
+				executions_data_save_on_success: config.getEnv('executions.saveDataOnSuccess'),
+				executions_data_save_on_progress: config.getEnv('executions.saveExecutionProgress'),
+				executions_data_save_manual_executions: config.getEnv(
+					'executions.saveDataManualExecutions',
+				),
+				executions_data_prune: config.getEnv('executions.pruneData'),
+				executions_data_max_age: config.getEnv('executions.pruneDataMaxAge'),
+			},
+			n8n_deployment_type: config.getEnv('deployment.type'),
+			n8n_binary_data_mode: binaryDataConfig.mode,
+			smtp_set_up: this.globalConfig.userManagement.emails.mode === 'smtp',
+			ldap_allowed: authenticationMethod === 'ldap',
+			saml_enabled: authenticationMethod === 'saml',
+			license_plan_name: this.license.getPlanName(),
+			license_tenant_id: config.getEnv('license.tenantId'),
+			binary_data_s3: isS3Available && isS3Selected && isS3Licensed,
+			multi_main_setup_enabled: config.getEnv('multiMainSetup.enabled'),
+		};
+
+		const firstWorkflow = await this.workflowRepository.findOne({
+			select: ['createdAt'],
+			order: { createdAt: 'ASC' },
+			where: {},
+		});
+
+		this.telemetry.identify(info);
+		this.telemetry.track('Instance started', {
+			...info,
+			earliest_workflow_created: firstWorkflow?.createdAt,
+		});
+	}
+
+	private sessionStarted({ pushRef }: RelayEventMap['session-started']) {
+		this.telemetry.track('Session started', { session_id: pushRef });
+	}
+
+	private instanceStopped() {
+		this.telemetry.track('User instance stopped');
+	}
+
+	private async instanceOwnerSetup({ userId }: RelayEventMap['instance-owner-setup']) {
+		this.telemetry.track('Owner finished instance setup', { user_id: userId });
+	}
+
+	private firstProductionWorkflowSucceeded({
+		projectId,
+		workflowId,
+		userId,
+	}: RelayEventMap['first-production-workflow-succeeded']) {
+		this.telemetry.track('Workflow first prod success', {
+			project_id: projectId,
+			workflow_id: workflowId,
+			user_id: userId,
+		});
+	}
+
+	private firstWorkflowDataLoaded({
+		userId,
+		workflowId,
+		nodeType,
+		nodeId,
+		credentialType,
+		credentialId,
+	}: RelayEventMap['first-workflow-data-loaded']) {
+		this.telemetry.track('Workflow first data fetched', {
+			user_id: userId,
+			workflow_id: workflowId,
+			node_type: nodeType,
+			node_id: nodeId,
+			credential_type: credentialType,
+			credential_id: credentialId,
+		});
+	}
+
+	// #endregion
+
+	// #region User
+
+	private userChangedRole({
+		userId,
+		targetUserId,
+		targetUserNewRole,
+		publicApi,
+	}: RelayEventMap['user-changed-role']) {
+		this.telemetry.track('User changed role', {
+			user_id: userId,
+			target_user_id: targetUserId,
+			target_user_new_role: targetUserNewRole,
+			public_api: publicApi,
+		});
+	}
+
+	private userRetrievedUser({ userId, publicApi }: RelayEventMap['user-retrieved-user']) {
+		this.telemetry.track('User retrieved user', {
+			user_id: userId,
+			public_api: publicApi,
+		});
+	}
+
+	private userRetrievedAllUsers({ userId, publicApi }: RelayEventMap['user-retrieved-all-users']) {
+		this.telemetry.track('User retrieved all users', {
+			user_id: userId,
+			public_api: publicApi,
+		});
+	}
+
+	private userRetrievedExecution({ userId, publicApi }: RelayEventMap['user-retrieved-execution']) {
+		this.telemetry.track('User retrieved execution', {
+			user_id: userId,
+			public_api: publicApi,
+		});
+	}
+
+	private userRetrievedAllExecutions({
+		userId,
+		publicApi,
+	}: RelayEventMap['user-retrieved-all-executions']) {
+		this.telemetry.track('User retrieved all executions', {
+			user_id: userId,
+			public_api: publicApi,
+		});
+	}
+
+	private userRetrievedWorkflow({ userId, publicApi }: RelayEventMap['user-retrieved-workflow']) {
+		this.telemetry.track('User retrieved workflow', {
+			user_id: userId,
+			public_api: publicApi,
+		});
+	}
+
+	private userRetrievedAllWorkflows({
+		userId,
+		publicApi,
+	}: RelayEventMap['user-retrieved-all-workflows']) {
+		this.telemetry.track('User retrieved all workflows', {
+			user_id: userId,
+			public_api: publicApi,
+		});
+	}
+
+	private userUpdated({ user, fieldsChanged }: RelayEventMap['user-updated']) {
+		this.telemetry.track('User changed personal settings', {
+			user_id: user.id,
+			fields_changed: fieldsChanged,
+		});
+	}
+
+	private userDeleted({
+		user,
+		publicApi,
+		targetUserOldStatus,
+		migrationStrategy,
+		targetUserId,
+		migrationUserId,
+	}: RelayEventMap['user-deleted']) {
+		this.telemetry.track('User deleted user', {
+			user_id: user.id,
+			public_api: publicApi,
+			target_user_old_status: targetUserOldStatus,
+			migration_strategy: migrationStrategy,
+			target_user_id: targetUserId,
+			migration_user_id: migrationUserId,
+		});
+	}
+
+	private userInvited({
+		user,
+		targetUserId,
+		publicApi,
+		emailSent,
+		inviteeRole,
+	}: RelayEventMap['user-invited']) {
+		this.telemetry.track('User invited new user', {
+			user_id: user.id,
+			target_user_id: targetUserId,
+			public_api: publicApi,
+			email_sent: emailSent,
+			invitee_role: inviteeRole,
+		});
+	}
+
+	private userSignedUp({ user, userType, wasDisabledLdapUser }: RelayEventMap['user-signed-up']) {
+		this.telemetry.track('User signed up', {
+			user_id: user.id,
+			user_type: userType,
+			was_disabled_ldap_user: wasDisabledLdapUser,
+		});
+	}
+
+	private userSubmittedPersonalizationSurvey({
+		userId,
+		answers,
+	}: RelayEventMap['user-submitted-personalization-survey']) {
+		const camelCaseKeys = Object.keys(answers);
+		const personalizationSurveyData = { user_id: userId } as Record<string, string | string[]>;
+		camelCaseKeys.forEach((camelCaseKey) => {
+			personalizationSurveyData[snakeCase(camelCaseKey)] = answers[camelCaseKey];
+		});
+
+		this.telemetry.track('User responded to personalization questions', personalizationSurveyData);
+	}
+
+	// #endregion
+
+	// #region Email
+
+	private emailFailed({ user, messageType, publicApi }: RelayEventMap['email-failed']) {
+		this.telemetry.track('Instance failed to send transactional email to user', {
+			user_id: user.id,
+			message_type: messageType,
+			public_api: publicApi,
+		});
+	}
+
+	private userTransactionalEmailSent({
+		userId,
+		messageType,
+		publicApi,
+	}: RelayEventMap['user-transactional-email-sent']) {
+		this.telemetry.track('User sent transactional email', {
+			user_id: userId,
+			message_type: messageType,
+			public_api: publicApi,
+		});
+	}
+
+	// #endregion
+
+	// #region Click
+
+	private userInviteEmailClick({ invitee }: RelayEventMap['user-invite-email-click']) {
+		this.telemetry.track('User clicked invite link from email', {
+			user_id: invitee.id,
+		});
+	}
+
+	private userPasswordResetEmailClick({ user }: RelayEventMap['user-password-reset-email-click']) {
+		this.telemetry.track('User clicked password reset link from email', {
+			user_id: user.id,
+		});
+	}
+
+	private userPasswordResetRequestClick({
+		user,
+	}: RelayEventMap['user-password-reset-request-click']) {
+		this.telemetry.track('User requested password reset while logged out', {
+			user_id: user.id,
+		});
+	}
+
+	// #endregion
+}
diff --git a/packages/cli/test/unit/execution-lifecyle/restoreBinaryDataId.test.ts b/packages/cli/src/executionLifecycleHooks/__tests__/restoreBinaryDataId.test.ts
similarity index 97%
rename from packages/cli/test/unit/execution-lifecyle/restoreBinaryDataId.test.ts
rename to packages/cli/src/executionLifecycleHooks/__tests__/restoreBinaryDataId.test.ts
index 3fcdb79c72c7e..ea962882bd782 100644
--- a/packages/cli/test/unit/execution-lifecyle/restoreBinaryDataId.test.ts
+++ b/packages/cli/src/executionLifecycleHooks/__tests__/restoreBinaryDataId.test.ts
@@ -1,6 +1,6 @@
 import { restoreBinaryDataId } from '@/executionLifecycleHooks/restoreBinaryDataId';
 import { BinaryDataService } from 'n8n-core';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 import type { IRun } from 'n8n-workflow';
 import config from '@/config';
@@ -24,7 +24,7 @@ function toIRun(item?: object) {
 }
 
 function getDataId(run: IRun, kind: 'binary' | 'json') {
-	// @ts-ignore
+	// @ts-expect-error The type doesn't have the correct structure
 	return run.data.resultData.runData.myNode[0].data.main[0][0][kind].data.id;
 }
 
diff --git a/packages/cli/test/unit/execution-lifecyle/saveExecutionProgress.test.ts b/packages/cli/src/executionLifecycleHooks/__tests__/saveExecutionProgress.test.ts
similarity index 98%
rename from packages/cli/test/unit/execution-lifecyle/saveExecutionProgress.test.ts
rename to packages/cli/src/executionLifecycleHooks/__tests__/saveExecutionProgress.test.ts
index 4235e56ecbad3..9b1faa7f60540 100644
--- a/packages/cli/test/unit/execution-lifecyle/saveExecutionProgress.test.ts
+++ b/packages/cli/src/executionLifecycleHooks/__tests__/saveExecutionProgress.test.ts
@@ -1,5 +1,5 @@
 import { ExecutionRepository } from '@/databases/repositories/execution.repository';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { Logger } from '@/Logger';
 import { saveExecutionProgress } from '@/executionLifecycleHooks/saveExecutionProgress';
 import * as fnModule from '@/executionLifecycleHooks/toSaveSettings';
diff --git a/packages/cli/test/unit/execution-lifecyle/toSaveSettings.test.ts b/packages/cli/src/executionLifecycleHooks/__tests__/toSaveSettings.test.ts
similarity index 98%
rename from packages/cli/test/unit/execution-lifecyle/toSaveSettings.test.ts
rename to packages/cli/src/executionLifecycleHooks/__tests__/toSaveSettings.test.ts
index 6fc516a0ea214..57379e0e73055 100644
--- a/packages/cli/test/unit/execution-lifecyle/toSaveSettings.test.ts
+++ b/packages/cli/src/executionLifecycleHooks/__tests__/toSaveSettings.test.ts
@@ -35,7 +35,7 @@ describe('failed production executions', () => {
 	});
 });
 
-describe('sucessful production executions', () => {
+describe('successful production executions', () => {
 	it('should favor workflow settings over defaults', () => {
 		config.set('executions.saveDataOnSuccess', 'none');
 
diff --git a/packages/cli/src/executions/__tests__/execution-recovery.service.test.ts b/packages/cli/src/executions/__tests__/execution-recovery.service.test.ts
index 7e33c6ac74a8a..f72c81a3cad53 100644
--- a/packages/cli/src/executions/__tests__/execution-recovery.service.test.ts
+++ b/packages/cli/src/executions/__tests__/execution-recovery.service.test.ts
@@ -1,6 +1,7 @@
 import Container from 'typedi';
 import { stringify } from 'flatted';
 import { randomInt } from 'n8n-workflow';
+import { InstanceSettings } from 'n8n-core';
 
 import { mockInstance } from '@test/mocking';
 import { createWorkflow } from '@test-integration/db/workflows';
@@ -8,11 +9,8 @@ import { createExecution } from '@test-integration/db/executions';
 import * as testDb from '@test-integration/testDb';
 
 import { mock } from 'jest-mock-extended';
-import { OrchestrationService } from '@/services/orchestration.service';
-import config from '@/config';
 import { ExecutionRecoveryService } from '@/executions/execution-recovery.service';
 import { ExecutionRepository } from '@/databases/repositories/execution.repository';
-import { InternalHooks } from '@/InternalHooks';
 import { Push } from '@/push';
 import { ARTIFICIAL_TASK_DATA } from '@/constants';
 import { NodeCrashedError } from '@/errors/node-crashed.error';
@@ -21,116 +19,48 @@ import { EventMessageNode } from '@/eventbus/EventMessageClasses/EventMessageNod
 import { IN_PROGRESS_EXECUTION_DATA, OOM_WORKFLOW } from './constants';
 import { setupMessages } from './utils';
 
-import type { EventService } from '@/eventbus/event.service';
 import type { EventMessageTypes as EventMessage } from '@/eventbus/EventMessageClasses';
-import type { Logger } from '@/Logger';
 
 describe('ExecutionRecoveryService', () => {
-	let push: Push;
+	const push = mockInstance(Push);
+	const instanceSettings = new InstanceSettings();
+
 	let executionRecoveryService: ExecutionRecoveryService;
-	let orchestrationService: OrchestrationService;
 	let executionRepository: ExecutionRepository;
 
 	beforeAll(async () => {
 		await testDb.init();
-		push = mockInstance(Push);
 		executionRepository = Container.get(ExecutionRepository);
-		orchestrationService = Container.get(OrchestrationService);
 
-		mockInstance(InternalHooks);
 		executionRecoveryService = new ExecutionRecoveryService(
-			mock<Logger>(),
+			mock(),
+			instanceSettings,
 			push,
 			executionRepository,
-			orchestrationService,
-			mock<EventService>(),
+			mock(),
 		);
 	});
 
 	beforeEach(() => {
-		config.set('instanceRole', 'leader');
+		instanceSettings.markAsLeader();
 	});
 
 	afterEach(async () => {
-		config.load(config.default);
 		jest.restoreAllMocks();
 		await testDb.truncate(['Execution', 'ExecutionData', 'Workflow']);
-		executionRecoveryService.shutdown();
 	});
 
 	afterAll(async () => {
 		await testDb.terminate();
 	});
 
-	describe('scheduleQueueRecovery', () => {
-		describe('queue mode', () => {
-			it('if leader, should schedule queue recovery', () => {
-				/**
-				 * Arrange
-				 */
-				config.set('executions.mode', 'queue');
-				jest.spyOn(orchestrationService, 'isLeader', 'get').mockReturnValue(true);
-				const scheduleSpy = jest.spyOn(executionRecoveryService, 'scheduleQueueRecovery');
-
-				/**
-				 * Act
-				 */
-				executionRecoveryService.init();
-
-				/**
-				 * Assert
-				 */
-				expect(scheduleSpy).toHaveBeenCalled();
-			});
-
-			it('if follower, should do nothing', () => {
-				/**
-				 * Arrange
-				 */
-				config.set('executions.mode', 'queue');
-				jest.spyOn(orchestrationService, 'isLeader', 'get').mockReturnValue(false);
-				const scheduleSpy = jest.spyOn(executionRecoveryService, 'scheduleQueueRecovery');
-
-				/**
-				 * Act
-				 */
-				executionRecoveryService.init();
-
-				/**
-				 * Assert
-				 */
-				expect(scheduleSpy).not.toHaveBeenCalled();
-			});
-		});
-
-		describe('regular mode', () => {
-			it('should do nothing', () => {
-				/**
-				 * Arrange
-				 */
-				config.set('executions.mode', 'regular');
-				const scheduleSpy = jest.spyOn(executionRecoveryService, 'scheduleQueueRecovery');
-
-				/**
-				 * Act
-				 */
-				executionRecoveryService.init();
-
-				/**
-				 * Assert
-				 */
-				expect(scheduleSpy).not.toHaveBeenCalled();
-			});
-		});
-	});
-
 	describe('recoverFromLogs', () => {
 		describe('if follower', () => {
 			test('should do nothing', async () => {
 				/**
 				 * Arrange
 				 */
-				config.set('instanceRole', 'follower');
+				instanceSettings.markAsFollower();
 				// @ts-expect-error Private method
 				const amendSpy = jest.spyOn(executionRecoveryService, 'amend');
 				const messages = setupMessages('123', 'Some workflow');
diff --git a/packages/cli/src/executions/__tests__/execution.service.test.ts b/packages/cli/src/executions/__tests__/execution.service.test.ts
index 567e0c9758a6f..28c76e1c58faf 100644
--- a/packages/cli/src/executions/__tests__/execution.service.test.ts
+++ b/packages/cli/src/executions/__tests__/execution.service.test.ts
@@ -6,14 +6,16 @@ import { AbortedExecutionRetryError } from '@/errors/aborted-execution-retry.err
 import { MissingExecutionStopError } from '@/errors/missing-execution-stop.error';
 import type { ActiveExecutions } from '@/ActiveExecutions';
 import type { IExecutionResponse } from '@/Interfaces';
-import type { Job, Queue } from '@/Queue';
+import { ScalingService } from '@/scaling/scaling.service';
 import type { WaitTracker } from '@/WaitTracker';
 import type { ExecutionRepository } from '@/databases/repositories/execution.repository';
 import type { ExecutionRequest } from '@/executions/execution.types';
 import type { ConcurrencyControlService } from '@/concurrency/concurrency-control.service';
+import type { Job } from '@/scaling/types';
+import { mockInstance } from '@test/mocking';
 
 describe('ExecutionService', () => {
-	const queue = mock<Queue>();
+	const scalingService = mockInstance(ScalingService);
 	const activeExecutions = mock<ActiveExecutions>();
 	const executionRepository = mock<ExecutionRepository>();
 	const waitTracker = mock<WaitTracker>();
@@ -22,7 +24,6 @@ describe('ExecutionService', () => {
 	const executionService = new ExecutionService(
 		mock(),
 		mock(),
-		queue,
 		activeExecutions,
 		executionRepository,
 		mock(),
@@ -31,6 +32,7 @@ describe('ExecutionService', () => {
 		mock(),
 		concurrencyControl,
 		mock(),
+		mock(),
 	);
 
 	beforeEach(() => {
@@ -210,7 +212,7 @@ describe('ExecutionService', () => {
 
 					expect(concurrencyControl.remove).not.toHaveBeenCalled();
 					expect(waitTracker.stopExecution).not.toHaveBeenCalled();
-					expect(queue.stopJob).not.toHaveBeenCalled();
+					expect(scalingService.stopJob).not.toHaveBeenCalled();
 				});
 			});
 
@@ -223,7 +225,8 @@ describe('ExecutionService', () => {
 					const execution = mock<IExecutionResponse>({ id: '123', status: 'running' });
 					executionRepository.findSingleExecution.mockResolvedValue(execution);
 					waitTracker.has.mockReturnValue(false);
-					queue.findRunningJobBy.mockResolvedValue(mock<Job>());
+					const job = mock<Job>({ data: { executionId: '123' } });
+					scalingService.findJobsByStatus.mockResolvedValue([job]);
 					executionRepository.stopDuringRun.mockResolvedValue(mock<IExecutionResponse>());
 
 					/**
@@ -236,8 +239,8 @@ describe('ExecutionService', () => {
 					 */
 					expect(waitTracker.stopExecution).not.toHaveBeenCalled();
 					expect(activeExecutions.stopExecution).toHaveBeenCalled();
-					expect(queue.findRunningJobBy).toBeCalledWith({ executionId: execution.id });
-					expect(queue.stopJob).toHaveBeenCalled();
+					expect(scalingService.findJobsByStatus).toHaveBeenCalled();
+					expect(scalingService.stopJob).toHaveBeenCalled();
 					expect(executionRepository.stopDuringRun).toHaveBeenCalled();
 				});
 
@@ -249,7 +252,8 @@ describe('ExecutionService', () => {
 					const execution = mock<IExecutionResponse>({ id: '123', status: 'waiting' });
 					executionRepository.findSingleExecution.mockResolvedValue(execution);
 					waitTracker.has.mockReturnValue(true);
-					queue.findRunningJobBy.mockResolvedValue(mock<Job>());
+					const job = mock<Job>({ data: { executionId: '123' } });
+					scalingService.findJobsByStatus.mockResolvedValue([job]);
 					executionRepository.stopDuringRun.mockResolvedValue(mock<IExecutionResponse>());
 
 					/**
@@ -261,9 +265,8 @@ describe('ExecutionService', () => {
 					 * Assert
 					 */
 					expect(waitTracker.stopExecution).toHaveBeenCalledWith(execution.id);
-					expect(activeExecutions.stopExecution).toHaveBeenCalled();
-					expect(queue.findRunningJobBy).toBeCalledWith({ executionId: execution.id });
-					expect(queue.stopJob).toHaveBeenCalled();
+					expect(scalingService.findJobsByStatus).toHaveBeenCalled();
+					expect(scalingService.stopJob).toHaveBeenCalled();
 					expect(executionRepository.stopDuringRun).toHaveBeenCalled();
 				});
 			});
diff --git a/packages/cli/test/unit/controllers/executions.controller.test.ts b/packages/cli/src/executions/__tests__/executions.controller.test.ts
similarity index 98%
rename from packages/cli/test/unit/controllers/executions.controller.test.ts
rename to packages/cli/src/executions/__tests__/executions.controller.test.ts
index 2a4c733c5ab3c..decb88d59854e 100644
--- a/packages/cli/test/unit/controllers/executions.controller.test.ts
+++ b/packages/cli/src/executions/__tests__/executions.controller.test.ts
@@ -74,6 +74,8 @@ describe('ExecutionsController', () => {
 			},
 		];
 
+		executionService.findRangeWithCount.mockResolvedValue(NO_EXECUTIONS);
+
 		describe('if either status or range provided', () => {
 			test.each(QUERIES_WITH_EITHER_STATUS_OR_RANGE)(
 				'should fetch executions per query',
diff --git a/packages/cli/test/unit/middleware/executions/parse-range-query.middleware.test.ts b/packages/cli/src/executions/__tests__/parse-range-query.middleware.test.ts
similarity index 100%
rename from packages/cli/test/unit/middleware/executions/parse-range-query.middleware.test.ts
rename to packages/cli/src/executions/__tests__/parse-range-query.middleware.test.ts
diff --git a/packages/cli/src/executions/execution-recovery.service.ts b/packages/cli/src/executions/execution-recovery.service.ts
index b72fc490dddbb..8e29127737792 100644
--- a/packages/cli/src/executions/execution-recovery.service.ts
+++ b/packages/cli/src/executions/execution-recovery.service.ts
@@ -1,22 +1,18 @@
-import Container, { Service } from 'typedi';
+import { Service } from 'typedi';
 import { Push } from '@/push';
-import { jsonStringify, sleep } from 'n8n-workflow';
+import { sleep } from 'n8n-workflow';
 import { ExecutionRepository } from '@db/repositories/execution.repository';
 import { getWorkflowHooksMain } from '@/WorkflowExecuteAdditionalData'; // @TODO: Dependency cycle
-import { InternalHooks } from '@/InternalHooks'; // @TODO: Dependency cycle if injected
 import type { DateTime } from 'luxon';
 import type { IRun, ITaskData } from 'n8n-workflow';
+import { InstanceSettings } from 'n8n-core';
 import type { EventMessageTypes } from '../eventbus/EventMessageClasses';
 import type { IExecutionResponse } from '@/Interfaces';
 import { NodeCrashedError } from '@/errors/node-crashed.error';
 import { WorkflowCrashedError } from '@/errors/workflow-crashed.error';
 import { ARTIFICIAL_TASK_DATA } from '@/constants';
 import { Logger } from '@/Logger';
-import config from '@/config';
-import { OnShutdown } from '@/decorators/OnShutdown';
-import type { QueueRecoverySettings } from './execution.types';
-import { OrchestrationService } from '@/services/orchestration.service';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 /**
  * Service for recovering key properties in executions.
@@ -25,41 +21,17 @@ import { EventService } from '@/eventbus/event.service';
 export class ExecutionRecoveryService {
 	constructor(
 		private readonly logger: Logger,
+		private readonly instanceSettings: InstanceSettings,
 		private readonly push: Push,
 		private readonly executionRepository: ExecutionRepository,
-		private readonly orchestrationService: OrchestrationService,
 		private readonly eventService: EventService,
 	) {}
 
-	/**
-	 * @important Requires `OrchestrationService` to be initialized on queue mode.
-	 */
-	init() {
-		if (config.getEnv('executions.mode') === 'regular') return;
-
-		const { isLeader, isMultiMainSetupEnabled } = this.orchestrationService;
-
-		if (isLeader) this.scheduleQueueRecovery();
-
-		if (isMultiMainSetupEnabled) {
-			this.orchestrationService.multiMainSetup
-				.on('leader-takeover', () => this.scheduleQueueRecovery())
-				.on('leader-stepdown', () => this.stopQueueRecovery());
-		}
-	}
-
-	private readonly queueRecoverySettings: QueueRecoverySettings = {
-		batchSize: config.getEnv('executions.queueRecovery.batchSize'),
-		waitMs: config.getEnv('executions.queueRecovery.interval') * 60 * 1000,
-	};
-
-	private isShuttingDown = false;
-
 	/**
 	 * Recover key properties of a truncated execution using event logs.
 	 */
 	async recoverFromLogs(executionId: string, messages: EventMessageTypes[]) {
-		if (this.orchestrationService.isFollower) return;
+		if (this.instanceSettings.isFollower) return;
 
 		const amendedExecution = await this.amend(executionId, messages);
 
@@ -81,87 +53,10 @@ export class ExecutionRecoveryService {
 		return amendedExecution;
 	}
 
-	/**
-	 * Schedule a cycle to mark dangling executions as crashed in queue mode.
-	 */
-	scheduleQueueRecovery(waitMs = this.queueRecoverySettings.waitMs) {
-		if (!this.shouldScheduleQueueRecovery()) return;
-
-		this.queueRecoverySettings.timeout = setTimeout(async () => {
-			try {
-				const nextWaitMs = await this.recoverFromQueue();
-				this.scheduleQueueRecovery(nextWaitMs);
-			} catch (error) {
-				const msg = this.toErrorMsg(error);
-
-				this.logger.error('[Recovery] Failed to recover dangling executions from queue', { msg });
-				this.logger.error('[Recovery] Retrying...');
-
-				this.scheduleQueueRecovery();
-			}
-		}, waitMs);
-
-		const wait = [this.queueRecoverySettings.waitMs / (60 * 1000), 'min'].join(' ');
-
-		this.logger.debug(`[Recovery] Scheduled queue recovery check for next ${wait}`);
-	}
-
-	stopQueueRecovery() {
-		clearTimeout(this.queueRecoverySettings.timeout);
-	}
-
-	@OnShutdown()
-	shutdown() {
-		this.isShuttingDown = true;
-		this.stopQueueRecovery();
-	}
-
 	// ----------------------------------
 	//             private
 	// ----------------------------------
 
-	/**
-	 * Mark in-progress executions as `crashed` if stored in DB as `new` or `running`
-	 * but absent from the queue. Return time until next recovery cycle.
-	 */
-	private async recoverFromQueue() {
-		const { waitMs, batchSize } = this.queueRecoverySettings;
-
-		const storedIds = await this.executionRepository.getInProgressExecutionIds(batchSize);
-
-		if (storedIds.length === 0) {
-			this.logger.debug('[Recovery] Completed queue recovery check, no dangling executions');
-			return waitMs;
-		}
-
-		const { Queue } = await import('@/Queue');
-
-		const queuedIds = await Container.get(Queue).getInProgressExecutionIds();
-
-		if (queuedIds.size === 0) {
-			this.logger.debug('[Recovery] Completed queue recovery check, no dangling executions');
-			return waitMs;
-		}
-
-		const danglingIds = storedIds.filter((id) => !queuedIds.has(id));
-
-		if (danglingIds.length === 0) {
-			this.logger.debug('[Recovery] Completed queue recovery check, no dangling executions');
-			return waitMs;
-		}
-
-		await this.executionRepository.markAsCrashed(danglingIds);
-
-		this.logger.info('[Recovery] Completed queue recovery check, recovered dangling executions', {
-			danglingIds,
-		});
-
-		// if this cycle used up the whole batch size, it is possible for there to be
-		// dangling executions outside this check, so speed up next cycle
-
-		return storedIds.length >= this.queueRecoverySettings.batchSize ? waitMs / 2 : waitMs;
-	}
-
 	/**
 	 * Amend `status`, `stoppedAt`, and (if possible) `data` of an execution using event logs.
 	 */
@@ -280,22 +175,9 @@ export class ExecutionRecoveryService {
 	private async runHooks(execution: IExecutionResponse) {
 		execution.data ??= { resultData: { runData: {} } };
 
-		await Container.get(InternalHooks).onWorkflowPostExecute(execution.id, execution.workflowData, {
-			data: execution.data,
-			finished: false,
-			mode: execution.mode,
-			waitTill: execution.waitTill,
-			startedAt: execution.startedAt,
-			stoppedAt: execution.stoppedAt,
-			status: execution.status,
-		});
-
 		this.eventService.emit('workflow-post-execute', {
-			workflowId: execution.workflowData.id,
-			workflowName: execution.workflowData.name,
+			workflow: execution.workflowData,
 			executionId: execution.id,
-			success: execution.status === 'success',
-			isManual: execution.mode === 'manual',
 			runData: execution,
 		});
 
@@ -323,18 +205,4 @@ export class ExecutionRecoveryService {
 
 		await externalHooks.executeHookFunctions('workflowExecuteAfter', [run]);
 	}
-
-	private toErrorMsg(error: unknown) {
-		return error instanceof Error
-			? error.message
-			: jsonStringify(error, { replaceCircularRefs: true });
-	}
-
-	private shouldScheduleQueueRecovery() {
-		return (
-			config.getEnv('executions.mode') === 'queue' &&
-			config.getEnv('instanceRole') === 'leader' &&
-			!this.isShuttingDown
-		);
-	}
 }
diff --git a/packages/cli/src/executions/execution.service.ts b/packages/cli/src/executions/execution.service.ts
index bb8650e99f1d6..b4e8b335739be 100644
--- a/packages/cli/src/executions/execution.service.ts
+++ b/packages/cli/src/executions/execution.service.ts
@@ -1,4 +1,4 @@
-import { Service } from 'typedi';
+import { Container, Service } from 'typedi';
 import { GlobalConfig } from '@n8n/config';
 import { validate as jsonSchemaValidate } from 'jsonschema';
 import type {
@@ -24,7 +24,6 @@ import type {
 	IWorkflowExecutionDataProcess,
 } from '@/Interfaces';
 import { NodeTypes } from '@/NodeTypes';
-import { Queue } from '@/Queue';
 import type { ExecutionRequest, ExecutionSummaries, StopResult } from './execution.types';
 import { WorkflowRunner } from '@/WorkflowRunner';
 import type { IGetExecutionsQueryFilter } from '@db/repositories/execution.repository';
@@ -40,6 +39,8 @@ import { QueuedExecutionRetryError } from '@/errors/queued-execution-retry.error
 import { ConcurrencyControlService } from '@/concurrency/concurrency-control.service';
 import { AbortedExecutionRetryError } from '@/errors/aborted-execution-retry.error';
 import { License } from '@/License';
+import type { User } from '@/databases/entities/User';
+import { WorkflowSharingService } from '@/workflows/workflowSharing.service';
 
 export const schemaGetExecutionsQueryFilter = {
 	$id: '/IGetExecutionsQueryFilter',
@@ -83,7 +84,6 @@ export class ExecutionService {
 	constructor(
 		private readonly globalConfig: GlobalConfig,
 		private readonly logger: Logger,
-		private readonly queue: Queue,
 		private readonly activeExecutions: ActiveExecutions,
 		private readonly executionRepository: ExecutionRepository,
 		private readonly workflowRepository: WorkflowRepository,
@@ -92,6 +92,7 @@ export class ExecutionService {
 		private readonly workflowRunner: WorkflowRunner,
 		private readonly concurrencyControl: ConcurrencyControlService,
 		private readonly license: License,
+		private readonly workflowSharingService: WorkflowSharingService,
 	) {}
 
 	async findOne(
@@ -468,14 +469,30 @@ export class ExecutionService {
 			this.waitTracker.stopExecution(execution.id);
 		}
 
-		const job = await this.queue.findRunningJobBy({ executionId: execution.id });
+		const { ScalingService } = await import('@/scaling/scaling.service');
+		const scalingService = Container.get(ScalingService);
+		const jobs = await scalingService.findJobsByStatus(['active', 'waiting']);
+
+		const job = jobs.find(({ data }) => data.executionId === execution.id);
 
 		if (job) {
-			await this.queue.stopJob(job);
+			await scalingService.stopJob(job);
 		} else {
 			this.logger.debug('Job to stop not in queue', { executionId: execution.id });
 		}
 
 		return await this.executionRepository.stopDuringRun(execution);
 	}
+
+	async addScopes(user: User, summaries: ExecutionSummaries.ExecutionSummaryWithScopes[]) {
+		const workflowIds = [...new Set(summaries.map((s) => s.workflowId))];
+
+		const scopes = Object.fromEntries(
+			await this.workflowSharingService.getSharedWorkflowScopes(workflowIds, user),
+		);
+
+		for (const s of summaries) {
+			s.scopes = scopes[s.workflowId] ?? [];
+		}
+	}
 }
diff --git a/packages/cli/src/executions/execution.types.ts b/packages/cli/src/executions/execution.types.ts
index 7e8872bf1b305..15c27261fc1a3 100644
--- a/packages/cli/src/executions/execution.types.ts
+++ b/packages/cli/src/executions/execution.types.ts
@@ -1,6 +1,12 @@
 import type { ExecutionEntity } from '@/databases/entities/ExecutionEntity';
 import type { AuthenticatedRequest } from '@/requests';
-import type { ExecutionStatus, IDataObject, WorkflowExecuteMode } from 'n8n-workflow';
+import type { Scope } from '@n8n/permissions';
+import type {
+	ExecutionStatus,
+	ExecutionSummary,
+	IDataObject,
+	WorkflowExecuteMode,
+} from 'n8n-workflow';
 
 export declare namespace ExecutionRequest {
 	namespace QueryParams {
@@ -83,24 +89,9 @@ export namespace ExecutionSummaries {
 			stoppedAt?: 'DESC';
 		};
 	};
-}
 
-export type QueueRecoverySettings = {
-	/**
-	 * ID of timeout for next scheduled recovery cycle.
-	 */
-	timeout?: NodeJS.Timeout;
-
-	/**
-	 * Number of in-progress executions to check per cycle.
-	 */
-	batchSize: number;
-
-	/**
-	 * Time (in milliseconds) to wait before the next cycle.
-	 */
-	waitMs: number;
-};
+	export type ExecutionSummaryWithScopes = ExecutionSummary & { scopes: Scope[] };
+}
 
 export type StopResult = {
 	mode: WorkflowExecuteMode;
diff --git a/packages/cli/src/executions/executions.controller.ts b/packages/cli/src/executions/executions.controller.ts
index 64b6a5427429f..c68c8cb7d5c48 100644
--- a/packages/cli/src/executions/executions.controller.ts
+++ b/packages/cli/src/executions/executions.controller.ts
@@ -1,4 +1,4 @@
-import { ExecutionRequest } from './execution.types';
+import { ExecutionRequest, type ExecutionSummaries } from './execution.types';
 import { ExecutionService } from './execution.service';
 import { Get, Post, RestController } from '@/decorators';
 import { EnterpriseExecutionsService } from './execution.service.ee';
@@ -53,10 +53,20 @@ export class ExecutionsController {
 		const noRange = !query.range.lastId || !query.range.firstId;
 
 		if (noStatus && noRange) {
-			return await this.executionService.findLatestCurrentAndCompleted(query);
+			const executions = await this.executionService.findLatestCurrentAndCompleted(query);
+			await this.executionService.addScopes(
+				req.user,
+				executions.results as ExecutionSummaries.ExecutionSummaryWithScopes[],
+			);
+			return executions;
 		}
 
-		return await this.executionService.findRangeWithCount(query);
+		const executions = await this.executionService.findRangeWithCount(query);
+		await this.executionService.addScopes(
+			req.user,
+			executions.results as ExecutionSummaries.ExecutionSummaryWithScopes[],
+		);
+		return executions;
 	}
 
 	@Get('/:id')
diff --git a/packages/cli/test/unit/license/license.service.test.ts b/packages/cli/src/license/__tests__/license.service.test.ts
similarity index 97%
rename from packages/cli/test/unit/license/license.service.test.ts
rename to packages/cli/src/license/__tests__/license.service.test.ts
index e28895025ffbe..fb75c6a27d692 100644
--- a/packages/cli/test/unit/license/license.service.test.ts
+++ b/packages/cli/src/license/__tests__/license.service.test.ts
@@ -1,6 +1,6 @@
 import { LicenseErrors, LicenseService } from '@/license/license.service';
 import type { License } from '@/License';
-import type { EventService } from '@/eventbus/event.service';
+import type { EventService } from '@/events/event.service';
 import type { WorkflowRepository } from '@db/repositories/workflow.repository';
 import type { TEntitlement } from '@n8n_io/license-sdk';
 import { mock } from 'jest-mock-extended';
diff --git a/packages/cli/src/license/license.controller.ts b/packages/cli/src/license/license.controller.ts
index 1c0ca8c0d68ed..945f3650ea340 100644
--- a/packages/cli/src/license/license.controller.ts
+++ b/packages/cli/src/license/license.controller.ts
@@ -1,6 +1,8 @@
 import { Get, Post, RestController, GlobalScope } from '@/decorators';
 import { AuthenticatedRequest, LicenseRequest } from '@/requests';
 import { LicenseService } from './license.service';
+import { BadRequestError } from '@/errors/response-errors/bad-request.error';
+import type { AxiosError } from 'axios';
 
 @RestController('/license')
 export class LicenseController {
@@ -14,7 +16,18 @@ export class LicenseController {
 	@Post('/enterprise/request_trial')
 	@GlobalScope('license:manage')
 	async requestEnterpriseTrial(req: AuthenticatedRequest) {
-		await this.licenseService.requestEnterpriseTrial(req.user);
+		try {
+			await this.licenseService.requestEnterpriseTrial(req.user);
+		} catch (error: unknown) {
+			if (error instanceof Error) {
+				const errorMsg =
+					(error as AxiosError<{ message: string }>).response?.data?.message ?? error.message;
+
+				throw new BadRequestError(errorMsg);
+			} else {
+				throw new BadRequestError('Failed to request trial');
+			}
+		}
 	}
 
 	@Post('/activate')
diff --git a/packages/cli/src/license/license.service.ts b/packages/cli/src/license/license.service.ts
index 01d2a73c48941..0555597a9d3b3 100644
--- a/packages/cli/src/license/license.service.ts
+++ b/packages/cli/src/license/license.service.ts
@@ -3,7 +3,7 @@ import axios from 'axios';
 
 import { Logger } from '@/Logger';
 import { License } from '@/License';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 import type { User } from '@db/entities/User';
 import { WorkflowRepository } from '@db/repositories/workflow.repository';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
diff --git a/packages/cli/test/unit/middleware/listQuery.test.ts b/packages/cli/src/middlewares/listQuery/__tests__/listQuery.test.ts
similarity index 100%
rename from packages/cli/test/unit/middleware/listQuery.test.ts
rename to packages/cli/src/middlewares/listQuery/__tests__/listQuery.test.ts
diff --git a/packages/cli/src/permissions/project-roles.ts b/packages/cli/src/permissions/project-roles.ts
index 96e4dfff8a475..d05507c47c46c 100644
--- a/packages/cli/src/permissions/project-roles.ts
+++ b/packages/cli/src/permissions/project-roles.ts
@@ -20,6 +20,7 @@ export const REGULAR_PROJECT_ADMIN_SCOPES: Scope[] = [
 	'credential:delete',
 	'credential:list',
 	'credential:move',
+	'credential:share',
 	'project:list',
 	'project:read',
 	'project:update',
diff --git a/packages/cli/test/unit/PostHog.test.ts b/packages/cli/src/posthog/__tests__/PostHog.test.ts
similarity index 97%
rename from packages/cli/test/unit/PostHog.test.ts
rename to packages/cli/src/posthog/__tests__/PostHog.test.ts
index 5798c0cce2217..f1604f7253df1 100644
--- a/packages/cli/test/unit/PostHog.test.ts
+++ b/packages/cli/src/posthog/__tests__/PostHog.test.ts
@@ -2,7 +2,7 @@ import { PostHog } from 'posthog-node';
 import { InstanceSettings } from 'n8n-core';
 import { PostHogClient } from '@/posthog';
 import config from '@/config';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 jest.mock('posthog-node');
 
diff --git a/packages/cli/test/unit/push/index.test.ts b/packages/cli/src/push/__tests__/index.test.ts
similarity index 96%
rename from packages/cli/test/unit/push/index.test.ts
rename to packages/cli/src/push/__tests__/index.test.ts
index 1736693509374..a61496b0c9248 100644
--- a/packages/cli/test/unit/push/index.test.ts
+++ b/packages/cli/src/push/__tests__/index.test.ts
@@ -9,7 +9,7 @@ import { WebSocketPush } from '@/push/websocket.push';
 import type { WebSocketPushRequest, SSEPushRequest } from '@/push/types';
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 jest.unmock('@/push');
 
diff --git a/packages/cli/test/unit/push/websocket.push.test.ts b/packages/cli/src/push/__tests__/websocket.push.test.ts
similarity index 98%
rename from packages/cli/test/unit/push/websocket.push.test.ts
rename to packages/cli/src/push/__tests__/websocket.push.test.ts
index 7531e43776c2c..f1a0e577f9ad8 100644
--- a/packages/cli/test/unit/push/websocket.push.test.ts
+++ b/packages/cli/src/push/__tests__/websocket.push.test.ts
@@ -6,7 +6,7 @@ import { WebSocketPush } from '@/push/websocket.push';
 import { Logger } from '@/Logger';
 import type { PushDataExecutionRecovered } from '@/Interfaces';
 
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 jest.useFakeTimers();
 
diff --git a/packages/cli/src/requests.ts b/packages/cli/src/requests.ts
index 1ea265f2394e7..565020447c91d 100644
--- a/packages/cli/src/requests.ts
+++ b/packages/cli/src/requests.ts
@@ -224,7 +224,7 @@ export declare namespace MeRequest {
 	export type Password = AuthenticatedRequest<
 		{},
 		{},
-		{ currentPassword: string; newPassword: string; token?: string }
+		{ currentPassword: string; newPassword: string; mfaCode?: string }
 	>;
 	export type SurveyAnswers = AuthenticatedRequest<{}, {}, Record<string, string> | {}>;
 }
@@ -306,7 +306,7 @@ export declare namespace UserRequest {
 		{ id: string; email: string; identifier: string },
 		{},
 		{},
-		{ limit?: number; offset?: number; cursor?: string; includeRole?: boolean }
+		{ limit?: number; offset?: number; cursor?: string; includeRole?: boolean; projectId?: string }
 	>;
 
 	export type PasswordResetLink = AuthenticatedRequest<{ id: string }, {}, {}, {}>;
@@ -353,6 +353,7 @@ export type LoginRequest = AuthlessRequest<
 export declare namespace MFA {
 	type Verify = AuthenticatedRequest<{}, {}, { token: string }, {}>;
 	type Activate = AuthenticatedRequest<{}, {}, { token: string }, {}>;
+	type Disable = AuthenticatedRequest<{}, {}, { token: string }, {}>;
 	type Config = AuthenticatedRequest<{}, {}, { login: { enabled: boolean } }, {}>;
 	type ValidateRecoveryCode = AuthenticatedRequest<
 		{},
@@ -418,6 +419,12 @@ export declare namespace DynamicNodeParametersRequest {
 	type ResourceMapperFields = BaseRequest<{
 		methodName: string;
 	}>;
+
+	/** POST /dynamic-node-parameters/action-result */
+	type ActionResult = BaseRequest<{
+		handler: string;
+		payload: IDataObject | string | undefined;
+	}>;
 }
 
 // ----------------------------------
diff --git a/packages/cli/src/scaling/__tests__/scaling.service.test.ts b/packages/cli/src/scaling/__tests__/scaling.service.test.ts
new file mode 100644
index 0000000000000..adbf5ebde2f0e
--- /dev/null
+++ b/packages/cli/src/scaling/__tests__/scaling.service.test.ts
@@ -0,0 +1,358 @@
+import { mock } from 'jest-mock-extended';
+import { ScalingService } from '../scaling.service';
+import { JOB_TYPE_NAME, QUEUE_NAME } from '../constants';
+import config from '@/config';
+import * as BullModule from 'bull';
+import type { Job, JobData, JobOptions, JobQueue } from '../types';
+import { ApplicationError } from 'n8n-workflow';
+import { mockInstance } from '@test/mocking';
+import { GlobalConfig } from '@n8n/config';
+import { InstanceSettings } from 'n8n-core';
+import type { OrchestrationService } from '@/services/orchestration.service';
+import Container from 'typedi';
+import type { JobProcessor } from '../job-processor';
+
+const queue = mock<JobQueue>({
+	client: { ping: jest.fn() },
+});
+
+jest.mock('bull', () => ({
+	__esModule: true,
+	default: jest.fn(() => queue),
+}));
+
+describe('ScalingService', () => {
+	const globalConfig = mockInstance(GlobalConfig, {
+		queue: {
+			bull: {
+				prefix: 'bull',
+				redis: {
+					clusterNodes: '',
+					host: 'localhost',
+					password: '',
+					port: 6379,
+					tls: false,
+				},
+			},
+		},
+	});
+
+	const instanceSettings = Container.get(InstanceSettings);
+	const orchestrationService = mock<OrchestrationService>({ isMultiMainSetupEnabled: false });
+	const jobProcessor = mock<JobProcessor>();
+	let scalingService: ScalingService;
+
+	beforeEach(() => {
+		jest.clearAllMocks();
+		config.set('generic.instanceType', 'main');
+		scalingService = new ScalingService(
+			mock(),
+			mock(),
+			jobProcessor,
+			globalConfig,
+			mock(),
+			instanceSettings,
+			orchestrationService,
+		);
+	});
+
+	afterEach(() => {
+		scalingService.stopQueueRecovery();
+	});
+
+	describe('setupQueue', () => {
+		it('should set up the queue', async () => {
+			/**
+			 * Arrange
+			 */
+			const { prefix, settings } = globalConfig.queue.bull;
+			const Bull = jest.mocked(BullModule.default);
+
+			/**
+			 * Act
+			 */
+			await scalingService.setupQueue();
+
+			/**
+			 * Assert
+			 */
+			expect(Bull).toHaveBeenCalledWith(QUEUE_NAME, {
+				prefix,
+				settings,
+				createClient: expect.any(Function),
+			});
+			expect(queue.on).toHaveBeenCalledWith('global:progress', expect.any(Function));
+			expect(queue.on).toHaveBeenCalledWith('error', expect.any(Function));
+		});
+	});
+
+	describe('setupWorker', () => {
+		it('should set up a worker with concurrency', async () => {
+			/**
+			 * Arrange
+			 */
+			config.set('generic.instanceType', 'worker');
+			const scalingService = new ScalingService(
+				mock(),
+				mock(),
+				mock(),
+				globalConfig,
+				mock(),
+				instanceSettings,
+				orchestrationService,
+			);
+			await scalingService.setupQueue();
+			const concurrency = 5;
+
+			/**
+			 * Act
+			 */
+			scalingService.setupWorker(concurrency);
+
+			/**
+			 * Assert
+			 */
+			expect(queue.process).toHaveBeenCalledWith(JOB_TYPE_NAME, concurrency, expect.any(Function));
+		});
+
+		it('should throw if called on a non-worker instance', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+
+			/**
+			 * Act and Assert
+			 */
+			expect(() => scalingService.setupWorker(5)).toThrow();
+		});
+	});
+
+	describe('stop', () => {
+		it('should pause the queue, check for running jobs, and stop queue recovery', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			jobProcessor.getRunningJobIds.mockReturnValue([]);
+			const stopQueueRecoverySpy = jest.spyOn(scalingService, 'stopQueueRecovery');
+			const getRunningJobsCountSpy = jest.spyOn(scalingService, 'getRunningJobsCount');
+
+			/**
+			 * Act
+			 */
+			await scalingService.stop();
+
+			/**
+			 * Assert
+			 */
+			expect(queue.pause).toHaveBeenCalledWith(true, true);
+			expect(stopQueueRecoverySpy).toHaveBeenCalled();
+			expect(getRunningJobsCountSpy).toHaveBeenCalled();
+		});
+	});
+
+	describe('pingQueue', () => {
+		it('should ping the queue', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+
+			/**
+			 * Act
+			 */
+			await scalingService.pingQueue();
+
+			/**
+			 * Assert
+			 */
+			expect(queue.client.ping).toHaveBeenCalled();
+		});
+	});
+
+	describe('addJob', () => {
+		it('should add a job', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			queue.add.mockResolvedValue(mock<Job>({ id: '456' }));
+
+			/**
+			 * Act
+			 */
+			const jobData = mock<JobData>({ executionId: '123' });
+			const jobOptions = mock<JobOptions>();
+			await scalingService.addJob(jobData, jobOptions);
+
+			/**
+			 * Assert
+			 */
+			expect(queue.add).toHaveBeenCalledWith(JOB_TYPE_NAME, jobData, jobOptions);
+		});
+	});
+
+	describe('getJob', () => {
+		it('should get a job', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			const jobId = '123';
+			queue.getJob.mockResolvedValue(mock<Job>({ id: jobId }));
+
+			/**
+			 * Act
+			 */
+			const job = await scalingService.getJob(jobId);
+
+			/**
+			 * Assert
+			 */
+			expect(queue.getJob).toHaveBeenCalledWith(jobId);
+			expect(job?.id).toBe(jobId);
+		});
+	});
+
+	describe('findJobsByStatus', () => {
+		it('should find jobs by status', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			queue.getJobs.mockResolvedValue([mock<Job>({ id: '123' })]);
+
+			/**
+			 * Act
+			 */
+			const jobs = await scalingService.findJobsByStatus(['active']);
+
+			/**
+			 * Assert
+			 */
+			expect(queue.getJobs).toHaveBeenCalledWith(['active']);
+			expect(jobs).toHaveLength(1);
+			expect(jobs.at(0)?.id).toBe('123');
+		});
+
+		it('should filter out `null` in Redis response', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			// @ts-expect-error - Untyped but possible Redis response
+			queue.getJobs.mockResolvedValue([mock<Job>(), null]);
+
+			/**
+			 * Act
+			 */
+			const jobs = await scalingService.findJobsByStatus(['waiting']);
+
+			/**
+			 * Assert
+			 */
+			expect(jobs).toHaveLength(1);
+		});
+	});
+
+	describe('stopJob', () => {
+		it('should stop an active job', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			const job = mock<Job>({ isActive: jest.fn().mockResolvedValue(true) });
+
+			/**
+			 * Act
+			 */
+			const result = await scalingService.stopJob(job);
+
+			/**
+			 * Assert
+			 */
+			expect(job.progress).toHaveBeenCalledWith({ kind: 'abort-job' });
+			expect(result).toBe(true);
+		});
+
+		it('should stop an inactive job', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			const job = mock<Job>({ isActive: jest.fn().mockResolvedValue(false) });
+
+			/**
+			 * Act
+			 */
+			const result = await scalingService.stopJob(job);
+
+			/**
+			 * Assert
+			 */
+			expect(job.remove).toHaveBeenCalled();
+			expect(result).toBe(true);
+		});
+
+		it('should report failure to stop a job', async () => {
+			/**
+			 * Arrange
+			 */
+			await scalingService.setupQueue();
+			const job = mock<Job>({
+				isActive: jest.fn().mockImplementation(() => {
+					throw new ApplicationError('Something went wrong');
+				}),
+			});
+
+			/**
+			 * Act
+			 */
+			const result = await scalingService.stopJob(job);
+
+			/**
+			 * Assert
+			 */
+			expect(result).toBe(false);
+		});
+	});
+
+	describe('scheduleQueueRecovery', () => {
+		it('if leader, should schedule queue recovery', async () => {
+			/**
+			 * Arrange
+			 */
+			const scheduleSpy = jest.spyOn(scalingService, 'scheduleQueueRecovery');
+			instanceSettings.markAsLeader();
+
+			/**
+			 * Act
+			 */
+			await scalingService.setupQueue();
+
+			/**
+			 * Assert
+			 */
+			expect(scheduleSpy).toHaveBeenCalled();
+		});
+
+		it('if follower, should not schedule queue recovery', async () => {
+			/**
+			 * Arrange
+			 */
+			const scheduleSpy = jest.spyOn(scalingService, 'scheduleQueueRecovery');
+			instanceSettings.markAsFollower();
+
+			/**
+			 * Act
+			 */
+			await scalingService.setupQueue();
+
+			/**
+			 * Assert
+			 */
+			expect(scheduleSpy).not.toHaveBeenCalled();
+		});
+	});
+});
diff --git a/packages/cli/src/scaling/constants.ts b/packages/cli/src/scaling/constants.ts
new file mode 100644
index 0000000000000..8ef5f716b17aa
--- /dev/null
+++ b/packages/cli/src/scaling/constants.ts
@@ -0,0 +1,3 @@
+export const QUEUE_NAME = 'jobs';
+
+export const JOB_TYPE_NAME = 'job';
diff --git a/packages/cli/src/scaling/job-processor.ts b/packages/cli/src/scaling/job-processor.ts
new file mode 100644
index 0000000000000..693c9e3a74fb7
--- /dev/null
+++ b/packages/cli/src/scaling/job-processor.ts
@@ -0,0 +1,182 @@
+import { Service } from 'typedi';
+import { BINARY_ENCODING, ApplicationError, Workflow } from 'n8n-workflow';
+import { WorkflowExecute } from 'n8n-core';
+import { Logger } from '@/Logger';
+import config from '@/config';
+import { ExecutionRepository } from '@/databases/repositories/execution.repository';
+import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
+import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
+import { NodeTypes } from '@/NodeTypes';
+import type { ExecutionStatus, IExecuteResponsePromiseData, IRun } from 'n8n-workflow';
+import type { Job, JobId, JobResult, RunningJob, RunningJobSummary } from './types';
+import type PCancelable from 'p-cancelable';
+
+/**
+ * Responsible for processing jobs from the queue, i.e. running enqueued executions.
+ */
+@Service()
+export class JobProcessor {
+	private readonly runningJobs: Record<JobId, RunningJob> = {};
+
+	constructor(
+		private readonly logger: Logger,
+		private readonly executionRepository: ExecutionRepository,
+		private readonly workflowRepository: WorkflowRepository,
+		private readonly nodeTypes: NodeTypes,
+	) {}
+
+	async processJob(job: Job): Promise<JobResult> {
+		const { executionId, loadStaticData } = job.data;
+
+		const execution = await this.executionRepository.findSingleExecution(executionId, {
+			includeData: true,
+			unflattenData: true,
+		});
+
+		if (!execution) {
+			this.logger.error('[JobProcessor] Failed to find execution data', { executionId });
+			throw new ApplicationError('Failed to find execution data. Aborting execution.', {
+				extra: { executionId },
+			});
+		}
+
+		const workflowId = execution.workflowData.id;
+
+		this.logger.info(`[JobProcessor] Starting job ${job.id} (execution ${executionId})`);
+
+		await this.executionRepository.updateStatus(executionId, 'running');
+
+		let { staticData } = execution.workflowData;
+
+		if (loadStaticData) {
+			const workflowData = await this.workflowRepository.findOne({
+				select: ['id', 'staticData'],
+				where: { id: workflowId },
+			});
+
+			if (workflowData === null) {
+				this.logger.error('[JobProcessor] Failed to find workflow', { workflowId, executionId });
+				throw new ApplicationError('Failed to find workflow', { extra: { workflowId } });
+			}
+
+			staticData = workflowData.staticData;
+		}
+
+		const workflowSettings = execution.workflowData.settings ?? {};
+
+		let workflowTimeout = workflowSettings.executionTimeout ?? config.getEnv('executions.timeout');
+
+		let executionTimeoutTimestamp: number | undefined;
+
+		if (workflowTimeout > 0) {
+			workflowTimeout = Math.min(workflowTimeout, config.getEnv('executions.maxTimeout'));
+			executionTimeoutTimestamp = Date.now() + workflowTimeout * 1000;
+		}
+
+		const workflow = new Workflow({
+			id: workflowId,
+			name: execution.workflowData.name,
+			nodes: execution.workflowData.nodes,
+			connections: execution.workflowData.connections,
+			active: execution.workflowData.active,
+			nodeTypes: this.nodeTypes,
+			staticData,
+			settings: execution.workflowData.settings,
+		});
+
+		const additionalData = await WorkflowExecuteAdditionalData.getBase(
+			undefined,
+			undefined,
+			executionTimeoutTimestamp,
+		);
+
+		additionalData.hooks = WorkflowExecuteAdditionalData.getWorkflowHooksWorkerExecuter(
+			execution.mode,
+			job.data.executionId,
+			execution.workflowData,
+			{ retryOf: execution.retryOf as string },
+		);
+
+		additionalData.hooks.hookFunctions.sendResponse = [
+			async (response: IExecuteResponsePromiseData): Promise<void> => {
+				await job.progress({
+					kind: 'respond-to-webhook',
+					executionId,
+					response: this.encodeWebhookResponse(response),
+				});
+			},
+		];
+
+		additionalData.executionId = executionId;
+
+		additionalData.setExecutionStatus = (status: ExecutionStatus) => {
+			// Can't set the status directly in the queued worker, but it will happen in InternalHook.onWorkflowPostExecute
+			this.logger.debug(
+				`[JobProcessor] Queued worker execution status for ${executionId} is "${status}"`,
+			);
+		};
+
+		let workflowExecute: WorkflowExecute;
+		let workflowRun: PCancelable<IRun>;
+		if (execution.data !== undefined) {
+			workflowExecute = new WorkflowExecute(additionalData, execution.mode, execution.data);
+			workflowRun = workflowExecute.processRunExecutionData(workflow);
+		} else {
+			// Execute all nodes
+			// Can execute without webhook so go on
+			workflowExecute = new WorkflowExecute(additionalData, execution.mode);
+			workflowRun = workflowExecute.run(workflow);
+		}
+
+		const runningJob: RunningJob = {
+			run: workflowRun,
+			executionId,
+			workflowId: execution.workflowId,
+			workflowName: execution.workflowData.name,
+			mode: execution.mode,
+			startedAt: execution.startedAt,
+			retryOf: execution.retryOf ?? '',
+			status: execution.status,
+		};
+
+		this.runningJobs[job.id] = runningJob;
+
+		await workflowRun;
+
+		delete this.runningJobs[job.id];
+
+		this.logger.debug('[JobProcessor] Job finished running', { jobId: job.id, executionId });
+
+		/**
+		 * @important Do NOT call `workflowExecuteAfter` hook here.
+		 * It is being called from processSuccessExecution() already.
+		 */
+
+		return { success: true };
+	}
+
+	stopJob(jobId: JobId) {
+		this.runningJobs[jobId]?.run.cancel();
+		delete this.runningJobs[jobId];
+	}
+
+	getRunningJobIds(): JobId[] {
+		return Object.keys(this.runningJobs);
+	}
+
+	getRunningJobsSummary(): RunningJobSummary[] {
+		return Object.values(this.runningJobs).map(({ run, ...summary }) => summary);
+	}
+
+	private encodeWebhookResponse(
+		response: IExecuteResponsePromiseData,
+	): IExecuteResponsePromiseData {
+		if (typeof response === 'object' && Buffer.isBuffer(response.body)) {
+			response.body = {
+				'__@N8nEncodedBuffer@__': response.body.toString(BINARY_ENCODING),
+			};
+		}
+
+		return response;
+	}
+}
diff --git a/packages/cli/src/scaling/scaling.service.ts b/packages/cli/src/scaling/scaling.service.ts
new file mode 100644
index 0000000000000..1a8bc9e173798
--- /dev/null
+++ b/packages/cli/src/scaling/scaling.service.ts
@@ -0,0 +1,342 @@
+import Container, { Service } from 'typedi';
+import { ApplicationError, BINARY_ENCODING, sleep, jsonStringify } from 'n8n-workflow';
+import { ActiveExecutions } from '@/ActiveExecutions';
+import config from '@/config';
+import { Logger } from '@/Logger';
+import { MaxStalledCountError } from '@/errors/max-stalled-count.error';
+import { HIGHEST_SHUTDOWN_PRIORITY, Time } from '@/constants';
+import { OnShutdown } from '@/decorators/OnShutdown';
+import { JOB_TYPE_NAME, QUEUE_NAME } from './constants';
+import { JobProcessor } from './job-processor';
+import type {
+	JobQueue,
+	Job,
+	JobData,
+	JobOptions,
+	JobMessage,
+	JobStatus,
+	JobId,
+	QueueRecoveryContext,
+} from './types';
+import type { IExecuteResponsePromiseData } from 'n8n-workflow';
+import { GlobalConfig } from '@n8n/config';
+import { ExecutionRepository } from '@/databases/repositories/execution.repository';
+import { InstanceSettings } from 'n8n-core';
+import { OrchestrationService } from '@/services/orchestration.service';
+
+@Service()
+export class ScalingService {
+	private queue: JobQueue;
+
+	private readonly instanceType = config.getEnv('generic.instanceType');
+
+	constructor(
+		private readonly logger: Logger,
+		private readonly activeExecutions: ActiveExecutions,
+		private readonly jobProcessor: JobProcessor,
+		private readonly globalConfig: GlobalConfig,
+		private readonly executionRepository: ExecutionRepository,
+		private readonly instanceSettings: InstanceSettings,
+		private readonly orchestrationService: OrchestrationService,
+	) {}
+
+	// #region Lifecycle
+
+	async setupQueue() {
+		const { default: BullQueue } = await import('bull');
+		const { RedisClientService } = await import('@/services/redis/redis-client.service');
+		const service = Container.get(RedisClientService);
+
+		const bullPrefix = this.globalConfig.queue.bull.prefix;
+		const prefix = service.toValidPrefix(bullPrefix);
+
+		this.queue = new BullQueue(QUEUE_NAME, {
+			prefix,
+			settings: this.globalConfig.queue.bull.settings,
+			createClient: (type) => service.createClient({ type: `${type}(bull)` }),
+		});
+
+		this.registerListeners();
+
+		if (this.instanceSettings.isLeader) this.scheduleQueueRecovery();
+
+		if (this.orchestrationService.isMultiMainSetupEnabled) {
+			this.orchestrationService.multiMainSetup
+				.on('leader-takeover', () => this.scheduleQueueRecovery())
+				.on('leader-stepdown', () => this.stopQueueRecovery());
+		}
+
+		this.logger.debug('[ScalingService] Queue setup completed');
+	}
+
+	setupWorker(concurrency: number) {
+		this.assertWorker();
+
+		void this.queue.process(
+			JOB_TYPE_NAME,
+			concurrency,
+			async (job: Job) => await this.jobProcessor.processJob(job),
+		);
+
+		this.logger.debug('[ScalingService] Worker setup completed');
+	}
+
+	@OnShutdown(HIGHEST_SHUTDOWN_PRIORITY)
+	async stop() {
+		await this.queue.pause(true, true);
+
+		this.logger.debug('[ScalingService] Queue paused');
+
+		this.stopQueueRecovery();
+
+		this.logger.debug('[ScalingService] Queue recovery stopped');
+
+		let count = 0;
+
+		while (this.getRunningJobsCount() !== 0) {
+			if (count++ % 4 === 0) {
+				this.logger.info(
+					`Waiting for ${this.getRunningJobsCount()} active executions to finish...`,
+				);
+			}
+
+			await sleep(500);
+		}
+	}
+
+	async pingQueue() {
+		await this.queue.client.ping();
+	}
+
+	// #endregion
+
+	// #region Jobs
+
+	async addJob(jobData: JobData, jobOptions: JobOptions) {
+		const { executionId } = jobData;
+
+		const job = await this.queue.add(JOB_TYPE_NAME, jobData, jobOptions);
+
+		this.logger.info(`[ScalingService] Added job ${job.id} (execution ${executionId})`);
+
+		return job;
+	}
+
+	async getJob(jobId: JobId) {
+		return await this.queue.getJob(jobId);
+	}
+
+	async findJobsByStatus(statuses: JobStatus[]) {
+		const jobs = await this.queue.getJobs(statuses);
+
+		return jobs.filter((job) => job !== null);
+	}
+
+	async stopJob(job: Job) {
+		const props = { jobId: job.id, executionId: job.data.executionId };
+
+		try {
+			if (await job.isActive()) {
+				await job.progress({ kind: 'abort-job' }); // being processed by worker
+				this.logger.debug('[ScalingService] Stopped active job', props);
+				return true;
+			}
+
+			await job.remove(); // not yet picked up, or waiting for next pickup (stalled)
+			this.logger.debug('[ScalingService] Stopped inactive job', props);
+			return true;
+		} catch (error: unknown) {
+			await job.progress({ kind: 'abort-job' });
+			this.logger.error('[ScalingService] Failed to stop job', { ...props, error });
+			return false;
+		}
+	}
+
+	getRunningJobsCount() {
+		return this.jobProcessor.getRunningJobIds().length;
+	}
+
+	// #endregion
+
+	// #region Listeners
+
+	private registerListeners() {
+		this.queue.on('global:progress', (_jobId: JobId, msg: JobMessage) => {
+			if (msg.kind === 'respond-to-webhook') {
+				const { executionId, response } = msg;
+				this.activeExecutions.resolveResponsePromise(
+					executionId,
+					this.decodeWebhookResponse(response),
+				);
+			}
+		});
+
+		this.queue.on('global:progress', (jobId: JobId, msg: JobMessage) => {
+			if (msg.kind === 'abort-job') {
+				this.jobProcessor.stopJob(jobId);
+			}
+		});
+
+		let latestAttemptTs = 0;
+		let cumulativeTimeoutMs = 0;
+
+		const MAX_TIMEOUT_MS = this.globalConfig.queue.bull.redis.timeoutThreshold;
+		const RESET_LENGTH_MS = 30_000;
+
+		this.queue.on('error', (error: Error) => {
+			this.logger.error('[ScalingService] Queue errored', { error });
+
+			/**
+			 * On Redis connection failure, try to reconnect. On every failed attempt,
+			 * increment a cumulative timeout - if this exceeds a limit, exit the
+			 * process. Reset the cumulative timeout if >30s between retries.
+			 */
+			if (error.message.includes('ECONNREFUSED')) {
+				const nowTs = Date.now();
+				if (nowTs - latestAttemptTs > RESET_LENGTH_MS) {
+					latestAttemptTs = nowTs;
+					cumulativeTimeoutMs = 0;
+				} else {
+					cumulativeTimeoutMs += nowTs - latestAttemptTs;
+					latestAttemptTs = nowTs;
+					if (cumulativeTimeoutMs > MAX_TIMEOUT_MS) {
+						this.logger.error('[ScalingService] Redis unavailable after max timeout');
+						this.logger.error('[ScalingService] Exiting process...');
+						process.exit(1);
+					}
+				}
+
+				this.logger.warn('[ScalingService] Redis unavailable - retrying to connect...');
+				return;
+			}
+
+			if (
+				this.instanceType === 'worker' &&
+				error.message.includes('job stalled more than maxStalledCount')
+			) {
+				throw new MaxStalledCountError(error);
+			}
+
+			/**
+			 * Non-recoverable error on worker start with Redis unavailable.
+			 * Even if Redis recovers, worker will remain unable to process jobs.
+			 */
+			if (
+				this.instanceType === 'worker' &&
+				error.message.includes('Error initializing Lua scripts')
+			) {
+				this.logger.error('[ScalingService] Fatal error initializing worker', { error });
+				this.logger.error('[ScalingService] Exiting process...');
+				process.exit(1);
+			}
+
+			throw error;
+		});
+	}
+
+	// #endregion
+
+	private decodeWebhookResponse(
+		response: IExecuteResponsePromiseData,
+	): IExecuteResponsePromiseData {
+		if (
+			typeof response === 'object' &&
+			typeof response.body === 'object' &&
+			response.body !== null &&
+			'__@N8nEncodedBuffer@__' in response.body &&
+			typeof response.body['__@N8nEncodedBuffer@__'] === 'string'
+		) {
+			response.body = Buffer.from(response.body['__@N8nEncodedBuffer@__'], BINARY_ENCODING);
+		}
+
+		return response;
+	}
+
+	private assertWorker() {
+		if (this.instanceType === 'worker') return;
+
+		throw new ApplicationError('This method must be called on a `worker` instance');
+	}
+
+	// #region Queue recovery
+
+	private readonly queueRecoveryContext: QueueRecoveryContext = {
+		batchSize: config.getEnv('executions.queueRecovery.batchSize'),
+		waitMs: config.getEnv('executions.queueRecovery.interval') * 60 * 1000,
+	};
+
+	scheduleQueueRecovery(waitMs = this.queueRecoveryContext.waitMs) {
+		this.queueRecoveryContext.timeout = setTimeout(async () => {
+			try {
+				const nextWaitMs = await this.recoverFromQueue();
+				this.scheduleQueueRecovery(nextWaitMs);
+			} catch (error) {
+				this.logger.error('[ScalingService] Failed to recover dangling executions from queue', {
+					msg: this.toErrorMsg(error),
+				});
+				this.logger.error('[ScalingService] Retrying...');
+
+				this.scheduleQueueRecovery();
+			}
+		}, waitMs);
+
+		const wait = [this.queueRecoveryContext.waitMs / Time.minutes.toMilliseconds, 'min'].join(' ');
+
+		this.logger.debug(`[ScalingService] Scheduled queue recovery check for next ${wait}`);
+	}
+
+	stopQueueRecovery() {
+		clearTimeout(this.queueRecoveryContext.timeout);
+	}
+
+	/**
+	 * Mark in-progress executions as `crashed` if stored in DB as `new` or `running`
+	 * but absent from the queue. Return time until next recovery cycle.
+	 */
+	private async recoverFromQueue() {
+		const { waitMs, batchSize } = this.queueRecoveryContext;
+
+		const storedIds = await this.executionRepository.getInProgressExecutionIds(batchSize);
+
+		if (storedIds.length === 0) {
+			this.logger.debug('[ScalingService] Completed queue recovery check, no dangling executions');
+			return waitMs;
+		}
+
+		const runningJobs = await this.findJobsByStatus(['active', 'waiting']);
+
+		const queuedIds = new Set(runningJobs.map((job) => job.data.executionId));
+
+		if (queuedIds.size === 0) {
+			this.logger.debug('[ScalingService] Completed queue recovery check, no dangling executions');
+			return waitMs;
+		}
+
+		const danglingIds = storedIds.filter((id) => !queuedIds.has(id));
+
+		if (danglingIds.length === 0) {
+			this.logger.debug('[ScalingService] Completed queue recovery check, no dangling executions');
+			return waitMs;
+		}
+
+		await this.executionRepository.markAsCrashed(danglingIds);
+
+		this.logger.info(
+			'[ScalingService] Completed queue recovery check, recovered dangling executions',
+			{ danglingIds },
+		);
+
+		// if this cycle used up the whole batch size, it is possible for there to be
+		// dangling executions outside this check, so speed up next cycle
+
+		return storedIds.length >= this.queueRecoveryContext.batchSize ? waitMs / 2 : waitMs;
+	}
+
+	private toErrorMsg(error: unknown) {
+		return error instanceof Error
+			? error.message
+			: jsonStringify(error, { replaceCircularRefs: true });
+	}
+
+	// #endregion
+}
diff --git a/packages/cli/src/scaling/types.ts b/packages/cli/src/scaling/types.ts
new file mode 100644
index 0000000000000..b35d1d109d7c4
--- /dev/null
+++ b/packages/cli/src/scaling/types.ts
@@ -0,0 +1,66 @@
+import type {
+	ExecutionError,
+	ExecutionStatus,
+	IExecuteResponsePromiseData,
+	IRun,
+	WorkflowExecuteMode as WorkflowExecutionMode,
+} from 'n8n-workflow';
+import type Bull from 'bull';
+import type PCancelable from 'p-cancelable';
+
+export type JobQueue = Bull.Queue<JobData>;
+
+export type Job = Bull.Job<JobData>;
+
+export type JobId = Job['id'];
+
+export type JobData = {
+	executionId: string;
+	loadStaticData: boolean;
+};
+
+export type JobResult = {
+	success: boolean;
+	error?: ExecutionError;
+};
+
+export type JobStatus = Bull.JobStatus;
+
+export type JobOptions = Bull.JobOptions;
+
+/** Message sent by worker to queue or by queue to worker. */
+export type JobMessage = RepondToWebhookMessage | AbortJobMessage;
+
+export type RepondToWebhookMessage = {
+	kind: 'respond-to-webhook';
+	executionId: string;
+	response: IExecuteResponsePromiseData;
+};
+
+export type AbortJobMessage = {
+	kind: 'abort-job';
+};
+
+export type RunningJob = {
+	executionId: string;
+	workflowId: string;
+	workflowName: string;
+	mode: WorkflowExecutionMode;
+	startedAt: Date;
+	retryOf: string;
+	status: ExecutionStatus;
+	run: PCancelable<IRun>;
+};
+
+export type RunningJobSummary = Omit<RunningJob, 'run'>;
+
+export type QueueRecoveryContext = {
+	/** ID of timeout for next scheduled recovery cycle. */
+	timeout?: NodeJS.Timeout;
+
+	/** Number of in-progress executions to check per cycle. */
+	batchSize: number;
+
+	/** Time (in milliseconds) to wait until the next cycle. */
+	waitMs: number;
+};
diff --git a/packages/cli/test/unit/ExecutionMetadataService.test.ts b/packages/cli/src/services/__tests__/ExecutionMetadataService.test.ts
similarity index 94%
rename from packages/cli/test/unit/ExecutionMetadataService.test.ts
rename to packages/cli/src/services/__tests__/ExecutionMetadataService.test.ts
index 826aae5e25324..8b77b8b1681d4 100644
--- a/packages/cli/test/unit/ExecutionMetadataService.test.ts
+++ b/packages/cli/src/services/__tests__/ExecutionMetadataService.test.ts
@@ -1,7 +1,7 @@
 import { Container } from 'typedi';
 import { ExecutionMetadataRepository } from '@db/repositories/executionMetadata.repository';
 import { ExecutionMetadataService } from '@/services/executionMetadata.service';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 describe('ExecutionMetadataService', () => {
 	const repository = mockInstance(ExecutionMetadataRepository);
diff --git a/packages/cli/test/unit/services/activeWorkflows.service.test.ts b/packages/cli/src/services/__tests__/activeWorkflows.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/services/activeWorkflows.service.test.ts
rename to packages/cli/src/services/__tests__/activeWorkflows.service.test.ts
diff --git a/packages/cli/test/unit/services/communityPackages.service.test.ts b/packages/cli/src/services/__tests__/communityPackages.service.test.ts
similarity index 86%
rename from packages/cli/test/unit/services/communityPackages.service.test.ts
rename to packages/cli/src/services/__tests__/communityPackages.service.test.ts
index 2b0d8bf0d452a..ec7ce61ba9c1c 100644
--- a/packages/cli/test/unit/services/communityPackages.service.test.ts
+++ b/packages/cli/src/services/__tests__/communityPackages.service.test.ts
@@ -2,8 +2,10 @@ import { exec } from 'child_process';
 import { access as fsAccess, mkdir as fsMkdir } from 'fs/promises';
 import axios from 'axios';
 import { mocked } from 'jest-mock';
-import Container from 'typedi';
+import { mock } from 'jest-mock-extended';
+import type { GlobalConfig } from '@n8n/config';
 import type { PublicInstalledPackage } from 'n8n-workflow';
+import type { PackageDirectoryLoader } from 'n8n-core';
 
 import {
 	NODE_PACKAGE_PREFIX,
@@ -11,24 +13,19 @@ import {
 	NPM_PACKAGE_STATUS_GOOD,
 	RESPONSE_ERROR_MESSAGES,
 } from '@/constants';
-import config from '@/config';
 import { InstalledPackages } from '@db/entities/InstalledPackages';
 import type { CommunityPackages } from '@/Interfaces';
 import { CommunityPackagesService } from '@/services/communityPackages.service';
 import { InstalledNodesRepository } from '@db/repositories/installedNodes.repository';
 import { InstalledPackagesRepository } from '@db/repositories/installedPackages.repository';
 import { InstalledNodes } from '@db/entities/InstalledNodes';
-import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
+import type { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
+import type { License } from '@/License';
 
-import { mockInstance } from '../../shared/mocking';
-import {
-	COMMUNITY_NODE_VERSION,
-	COMMUNITY_PACKAGE_VERSION,
-} from '../../integration/shared/constants';
-import { randomName } from '../../integration/shared/random';
-import { mockPackageName, mockPackagePair } from '../../integration/shared/utils';
-import { InstanceSettings, PackageDirectoryLoader } from 'n8n-core';
-import { Logger } from '@/Logger';
+import { mockInstance } from '@test/mocking';
+import { COMMUNITY_NODE_VERSION, COMMUNITY_PACKAGE_VERSION } from '@test-integration/constants';
+import { randomName } from '@test-integration/random';
+import { mockPackageName, mockPackagePair } from '@test-integration/utils';
 
 jest.mock('fs/promises');
 jest.mock('child_process');
@@ -43,10 +40,20 @@ const execMock = ((...args) => {
 }) as typeof exec;
 
 describe('CommunityPackagesService', () => {
+	const license = mock<License>();
+	const globalConfig = mock<GlobalConfig>({
+		nodes: {
+			communityPackages: {
+				reinstallMissing: false,
+				registry: 'some.random.host',
+			},
+		},
+	});
+	const loadNodesAndCredentials = mock<LoadNodesAndCredentials>();
+
+	const nodeName = randomName();
 	const installedNodesRepository = mockInstance(InstalledNodesRepository);
 	installedNodesRepository.create.mockImplementation(() => {
-		const nodeName = randomName();
-
 		return Object.assign(new InstalledNodes(), {
 			name: nodeName,
 			type: nodeName,
@@ -63,13 +70,15 @@ describe('CommunityPackagesService', () => {
 		});
 	});
 
-	mockInstance(LoadNodesAndCredentials);
-
-	const communityPackagesService = Container.get(CommunityPackagesService);
-
-	beforeEach(() => {
-		config.load(config.default);
-	});
+	const communityPackagesService = new CommunityPackagesService(
+		mock(),
+		mock(),
+		mock(),
+		loadNodesAndCredentials,
+		mock(),
+		license,
+		globalConfig,
+	);
 
 	describe('parseNpmPackageName()', () => {
 		test('should fail with empty package name', () => {
@@ -368,50 +377,28 @@ describe('CommunityPackagesService', () => {
 	};
 
 	describe('updateNpmModule', () => {
-		let packageDirectoryLoader: PackageDirectoryLoader;
-		let communityPackagesService: CommunityPackagesService;
+		const installedPackage = mock<InstalledPackages>({ packageName: mockPackageName() });
+		const packageDirectoryLoader = mock<PackageDirectoryLoader>({
+			loadedNodes: [{ name: nodeName, version: 1 }],
+		});
 
 		beforeEach(async () => {
-			jest.restoreAllMocks();
+			jest.clearAllMocks();
 
-			packageDirectoryLoader = mockInstance(PackageDirectoryLoader);
-			const loadNodesAndCredentials = mockInstance(LoadNodesAndCredentials);
 			loadNodesAndCredentials.loadPackage.mockResolvedValue(packageDirectoryLoader);
-			const instanceSettings = mockInstance(InstanceSettings);
-			const logger = mockInstance(Logger);
-			const installedPackagesRepository = mockInstance(InstalledPackagesRepository);
-
-			communityPackagesService = new CommunityPackagesService(
-				instanceSettings,
-				logger,
-				installedPackagesRepository,
-				loadNodesAndCredentials,
-			);
-		});
-
-		afterEach(async () => {
-			jest.restoreAllMocks();
+			mocked(exec).mockImplementation(execMock);
 		});
 
-		test('should call `exec` with the correct command ', async () => {
+		test('should call `exec` with the correct command and registry', async () => {
 			//
 			// ARRANGE
 			//
-			const nodeName = randomName();
-			packageDirectoryLoader.loadedNodes = [{ name: nodeName, version: 1 }];
-
-			const installedPackage = new InstalledPackages();
-			installedPackage.packageName = mockPackageName();
-
-			mocked(exec).mockImplementation(execMock);
+			license.isCustomNpmRegistryEnabled.mockReturnValue(true);
 
 			//
 			// ACT
 			//
-			await communityPackagesService.updateNpmModule(
-				installedPackage.packageName,
-				installedPackage,
-			);
+			await communityPackagesService.updatePackage(installedPackage.packageName, installedPackage);
 
 			//
 			// ASSERT
@@ -420,10 +407,32 @@ describe('CommunityPackagesService', () => {
 			expect(exec).toHaveBeenCalledTimes(1);
 			expect(exec).toHaveBeenNthCalledWith(
 				1,
-				`npm install ${installedPackage.packageName}@latest`,
+				`npm install ${installedPackage.packageName}@latest --registry=some.random.host`,
 				expect.any(Object),
 				expect.any(Function),
 			);
 		});
+
+		test('should throw when not licensed', async () => {
+			//
+			// ARRANGE
+			//
+			license.isCustomNpmRegistryEnabled.mockReturnValue(false);
+
+			//
+			// ACT
+			//
+			const promise = communityPackagesService.updatePackage(
+				installedPackage.packageName,
+				installedPackage,
+			);
+
+			//
+			// ASSERT
+			//
+			await expect(promise).rejects.toThrow(
+				'Your license does not allow for feat:communityNodes:customRegistry.',
+			);
+		});
 	});
 });
diff --git a/packages/cli/test/unit/credentials-tester.unit.test.ts b/packages/cli/src/services/__tests__/credentials-tester.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/credentials-tester.unit.test.ts
rename to packages/cli/src/services/__tests__/credentials-tester.service.test.ts
diff --git a/packages/cli/test/unit/services/curl.service.test.ts b/packages/cli/src/services/__tests__/curl.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/services/curl.service.test.ts
rename to packages/cli/src/services/__tests__/curl.service.test.ts
diff --git a/packages/cli/test/unit/services/hooks.service.test.ts b/packages/cli/src/services/__tests__/hooks.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/services/hooks.service.test.ts
rename to packages/cli/src/services/__tests__/hooks.service.test.ts
diff --git a/packages/cli/test/unit/services/jwt.service.test.ts b/packages/cli/src/services/__tests__/jwt.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/services/jwt.service.test.ts
rename to packages/cli/src/services/__tests__/jwt.service.test.ts
diff --git a/packages/cli/test/unit/services/naming.service.test.ts b/packages/cli/src/services/__tests__/naming.service.test.ts
similarity index 98%
rename from packages/cli/test/unit/services/naming.service.test.ts
rename to packages/cli/src/services/__tests__/naming.service.test.ts
index ea2c34fb8c1ee..1ca216734630e 100644
--- a/packages/cli/test/unit/services/naming.service.test.ts
+++ b/packages/cli/src/services/__tests__/naming.service.test.ts
@@ -1,6 +1,6 @@
 import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
 import { CredentialsRepository } from '@/databases/repositories/credentials.repository';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { NamingService } from '@/services/naming.service';
 import type { WorkflowEntity } from '@/databases/entities/WorkflowEntity';
 import type { CredentialsEntity } from '@/databases/entities/CredentialsEntity';
diff --git a/packages/cli/test/unit/services/orchestration.service.test.ts b/packages/cli/src/services/__tests__/orchestration.service.test.ts
similarity index 95%
rename from packages/cli/test/unit/services/orchestration.service.test.ts
rename to packages/cli/src/services/__tests__/orchestration.service.test.ts
index 75c7c06e40bb6..c69e674613e25 100644
--- a/packages/cli/test/unit/services/orchestration.service.test.ts
+++ b/packages/cli/src/services/__tests__/orchestration.service.test.ts
@@ -1,4 +1,9 @@
 import Container from 'typedi';
+import type Redis from 'ioredis';
+import { mock } from 'jest-mock-extended';
+import { InstanceSettings } from 'n8n-core';
+import type { WorkflowActivateMode } from 'n8n-workflow';
+
 import config from '@/config';
 import { OrchestrationService } from '@/services/orchestration.service';
 import type { RedisServiceWorkerResponseObject } from '@/services/redis/RedisServiceCommands';
@@ -12,12 +17,10 @@ import { ExternalSecretsManager } from '@/ExternalSecrets/ExternalSecretsManager
 import { Logger } from '@/Logger';
 import { Push } from '@/push';
 import { ActiveWorkflowManager } from '@/ActiveWorkflowManager';
-import { mockInstance } from '../../shared/mocking';
-import type { WorkflowActivateMode } from 'n8n-workflow';
+import { mockInstance } from '@test/mocking';
 import { RedisClientService } from '@/services/redis/redis-client.service';
-import type Redis from 'ioredis';
-import { mock } from 'jest-mock-extended';
 
+const instanceSettings = Container.get(InstanceSettings);
 const redisClientService = mockInstance(RedisClientService);
 const mockRedisClient = mock<Redis>();
 redisClientService.createClient.mockReturnValue(mockRedisClient);
@@ -72,6 +75,10 @@ describe('Orchestration Service', () => {
 		queueModeId = config.get('redis.queueModeId');
 	});
 
+	beforeEach(() => {
+		instanceSettings.markAsLeader();
+	});
+
 	afterAll(async () => {
 		jest.mock('@/services/redis/RedisServicePubSubPublisher').restoreAllMocks();
 		jest.mock('@/services/redis/RedisServicePubSubSubscriber').restoreAllMocks();
@@ -141,13 +148,10 @@ describe('Orchestration Service', () => {
 		);
 		expect(helpers.debounceMessageReceiver).toHaveBeenCalledTimes(2);
 		expect(res1!.payload).toBeUndefined();
-		expect((res2!.payload as { result: string }).result).toEqual('debounced');
+		expect(res2!.payload).toEqual({ result: 'debounced' });
 	});
 
 	describe('shouldAddWebhooks', () => {
-		beforeEach(() => {
-			config.set('instanceRole', 'leader');
-		});
 		test('should return true for init', () => {
 			// We want to ensure that webhooks are populated on init
 			// more https://github.com/n8n-io/n8n/pull/8830
@@ -169,7 +173,7 @@ describe('Orchestration Service', () => {
 		});
 
 		test('should return false for update or activate when not leader', () => {
-			config.set('instanceRole', 'follower');
+			instanceSettings.markAsFollower();
 			const modes = ['update', 'activate'] as WorkflowActivateMode[];
 			for (const mode of modes) {
 				const result = os.shouldAddWebhooks(mode);
diff --git a/packages/cli/test/unit/services/ownership.service.test.ts b/packages/cli/src/services/__tests__/ownership.service.test.ts
similarity index 98%
rename from packages/cli/test/unit/services/ownership.service.test.ts
rename to packages/cli/src/services/__tests__/ownership.service.test.ts
index d1a722da19625..8a3d40eb60f8d 100644
--- a/packages/cli/test/unit/services/ownership.service.test.ts
+++ b/packages/cli/src/services/__tests__/ownership.service.test.ts
@@ -3,14 +3,14 @@ import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.reposi
 import { SharedWorkflow } from '@db/entities/SharedWorkflow';
 import { User } from '@db/entities/User';
 import type { SharedCredentials } from '@db/entities/SharedCredentials';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { WorkflowEntity } from '@/databases/entities/WorkflowEntity';
 import { UserRepository } from '@/databases/repositories/user.repository';
 import { mock } from 'jest-mock-extended';
 import { Project } from '@/databases/entities/Project';
 import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
 import { ProjectRelation } from '@/databases/entities/ProjectRelation';
-import { mockCredential, mockProject } from '../shared/mockObjects';
+import { mockCredential, mockProject } from '@test/mockObjects';
 
 describe('OwnershipService', () => {
 	const userRepository = mockInstance(UserRepository);
diff --git a/packages/cli/test/unit/utilities/password.utility.test.ts b/packages/cli/src/services/__tests__/password.utility.test.ts
similarity index 100%
rename from packages/cli/test/unit/utilities/password.utility.test.ts
rename to packages/cli/src/services/__tests__/password.utility.test.ts
diff --git a/packages/cli/test/unit/services/redis.service.test.ts b/packages/cli/src/services/__tests__/redis.service.test.ts
similarity index 94%
rename from packages/cli/test/unit/services/redis.service.test.ts
rename to packages/cli/src/services/__tests__/redis.service.test.ts
index cb963ad535567..1d9652983735c 100644
--- a/packages/cli/test/unit/services/redis.service.test.ts
+++ b/packages/cli/src/services/__tests__/redis.service.test.ts
@@ -2,7 +2,7 @@ import Container from 'typedi';
 import { Logger } from '@/Logger';
 import config from '@/config';
 import { RedisService } from '@/services/redis.service';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 jest.mock('ioredis', () => {
 	const Redis = require('ioredis-mock');
@@ -14,7 +14,7 @@ jest.mock('ioredis', () => {
 		};
 	}
 	// second mock for our code
-	return function (...args: any) {
+	return function (...args: unknown[]) {
 		return new Redis(args);
 	};
 });
diff --git a/packages/cli/test/unit/services/user.service.test.ts b/packages/cli/src/services/__tests__/user.service.test.ts
similarity index 98%
rename from packages/cli/test/unit/services/user.service.test.ts
rename to packages/cli/src/services/__tests__/user.service.test.ts
index 89929f57b0b89..5aeb919220c23 100644
--- a/packages/cli/test/unit/services/user.service.test.ts
+++ b/packages/cli/src/services/__tests__/user.service.test.ts
@@ -4,7 +4,7 @@ import { v4 as uuid } from 'uuid';
 import { User } from '@db/entities/User';
 import { UserService } from '@/services/user.service';
 import { UrlService } from '@/services/url.service';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { UserRepository } from '@/databases/repositories/user.repository';
 import { GlobalConfig } from '@n8n/config';
 
diff --git a/packages/cli/test/unit/services/workflow-statistics.service.test.ts b/packages/cli/src/services/__tests__/workflow-statistics.service.test.ts
similarity index 81%
rename from packages/cli/test/unit/services/workflow-statistics.service.test.ts
rename to packages/cli/src/services/__tests__/workflow-statistics.service.test.ts
index 6d9baf49ea939..b3cc6b7998db8 100644
--- a/packages/cli/test/unit/services/workflow-statistics.service.test.ts
+++ b/packages/cli/src/services/__tests__/workflow-statistics.service.test.ts
@@ -17,8 +17,9 @@ import { WorkflowStatisticsRepository } from '@db/repositories/workflowStatistic
 import { WorkflowStatisticsService } from '@/services/workflow-statistics.service';
 import { UserService } from '@/services/user.service';
 import { OwnershipService } from '@/services/ownership.service';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import type { Project } from '@/databases/entities/Project';
+import type { EventService } from '@/events/event.service';
 
 describe('WorkflowStatisticsService', () => {
 	const fakeUser = mock<User>({ id: 'abcde-fghij' });
@@ -44,21 +45,15 @@ describe('WorkflowStatisticsService', () => {
 	mocked(ownershipService.getProjectOwnerCached).mockResolvedValue(fakeUser);
 	const updateSettingsMock = jest.spyOn(userService, 'updateSettings').mockImplementation();
 
+	const eventService = mock<EventService>();
 	const workflowStatisticsService = new WorkflowStatisticsService(
 		mock(),
 		new WorkflowStatisticsRepository(dataSource, globalConfig),
 		ownershipService,
 		userService,
+		eventService,
 	);
 
-	const onFirstProductionWorkflowSuccess = jest.fn();
-	const onFirstWorkflowDataLoad = jest.fn();
-	workflowStatisticsService.on(
-		'telemetry.onFirstProductionWorkflowSuccess',
-		onFirstProductionWorkflowSuccess,
-	);
-	workflowStatisticsService.on('telemetry.onFirstWorkflowDataLoad', onFirstWorkflowDataLoad);
-
 	beforeEach(() => {
 		jest.clearAllMocks();
 	});
@@ -97,11 +92,10 @@ describe('WorkflowStatisticsService', () => {
 
 			await workflowStatisticsService.workflowExecutionCompleted(workflow, runData);
 			expect(updateSettingsMock).toHaveBeenCalledTimes(1);
-			expect(onFirstProductionWorkflowSuccess).toBeCalledTimes(1);
-			expect(onFirstProductionWorkflowSuccess).toHaveBeenNthCalledWith(1, {
-				project_id: fakeProject.id,
-				user_id: fakeUser.id,
-				workflow_id: workflow.id,
+			expect(eventService.emit).toHaveBeenCalledWith('first-production-workflow-succeeded', {
+				projectId: fakeProject.id,
+				workflowId: workflow.id,
+				userId: fakeUser.id,
 			});
 		});
 
@@ -124,7 +118,7 @@ describe('WorkflowStatisticsService', () => {
 				startedAt: new Date(),
 			};
 			await workflowStatisticsService.workflowExecutionCompleted(workflow, runData);
-			expect(onFirstProductionWorkflowSuccess).toBeCalledTimes(0);
+			expect(eventService.emit).not.toHaveBeenCalled();
 		});
 
 		test('should not send metrics for updated entries', async () => {
@@ -147,7 +141,7 @@ describe('WorkflowStatisticsService', () => {
 			};
 			mockDBCall(2);
 			await workflowStatisticsService.workflowExecutionCompleted(workflow, runData);
-			expect(onFirstProductionWorkflowSuccess).toBeCalledTimes(0);
+			expect(eventService.emit).not.toHaveBeenCalled();
 		});
 	});
 
@@ -164,13 +158,12 @@ describe('WorkflowStatisticsService', () => {
 				parameters: {},
 			};
 			await workflowStatisticsService.nodeFetchedData(workflowId, node);
-			expect(onFirstWorkflowDataLoad).toBeCalledTimes(1);
-			expect(onFirstWorkflowDataLoad).toHaveBeenNthCalledWith(1, {
-				user_id: fakeUser.id,
-				project_id: fakeProject.id,
-				workflow_id: workflowId,
-				node_type: node.type,
-				node_id: node.id,
+			expect(eventService.emit).toHaveBeenCalledWith('first-workflow-data-loaded', {
+				userId: fakeUser.id,
+				project: fakeProject.id,
+				workflowId,
+				nodeType: node.type,
+				nodeId: node.id,
 			});
 		});
 
@@ -192,15 +185,14 @@ describe('WorkflowStatisticsService', () => {
 				},
 			};
 			await workflowStatisticsService.nodeFetchedData(workflowId, node);
-			expect(onFirstWorkflowDataLoad).toBeCalledTimes(1);
-			expect(onFirstWorkflowDataLoad).toHaveBeenNthCalledWith(1, {
-				user_id: fakeUser.id,
-				project_id: fakeProject.id,
-				workflow_id: workflowId,
-				node_type: node.type,
-				node_id: node.id,
-				credential_type: 'testCredentials',
-				credential_id: node.credentials.testCredentials.id,
+			expect(eventService.emit).toHaveBeenCalledWith('first-workflow-data-loaded', {
+				userId: fakeUser.id,
+				project: fakeProject.id,
+				workflowId,
+				nodeType: node.type,
+				nodeId: node.id,
+				credentialType: 'testCredentials',
+				credentialId: node.credentials.testCredentials.id,
 			});
 		});
 
@@ -217,7 +209,7 @@ describe('WorkflowStatisticsService', () => {
 				parameters: {},
 			};
 			await workflowStatisticsService.nodeFetchedData(workflowId, node);
-			expect(onFirstWorkflowDataLoad).toBeCalledTimes(0);
+			expect(eventService.emit).not.toHaveBeenCalled();
 		});
 	});
 });
diff --git a/packages/cli/test/unit/services/cache-mock.service.test.ts b/packages/cli/src/services/cache/__tests__/cache-mock.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/services/cache-mock.service.test.ts
rename to packages/cli/src/services/cache/__tests__/cache-mock.service.test.ts
diff --git a/packages/cli/test/unit/services/cache.service.test.ts b/packages/cli/src/services/cache/__tests__/cache.service.test.ts
similarity index 92%
rename from packages/cli/test/unit/services/cache.service.test.ts
rename to packages/cli/src/services/cache/__tests__/cache.service.test.ts
index a742b20698d46..5c024b2903cc7 100644
--- a/packages/cli/test/unit/services/cache.service.test.ts
+++ b/packages/cli/src/services/cache/__tests__/cache.service.test.ts
@@ -1,6 +1,8 @@
 import { CacheService } from '@/services/cache/cache.service';
 import config from '@/config';
 import { sleep } from 'n8n-workflow';
+import { GlobalConfig } from '@n8n/config';
+import Container from 'typedi';
 
 jest.mock('ioredis', () => {
 	const Redis = require('ioredis-mock');
@@ -13,10 +15,12 @@ jest.mock('ioredis', () => {
 for (const backend of ['memory', 'redis'] as const) {
 	describe(backend, () => {
 		let cacheService: CacheService;
+		let globalConfig: GlobalConfig;
 
 		beforeAll(async () => {
-			config.set('cache.backend', backend);
-			cacheService = new CacheService();
+			globalConfig = Container.get(GlobalConfig);
+			globalConfig.cache.backend = backend;
+			cacheService = new CacheService(globalConfig);
 			await cacheService.init();
 		});
 
@@ -43,7 +47,7 @@ for (const backend of ['memory', 'redis'] as const) {
 
 			if (backend === 'memory') {
 				test('should honor max size when enough', async () => {
-					config.set('cache.memory.maxSize', 16); // enough bytes for "withoutUnicode"
+					globalConfig.cache.memory.maxSize = 16; // enough bytes for "withoutUnicode"
 
 					await cacheService.init();
 					await cacheService.set('key', 'withoutUnicode');
@@ -51,12 +55,12 @@ for (const backend of ['memory', 'redis'] as const) {
 					await expect(cacheService.get('key')).resolves.toBe('withoutUnicode');
 
 					// restore
-					config.set('cache.memory.maxSize', 3 * 1024 * 1024);
+					globalConfig.cache.memory.maxSize = 3 * 1024 * 1024;
 					await cacheService.init();
 				});
 
 				test('should honor max size when not enough', async () => {
-					config.set('cache.memory.maxSize', 16); // not enough bytes for "withUnicodeԱԲԳ"
+					globalConfig.cache.memory.maxSize = 16; // not enough bytes for "withUnicodeԱԲԳ"
 
 					await cacheService.init();
 					await cacheService.set('key', 'withUnicodeԱԲԳ');
@@ -64,7 +68,8 @@ for (const backend of ['memory', 'redis'] as const) {
 					await expect(cacheService.get('key')).resolves.toBeUndefined();
 
 					// restore
-					config.set('cache.memory.maxSize', 3 * 1024 * 1024);
+					globalConfig.cache.memory.maxSize = 3 * 1024 * 1024;
+					// restore
 					await cacheService.init();
 				});
 			}
diff --git a/packages/cli/src/services/cache/cache.service.ts b/packages/cli/src/services/cache/cache.service.ts
index 75dad03b49d26..daf51911ff362 100644
--- a/packages/cli/src/services/cache/cache.service.ts
+++ b/packages/cli/src/services/cache/cache.service.ts
@@ -13,6 +13,7 @@ import type {
 } from '@/services/cache/cache.types';
 import { TIME } from '@/constants';
 import { TypedEmitter } from '@/TypedEmitter';
+import { GlobalConfig } from '@n8n/config';
 
 type CacheEvents = {
 	'metrics.cache.hit': never;
@@ -22,12 +23,15 @@ type CacheEvents = {
 
 @Service()
 export class CacheService extends TypedEmitter<CacheEvents> {
+	constructor(private readonly globalConfig: GlobalConfig) {
+		super();
+	}
+
 	private cache: TaggedRedisCache | TaggedMemoryCache;
 
 	async init() {
-		const backend = config.getEnv('cache.backend');
+		const { backend } = this.globalConfig.cache;
 		const mode = config.getEnv('executions.mode');
-		const ttl = config.getEnv('cache.redis.ttl');
 
 		const useRedis = backend === 'redis' || (backend === 'auto' && mode === 'queue');
 
@@ -36,8 +40,9 @@ export class CacheService extends TypedEmitter<CacheEvents> {
 			const redisClientService = Container.get(RedisClientService);
 
 			const prefixBase = config.getEnv('redis.prefix');
-			const cachePrefix = config.getEnv('cache.redis.prefix');
-			const prefix = redisClientService.toValidPrefix(`${prefixBase}:${cachePrefix}:`);
+			const prefix = redisClientService.toValidPrefix(
+				`${prefixBase}:${this.globalConfig.cache.redis.prefix}:`,
+			);
 
 			const redisClient = redisClientService.createClient({
 				type: 'client(cache)',
@@ -45,7 +50,9 @@ export class CacheService extends TypedEmitter<CacheEvents> {
 			});
 
 			const { redisStoreUsingClient } = await import('@/services/cache/redis.cache-manager');
-			const redisStore = redisStoreUsingClient(redisClient, { ttl });
+			const redisStore = redisStoreUsingClient(redisClient, {
+				ttl: this.globalConfig.cache.redis.ttl,
+			});
 
 			const redisCache = await caching(redisStore);
 
@@ -54,7 +61,7 @@ export class CacheService extends TypedEmitter<CacheEvents> {
 			return;
 		}
 
-		const maxSize = config.getEnv('cache.memory.maxSize');
+		const { maxSize, ttl } = this.globalConfig.cache.memory;
 
 		const sizeCalculation = (item: unknown) => {
 			const str = jsonStringify(item, { replaceCircularRefs: true });
diff --git a/packages/cli/src/services/communityPackages.service.ts b/packages/cli/src/services/communityPackages.service.ts
index 23bf9461d697d..985fb44fabdc7 100644
--- a/packages/cli/src/services/communityPackages.service.ts
+++ b/packages/cli/src/services/communityPackages.service.ts
@@ -5,6 +5,7 @@ import { Service } from 'typedi';
 import { promisify } from 'util';
 import axios from 'axios';
 
+import { GlobalConfig } from '@n8n/config';
 import { ApplicationError, type PublicInstalledPackage } from 'n8n-workflow';
 import { InstanceSettings } from 'n8n-core';
 import type { PackageDirectoryLoader } from 'n8n-core';
@@ -13,15 +14,21 @@ import { toError } from '@/utils';
 import { InstalledPackagesRepository } from '@db/repositories/installedPackages.repository';
 import type { InstalledPackages } from '@db/entities/InstalledPackages';
 import {
+	LICENSE_FEATURES,
 	NODE_PACKAGE_PREFIX,
 	NPM_COMMAND_TOKENS,
 	NPM_PACKAGE_STATUS_GOOD,
 	RESPONSE_ERROR_MESSAGES,
 	UNKNOWN_FAILURE_REASON,
 } from '@/constants';
+import { FeatureNotLicensedError } from '@/errors/feature-not-licensed.error';
 import type { CommunityPackages } from '@/Interfaces';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import { Logger } from '@/Logger';
+import { OrchestrationService } from './orchestration.service';
+import { License } from '@/License';
+
+const DEFAULT_REGISTRY = 'https://registry.npmjs.org';
 
 const {
 	PACKAGE_NAME_NOT_PROVIDED,
@@ -45,6 +52,8 @@ const INVALID_OR_SUSPICIOUS_PACKAGE_NAME = /[^0-9a-z@\-./]/;
 
 @Service()
 export class CommunityPackagesService {
+	reinstallMissingPackages = false;
+
 	missingPackages: string[] = [];
 
 	constructor(
@@ -52,6 +61,9 @@ export class CommunityPackagesService {
 		private readonly logger: Logger,
 		private readonly installedPackageRepository: InstalledPackagesRepository,
 		private readonly loadNodesAndCredentials: LoadNodesAndCredentials,
+		private readonly orchestrationService: OrchestrationService,
+		private readonly license: License,
+		private readonly globalConfig: GlobalConfig,
 	) {}
 
 	get hasMissingPackages() {
@@ -73,11 +85,11 @@ export class CommunityPackagesService {
 		return await this.installedPackageRepository.find({ relations: ['installedNodes'] });
 	}
 
-	async removePackageFromDatabase(packageName: InstalledPackages) {
+	private async removePackageFromDatabase(packageName: InstalledPackages) {
 		return await this.installedPackageRepository.remove(packageName);
 	}
 
-	async persistInstalledPackage(packageLoader: PackageDirectoryLoader) {
+	private async persistInstalledPackage(packageLoader: PackageDirectoryLoader) {
 		try {
 			return await this.installedPackageRepository.saveInstalledPackageWithNodes(packageLoader);
 		} catch (maybeError) {
@@ -251,7 +263,7 @@ export class CommunityPackagesService {
 		}
 	}
 
-	async setMissingPackages({ reinstallMissingPackages }: { reinstallMissingPackages: boolean }) {
+	async checkForMissingPackages() {
 		const installedPackages = await this.getAllInstalledPackages();
 		const missingPackages = new Set<{ packageName: string; version: string }>();
 
@@ -271,24 +283,25 @@ export class CommunityPackagesService {
 
 		if (missingPackages.size === 0) return;
 
-		this.logger.error(
-			'n8n detected that some packages are missing. For more information, visit https://docs.n8n.io/integrations/community-nodes/troubleshooting/',
-		);
-
-		if (reinstallMissingPackages || process.env.N8N_REINSTALL_MISSING_PACKAGES) {
+		const { reinstallMissing } = this.globalConfig.nodes.communityPackages;
+		if (reinstallMissing) {
 			this.logger.info('Attempting to reinstall missing packages', { missingPackages });
 			try {
 				// Optimistic approach - stop if any installation fails
-
 				for (const missingPackage of missingPackages) {
-					await this.installNpmModule(missingPackage.packageName, missingPackage.version);
+					await this.installPackage(missingPackage.packageName, missingPackage.version);
 
 					missingPackages.delete(missingPackage);
 				}
 				this.logger.info('Packages reinstalled successfully. Resuming regular initialization.');
+				await this.loadNodesAndCredentials.postProcessLoaders();
 			} catch (error) {
 				this.logger.error('n8n was unable to install the missing packages.');
 			}
+		} else {
+			this.logger.warn(
+				'n8n detected that some packages are missing. For more information, visit https://docs.n8n.io/integrations/community-nodes/troubleshooting/',
+			);
 		}
 
 		this.missingPackages = [...missingPackages].map(
@@ -296,32 +309,38 @@ export class CommunityPackagesService {
 		);
 	}
 
-	async installNpmModule(packageName: string, version?: string): Promise<InstalledPackages> {
-		return await this.installOrUpdateNpmModule(packageName, { version });
+	async installPackage(packageName: string, version?: string): Promise<InstalledPackages> {
+		return await this.installOrUpdatePackage(packageName, { version });
 	}
 
-	async updateNpmModule(
+	async updatePackage(
 		packageName: string,
 		installedPackage: InstalledPackages,
 	): Promise<InstalledPackages> {
-		return await this.installOrUpdateNpmModule(packageName, { installedPackage });
+		return await this.installOrUpdatePackage(packageName, { installedPackage });
 	}
 
-	async removeNpmModule(packageName: string, installedPackage: InstalledPackages): Promise<void> {
-		await this.executeNpmCommand(`npm remove ${packageName}`);
+	async removePackage(packageName: string, installedPackage: InstalledPackages): Promise<void> {
+		await this.removeNpmPackage(packageName);
 		await this.removePackageFromDatabase(installedPackage);
-		await this.loadNodesAndCredentials.unloadPackage(packageName);
-		await this.loadNodesAndCredentials.postProcessLoaders();
+		await this.orchestrationService.publish('community-package-uninstall', { packageName });
+	}
+
+	private getNpmRegistry() {
+		const { registry } = this.globalConfig.nodes.communityPackages;
+		if (registry !== DEFAULT_REGISTRY && !this.license.isCustomNpmRegistryEnabled()) {
+			throw new FeatureNotLicensedError(LICENSE_FEATURES.COMMUNITY_NODES_CUSTOM_REGISTRY);
+		}
+		return registry;
 	}
 
-	private async installOrUpdateNpmModule(
+	private async installOrUpdatePackage(
 		packageName: string,
 		options: { version?: string } | { installedPackage: InstalledPackages },
 	) {
 		const isUpdate = 'installedPackage' in options;
-		const command = isUpdate
-			? `npm install ${packageName}@latest`
-			: `npm install ${packageName}${options.version ? `@${options.version}` : ''}`;
+		const packageVersion = isUpdate || !options.version ? 'latest' : options.version;
+		const command = `npm install ${packageName}@${packageVersion} --registry=${this.getNpmRegistry()}`;
 
 		try {
 			await this.executeNpmCommand(command);
@@ -337,9 +356,8 @@ export class CommunityPackagesService {
 			loader = await this.loadNodesAndCredentials.loadPackage(packageName);
 		} catch (error) {
 			// Remove this package since loading it failed
-			const removeCommand = `npm remove ${packageName}`;
 			try {
-				await this.executeNpmCommand(removeCommand);
+				await this.executeNpmCommand(`npm remove ${packageName}`);
 			} catch {}
 			throw new ApplicationError(RESPONSE_ERROR_MESSAGES.PACKAGE_LOADING_FAILED, { cause: error });
 		}
@@ -351,7 +369,12 @@ export class CommunityPackagesService {
 					await this.removePackageFromDatabase(options.installedPackage);
 				}
 				const installedPackage = await this.persistInstalledPackage(loader);
+				await this.orchestrationService.publish(
+					isUpdate ? 'community-package-update' : 'community-package-install',
+					{ packageName, packageVersion },
+				);
 				await this.loadNodesAndCredentials.postProcessLoaders();
+				this.logger.info(`Community package installed: ${packageName}`);
 				return installedPackage;
 			} catch (error) {
 				throw new ApplicationError('Failed to save installed package', {
@@ -361,12 +384,26 @@ export class CommunityPackagesService {
 			}
 		} else {
 			// Remove this package since it contains no loadable nodes
-			const removeCommand = `npm remove ${packageName}`;
 			try {
-				await this.executeNpmCommand(removeCommand);
+				await this.executeNpmCommand(`npm remove ${packageName}`);
 			} catch {}
-
 			throw new ApplicationError(RESPONSE_ERROR_MESSAGES.PACKAGE_DOES_NOT_CONTAIN_NODES);
 		}
 	}
+
+	async installOrUpdateNpmPackage(packageName: string, packageVersion: string) {
+		await this.executeNpmCommand(
+			`npm install ${packageName}@${packageVersion} --registry=${this.getNpmRegistry()}`,
+		);
+		await this.loadNodesAndCredentials.loadPackage(packageName);
+		await this.loadNodesAndCredentials.postProcessLoaders();
+		this.logger.info(`Community package installed: ${packageName}`);
+	}
+
+	async removeNpmPackage(packageName: string) {
+		await this.executeNpmCommand(`npm remove ${packageName}`);
+		await this.loadNodesAndCredentials.unloadPackage(packageName);
+		await this.loadNodesAndCredentials.postProcessLoaders();
+		this.logger.info(`Community package uninstalled: ${packageName}`);
+	}
 }
diff --git a/packages/cli/src/services/dynamicNodeParameters.service.ts b/packages/cli/src/services/dynamicNodeParameters.service.ts
index 1788bac6e1877..f3b0f7e192ba3 100644
--- a/packages/cli/src/services/dynamicNodeParameters.service.ts
+++ b/packages/cli/src/services/dynamicNodeParameters.service.ts
@@ -15,6 +15,8 @@ import type {
 	INodeCredentials,
 	INodeParameters,
 	INodeTypeNameVersion,
+	NodeParameterValueType,
+	IDataObject,
 } from 'n8n-workflow';
 import { Workflow, RoutingNode, ApplicationError } from 'n8n-workflow';
 import { NodeExecuteFunctions } from 'n8n-core';
@@ -156,6 +158,24 @@ export class DynamicNodeParametersService {
 		return method.call(thisArgs);
 	}
 
+	/** Returns the result of the action handler */
+	async getActionResult(
+		handler: string,
+		path: string,
+		additionalData: IWorkflowExecuteAdditionalData,
+		nodeTypeAndVersion: INodeTypeNameVersion,
+		currentNodeParameters: INodeParameters,
+		payload: IDataObject | string | undefined,
+		credentials?: INodeCredentials,
+	): Promise<NodeParameterValueType> {
+		const nodeType = this.getNodeType(nodeTypeAndVersion);
+		const method = this.getMethod('actionHandler', handler, nodeType);
+		const workflow = this.getWorkflow(nodeTypeAndVersion, currentNodeParameters, credentials);
+		const thisArgs = this.getThisArg(path, additionalData, workflow);
+		// eslint-disable-next-line @typescript-eslint/no-unsafe-return
+		return method.call(thisArgs, payload);
+	}
+
 	private getMethod(
 		type: 'resourceMapping',
 		methodName: string,
@@ -175,9 +195,14 @@ export class DynamicNodeParametersService {
 		methodName: string,
 		nodeType: INodeType,
 	): (this: ILoadOptionsFunctions) => Promise<INodePropertyOptions[]>;
+	private getMethod(
+		type: 'actionHandler',
+		methodName: string,
+		nodeType: INodeType,
+	): (this: ILoadOptionsFunctions, payload?: string) => Promise<NodeParameterValueType>;
 
 	private getMethod(
-		type: 'resourceMapping' | 'listSearch' | 'loadOptions',
+		type: 'resourceMapping' | 'listSearch' | 'loadOptions' | 'actionHandler',
 		methodName: string,
 		nodeType: INodeType,
 	) {
diff --git a/packages/cli/src/services/frontend.service.ts b/packages/cli/src/services/frontend.service.ts
index 7cd9843c1d97f..fc38eb992e154 100644
--- a/packages/cli/src/services/frontend.service.ts
+++ b/packages/cli/src/services/frontend.service.ts
@@ -31,7 +31,7 @@ import { UserManagementMailer } from '@/UserManagement/email';
 import type { CommunityPackagesService } from '@/services/communityPackages.service';
 import { Logger } from '@/Logger';
 import { UrlService } from './url.service';
-import { InternalHooks } from '@/InternalHooks';
+import { EventService } from '@/events/event.service';
 import { isApiEnabled } from '@/PublicApi';
 
 @Service()
@@ -50,7 +50,7 @@ export class FrontendService {
 		private readonly mailer: UserManagementMailer,
 		private readonly instanceSettings: InstanceSettings,
 		private readonly urlService: UrlService,
-		private readonly internalHooks: InternalHooks,
+		private readonly eventService: EventService,
 	) {
 		loadNodesAndCredentials.addPostProcessor(async () => await this.generateTypes());
 		void this.generateTypes();
@@ -244,7 +244,7 @@ export class FrontendService {
 	}
 
 	getSettings(pushRef?: string): IN8nUISettings {
-		this.internalHooks.onFrontendSettingsAPI(pushRef);
+		this.eventService.emit('session-started', { pushRef });
 
 		const restEndpoint = this.globalConfig.endpoints.rest;
 
diff --git a/packages/cli/src/services/orchestration.service.ts b/packages/cli/src/services/orchestration.service.ts
index bfc1d140fc6fa..283470f4d2114 100644
--- a/packages/cli/src/services/orchestration.service.ts
+++ b/packages/cli/src/services/orchestration.service.ts
@@ -7,11 +7,13 @@ import type { RedisServiceBaseCommand, RedisServiceCommand } from './redis/Redis
 import { RedisService } from './redis.service';
 import { MultiMainSetup } from './orchestration/main/MultiMainSetup.ee';
 import type { WorkflowActivateMode } from 'n8n-workflow';
+import { InstanceSettings } from 'n8n-core';
 
 @Service()
 export class OrchestrationService {
 	constructor(
 		private readonly logger: Logger,
+		private readonly instanceSettings: InstanceSettings,
 		private readonly redisService: RedisService,
 		readonly multiMainSetup: MultiMainSetup,
 	) {}
@@ -43,12 +45,14 @@ export class OrchestrationService {
 		return config.getEnv('redis.queueModeId');
 	}
 
+	/** @deprecated use InstanceSettings.isLeader */
 	get isLeader() {
-		return config.getEnv('instanceRole') === 'leader';
+		return this.instanceSettings.isLeader;
 	}
 
+	/** @deprecated use InstanceSettings.isFollower */
 	get isFollower() {
-		return config.getEnv('instanceRole') !== 'leader';
+		return this.instanceSettings.isFollower;
 	}
 
 	sanityCheck() {
@@ -63,7 +67,7 @@ export class OrchestrationService {
 		if (this.isMultiMainSetupEnabled) {
 			await this.multiMainSetup.init();
 		} else {
-			config.set('instanceRole', 'leader');
+			this.instanceSettings.markAsLeader();
 		}
 
 		this.isInitialized = true;
diff --git a/packages/cli/src/services/orchestration/main/MultiMainSetup.ee.ts b/packages/cli/src/services/orchestration/main/MultiMainSetup.ee.ts
index cabcf5996bc08..89c6ef725ab45 100644
--- a/packages/cli/src/services/orchestration/main/MultiMainSetup.ee.ts
+++ b/packages/cli/src/services/orchestration/main/MultiMainSetup.ee.ts
@@ -1,6 +1,7 @@
 import config from '@/config';
 import { Service } from 'typedi';
 import { TIME } from '@/constants';
+import { InstanceSettings } from 'n8n-core';
 import { ErrorReporterProxy as EventReporter } from 'n8n-workflow';
 import { Logger } from '@/Logger';
 import { RedisServicePubSubPublisher } from '@/services/redis/RedisServicePubSubPublisher';
@@ -16,6 +17,7 @@ type MultiMainEvents = {
 export class MultiMainSetup extends TypedEmitter<MultiMainEvents> {
 	constructor(
 		private readonly logger: Logger,
+		private readonly instanceSettings: InstanceSettings,
 		private readonly redisPublisher: RedisServicePubSubPublisher,
 		private readonly redisClientService: RedisClientService,
 	) {
@@ -50,7 +52,7 @@ export class MultiMainSetup extends TypedEmitter<MultiMainEvents> {
 	async shutdown() {
 		clearInterval(this.leaderCheckInterval);
 
-		const isLeader = config.getEnv('instanceRole') === 'leader';
+		const { isLeader } = this.instanceSettings;
 
 		if (isLeader) await this.redisPublisher.clear(this.leaderKey);
 	}
@@ -69,8 +71,8 @@ export class MultiMainSetup extends TypedEmitter<MultiMainEvents> {
 		if (leaderId && leaderId !== this.instanceId) {
 			this.logger.debug(`[Instance ID ${this.instanceId}] Leader is other instance "${leaderId}"`);
 
-			if (config.getEnv('instanceRole') === 'leader') {
-				config.set('instanceRole', 'follower');
+			if (this.instanceSettings.isLeader) {
+				this.instanceSettings.markAsFollower();
 
 				this.emit('leader-stepdown'); // lost leadership - stop triggers, pollers, pruning, wait-tracking, queue recovery
 
@@ -85,7 +87,7 @@ export class MultiMainSetup extends TypedEmitter<MultiMainEvents> {
 				`[Instance ID ${this.instanceId}] Leadership vacant, attempting to become leader...`,
 			);
 
-			config.set('instanceRole', 'follower');
+			this.instanceSettings.markAsFollower();
 
 			/**
 			 * Lost leadership - stop triggers, pollers, pruning, wait tracking, license renewal, queue recovery
@@ -106,7 +108,7 @@ export class MultiMainSetup extends TypedEmitter<MultiMainEvents> {
 		if (keySetSuccessfully) {
 			this.logger.debug(`[Instance ID ${this.instanceId}] Leader is now this instance`);
 
-			config.set('instanceRole', 'leader');
+			this.instanceSettings.markAsLeader();
 
 			await this.redisPublisher.setExpiration(this.leaderKey, this.leaderKeyTtl);
 
@@ -115,7 +117,7 @@ export class MultiMainSetup extends TypedEmitter<MultiMainEvents> {
 			 */
 			this.emit('leader-takeover');
 		} else {
-			config.set('instanceRole', 'follower');
+			this.instanceSettings.markAsFollower();
 		}
 	}
 
diff --git a/packages/cli/src/services/orchestration/main/handleCommandMessageMain.ts b/packages/cli/src/services/orchestration/main/handleCommandMessageMain.ts
index 8abcbe78b2c47..9a7b6b5640dd0 100644
--- a/packages/cli/src/services/orchestration/main/handleCommandMessageMain.ts
+++ b/packages/cli/src/services/orchestration/main/handleCommandMessageMain.ts
@@ -7,9 +7,10 @@ import { License } from '@/License';
 import { Logger } from '@/Logger';
 import { ActiveWorkflowManager } from '@/ActiveWorkflowManager';
 import { Push } from '@/push';
-import { TestWebhooks } from '@/TestWebhooks';
+import { TestWebhooks } from '@/webhooks/TestWebhooks';
 import { OrchestrationService } from '@/services/orchestration.service';
 import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
+import { CommunityPackagesService } from '@/services/communityPackages.service';
 
 // eslint-disable-next-line complexity
 export async function handleCommandMessageMain(messageString: string) {
@@ -77,6 +78,20 @@ export async function handleCommandMessageMain(messageString: string) {
 				}
 				await Container.get(ExternalSecretsManager).reloadAllProviders();
 				break;
+			case 'community-package-install':
+			case 'community-package-update':
+			case 'community-package-uninstall':
+				if (!debounceMessageReceiver(message, 200)) {
+					return message;
+				}
+				const { packageName, packageVersion } = message.payload;
+				const communityPackagesService = Container.get(CommunityPackagesService);
+				if (message.command === 'community-package-uninstall') {
+					await communityPackagesService.removeNpmPackage(packageName);
+				} else {
+					await communityPackagesService.installOrUpdateNpmPackage(packageName, packageVersion);
+				}
+				break;
 
 			case 'add-webhooks-triggers-and-pollers': {
 				if (!debounceMessageReceiver(message, 100)) {
diff --git a/packages/cli/src/services/orchestration/webhook/handleCommandMessageWebhook.ts b/packages/cli/src/services/orchestration/webhook/handleCommandMessageWebhook.ts
index 9dc326978d803..e6f6e656280a8 100644
--- a/packages/cli/src/services/orchestration/webhook/handleCommandMessageWebhook.ts
+++ b/packages/cli/src/services/orchestration/webhook/handleCommandMessageWebhook.ts
@@ -5,6 +5,7 @@ import Container from 'typedi';
 import { Logger } from 'winston';
 import { messageToRedisServiceCommandObject, debounceMessageReceiver } from '../helpers';
 import config from '@/config';
+import { CommunityPackagesService } from '@/services/communityPackages.service';
 
 export async function handleCommandMessageWebhook(messageString: string) {
 	const queueModeId = config.getEnv('redis.queueModeId');
@@ -63,6 +64,20 @@ export async function handleCommandMessageWebhook(messageString: string) {
 				}
 				await Container.get(ExternalSecretsManager).reloadAllProviders();
 				break;
+			case 'community-package-install':
+			case 'community-package-update':
+			case 'community-package-uninstall':
+				if (!debounceMessageReceiver(message, 200)) {
+					return message;
+				}
+				const { packageName, packageVersion } = message.payload;
+				const communityPackagesService = Container.get(CommunityPackagesService);
+				if (message.command === 'community-package-uninstall') {
+					await communityPackagesService.removeNpmPackage(packageName);
+				} else {
+					await communityPackagesService.installOrUpdateNpmPackage(packageName, packageVersion);
+				}
+				break;
 
 			default:
 				break;
diff --git a/packages/cli/src/services/orchestration/worker/handleCommandMessageWorker.ts b/packages/cli/src/services/orchestration/worker/handleCommandMessageWorker.ts
index fa9ee67675e83..23c96e1a41cd9 100644
--- a/packages/cli/src/services/orchestration/worker/handleCommandMessageWorker.ts
+++ b/packages/cli/src/services/orchestration/worker/handleCommandMessageWorker.ts
@@ -10,6 +10,7 @@ import { debounceMessageReceiver, getOsCpuString } from '../helpers';
 import type { WorkerCommandReceivedHandlerOptions } from './types';
 import { Logger } from '@/Logger';
 import { N8N_VERSION } from '@/constants';
+import { CommunityPackagesService } from '@/services/communityPackages.service';
 
 export function getWorkerCommandReceivedHandler(options: WorkerCommandReceivedHandlerOptions) {
 	// eslint-disable-next-line complexity
@@ -112,6 +113,18 @@ export function getWorkerCommandReceivedHandler(options: WorkerCommandReceivedHa
 							});
 						}
 						break;
+					case 'community-package-install':
+					case 'community-package-update':
+					case 'community-package-uninstall':
+						if (!debounceMessageReceiver(message, 500)) return;
+						const { packageName, packageVersion } = message.payload;
+						const communityPackagesService = Container.get(CommunityPackagesService);
+						if (message.command === 'community-package-uninstall') {
+							await communityPackagesService.removeNpmPackage(packageName);
+						} else {
+							await communityPackagesService.installOrUpdateNpmPackage(packageName, packageVersion);
+						}
+						break;
 					case 'reloadLicense':
 						if (!debounceMessageReceiver(message, 500)) return;
 						await Container.get(License).reload();
diff --git a/packages/cli/src/services/orchestration/worker/types.ts b/packages/cli/src/services/orchestration/worker/types.ts
index 351c56394a31c..84c515466e2c2 100644
--- a/packages/cli/src/services/orchestration/worker/types.ts
+++ b/packages/cli/src/services/orchestration/worker/types.ts
@@ -1,11 +1,12 @@
 import type { ExecutionStatus, WorkflowExecuteMode } from 'n8n-workflow';
 import type { RedisServicePubSubPublisher } from '../../redis/RedisServicePubSubPublisher';
+import type { RunningJobSummary } from '@/scaling/types';
 
 export interface WorkerCommandReceivedHandlerOptions {
 	queueModeId: string;
 	redisPublisher: RedisServicePubSubPublisher;
-	getRunningJobIds: () => string[];
-	getRunningJobsSummary: () => WorkerJobStatusSummary[];
+	getRunningJobIds: () => Array<string | number>;
+	getRunningJobsSummary: () => RunningJobSummary[];
 }
 
 export interface WorkerJobStatusSummary {
diff --git a/packages/cli/src/services/pruning.service.ts b/packages/cli/src/services/pruning.service.ts
index 78c0aad03750c..7f824836ae4ee 100644
--- a/packages/cli/src/services/pruning.service.ts
+++ b/packages/cli/src/services/pruning.service.ts
@@ -1,5 +1,5 @@
 import { Service } from 'typedi';
-import { BinaryDataService } from 'n8n-core';
+import { BinaryDataService, InstanceSettings } from 'n8n-core';
 import { inTest, TIME } from '@/constants';
 import config from '@/config';
 import { ExecutionRepository } from '@db/repositories/execution.repository';
@@ -25,6 +25,7 @@ export class PruningService {
 
 	constructor(
 		private readonly logger: Logger,
+		private readonly instanceSettings: InstanceSettings,
 		private readonly executionRepository: ExecutionRepository,
 		private readonly binaryDataService: BinaryDataService,
 		private readonly orchestrationService: OrchestrationService,
@@ -56,7 +57,7 @@ export class PruningService {
 		if (
 			config.getEnv('multiMainSetup.enabled') &&
 			config.getEnv('generic.instanceType') === 'main' &&
-			config.getEnv('instanceRole') === 'follower'
+			this.instanceSettings.isFollower
 		) {
 			return false;
 		}
diff --git a/packages/cli/src/services/redis/RedisConstants.ts b/packages/cli/src/services/redis/RedisConstants.ts
index 281817b9c719f..038e94e9ce615 100644
--- a/packages/cli/src/services/redis/RedisConstants.ts
+++ b/packages/cli/src/services/redis/RedisConstants.ts
@@ -1,6 +1,2 @@
-export const EVENT_BUS_REDIS_STREAM = 'n8n:eventstream';
-export const COMMAND_REDIS_STREAM = 'n8n:commandstream';
-export const WORKER_RESPONSE_REDIS_STREAM = 'n8n:workerstream';
 export const COMMAND_REDIS_CHANNEL = 'n8n.commands';
 export const WORKER_RESPONSE_REDIS_CHANNEL = 'n8n.worker-response';
-export const WORKER_RESPONSE_REDIS_LIST = 'n8n:list:worker-response';
diff --git a/packages/cli/src/services/redis/RedisServiceCommands.ts b/packages/cli/src/services/redis/RedisServiceCommands.ts
index 009f39ef650eb..a8ae41c11390b 100644
--- a/packages/cli/src/services/redis/RedisServiceCommands.ts
+++ b/packages/cli/src/services/redis/RedisServiceCommands.ts
@@ -7,6 +7,9 @@ export type RedisServiceCommand =
 	| 'stopWorker'
 	| 'reloadLicense'
 	| 'reloadExternalSecretsProviders'
+	| 'community-package-install'
+	| 'community-package-update'
+	| 'community-package-uninstall'
 	| 'display-workflow-activation' // multi-main only
 	| 'display-workflow-deactivation' // multi-main only
 	| 'add-webhooks-triggers-and-pollers' // multi-main only
@@ -26,7 +29,11 @@ export type RedisServiceBaseCommand =
 			senderId: string;
 			command: Exclude<
 				RedisServiceCommand,
-				'relay-execution-lifecycle-event' | 'clear-test-webhooks'
+				| 'relay-execution-lifecycle-event'
+				| 'clear-test-webhooks'
+				| 'community-package-install'
+				| 'community-package-update'
+				| 'community-package-uninstall'
 			>;
 			payload?: {
 				[key: string]: string | number | boolean | string[] | number[] | boolean[];
@@ -41,6 +48,14 @@ export type RedisServiceBaseCommand =
 			senderId: string;
 			command: 'clear-test-webhooks';
 			payload: { webhookKey: string; workflowEntity: IWorkflowDb; pushRef: string };
+	  }
+	| {
+			senderId: string;
+			command:
+				| 'community-package-install'
+				| 'community-package-update'
+				| 'community-package-uninstall';
+			payload: { packageName: string; packageVersion: string };
 	  };
 
 export type RedisServiceWorkerResponseObject = {
diff --git a/packages/cli/src/services/redis/redis-client.service.ts b/packages/cli/src/services/redis/redis-client.service.ts
index 7363a9c9b7ec8..b5c86523e006a 100644
--- a/packages/cli/src/services/redis/redis-client.service.ts
+++ b/packages/cli/src/services/redis/redis-client.service.ts
@@ -1,17 +1,20 @@
 import { Service } from 'typedi';
-import config from '@/config';
 import { Logger } from '@/Logger';
 import ioRedis from 'ioredis';
 import type { Cluster, RedisOptions } from 'ioredis';
 import type { RedisClientType } from './RedisServiceBaseClasses';
 import { OnShutdown } from '@/decorators/OnShutdown';
 import { LOWEST_SHUTDOWN_PRIORITY } from '@/constants';
+import { GlobalConfig } from '@n8n/config';
 
 @Service()
 export class RedisClientService {
 	private readonly clients = new Set<ioRedis | Cluster>();
 
-	constructor(private readonly logger: Logger) {}
+	constructor(
+		private readonly logger: Logger,
+		private readonly globalConfig: GlobalConfig,
+	) {}
 
 	createClient(arg: { type: RedisClientType; extraOptions?: RedisOptions }) {
 		const client =
@@ -57,7 +60,7 @@ export class RedisClientService {
 	}) {
 		const options = this.getOptions({ extraOptions });
 
-		const { host, port } = config.getEnv('queue.bull.redis');
+		const { host, port } = this.globalConfig.queue.bull.redis;
 
 		options.host = host;
 		options.port = port;
@@ -87,7 +90,7 @@ export class RedisClientService {
 	}
 
 	private getOptions({ extraOptions }: { extraOptions?: RedisOptions }) {
-		const { username, password, db, tls } = config.getEnv('queue.bull.redis');
+		const { username, password, db, tls } = this.globalConfig.queue.bull.redis;
 
 		/**
 		 * Disabling ready check allows quick reconnection to Redis if Redis becomes
@@ -124,7 +127,7 @@ export class RedisClientService {
 	private retryStrategy() {
 		const RETRY_INTERVAL = 500; // ms
 		const RESET_LENGTH = 30_000; // ms
-		const MAX_TIMEOUT = config.getEnv('queue.bull.redis.timeoutThreshold');
+		const MAX_TIMEOUT = this.globalConfig.queue.bull.redis.timeoutThreshold;
 
 		let lastAttemptTs = 0;
 		let cumulativeTimeout = 0;
@@ -152,8 +155,7 @@ export class RedisClientService {
 	}
 
 	private clusterNodes() {
-		return config
-			.getEnv('queue.bull.redis.clusterNodes')
+		return this.globalConfig.queue.bull.redis.clusterNodes
 			.split(',')
 			.filter((pair) => pair.trim().length > 0)
 			.map((pair) => {
diff --git a/packages/cli/src/services/user.service.ts b/packages/cli/src/services/user.service.ts
index 007054c6aa980..19b49fdb1927e 100644
--- a/packages/cli/src/services/user.service.ts
+++ b/packages/cli/src/services/user.service.ts
@@ -1,4 +1,4 @@
-import { Container, Service } from 'typedi';
+import { Service } from 'typedi';
 import type { IUserSettings } from 'n8n-workflow';
 import { ApplicationError, ErrorReporterProxy as ErrorReporter } from 'n8n-workflow';
 
@@ -8,11 +8,10 @@ import type { Invitation, PublicUser } from '@/Interfaces';
 import type { PostHogClient } from '@/posthog';
 import { Logger } from '@/Logger';
 import { UserManagementMailer } from '@/UserManagement/email';
-import { InternalHooks } from '@/InternalHooks';
 import { UrlService } from '@/services/url.service';
 import type { UserRequest } from '@/requests';
 import { InternalServerError } from '@/errors/response-errors/internal-server.error';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @Service()
 export class UserService {
@@ -144,32 +143,28 @@ export class UserService {
 					if (result.emailSent) {
 						invitedUser.user.emailSent = true;
 						delete invitedUser.user?.inviteAcceptUrl;
-						Container.get(InternalHooks).onUserTransactionalEmail({
-							user_id: id,
-							message_type: 'New user invite',
-							public_api: false,
+
+						this.eventService.emit('user-transactional-email-sent', {
+							userId: id,
+							messageType: 'New user invite',
+							publicApi: false,
 						});
 					}
 
-					Container.get(InternalHooks).onUserInvite({
-						user: owner,
-						target_user_id: Object.values(toInviteUsers),
-						public_api: false,
-						email_sent: result.emailSent,
-						invitee_role: role, // same role for all invited users
-					});
 					this.eventService.emit('user-invited', {
 						user: owner,
 						targetUserId: Object.values(toInviteUsers),
+						publicApi: false,
+						emailSent: result.emailSent,
+						inviteeRole: role, // same role for all invited users
 					});
 				} catch (e) {
 					if (e instanceof Error) {
-						Container.get(InternalHooks).onEmailFailed({
+						this.eventService.emit('email-failed', {
 							user: owner,
-							message_type: 'New user invite',
-							public_api: false,
+							messageType: 'New user invite',
+							publicApi: false,
 						});
-						this.eventService.emit('email-failed', { user: owner, messageType: 'New user invite' });
 						this.logger.error('Failed to send email', {
 							userId: owner.id,
 							inviteAcceptUrl,
diff --git a/packages/cli/src/services/workflow-statistics.service.ts b/packages/cli/src/services/workflow-statistics.service.ts
index 9311ef885dfbd..262dae4f1c545 100644
--- a/packages/cli/src/services/workflow-statistics.service.ts
+++ b/packages/cli/src/services/workflow-statistics.service.ts
@@ -6,6 +6,7 @@ import { UserService } from '@/services/user.service';
 import { Logger } from '@/Logger';
 import { OwnershipService } from './ownership.service';
 import { TypedEmitter } from '@/TypedEmitter';
+import { EventService } from '@/events/event.service';
 
 type WorkflowStatisticsEvents = {
 	nodeFetchedData: { workflowId: string; node: INode };
@@ -31,6 +32,7 @@ export class WorkflowStatisticsService extends TypedEmitter<WorkflowStatisticsEv
 		private readonly repository: WorkflowStatisticsRepository,
 		private readonly ownershipService: OwnershipService,
 		private readonly userService: UserService,
+		private readonly eventService: EventService,
 	) {
 		super({ captureRejections: true });
 		if ('SKIP_STATISTICS_EVENTS' in process.env) return;
@@ -72,12 +74,6 @@ export class WorkflowStatisticsService extends TypedEmitter<WorkflowStatisticsEv
 				if (project.type === 'personal') {
 					const owner = await this.ownershipService.getProjectOwnerCached(project.id);
 
-					const metrics = {
-						project_id: project.id,
-						workflow_id: workflowId,
-						user_id: owner!.id,
-					};
-
 					if (owner && !owner.settings?.userActivated) {
 						await this.userService.updateSettings(owner.id, {
 							firstSuccessfulWorkflowId: workflowId,
@@ -86,8 +82,11 @@ export class WorkflowStatisticsService extends TypedEmitter<WorkflowStatisticsEv
 						});
 					}
 
-					// Send the metrics
-					this.emit('telemetry.onFirstProductionWorkflowSuccess', metrics);
+					this.eventService.emit('first-production-workflow-succeeded', {
+						projectId: project.id,
+						workflowId,
+						userId: owner!.id,
+					});
 				}
 			}
 		} catch (error) {
@@ -109,24 +108,23 @@ export class WorkflowStatisticsService extends TypedEmitter<WorkflowStatisticsEv
 		const owner = await this.ownershipService.getProjectOwnerCached(project.id);
 
 		let metrics = {
-			user_id: owner!.id,
-			project_id: project.id,
-			workflow_id: workflowId,
-			node_type: node.type,
-			node_id: node.id,
+			userId: owner!.id,
+			project: project.id,
+			workflowId,
+			nodeType: node.type,
+			nodeId: node.id,
 		};
 
 		// This is probably naive but I can't see a way for a node to have multiple credentials attached so..
 		if (node.credentials) {
 			Object.entries(node.credentials).forEach(([credName, credDetails]) => {
 				metrics = Object.assign(metrics, {
-					credential_type: credName,
-					credential_id: credDetails.id,
+					credentialType: credName,
+					credentialId: credDetails.id,
 				});
 			});
 		}
 
-		// Send metrics to posthog
-		this.emit('telemetry.onFirstWorkflowDataLoad', metrics);
+		this.eventService.emit('first-workflow-data-loaded', metrics);
 	}
 }
diff --git a/packages/cli/test/unit/shutdown/Shutdown.service.test.ts b/packages/cli/src/shutdown/__tests__/Shutdown.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/shutdown/Shutdown.service.test.ts
rename to packages/cli/src/shutdown/__tests__/Shutdown.service.test.ts
diff --git a/packages/cli/test/unit/sso/saml/saml.service.ee.test.ts b/packages/cli/src/sso/saml/__tests__/saml.service.ee.test.ts
similarity index 97%
rename from packages/cli/test/unit/sso/saml/saml.service.ee.test.ts
rename to packages/cli/src/sso/saml/__tests__/saml.service.ee.test.ts
index 9ba6ddaf2a6bd..89d693fc98037 100644
--- a/packages/cli/test/unit/sso/saml/saml.service.ee.test.ts
+++ b/packages/cli/src/sso/saml/__tests__/saml.service.ee.test.ts
@@ -1,7 +1,7 @@
 import { mock } from 'jest-mock-extended';
 import type express from 'express';
 import { SamlService } from '@/sso/saml/saml.service.ee';
-import { mockInstance } from '../../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { UrlService } from '@/services/url.service';
 import { Logger } from '@/Logger';
 import type { IdentityProviderInstance, ServiceProviderInstance } from 'samlify';
diff --git a/packages/cli/test/unit/sso/saml/samlHelpers.test.ts b/packages/cli/src/sso/saml/__tests__/samlHelpers.test.ts
similarity index 96%
rename from packages/cli/test/unit/sso/saml/samlHelpers.test.ts
rename to packages/cli/src/sso/saml/__tests__/samlHelpers.test.ts
index f6c35ff67e514..778b1a0857156 100644
--- a/packages/cli/test/unit/sso/saml/samlHelpers.test.ts
+++ b/packages/cli/src/sso/saml/__tests__/samlHelpers.test.ts
@@ -2,7 +2,7 @@ import { User } from '@/databases/entities/User';
 import { generateNanoId } from '@/databases/utils/generators';
 import * as helpers from '@/sso/saml/samlHelpers';
 import type { SamlUserAttributes } from '@/sso/saml/types/samlUserAttributes';
-import { mockInstance } from '../../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { UserRepository } from '@/databases/repositories/user.repository';
 import type { AuthIdentity } from '@/databases/entities/AuthIdentity';
 import { AuthIdentityRepository } from '@/databases/repositories/authIdentity.repository';
diff --git a/packages/cli/src/sso/saml/routes/saml.controller.ee.ts b/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
index 344bd34e92b72..8169ee317bfee 100644
--- a/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
+++ b/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
@@ -27,7 +27,7 @@ import {
 import { SamlService } from '../saml.service.ee';
 import { SamlConfiguration } from '../types/requests';
 import { getInitSSOFormView } from '../views/initSsoPost';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @RestController('/sso/saml')
 export class SamlController {
diff --git a/packages/cli/test/unit/Telemetry.test.ts b/packages/cli/src/telemetry/__tests__/telemetry.test.ts
similarity index 68%
rename from packages/cli/test/unit/Telemetry.test.ts
rename to packages/cli/src/telemetry/__tests__/telemetry.test.ts
index af8445c814663..ca30c86ec4ade 100644
--- a/packages/cli/test/unit/Telemetry.test.ts
+++ b/packages/cli/src/telemetry/__tests__/telemetry.test.ts
@@ -1,11 +1,10 @@
 import type RudderStack from '@rudderstack/rudder-sdk-node';
 import { Telemetry } from '@/telemetry';
 import config from '@/config';
-import { flushPromises } from './Helpers';
 import { PostHogClient } from '@/posthog';
 import { mock } from 'jest-mock-extended';
 import { InstanceSettings } from 'n8n-core';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 jest.unmock('@/telemetry');
 jest.mock('@/posthog');
@@ -35,7 +34,7 @@ describe('Telemetry', () => {
 		jest.clearAllTimers();
 		jest.useRealTimers();
 		startPulseSpy.mockRestore();
-		await telemetry.trackN8nStop();
+		await telemetry.stopTracking();
 	});
 
 	beforeEach(async () => {
@@ -50,14 +49,7 @@ describe('Telemetry', () => {
 	});
 
 	afterEach(async () => {
-		await telemetry.trackN8nStop();
-	});
-
-	describe('trackN8nStop', () => {
-		test('should call track method', async () => {
-			await telemetry.trackN8nStop();
-			expect(spyTrack).toHaveBeenCalledTimes(1);
-		});
+		await telemetry.stopTracking();
 	});
 
 	describe('trackWorkflowExecution', () => {
@@ -266,162 +258,6 @@ describe('Telemetry', () => {
 			expect(execBuffer['2'].prod_success?.first).toEqual(execTime1);
 		});
 	});
-
-	describe('pulse', () => {
-		let pulseSpy: jest.SpyInstance;
-		beforeAll(() => {
-			startPulseSpy.mockRestore();
-		});
-
-		beforeEach(() => {
-			fakeJestSystemTime(testDateTime);
-			pulseSpy = jest.spyOn(Telemetry.prototype as any, 'pulse').mockName('pulseSpy');
-		});
-
-		afterEach(() => {
-			pulseSpy.mockClear();
-		});
-
-		xtest('should trigger pulse in intervals', async () => {
-			expect(pulseSpy).toBeCalledTimes(0);
-
-			jest.advanceTimersToNextTimer();
-			await flushPromises();
-
-			expect(pulseSpy).toBeCalledTimes(1);
-			expect(spyTrack).toHaveBeenCalledTimes(1);
-			expect(spyTrack).toHaveBeenCalledWith('pulse', {
-				plan_name_current: 'Community',
-				quota: -1,
-				usage: 0,
-			});
-
-			jest.advanceTimersToNextTimer();
-
-			await flushPromises();
-
-			expect(pulseSpy).toBeCalledTimes(2);
-			expect(spyTrack).toHaveBeenCalledTimes(2);
-			expect(spyTrack).toHaveBeenCalledWith('pulse', {
-				plan_name_current: 'Community',
-				quota: -1,
-				usage: 0,
-			});
-		});
-
-		xtest('should track workflow counts correctly', async () => {
-			expect(pulseSpy).toBeCalledTimes(0);
-
-			let execBuffer = telemetry.getCountsBuffer();
-
-			// expect clear counters on start
-			expect(Object.keys(execBuffer).length).toBe(0);
-
-			const payload = {
-				workflow_id: '1',
-				is_manual: true,
-				success: true,
-				error_node_type: 'custom-nodes-base.node-type',
-			};
-
-			telemetry.trackWorkflowExecution(payload);
-			telemetry.trackWorkflowExecution(payload);
-
-			payload.is_manual = false;
-			payload.success = true;
-			telemetry.trackWorkflowExecution(payload);
-			telemetry.trackWorkflowExecution(payload);
-
-			payload.is_manual = true;
-			payload.success = false;
-			telemetry.trackWorkflowExecution(payload);
-			telemetry.trackWorkflowExecution(payload);
-
-			payload.is_manual = false;
-			payload.success = false;
-			telemetry.trackWorkflowExecution(payload);
-			telemetry.trackWorkflowExecution(payload);
-
-			payload.workflow_id = '2';
-			telemetry.trackWorkflowExecution(payload);
-			telemetry.trackWorkflowExecution(payload);
-
-			expect(spyTrack).toHaveBeenCalledTimes(0);
-			expect(pulseSpy).toBeCalledTimes(0);
-
-			jest.advanceTimersToNextTimer();
-
-			execBuffer = telemetry.getCountsBuffer();
-
-			await flushPromises();
-
-			expect(pulseSpy).toBeCalledTimes(1);
-			expect(spyTrack).toHaveBeenCalledTimes(3);
-			expect(spyTrack).toHaveBeenNthCalledWith(
-				1,
-				'Workflow execution count',
-				{
-					event_version: '2',
-					workflow_id: '1',
-					user_id: undefined,
-					manual_error: {
-						count: 2,
-						first: testDateTime,
-					},
-					manual_success: {
-						count: 2,
-						first: testDateTime,
-					},
-					prod_error: {
-						count: 2,
-						first: testDateTime,
-					},
-					prod_success: {
-						count: 2,
-						first: testDateTime,
-					},
-				},
-				{ withPostHog: true },
-			);
-			expect(spyTrack).toHaveBeenNthCalledWith(
-				2,
-				'Workflow execution count',
-				{
-					event_version: '2',
-					workflow_id: '2',
-					user_id: undefined,
-					prod_error: {
-						count: 2,
-						first: testDateTime,
-					},
-				},
-				{ withPostHog: true },
-			);
-			expect(spyTrack).toHaveBeenNthCalledWith(3, 'pulse', {
-				plan_name_current: 'Community',
-				quota: -1,
-				usage: 0,
-			});
-			expect(Object.keys(execBuffer).length).toBe(0);
-
-			// Adding a second step here because we believe PostHog may use timers for sending data
-			// and adding posthog to the above metric was causing the pulseSpy timer to not be ran
-			jest.advanceTimersToNextTimer();
-
-			execBuffer = telemetry.getCountsBuffer();
-			expect(Object.keys(execBuffer).length).toBe(0);
-
-			// @TODO: Flushing promises here is not working
-
-			// expect(pulseSpy).toBeCalledTimes(2);
-			// expect(spyTrack).toHaveBeenCalledTimes(4);
-			// expect(spyTrack).toHaveBeenNthCalledWith(4, 'pulse', {
-			// 	plan_name_current: 'Community',
-			// 	quota: -1,
-			// 	usage: 0,
-			// });
-		});
-	});
 });
 
 const fakeJestSystemTime = (dateTime: string | Date): Date => {
diff --git a/packages/cli/src/telemetry/index.ts b/packages/cli/src/telemetry/index.ts
index 2d762297304cc..e2b93cdd0d7a9 100644
--- a/packages/cli/src/telemetry/index.ts
+++ b/packages/cli/src/telemetry/index.ts
@@ -9,12 +9,13 @@ import config from '@/config';
 import type { IExecutionTrackProperties } from '@/Interfaces';
 import { Logger } from '@/Logger';
 import { License } from '@/License';
-import { N8N_VERSION } from '@/constants';
+import { LOWEST_SHUTDOWN_PRIORITY, N8N_VERSION } from '@/constants';
 import { WorkflowRepository } from '@db/repositories/workflow.repository';
 import { SourceControlPreferencesService } from '../environments/sourceControl/sourceControlPreferences.service.ee';
 import { UserRepository } from '@db/repositories/user.repository';
 import { ProjectRepository } from '@/databases/repositories/project.repository';
 import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
+import { OnShutdown } from '@/decorators/OnShutdown';
 
 type ExecutionTrackDataKey = 'manual_error' | 'manual_success' | 'prod_error' | 'prod_success';
 
@@ -167,11 +168,10 @@ export class Telemetry {
 		}
 	}
 
-	async trackN8nStop(): Promise<void> {
+	@OnShutdown(LOWEST_SHUTDOWN_PRIORITY)
+	async stopTracking(): Promise<void> {
 		clearInterval(this.pulseIntervalReference);
 
-		this.track('User instance stopped');
-
 		await Promise.all([this.postHog.stop(), this.rudderStack?.flush()]);
 	}
 
diff --git a/packages/cli/src/telemetry/telemetry-event-relay.service.ts b/packages/cli/src/telemetry/telemetry-event-relay.service.ts
deleted file mode 100644
index 9077abdf9ce23..0000000000000
--- a/packages/cli/src/telemetry/telemetry-event-relay.service.ts
+++ /dev/null
@@ -1,587 +0,0 @@
-import { Service } from 'typedi';
-import { EventService } from '@/eventbus/event.service';
-import type { Event } from '@/eventbus/event.types';
-import { Telemetry } from '.';
-import config from '@/config';
-import os from 'node:os';
-import { License } from '@/License';
-import { GlobalConfig } from '@n8n/config';
-import { N8N_VERSION } from '@/constants';
-import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
-import { TelemetryHelpers } from 'n8n-workflow';
-import { NodeTypes } from '@/NodeTypes';
-import { SharedWorkflowRepository } from '@/databases/repositories/sharedWorkflow.repository';
-import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
-
-@Service()
-export class TelemetryEventRelay {
-	constructor(
-		private readonly eventService: EventService,
-		private readonly telemetry: Telemetry,
-		private readonly license: License,
-		private readonly globalConfig: GlobalConfig,
-		private readonly workflowRepository: WorkflowRepository,
-		private readonly nodeTypes: NodeTypes,
-		private readonly sharedWorkflowRepository: SharedWorkflowRepository,
-		private readonly projectRelationRepository: ProjectRelationRepository,
-	) {}
-
-	async init() {
-		if (!config.getEnv('diagnostics.enabled')) return;
-
-		await this.telemetry.init();
-
-		this.setupHandlers();
-	}
-
-	private setupHandlers() {
-		this.eventService.on('server-started', async () => await this.serverStarted());
-
-		this.eventService.on('team-project-updated', (event) => this.teamProjectUpdated(event));
-		this.eventService.on('team-project-deleted', (event) => this.teamProjectDeleted(event));
-		this.eventService.on('team-project-created', (event) => this.teamProjectCreated(event));
-		this.eventService.on('source-control-settings-updated', (event) =>
-			this.sourceControlSettingsUpdated(event),
-		);
-		this.eventService.on('source-control-user-started-pull-ui', (event) =>
-			this.sourceControlUserStartedPullUi(event),
-		);
-		this.eventService.on('source-control-user-finished-pull-ui', (event) =>
-			this.sourceControlUserFinishedPullUi(event),
-		);
-		this.eventService.on('source-control-user-pulled-api', (event) =>
-			this.sourceControlUserPulledApi(event),
-		);
-		this.eventService.on('source-control-user-started-push-ui', (event) =>
-			this.sourceControlUserStartedPushUi(event),
-		);
-		this.eventService.on('source-control-user-finished-push-ui', (event) =>
-			this.sourceControlUserFinishedPushUi(event),
-		);
-		this.eventService.on('license-renewal-attempted', (event) => {
-			this.licenseRenewalAttempted(event);
-		});
-		this.eventService.on('variable-created', () => this.variableCreated());
-		this.eventService.on('external-secrets-provider-settings-saved', (event) => {
-			this.externalSecretsProviderSettingsSaved(event);
-		});
-		this.eventService.on('public-api-invoked', (event) => {
-			this.publicApiInvoked(event);
-		});
-		this.eventService.on('public-api-key-created', (event) => {
-			this.publicApiKeyCreated(event);
-		});
-		this.eventService.on('public-api-key-deleted', (event) => {
-			this.publicApiKeyDeleted(event);
-		});
-		this.eventService.on('community-package-installed', (event) => {
-			this.communityPackageInstalled(event);
-		});
-		this.eventService.on('community-package-updated', (event) => {
-			this.communityPackageUpdated(event);
-		});
-		this.eventService.on('community-package-deleted', (event) => {
-			this.communityPackageDeleted(event);
-		});
-
-		this.eventService.on('credentials-created', (event) => {
-			this.credentialsCreated(event);
-		});
-		this.eventService.on('credentials-shared', (event) => {
-			this.credentialsShared(event);
-		});
-		this.eventService.on('credentials-updated', (event) => {
-			this.credentialsUpdated(event);
-		});
-		this.eventService.on('credentials-deleted', (event) => {
-			this.credentialsDeleted(event);
-		});
-		this.eventService.on('ldap-general-sync-finished', (event) => {
-			this.ldapGeneralSyncFinished(event);
-		});
-		this.eventService.on('ldap-settings-updated', (event) => {
-			this.ldapSettingsUpdated(event);
-		});
-		this.eventService.on('ldap-login-sync-failed', (event) => {
-			this.ldapLoginSyncFailed(event);
-		});
-		this.eventService.on('login-failed-due-to-ldap-disabled', (event) => {
-			this.loginFailedDueToLdapDisabled(event);
-		});
-
-		this.eventService.on('workflow-created', (event) => {
-			this.workflowCreated(event);
-		});
-		this.eventService.on('workflow-deleted', (event) => {
-			this.workflowDeleted(event);
-		});
-		this.eventService.on('workflow-saved', async (event) => {
-			await this.workflowSaved(event);
-		});
-	}
-
-	private teamProjectUpdated({ userId, role, members, projectId }: Event['team-project-updated']) {
-		this.telemetry.track('Project settings updated', {
-			user_id: userId,
-			role,
-			// eslint-disable-next-line @typescript-eslint/no-shadow
-			members: members.map(({ userId: user_id, role }) => ({ user_id, role })),
-			project_id: projectId,
-		});
-	}
-
-	private teamProjectDeleted({
-		userId,
-		role,
-		projectId,
-		removalType,
-		targetProjectId,
-	}: Event['team-project-deleted']) {
-		this.telemetry.track('User deleted project', {
-			user_id: userId,
-			role,
-			project_id: projectId,
-			removal_type: removalType,
-			target_project_id: targetProjectId,
-		});
-	}
-
-	private teamProjectCreated({ userId, role }: Event['team-project-created']) {
-		this.telemetry.track('User created project', {
-			user_id: userId,
-			role,
-		});
-	}
-
-	private sourceControlSettingsUpdated({
-		branchName,
-		readOnlyInstance,
-		repoType,
-		connected,
-	}: Event['source-control-settings-updated']) {
-		this.telemetry.track('User updated source control settings', {
-			branch_name: branchName,
-			read_only_instance: readOnlyInstance,
-			repo_type: repoType,
-			connected,
-		});
-	}
-
-	private sourceControlUserStartedPullUi({
-		workflowUpdates,
-		workflowConflicts,
-		credConflicts,
-	}: Event['source-control-user-started-pull-ui']) {
-		this.telemetry.track('User started pull via UI', {
-			workflow_updates: workflowUpdates,
-			workflow_conflicts: workflowConflicts,
-			cred_conflicts: credConflicts,
-		});
-	}
-
-	private sourceControlUserFinishedPullUi({
-		workflowUpdates,
-	}: Event['source-control-user-finished-pull-ui']) {
-		this.telemetry.track('User finished pull via UI', {
-			workflow_updates: workflowUpdates,
-		});
-	}
-
-	private sourceControlUserPulledApi({
-		workflowUpdates,
-		forced,
-	}: Event['source-control-user-pulled-api']) {
-		console.log('source-control-user-pulled-api', {
-			workflow_updates: workflowUpdates,
-			forced,
-		});
-		this.telemetry.track('User pulled via API', {
-			workflow_updates: workflowUpdates,
-			forced,
-		});
-	}
-
-	private sourceControlUserStartedPushUi({
-		workflowsEligible,
-		workflowsEligibleWithConflicts,
-		credsEligible,
-		credsEligibleWithConflicts,
-		variablesEligible,
-	}: Event['source-control-user-started-push-ui']) {
-		this.telemetry.track('User started push via UI', {
-			workflows_eligible: workflowsEligible,
-			workflows_eligible_with_conflicts: workflowsEligibleWithConflicts,
-			creds_eligible: credsEligible,
-			creds_eligible_with_conflicts: credsEligibleWithConflicts,
-			variables_eligible: variablesEligible,
-		});
-	}
-
-	private sourceControlUserFinishedPushUi({
-		workflowsEligible,
-		workflowsPushed,
-		credsPushed,
-		variablesPushed,
-	}: Event['source-control-user-finished-push-ui']) {
-		this.telemetry.track('User finished push via UI', {
-			workflows_eligible: workflowsEligible,
-			workflows_pushed: workflowsPushed,
-			creds_pushed: credsPushed,
-			variables_pushed: variablesPushed,
-		});
-	}
-
-	private licenseRenewalAttempted({ success }: Event['license-renewal-attempted']) {
-		this.telemetry.track('Instance attempted to refresh license', {
-			success,
-		});
-	}
-
-	private variableCreated() {
-		this.telemetry.track('User created variable');
-	}
-
-	private externalSecretsProviderSettingsSaved({
-		userId,
-		vaultType,
-		isValid,
-		isNew,
-		errorMessage,
-	}: Event['external-secrets-provider-settings-saved']) {
-		this.telemetry.track('User updated external secrets settings', {
-			user_id: userId,
-			vault_type: vaultType,
-			is_valid: isValid,
-			is_new: isNew,
-			error_message: errorMessage,
-		});
-	}
-
-	private publicApiInvoked({ userId, path, method, apiVersion }: Event['public-api-invoked']) {
-		this.telemetry.track('User invoked API', {
-			user_id: userId,
-			path,
-			method,
-			api_version: apiVersion,
-		});
-	}
-
-	private publicApiKeyCreated(event: Event['public-api-key-created']) {
-		const { user, publicApi } = event;
-
-		this.telemetry.track('API key created', {
-			user_id: user.id,
-			public_api: publicApi,
-		});
-	}
-
-	private publicApiKeyDeleted(event: Event['public-api-key-deleted']) {
-		const { user, publicApi } = event;
-
-		this.telemetry.track('API key deleted', {
-			user_id: user.id,
-			public_api: publicApi,
-		});
-	}
-
-	private communityPackageInstalled({
-		user,
-		inputString,
-		packageName,
-		success,
-		packageVersion,
-		packageNodeNames,
-		packageAuthor,
-		packageAuthorEmail,
-		failureReason,
-	}: Event['community-package-installed']) {
-		this.telemetry.track('cnr package install finished', {
-			user_id: user.id,
-			input_string: inputString,
-			package_name: packageName,
-			success,
-			package_version: packageVersion,
-			package_node_names: packageNodeNames,
-			package_author: packageAuthor,
-			package_author_email: packageAuthorEmail,
-			failure_reason: failureReason,
-		});
-	}
-
-	private communityPackageUpdated({
-		user,
-		packageName,
-		packageVersionCurrent,
-		packageVersionNew,
-		packageNodeNames,
-		packageAuthor,
-		packageAuthorEmail,
-	}: Event['community-package-updated']) {
-		this.telemetry.track('cnr package updated', {
-			user_id: user.id,
-			package_name: packageName,
-			package_version_current: packageVersionCurrent,
-			package_version_new: packageVersionNew,
-			package_node_names: packageNodeNames,
-			package_author: packageAuthor,
-			package_author_email: packageAuthorEmail,
-		});
-	}
-
-	private communityPackageDeleted({
-		user,
-		packageName,
-		packageVersion,
-		packageNodeNames,
-		packageAuthor,
-		packageAuthorEmail,
-	}: Event['community-package-deleted']) {
-		this.telemetry.track('cnr package deleted', {
-			user_id: user.id,
-			package_name: packageName,
-			package_version: packageVersion,
-			package_node_names: packageNodeNames,
-			package_author: packageAuthor,
-			package_author_email: packageAuthorEmail,
-		});
-	}
-
-	private credentialsCreated({
-		user,
-		credentialType,
-		credentialId,
-		projectId,
-		projectType,
-	}: Event['credentials-created']) {
-		this.telemetry.track('User created credentials', {
-			user_id: user.id,
-			credential_type: credentialType,
-			credential_id: credentialId,
-			project_id: projectId,
-			project_type: projectType,
-		});
-	}
-
-	private credentialsShared({
-		user,
-		credentialType,
-		credentialId,
-		userIdSharer,
-		userIdsShareesAdded,
-		shareesRemoved,
-	}: Event['credentials-shared']) {
-		this.telemetry.track('User updated cred sharing', {
-			user_id: user.id,
-			credential_type: credentialType,
-			credential_id: credentialId,
-			user_id_sharer: userIdSharer,
-			user_ids_sharees_added: userIdsShareesAdded,
-			sharees_removed: shareesRemoved,
-		});
-	}
-
-	private credentialsUpdated({ user, credentialId, credentialType }: Event['credentials-updated']) {
-		this.telemetry.track('User updated credentials', {
-			user_id: user.id,
-			credential_type: credentialType,
-			credential_id: credentialId,
-		});
-	}
-
-	private credentialsDeleted({ user, credentialId, credentialType }: Event['credentials-deleted']) {
-		this.telemetry.track('User deleted credentials', {
-			user_id: user.id,
-			credential_type: credentialType,
-			credential_id: credentialId,
-		});
-	}
-
-	private ldapGeneralSyncFinished({
-		type,
-		succeeded,
-		usersSynced,
-		error,
-	}: Event['ldap-general-sync-finished']) {
-		this.telemetry.track('Ldap general sync finished', {
-			type,
-			succeeded,
-			users_synced: usersSynced,
-			error,
-		});
-	}
-
-	private ldapSettingsUpdated({
-		userId,
-		loginIdAttribute,
-		firstNameAttribute,
-		lastNameAttribute,
-		emailAttribute,
-		ldapIdAttribute,
-		searchPageSize,
-		searchTimeout,
-		synchronizationEnabled,
-		synchronizationInterval,
-		loginLabel,
-		loginEnabled,
-	}: Event['ldap-settings-updated']) {
-		this.telemetry.track('User updated Ldap settings', {
-			user_id: userId,
-			loginIdAttribute,
-			firstNameAttribute,
-			lastNameAttribute,
-			emailAttribute,
-			ldapIdAttribute,
-			searchPageSize,
-			searchTimeout,
-			synchronizationEnabled,
-			synchronizationInterval,
-			loginLabel,
-			loginEnabled,
-		});
-	}
-
-	private ldapLoginSyncFailed({ error }: Event['ldap-login-sync-failed']) {
-		this.telemetry.track('Ldap login sync failed', { error });
-	}
-
-	private loginFailedDueToLdapDisabled({ userId }: Event['login-failed-due-to-ldap-disabled']) {
-		this.telemetry.track('User login failed since ldap disabled', { user_ud: userId });
-	}
-
-	private workflowCreated({
-		user,
-		workflow,
-		publicApi,
-		projectId,
-		projectType,
-	}: Event['workflow-created']) {
-		const { nodeGraph } = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes);
-
-		this.telemetry.track('User created workflow', {
-			user_id: user.id,
-			workflow_id: workflow.id,
-			node_graph_string: JSON.stringify(nodeGraph),
-			public_api: publicApi,
-			project_id: projectId,
-			project_type: projectType,
-		});
-	}
-
-	private workflowDeleted({ user, workflowId, publicApi }: Event['workflow-deleted']) {
-		this.telemetry.track('User deleted workflow', {
-			user_id: user.id,
-			workflow_id: workflowId,
-			public_api: publicApi,
-		});
-	}
-
-	private async workflowSaved({ user, workflow, publicApi }: Event['workflow-saved']) {
-		const isCloudDeployment = config.getEnv('deployment.type') === 'cloud';
-
-		const { nodeGraph } = TelemetryHelpers.generateNodesGraph(workflow, this.nodeTypes, {
-			isCloudDeployment,
-		});
-
-		let userRole: 'owner' | 'sharee' | 'member' | undefined = undefined;
-		const role = await this.sharedWorkflowRepository.findSharingRole(user.id, workflow.id);
-		if (role) {
-			userRole = role === 'workflow:owner' ? 'owner' : 'sharee';
-		} else {
-			const workflowOwner = await this.sharedWorkflowRepository.getWorkflowOwningProject(
-				workflow.id,
-			);
-
-			if (workflowOwner) {
-				const projectRole = await this.projectRelationRepository.findProjectRole({
-					userId: user.id,
-					projectId: workflowOwner.id,
-				});
-
-				if (projectRole && projectRole !== 'project:personalOwner') {
-					userRole = 'member';
-				}
-			}
-		}
-
-		const notesCount = Object.keys(nodeGraph.notes).length;
-		const overlappingCount = Object.values(nodeGraph.notes).filter(
-			(note) => note.overlapping,
-		).length;
-
-		this.telemetry.track('User saved workflow', {
-			user_id: user.id,
-			workflow_id: workflow.id,
-			node_graph_string: JSON.stringify(nodeGraph),
-			notes_count_overlapping: overlappingCount,
-			notes_count_non_overlapping: notesCount - overlappingCount,
-			version_cli: N8N_VERSION,
-			num_tags: workflow.tags?.length ?? 0,
-			public_api: publicApi,
-			sharing_role: userRole,
-		});
-	}
-
-	private async serverStarted() {
-		const cpus = os.cpus();
-		const binaryDataConfig = config.getEnv('binaryDataManager');
-
-		const isS3Selected = config.getEnv('binaryDataManager.mode') === 's3';
-		const isS3Available = config.getEnv('binaryDataManager.availableModes').includes('s3');
-		const isS3Licensed = this.license.isBinaryDataS3Licensed();
-		const authenticationMethod = config.getEnv('userManagement.authenticationMethod');
-
-		const info = {
-			version_cli: N8N_VERSION,
-			db_type: this.globalConfig.database.type,
-			n8n_version_notifications_enabled: this.globalConfig.versionNotifications.enabled,
-			n8n_disable_production_main_process:
-				this.globalConfig.endpoints.disableProductionWebhooksOnMainProcess,
-			system_info: {
-				os: {
-					type: os.type(),
-					version: os.version(),
-				},
-				memory: os.totalmem() / 1024,
-				cpus: {
-					count: cpus.length,
-					model: cpus[0].model,
-					speed: cpus[0].speed,
-				},
-			},
-			execution_variables: {
-				executions_mode: config.getEnv('executions.mode'),
-				executions_timeout: config.getEnv('executions.timeout'),
-				executions_timeout_max: config.getEnv('executions.maxTimeout'),
-				executions_data_save_on_error: config.getEnv('executions.saveDataOnError'),
-				executions_data_save_on_success: config.getEnv('executions.saveDataOnSuccess'),
-				executions_data_save_on_progress: config.getEnv('executions.saveExecutionProgress'),
-				executions_data_save_manual_executions: config.getEnv(
-					'executions.saveDataManualExecutions',
-				),
-				executions_data_prune: config.getEnv('executions.pruneData'),
-				executions_data_max_age: config.getEnv('executions.pruneDataMaxAge'),
-			},
-			n8n_deployment_type: config.getEnv('deployment.type'),
-			n8n_binary_data_mode: binaryDataConfig.mode,
-			smtp_set_up: this.globalConfig.userManagement.emails.mode === 'smtp',
-			ldap_allowed: authenticationMethod === 'ldap',
-			saml_enabled: authenticationMethod === 'saml',
-			license_plan_name: this.license.getPlanName(),
-			license_tenant_id: config.getEnv('license.tenantId'),
-			binary_data_s3: isS3Available && isS3Selected && isS3Licensed,
-			multi_main_setup_enabled: config.getEnv('multiMainSetup.enabled'),
-		};
-
-		const firstWorkflow = await this.workflowRepository.findOne({
-			select: ['createdAt'],
-			order: { createdAt: 'ASC' },
-			where: {},
-		});
-
-		this.telemetry.identify(info);
-		this.telemetry.track('Instance started', {
-			...info,
-			earliest_workflow_created: firstWorkflow?.createdAt,
-		});
-	}
-}
diff --git a/packages/cli/src/ActiveWebhooks.ts b/packages/cli/src/webhooks/LiveWebhooks.ts
similarity index 90%
rename from packages/cli/src/ActiveWebhooks.ts
rename to packages/cli/src/webhooks/LiveWebhooks.ts
index 79626df025f75..3d66b7ee7f796 100644
--- a/packages/cli/src/ActiveWebhooks.ts
+++ b/packages/cli/src/webhooks/LiveWebhooks.ts
@@ -5,22 +5,27 @@ import type { INode, IWebhookData, IHttpRequestMethods } from 'n8n-workflow';
 
 import { WorkflowRepository } from '@db/repositories/workflow.repository';
 import type {
-	IResponseCallbackData,
+	IWebhookResponseCallbackData,
 	IWebhookManager,
 	WebhookAccessControlOptions,
 	WebhookRequest,
-} from '@/Interfaces';
+} from './webhook.types';
 import { Logger } from '@/Logger';
 import { NodeTypes } from '@/NodeTypes';
-import { WebhookService } from '@/services/webhook.service';
+import { WebhookService } from '@/webhooks/webhook.service';
 import { WebhookNotFoundError } from '@/errors/response-errors/webhook-not-found.error';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
-import * as WebhookHelpers from '@/WebhookHelpers';
+import * as WebhookHelpers from '@/webhooks/WebhookHelpers';
 import { WorkflowStaticDataService } from '@/workflows/workflowStaticData.service';
 
+/**
+ * Service for handling the execution of live webhooks, i.e. webhooks
+ * that belong to activated workflows and use the production URL
+ * (https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.webhook/#webhook-urls)
+ */
 @Service()
-export class ActiveWebhooks implements IWebhookManager {
+export class LiveWebhooks implements IWebhookManager {
 	constructor(
 		private readonly logger: Logger,
 		private readonly nodeTypes: NodeTypes,
@@ -57,7 +62,7 @@ export class ActiveWebhooks implements IWebhookManager {
 	async executeWebhook(
 		request: WebhookRequest,
 		response: Response,
-	): Promise<IResponseCallbackData> {
+	): Promise<IWebhookResponseCallbackData> {
 		const httpMethod = request.method;
 		const path = request.params.path;
 
@@ -72,11 +77,9 @@ export class ActiveWebhooks implements IWebhookManager {
 			const pathElements = path.split('/').slice(1);
 
 			// extracting params from path
-			// @ts-ignore
 			webhook.webhookPath.split('/').forEach((ele, index) => {
 				if (ele.startsWith(':')) {
 					// write params to req.params
-					// @ts-ignore
 					request.params[ele.slice(1)] = pathElements[index];
 				}
 			});
diff --git a/packages/cli/src/TestWebhooks.ts b/packages/cli/src/webhooks/TestWebhooks.ts
similarity index 94%
rename from packages/cli/src/TestWebhooks.ts
rename to packages/cli/src/webhooks/TestWebhooks.ts
index 827226ee546be..8cf1b4292989b 100644
--- a/packages/cli/src/TestWebhooks.ts
+++ b/packages/cli/src/webhooks/TestWebhooks.ts
@@ -8,26 +8,30 @@ import type {
 	IRunData,
 } from 'n8n-workflow';
 import type {
-	IResponseCallbackData,
+	IWebhookResponseCallbackData,
 	IWebhookManager,
-	IWorkflowDb,
 	WebhookAccessControlOptions,
 	WebhookRequest,
-} from '@/Interfaces';
+} from './webhook.types';
 import { Push } from '@/push';
 import { NodeTypes } from '@/NodeTypes';
-import * as WebhookHelpers from '@/WebhookHelpers';
+import * as WebhookHelpers from '@/webhooks/WebhookHelpers';
 import { TEST_WEBHOOK_TIMEOUT } from '@/constants';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
 import { WorkflowMissingIdError } from '@/errors/workflow-missing-id.error';
 import { WebhookNotFoundError } from '@/errors/response-errors/webhook-not-found.error';
 import * as NodeExecuteFunctions from 'n8n-core';
-import { removeTrailingSlash } from './utils';
-import type { TestWebhookRegistration } from '@/services/test-webhook-registrations.service';
-import { TestWebhookRegistrationsService } from '@/services/test-webhook-registrations.service';
+import { removeTrailingSlash } from '@/utils';
+import type { TestWebhookRegistration } from '@/webhooks/test-webhook-registrations.service';
+import { TestWebhookRegistrationsService } from '@/webhooks/test-webhook-registrations.service';
 import { OrchestrationService } from '@/services/orchestration.service';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
+import type { IWorkflowDb } from '@/Interfaces';
 
+/**
+ * Service for handling the execution of webhooks of manual executions
+ * that use the [Test URL](https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.webhook/#webhook-urls).
+ */
 @Service()
 export class TestWebhooks implements IWebhookManager {
 	constructor(
@@ -46,7 +50,7 @@ export class TestWebhooks implements IWebhookManager {
 	async executeWebhook(
 		request: WebhookRequest,
 		response: express.Response,
-	): Promise<IResponseCallbackData> {
+	): Promise<IWebhookResponseCallbackData> {
 		const httpMethod = request.method;
 
 		let path = removeTrailingSlash(request.params.path);
@@ -117,7 +121,7 @@ export class TestWebhooks implements IWebhookManager {
 					undefined, // executionId
 					request,
 					response,
-					(error: Error | null, data: IResponseCallbackData) => {
+					(error: Error | null, data: IWebhookResponseCallbackData) => {
 						if (error !== null) reject(error);
 						else resolve(data);
 					},
diff --git a/packages/cli/src/WaitingWebhooks.ts b/packages/cli/src/webhooks/WaitingWebhooks.ts
similarity index 88%
rename from packages/cli/src/WaitingWebhooks.ts
rename to packages/cli/src/webhooks/WaitingWebhooks.ts
index d795c948f142f..367635c45ec64 100644
--- a/packages/cli/src/WaitingWebhooks.ts
+++ b/packages/cli/src/webhooks/WaitingWebhooks.ts
@@ -2,21 +2,25 @@ import { NodeHelpers, Workflow } from 'n8n-workflow';
 import { Service } from 'typedi';
 import type express from 'express';
 
-import * as WebhookHelpers from '@/WebhookHelpers';
+import * as WebhookHelpers from '@/webhooks/WebhookHelpers';
 import { NodeTypes } from '@/NodeTypes';
 import type {
-	IExecutionResponse,
-	IResponseCallbackData,
+	IWebhookResponseCallbackData,
 	IWebhookManager,
-	IWorkflowDb,
 	WaitingWebhookRequest,
-} from '@/Interfaces';
+} from './webhook.types';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
 import { ExecutionRepository } from '@db/repositories/execution.repository';
 import { Logger } from '@/Logger';
-import { ConflictError } from './errors/response-errors/conflict.error';
-import { NotFoundError } from './errors/response-errors/not-found.error';
-
+import { ConflictError } from '@/errors/response-errors/conflict.error';
+import { NotFoundError } from '@/errors/response-errors/not-found.error';
+import type { IExecutionResponse, IWorkflowDb } from '@/Interfaces';
+
+/**
+ * Service for handling the execution of webhooks of Wait nodes that use the
+ * [Resume On Webhook Call](https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.wait/#on-webhook-call)
+ * feature.
+ */
 @Service()
 export class WaitingWebhooks implements IWebhookManager {
 	protected includeForms = false;
@@ -40,7 +44,7 @@ export class WaitingWebhooks implements IWebhookManager {
 	async executeWebhook(
 		req: WaitingWebhookRequest,
 		res: express.Response,
-	): Promise<IResponseCallbackData> {
+	): Promise<IWebhookResponseCallbackData> {
 		const { path: executionId, suffix } = req.params;
 
 		this.logReceivedWebhook(req.method, executionId);
diff --git a/packages/cli/src/WebhookHelpers.ts b/packages/cli/src/webhooks/WebhookHelpers.ts
similarity index 84%
rename from packages/cli/src/WebhookHelpers.ts
rename to packages/cli/src/webhooks/WebhookHelpers.ts
index eafec28133326..1b8bc2b7e986d 100644
--- a/packages/cli/src/WebhookHelpers.ts
+++ b/packages/cli/src/webhooks/WebhookHelpers.ts
@@ -20,8 +20,6 @@ import type {
 	IDataObject,
 	IDeferredPromise,
 	IExecuteData,
-	IExecuteResponsePromiseData,
-	IHttpRequestMethods,
 	IN8nHttpFullResponse,
 	INode,
 	IPinData,
@@ -42,119 +40,20 @@ import {
 	NodeHelpers,
 } from 'n8n-workflow';
 
-import type {
-	IExecutionDb,
-	IResponseCallbackData,
-	IWebhookManager,
-	IWorkflowDb,
-	IWorkflowExecutionDataProcess,
-	WebhookCORSRequest,
-	WebhookRequest,
-} from '@/Interfaces';
-import * as ResponseHelper from '@/ResponseHelper';
+import type { IWebhookResponseCallbackData, WebhookRequest } from './webhook.types';
 import * as WorkflowHelpers from '@/WorkflowHelpers';
 import { WorkflowRunner } from '@/WorkflowRunner';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
 import { ActiveExecutions } from '@/ActiveExecutions';
 import { WorkflowStatisticsService } from '@/services/workflow-statistics.service';
-import { OwnershipService } from './services/ownership.service';
-import { parseBody } from './middlewares';
-import { Logger } from './Logger';
-import { NotFoundError } from './errors/response-errors/not-found.error';
-import { InternalServerError } from './errors/response-errors/internal-server.error';
-import { UnprocessableRequestError } from './errors/response-errors/unprocessable.error';
-import type { Project } from './databases/entities/Project';
-
-export const WEBHOOK_METHODS: IHttpRequestMethods[] = [
-	'DELETE',
-	'GET',
-	'HEAD',
-	'PATCH',
-	'POST',
-	'PUT',
-];
-
-export const webhookRequestHandler =
-	(webhookManager: IWebhookManager) =>
-	async (req: WebhookRequest | WebhookCORSRequest, res: express.Response) => {
-		const { path } = req.params;
-		const method = req.method;
-
-		if (method !== 'OPTIONS' && !WEBHOOK_METHODS.includes(method)) {
-			return ResponseHelper.sendErrorResponse(
-				res,
-				new Error(`The method ${method} is not supported.`),
-			);
-		}
-
-		// Setup CORS headers only if the incoming request has an `origin` header
-		if ('origin' in req.headers) {
-			if (webhookManager.getWebhookMethods) {
-				try {
-					const allowedMethods = await webhookManager.getWebhookMethods(path);
-					res.header('Access-Control-Allow-Methods', ['OPTIONS', ...allowedMethods].join(', '));
-				} catch (error) {
-					return ResponseHelper.sendErrorResponse(res, error as Error);
-				}
-			}
-
-			const requestedMethod =
-				method === 'OPTIONS'
-					? (req.headers['access-control-request-method'] as IHttpRequestMethods)
-					: method;
-			if (webhookManager.findAccessControlOptions && requestedMethod) {
-				const options = await webhookManager.findAccessControlOptions(path, requestedMethod);
-				const { allowedOrigins } = options ?? {};
-
-				if (allowedOrigins && allowedOrigins !== '*' && allowedOrigins !== req.headers.origin) {
-					const originsList = allowedOrigins.split(',');
-					const defaultOrigin = originsList[0];
-
-					if (originsList.length === 1) {
-						res.header('Access-Control-Allow-Origin', defaultOrigin);
-					}
-
-					if (originsList.includes(req.headers.origin as string)) {
-						res.header('Access-Control-Allow-Origin', req.headers.origin);
-					} else {
-						res.header('Access-Control-Allow-Origin', defaultOrigin);
-					}
-				} else {
-					res.header('Access-Control-Allow-Origin', req.headers.origin);
-				}
-
-				if (method === 'OPTIONS') {
-					res.header('Access-Control-Max-Age', '300');
-					const requestedHeaders = req.headers['access-control-request-headers'];
-					if (requestedHeaders?.length) {
-						res.header('Access-Control-Allow-Headers', requestedHeaders);
-					}
-				}
-			}
-		}
-
-		if (method === 'OPTIONS') {
-			return ResponseHelper.sendSuccessResponse(res, {}, true, 204);
-		}
-
-		let response;
-		try {
-			response = await webhookManager.executeWebhook(req, res);
-		} catch (error) {
-			return ResponseHelper.sendErrorResponse(res, error as Error);
-		}
-
-		// Don't respond, if already responded
-		if (response.noWebhookResponse !== true) {
-			ResponseHelper.sendSuccessResponse(
-				res,
-				response.data,
-				true,
-				response.responseCode,
-				response.headers,
-			);
-		}
-	};
+import { OwnershipService } from '@/services/ownership.service';
+import { parseBody } from '@/middlewares';
+import { Logger } from '@/Logger';
+import { NotFoundError } from '@/errors/response-errors/not-found.error';
+import { InternalServerError } from '@/errors/response-errors/internal-server.error';
+import { UnprocessableRequestError } from '@/errors/response-errors/unprocessable.error';
+import type { Project } from '@/databases/entities/Project';
+import type { IExecutionDb, IWorkflowDb, IWorkflowExecutionDataProcess } from '@/Interfaces';
 
 /**
  * Returns all the webhooks which should be created for the given workflow
@@ -192,18 +91,6 @@ export function getWorkflowWebhooks(
 	return returnData;
 }
 
-export function encodeWebhookResponse(
-	response: IExecuteResponsePromiseData,
-): IExecuteResponsePromiseData {
-	if (typeof response === 'object' && Buffer.isBuffer(response.body)) {
-		response.body = {
-			'__@N8nEncodedBuffer@__': response.body.toString(BINARY_ENCODING),
-		};
-	}
-
-	return response;
-}
-
 const normalizeFormData = <T>(values: Record<string, T | T[]>) => {
 	for (const key in values) {
 		const value = values[key];
@@ -228,7 +115,7 @@ export async function executeWebhook(
 	executionId: string | undefined,
 	req: WebhookRequest,
 	res: express.Response,
-	responseCallback: (error: Error | null, data: IResponseCallbackData) => void,
+	responseCallback: (error: Error | null, data: IWebhookResponseCallbackData) => void,
 	destinationNode?: string,
 ): Promise<string | undefined> {
 	// Get the nodeType to know which responseMode is set
diff --git a/packages/cli/src/webhooks/WebhookRequestHandler.ts b/packages/cli/src/webhooks/WebhookRequestHandler.ts
new file mode 100644
index 0000000000000..289175ac0541c
--- /dev/null
+++ b/packages/cli/src/webhooks/WebhookRequestHandler.ts
@@ -0,0 +1,119 @@
+import type express from 'express';
+import type { IHttpRequestMethods } from 'n8n-workflow';
+import type {
+	IWebhookManager,
+	WebhookOptionsRequest,
+	WebhookRequest,
+} from '@/webhooks/webhook.types';
+import * as ResponseHelper from '@/ResponseHelper';
+
+const WEBHOOK_METHODS: IHttpRequestMethods[] = ['DELETE', 'GET', 'HEAD', 'PATCH', 'POST', 'PUT'];
+
+class WebhookRequestHandler {
+	constructor(private readonly webhookManager: IWebhookManager) {}
+
+	/**
+	 * Handles an incoming webhook request. Handles CORS and delegates the
+	 * request to the webhook manager to execute the webhook.
+	 */
+	async handleRequest(req: WebhookRequest | WebhookOptionsRequest, res: express.Response) {
+		const method = req.method;
+
+		if (method !== 'OPTIONS' && !WEBHOOK_METHODS.includes(method)) {
+			return ResponseHelper.sendErrorResponse(
+				res,
+				new Error(`The method ${method} is not supported.`),
+			);
+		}
+
+		// Setup CORS headers only if the incoming request has an `origin` header
+		if ('origin' in req.headers) {
+			const corsSetupError = await this.setupCorsHeaders(req, res);
+			if (corsSetupError) {
+				return ResponseHelper.sendErrorResponse(res, corsSetupError);
+			}
+		}
+
+		if (method === 'OPTIONS') {
+			return ResponseHelper.sendSuccessResponse(res, {}, true, 204);
+		}
+
+		try {
+			const response = await this.webhookManager.executeWebhook(req, res);
+
+			// Don't respond, if already responded
+			if (response.noWebhookResponse !== true) {
+				ResponseHelper.sendSuccessResponse(
+					res,
+					response.data,
+					true,
+					response.responseCode,
+					response.headers,
+				);
+			}
+		} catch (error) {
+			return ResponseHelper.sendErrorResponse(res, error as Error);
+		}
+	}
+
+	private async setupCorsHeaders(
+		req: WebhookRequest | WebhookOptionsRequest,
+		res: express.Response,
+	): Promise<Error | null> {
+		const method = req.method;
+		const { path } = req.params;
+
+		if (this.webhookManager.getWebhookMethods) {
+			try {
+				const allowedMethods = await this.webhookManager.getWebhookMethods(path);
+				res.header('Access-Control-Allow-Methods', ['OPTIONS', ...allowedMethods].join(', '));
+			} catch (error) {
+				return error as Error;
+			}
+		}
+
+		const requestedMethod =
+			method === 'OPTIONS'
+				? (req.headers['access-control-request-method'] as IHttpRequestMethods)
+				: method;
+		if (this.webhookManager.findAccessControlOptions && requestedMethod) {
+			const options = await this.webhookManager.findAccessControlOptions(path, requestedMethod);
+			const { allowedOrigins } = options ?? {};
+
+			if (allowedOrigins && allowedOrigins !== '*' && allowedOrigins !== req.headers.origin) {
+				const originsList = allowedOrigins.split(',');
+				const defaultOrigin = originsList[0];
+
+				if (originsList.length === 1) {
+					res.header('Access-Control-Allow-Origin', defaultOrigin);
+				}
+
+				if (originsList.includes(req.headers.origin as string)) {
+					res.header('Access-Control-Allow-Origin', req.headers.origin);
+				} else {
+					res.header('Access-Control-Allow-Origin', defaultOrigin);
+				}
+			} else {
+				res.header('Access-Control-Allow-Origin', req.headers.origin);
+			}
+
+			if (method === 'OPTIONS') {
+				res.header('Access-Control-Max-Age', '300');
+				const requestedHeaders = req.headers['access-control-request-headers'];
+				if (requestedHeaders?.length) {
+					res.header('Access-Control-Allow-Headers', requestedHeaders);
+				}
+			}
+		}
+
+		return null;
+	}
+}
+
+export function createWebhookHandlerFor(webhookManager: IWebhookManager) {
+	const handler = new WebhookRequestHandler(webhookManager);
+
+	return async (req: WebhookRequest | WebhookOptionsRequest, res: express.Response) => {
+		await handler.handleRequest(req, res);
+	};
+}
diff --git a/packages/cli/src/WebhookServer.ts b/packages/cli/src/webhooks/WebhookServer.ts
similarity index 100%
rename from packages/cli/src/WebhookServer.ts
rename to packages/cli/src/webhooks/WebhookServer.ts
diff --git a/packages/cli/test/unit/TestWebhooks.test.ts b/packages/cli/src/webhooks/__tests__/TestWebhooks.test.ts
similarity index 93%
rename from packages/cli/test/unit/TestWebhooks.test.ts
rename to packages/cli/src/webhooks/__tests__/TestWebhooks.test.ts
index 6c7ae555b3b52..deb6930b96e14 100644
--- a/packages/cli/test/unit/TestWebhooks.test.ts
+++ b/packages/cli/src/webhooks/__tests__/TestWebhooks.test.ts
@@ -1,20 +1,21 @@
 import { mock } from 'jest-mock-extended';
-import { TestWebhooks } from '@/TestWebhooks';
+import { TestWebhooks } from '@/webhooks/TestWebhooks';
 import { WebhookNotFoundError } from '@/errors/response-errors/webhook-not-found.error';
 import { v4 as uuid } from 'uuid';
 import { generateNanoId } from '@/databases/utils/generators';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
-import * as WebhookHelpers from '@/WebhookHelpers';
+import * as WebhookHelpers from '@/webhooks/WebhookHelpers';
 import type * as express from 'express';
 
-import type { IWorkflowDb, WebhookRequest } from '@/Interfaces';
+import type { IWorkflowDb } from '@/Interfaces';
 import type { IWebhookData, IWorkflowExecuteAdditionalData, Workflow } from 'n8n-workflow';
 import type {
 	TestWebhookRegistrationsService,
 	TestWebhookRegistration,
-} from '@/services/test-webhook-registrations.service';
+} from '@/webhooks/test-webhook-registrations.service';
 
 import * as AdditionalData from '@/WorkflowExecuteAdditionalData';
+import type { WebhookRequest } from '@/webhooks/webhook.types';
 
 jest.mock('@/WorkflowExecuteAdditionalData');
 
diff --git a/packages/cli/src/webhooks/__tests__/WebhookRequestHandler.test.ts b/packages/cli/src/webhooks/__tests__/WebhookRequestHandler.test.ts
new file mode 100644
index 0000000000000..aff310241958f
--- /dev/null
+++ b/packages/cli/src/webhooks/__tests__/WebhookRequestHandler.test.ts
@@ -0,0 +1,220 @@
+import { type Response } from 'express';
+import { mock } from 'jest-mock-extended';
+import { randomString } from 'n8n-workflow';
+import type { IHttpRequestMethods } from 'n8n-workflow';
+
+import type {
+	IWebhookManager,
+	IWebhookResponseCallbackData,
+	WebhookOptionsRequest,
+	WebhookRequest,
+} from '@/webhooks/webhook.types';
+import { createWebhookHandlerFor } from '@/webhooks/WebhookRequestHandler';
+import { ResponseError } from '@/errors/response-errors/abstract/response.error';
+
+describe('WebhookRequestHandler', () => {
+	const webhookManager = mock<Required<IWebhookManager>>();
+	const handler = createWebhookHandlerFor(webhookManager);
+
+	beforeEach(() => {
+		jest.resetAllMocks();
+	});
+
+	it('should throw for unsupported methods', async () => {
+		const req = mock<WebhookRequest | WebhookOptionsRequest>({
+			method: 'CONNECT' as IHttpRequestMethods,
+		});
+		const res = mock<Response>();
+		res.status.mockReturnValue(res);
+
+		await handler(req, res);
+
+		expect(res.status).toHaveBeenCalledWith(500);
+		expect(res.json).toHaveBeenCalledWith({
+			code: 0,
+			message: 'The method CONNECT is not supported.',
+		});
+	});
+
+	describe('preflight requests', () => {
+		it('should handle missing header for requested method', async () => {
+			const req = mock<WebhookRequest | WebhookOptionsRequest>({
+				method: 'OPTIONS',
+				headers: {
+					origin: 'https://example.com',
+					'access-control-request-method': undefined,
+				},
+				params: { path: 'test' },
+			});
+			const res = mock<Response>();
+			res.status.mockReturnValue(res);
+
+			webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
+
+			await handler(req, res);
+
+			expect(res.status).toHaveBeenCalledWith(204);
+			expect(res.header).toHaveBeenCalledWith(
+				'Access-Control-Allow-Methods',
+				'OPTIONS, GET, PATCH',
+			);
+		});
+
+		it('should handle default origin and max-age', async () => {
+			const req = mock<WebhookRequest | WebhookOptionsRequest>({
+				method: 'OPTIONS',
+				headers: {
+					origin: 'https://example.com',
+					'access-control-request-method': 'GET',
+				},
+				params: { path: 'test' },
+			});
+			const res = mock<Response>();
+			res.status.mockReturnValue(res);
+
+			webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
+
+			await handler(req, res);
+
+			expect(res.status).toHaveBeenCalledWith(204);
+			expect(res.header).toHaveBeenCalledWith(
+				'Access-Control-Allow-Methods',
+				'OPTIONS, GET, PATCH',
+			);
+			expect(res.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', 'https://example.com');
+			expect(res.header).toHaveBeenCalledWith('Access-Control-Max-Age', '300');
+		});
+
+		it('should handle wildcard origin', async () => {
+			const randomOrigin = randomString(10);
+			const req = mock<WebhookRequest | WebhookOptionsRequest>({
+				method: 'OPTIONS',
+				headers: {
+					origin: randomOrigin,
+					'access-control-request-method': 'GET',
+				},
+				params: { path: 'test' },
+			});
+			const res = mock<Response>();
+			res.status.mockReturnValue(res);
+
+			webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
+			webhookManager.findAccessControlOptions.mockResolvedValue({
+				allowedOrigins: '*',
+			});
+
+			await handler(req, res);
+
+			expect(res.status).toHaveBeenCalledWith(204);
+			expect(res.header).toHaveBeenCalledWith(
+				'Access-Control-Allow-Methods',
+				'OPTIONS, GET, PATCH',
+			);
+			expect(res.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', randomOrigin);
+		});
+
+		it('should handle custom origin', async () => {
+			const req = mock<WebhookRequest | WebhookOptionsRequest>({
+				method: 'OPTIONS',
+				headers: {
+					origin: 'https://example.com',
+					'access-control-request-method': 'GET',
+				},
+				params: { path: 'test' },
+			});
+			const res = mock<Response>();
+			res.status.mockReturnValue(res);
+
+			webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
+			webhookManager.findAccessControlOptions.mockResolvedValue({
+				allowedOrigins: 'https://test.com',
+			});
+
+			await handler(req, res);
+
+			expect(res.status).toHaveBeenCalledWith(204);
+			expect(res.header).toHaveBeenCalledWith(
+				'Access-Control-Allow-Methods',
+				'OPTIONS, GET, PATCH',
+			);
+			expect(res.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', 'https://test.com');
+		});
+	});
+
+	describe('webhook requests', () => {
+		it('should delegate the request to the webhook manager and send the response', async () => {
+			const req = mock<WebhookRequest>({
+				method: 'GET',
+				params: { path: 'test' },
+			});
+
+			const res = mock<Response>();
+
+			const executeWebhookResponse: IWebhookResponseCallbackData = {
+				responseCode: 200,
+				data: {},
+				headers: {
+					'x-custom-header': 'test',
+				},
+			};
+			webhookManager.executeWebhook.mockResolvedValueOnce(executeWebhookResponse);
+
+			await handler(req, res);
+
+			expect(webhookManager.executeWebhook).toHaveBeenCalledWith(req, res);
+			expect(res.status).toHaveBeenCalledWith(200);
+			expect(res.header).toHaveBeenCalledWith({
+				'x-custom-header': 'test',
+			});
+			expect(res.json).toHaveBeenCalledWith(executeWebhookResponse.data);
+		});
+
+		it('should send an error response if webhook execution throws', async () => {
+			class TestError extends ResponseError {}
+			const req = mock<WebhookRequest>({
+				method: 'GET',
+				params: { path: 'test' },
+			});
+
+			const res = mock<Response>();
+			res.status.mockReturnValue(res);
+
+			webhookManager.executeWebhook.mockRejectedValueOnce(
+				new TestError('Test error', 500, 100, 'Test hint'),
+			);
+
+			await handler(req, res);
+
+			expect(webhookManager.executeWebhook).toHaveBeenCalledWith(req, res);
+			expect(res.status).toHaveBeenCalledWith(500);
+			expect(res.json).toHaveBeenCalledWith({
+				code: 100,
+				message: 'Test error',
+				hint: 'Test hint',
+			});
+		});
+
+		test.each<IHttpRequestMethods>(['DELETE', 'GET', 'HEAD', 'PATCH', 'POST', 'PUT'])(
+			"should handle '%s' method",
+			async (method) => {
+				const req = mock<WebhookRequest>({
+					method,
+					params: { path: 'test' },
+				});
+
+				const res = mock<Response>();
+
+				const executeWebhookResponse: IWebhookResponseCallbackData = {
+					responseCode: 200,
+				};
+				webhookManager.executeWebhook.mockResolvedValueOnce(executeWebhookResponse);
+
+				await handler(req, res);
+
+				expect(webhookManager.executeWebhook).toHaveBeenCalledWith(req, res);
+				expect(res.status).toHaveBeenCalledWith(200);
+				expect(res.json).toHaveBeenCalledWith(executeWebhookResponse.data);
+			},
+		);
+	});
+});
diff --git a/packages/cli/test/unit/services/test-webhook-registrations.service.test.ts b/packages/cli/src/webhooks/__tests__/test-webhook-registrations.service.test.ts
similarity index 95%
rename from packages/cli/test/unit/services/test-webhook-registrations.service.test.ts
rename to packages/cli/src/webhooks/__tests__/test-webhook-registrations.service.test.ts
index c93540938c1bd..95502e3611e7c 100644
--- a/packages/cli/test/unit/services/test-webhook-registrations.service.test.ts
+++ b/packages/cli/src/webhooks/__tests__/test-webhook-registrations.service.test.ts
@@ -1,7 +1,7 @@
 import type { CacheService } from '@/services/cache/cache.service';
 import type { OrchestrationService } from '@/services/orchestration.service';
-import type { TestWebhookRegistration } from '@/services/test-webhook-registrations.service';
-import { TestWebhookRegistrationsService } from '@/services/test-webhook-registrations.service';
+import type { TestWebhookRegistration } from '@/webhooks/test-webhook-registrations.service';
+import { TestWebhookRegistrationsService } from '@/webhooks/test-webhook-registrations.service';
 import { mock } from 'jest-mock-extended';
 
 describe('TestWebhookRegistrationsService', () => {
diff --git a/packages/cli/src/__tests__/waiting-webhooks.test.ts b/packages/cli/src/webhooks/__tests__/waiting-webhooks.test.ts
similarity index 90%
rename from packages/cli/src/__tests__/waiting-webhooks.test.ts
rename to packages/cli/src/webhooks/__tests__/waiting-webhooks.test.ts
index 6748c7233566f..31f64eb198432 100644
--- a/packages/cli/src/__tests__/waiting-webhooks.test.ts
+++ b/packages/cli/src/webhooks/__tests__/waiting-webhooks.test.ts
@@ -1,10 +1,11 @@
 import { mock } from 'jest-mock-extended';
-import { WaitingWebhooks } from '@/WaitingWebhooks';
+import { WaitingWebhooks } from '@/webhooks/WaitingWebhooks';
 import { ConflictError } from '@/errors/response-errors/conflict.error';
 import { NotFoundError } from '@/errors/response-errors/not-found.error';
-import type { IExecutionResponse, WaitingWebhookRequest } from '@/Interfaces';
+import type { IExecutionResponse } from '@/Interfaces';
 import type express from 'express';
 import type { ExecutionRepository } from '@/databases/repositories/execution.repository';
+import type { WaitingWebhookRequest } from '@/webhooks/webhook.types';
 
 describe('WaitingWebhooks', () => {
 	const executionRepository = mock<ExecutionRepository>();
diff --git a/packages/cli/test/unit/services/webhook.service.test.ts b/packages/cli/src/webhooks/__tests__/webhook.service.test.ts
similarity index 98%
rename from packages/cli/test/unit/services/webhook.service.test.ts
rename to packages/cli/src/webhooks/__tests__/webhook.service.test.ts
index adb18de4b309b..5a8e19e84c809 100644
--- a/packages/cli/test/unit/services/webhook.service.test.ts
+++ b/packages/cli/src/webhooks/__tests__/webhook.service.test.ts
@@ -2,9 +2,9 @@ import { v4 as uuid } from 'uuid';
 import config from '@/config';
 import { WebhookRepository } from '@db/repositories/webhook.repository';
 import { CacheService } from '@/services/cache/cache.service';
-import { WebhookService } from '@/services/webhook.service';
+import { WebhookService } from '@/webhooks/webhook.service';
 import { WebhookEntity } from '@db/entities/WebhookEntity';
-import { mockInstance } from '../../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 const createWebhook = (method: string, path: string, webhookId?: string, pathSegments?: number) =>
 	Object.assign(new WebhookEntity(), {
diff --git a/packages/cli/src/services/test-webhook-registrations.service.ts b/packages/cli/src/webhooks/test-webhook-registrations.service.ts
similarity index 97%
rename from packages/cli/src/services/test-webhook-registrations.service.ts
rename to packages/cli/src/webhooks/test-webhook-registrations.service.ts
index e2abae5605f98..94e7e7d826dbf 100644
--- a/packages/cli/src/services/test-webhook-registrations.service.ts
+++ b/packages/cli/src/webhooks/test-webhook-registrations.service.ts
@@ -3,7 +3,7 @@ import { CacheService } from '@/services/cache/cache.service';
 import type { IWebhookData } from 'n8n-workflow';
 import type { IWorkflowDb } from '@/Interfaces';
 import { TEST_WEBHOOK_TIMEOUT, TEST_WEBHOOK_TIMEOUT_BUFFER } from '@/constants';
-import { OrchestrationService } from './orchestration.service';
+import { OrchestrationService } from '@/services/orchestration.service';
 
 export type TestWebhookRegistration = {
 	pushRef?: string;
diff --git a/packages/cli/src/services/webhook.service.ts b/packages/cli/src/webhooks/webhook.service.ts
similarity index 100%
rename from packages/cli/src/services/webhook.service.ts
rename to packages/cli/src/webhooks/webhook.service.ts
diff --git a/packages/cli/src/webhooks/webhook.types.ts b/packages/cli/src/webhooks/webhook.types.ts
new file mode 100644
index 0000000000000..4d34b00d04c2c
--- /dev/null
+++ b/packages/cli/src/webhooks/webhook.types.ts
@@ -0,0 +1,37 @@
+import type { Request, Response } from 'express';
+import type { IDataObject, IHttpRequestMethods } from 'n8n-workflow';
+
+export type WebhookOptionsRequest = Request & { method: 'OPTIONS' };
+
+export type WebhookRequest = Request<{ path: string }> & {
+	method: IHttpRequestMethods;
+	params: Record<string, string>;
+};
+
+export type WaitingWebhookRequest = WebhookRequest & {
+	params: WebhookRequest['path'] & { suffix?: string };
+};
+
+export interface WebhookAccessControlOptions {
+	allowedOrigins?: string;
+}
+
+export interface IWebhookManager {
+	/** Gets all request methods associated with a webhook path*/
+	getWebhookMethods?: (path: string) => Promise<IHttpRequestMethods[]>;
+
+	/** Find the CORS options matching a path and method */
+	findAccessControlOptions?: (
+		path: string,
+		httpMethod: IHttpRequestMethods,
+	) => Promise<WebhookAccessControlOptions | undefined>;
+
+	executeWebhook(req: WebhookRequest, res: Response): Promise<IWebhookResponseCallbackData>;
+}
+
+export interface IWebhookResponseCallbackData {
+	data?: IDataObject | IDataObject[];
+	headers?: object;
+	noWebhookResponse?: boolean;
+	responseCode?: number;
+}
diff --git a/packages/cli/test/unit/workflow-execution.service.test.ts b/packages/cli/src/workflows/__tests__/workflow-execution.service.test.ts
similarity index 100%
rename from packages/cli/test/unit/workflow-execution.service.test.ts
rename to packages/cli/src/workflows/__tests__/workflow-execution.service.test.ts
diff --git a/packages/cli/src/workflows/workflow.service.ts b/packages/cli/src/workflows/workflow.service.ts
index 4f59f8238fe68..20917e60cbc16 100644
--- a/packages/cli/src/workflows/workflow.service.ts
+++ b/packages/cli/src/workflows/workflow.service.ts
@@ -33,7 +33,7 @@ import type { EntityManager } from '@n8n/typeorm';
 // eslint-disable-next-line n8n-local-rules/misplaced-n8n-typeorm-import
 import { In } from '@n8n/typeorm';
 import { SharedWorkflow } from '@/databases/entities/SharedWorkflow';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 
 @Service()
 export class WorkflowService {
diff --git a/packages/cli/src/workflows/workflowExecution.service.ts b/packages/cli/src/workflows/workflowExecution.service.ts
index 8ebe7aed0c142..9ddce37d2f207 100644
--- a/packages/cli/src/workflows/workflowExecution.service.ts
+++ b/packages/cli/src/workflows/workflowExecution.service.ts
@@ -30,7 +30,7 @@ import type {
 import { NodeTypes } from '@/NodeTypes';
 import { WorkflowRunner } from '@/WorkflowRunner';
 import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
-import { TestWebhooks } from '@/TestWebhooks';
+import { TestWebhooks } from '@/webhooks/TestWebhooks';
 import { Logger } from '@/Logger';
 import type { Project } from '@/databases/entities/Project';
 import { GlobalConfig } from '@n8n/config';
diff --git a/packages/cli/test/unit/services/workflowHistory.service.ee.test.ts b/packages/cli/src/workflows/workflowHistory/__tests__/workflowHistory.service.ee.test.ts
similarity index 96%
rename from packages/cli/test/unit/services/workflowHistory.service.ee.test.ts
rename to packages/cli/src/workflows/workflowHistory/__tests__/workflowHistory.service.ee.test.ts
index 05ccae70051a2..5b28b8d171468 100644
--- a/packages/cli/test/unit/services/workflowHistory.service.ee.test.ts
+++ b/packages/cli/src/workflows/workflowHistory/__tests__/workflowHistory.service.ee.test.ts
@@ -4,8 +4,8 @@ import { WorkflowHistoryRepository } from '@db/repositories/workflowHistory.repo
 import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
 import { WorkflowHistoryService } from '@/workflows/workflowHistory/workflowHistory.service.ee';
 import { Logger } from '@/Logger';
-import { mockInstance } from '../../shared/mocking';
-import { getWorkflow } from '../../integration/shared/workflow';
+import { mockInstance } from '@test/mocking';
+import { getWorkflow } from '@test-integration/workflow';
 
 const workflowHistoryRepository = mockInstance(WorkflowHistoryRepository);
 const logger = mockInstance(Logger);
diff --git a/packages/cli/test/unit/workflowHistoryHelper.test.ts b/packages/cli/src/workflows/workflowHistory/__tests__/workflowHistoryHelper.ee.test.ts
similarity index 96%
rename from packages/cli/test/unit/workflowHistoryHelper.test.ts
rename to packages/cli/src/workflows/workflowHistory/__tests__/workflowHistoryHelper.ee.test.ts
index 32a6cdd6f0d52..427f98188495b 100644
--- a/packages/cli/test/unit/workflowHistoryHelper.test.ts
+++ b/packages/cli/src/workflows/workflowHistory/__tests__/workflowHistoryHelper.ee.test.ts
@@ -1,7 +1,7 @@
 import { License } from '@/License';
 import config from '@/config';
 import { getWorkflowHistoryPruneTime } from '@/workflows/workflowHistory/workflowHistoryHelper.ee';
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 
 let licensePruneTime = -1;
 
diff --git a/packages/cli/src/workflows/workflowSharing.service.ts b/packages/cli/src/workflows/workflowSharing.service.ts
index 93ef76438f7b0..111e50b58103f 100644
--- a/packages/cli/src/workflows/workflowSharing.service.ts
+++ b/packages/cli/src/workflows/workflowSharing.service.ts
@@ -8,12 +8,14 @@ import { RoleService } from '@/services/role.service';
 import type { Scope } from '@n8n/permissions';
 import type { ProjectRole } from '@/databases/entities/ProjectRelation';
 import type { WorkflowSharingRole } from '@/databases/entities/SharedWorkflow';
+import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
 
 @Service()
 export class WorkflowSharingService {
 	constructor(
 		private readonly sharedWorkflowRepository: SharedWorkflowRepository,
 		private readonly roleService: RoleService,
+		private readonly projectRelationRepository: ProjectRelationRepository,
 	) {}
 
 	/**
@@ -27,11 +29,16 @@ export class WorkflowSharingService {
 	async getSharedWorkflowIds(
 		user: User,
 		options:
-			| { scopes: Scope[] }
-			| { projectRoles: ProjectRole[]; workflowRoles: WorkflowSharingRole[] },
+			| { scopes: Scope[]; projectId?: string }
+			| { projectRoles: ProjectRole[]; workflowRoles: WorkflowSharingRole[]; projectId?: string },
 	): Promise<string[]> {
+		const { projectId } = options;
+
 		if (user.hasGlobalScope('workflow:read')) {
-			const sharedWorkflows = await this.sharedWorkflowRepository.find({ select: ['workflowId'] });
+			const sharedWorkflows = await this.sharedWorkflowRepository.find({
+				select: ['workflowId'],
+				...(projectId && { where: { projectId } }),
+			});
 			return sharedWorkflows.map(({ workflowId }) => workflowId);
 		}
 
@@ -59,4 +66,28 @@ export class WorkflowSharingService {
 
 		return sharedWorkflows.map(({ workflowId }) => workflowId);
 	}
+
+	async getSharedWorkflowScopes(
+		workflowIds: string[],
+		user: User,
+	): Promise<Array<[string, Scope[]]>> {
+		const projectRelations = await this.projectRelationRepository.findAllByUser(user.id);
+		const sharedWorkflows =
+			await this.sharedWorkflowRepository.getRelationsByWorkflowIdsAndProjectIds(
+				workflowIds,
+				projectRelations.map((p) => p.projectId),
+			);
+
+		return workflowIds.map((workflowId) => {
+			return [
+				workflowId,
+				this.roleService.combineResourceScopes(
+					'workflow',
+					user,
+					sharedWorkflows.filter((s) => s.workflowId === workflowId),
+					projectRelations,
+				),
+			];
+		});
+	}
 }
diff --git a/packages/cli/src/workflows/workflows.controller.ts b/packages/cli/src/workflows/workflows.controller.ts
index c774b21917c98..4c03dd9e246c4 100644
--- a/packages/cli/src/workflows/workflows.controller.ts
+++ b/packages/cli/src/workflows/workflows.controller.ts
@@ -17,7 +17,6 @@ import { validateEntity } from '@/GenericHelpers';
 import { ExternalHooks } from '@/ExternalHooks';
 import { WorkflowService } from './workflow.service';
 import { License } from '@/License';
-import { InternalHooks } from '@/InternalHooks';
 import * as utils from '@/utils';
 import { listQueryMiddleware } from '@/middlewares';
 import { TagService } from '@/services/tag.service';
@@ -42,14 +41,13 @@ import { In, type FindOptionsRelations } from '@n8n/typeorm';
 import type { Project } from '@/databases/entities/Project';
 import { ProjectRelationRepository } from '@/databases/repositories/projectRelation.repository';
 import { z } from 'zod';
-import { EventService } from '@/eventbus/event.service';
+import { EventService } from '@/events/event.service';
 import { GlobalConfig } from '@n8n/config';
 
 @RestController('/workflows')
 export class WorkflowsController {
 	constructor(
 		private readonly logger: Logger,
-		private readonly internalHooks: InternalHooks,
 		private readonly externalHooks: ExternalHooks,
 		private readonly tagRepository: TagRepository,
 		private readonly enterpriseWorkflowService: EnterpriseWorkflowService,
@@ -459,7 +457,11 @@ export class WorkflowsController {
 			newShareeIds = toShare;
 		});
 
-		this.internalHooks.onWorkflowSharingUpdate(workflowId, req.user.id, shareWithIds);
+		this.eventService.emit('workflow-sharing-updated', {
+			workflowId,
+			userIdSharer: req.user.id,
+			userIdList: shareWithIds,
+		});
 
 		const projectsRelations = await this.projectRelationRepository.findBy({
 			projectId: In(newShareeIds),
diff --git a/packages/cli/test/integration/ExternalSecrets/externalSecrets.api.test.ts b/packages/cli/test/integration/ExternalSecrets/externalSecrets.api.test.ts
index 7a49e61fa1b01..190ab437fa5f6 100644
--- a/packages/cli/test/integration/ExternalSecrets/externalSecrets.api.test.ts
+++ b/packages/cli/test/integration/ExternalSecrets/externalSecrets.api.test.ts
@@ -21,7 +21,7 @@ import {
 	TestFailProvider,
 } from '../../shared/ExternalSecrets/utils';
 import type { SuperAgentTest } from '../shared/types';
-import type { EventService } from '@/eventbus/event.service';
+import type { EventService } from '@/events/event.service';
 
 let authOwnerAgent: SuperAgentTest;
 let authMemberAgent: SuperAgentTest;
diff --git a/packages/cli/test/integration/PermissionChecker.test.ts b/packages/cli/test/integration/PermissionChecker.test.ts
index d5262a50d0672..ff10d0497439a 100644
--- a/packages/cli/test/integration/PermissionChecker.test.ts
+++ b/packages/cli/test/integration/PermissionChecker.test.ts
@@ -1,6 +1,6 @@
 import { v4 as uuid } from 'uuid';
 import { Container } from 'typedi';
-import type { INode } from 'n8n-workflow';
+import type { INode, INodeTypeData } from 'n8n-workflow';
 import { randomInt } from 'n8n-workflow';
 import type { User } from '@db/entities/User';
 import { WorkflowRepository } from '@db/repositories/workflow.repository';
@@ -14,7 +14,6 @@ import { mockInstance } from '../shared/mocking';
 import { randomCredentialPayload as randomCred } from '../integration/shared/random';
 import * as testDb from '../integration/shared/testDb';
 import type { SaveCredentialFunction } from '../integration/shared/types';
-import { mockNodeTypesData } from '../unit/Helpers';
 import { affixRoleToSaveCredential } from '../integration/shared/db/credentials';
 import { createOwner, createUser } from '../integration/shared/db/users';
 import { SharedCredentialsRepository } from '@/databases/repositories/sharedCredentials.repository';
@@ -25,6 +24,36 @@ import { ProjectRepository } from '@/databases/repositories/project.repository';
 
 const ownershipService = mockInstance(OwnershipService);
 
+function mockNodeTypesData(
+	nodeNames: string[],
+	options?: {
+		addTrigger?: boolean;
+	},
+) {
+	return nodeNames.reduce<INodeTypeData>((acc, nodeName) => {
+		return (
+			(acc[`n8n-nodes-base.${nodeName}`] = {
+				sourcePath: '',
+				type: {
+					description: {
+						displayName: nodeName,
+						name: nodeName,
+						group: [],
+						description: '',
+						version: 1,
+						defaults: {},
+						inputs: [],
+						outputs: [],
+						properties: [],
+					},
+					trigger: options?.addTrigger ? async () => undefined : undefined,
+				},
+			}),
+			acc
+		);
+	}, {});
+}
+
 const createWorkflow = async (nodes: INode[], workflowOwner?: User): Promise<WorkflowEntity> => {
 	const workflowDetails = {
 		id: randomInt(1, 10).toString(),
diff --git a/packages/cli/test/integration/activation-errors.service.test.ts b/packages/cli/test/integration/activation-errors.service.test.ts
index 7635660db3aca..5d56f0dc90d6a 100644
--- a/packages/cli/test/integration/activation-errors.service.test.ts
+++ b/packages/cli/test/integration/activation-errors.service.test.ts
@@ -1,8 +1,13 @@
 import { ActivationErrorsService } from '@/ActivationErrors.service';
 import { CacheService } from '@/services/cache/cache.service';
+import { GlobalConfig } from '@n8n/config';
+import { mockInstance } from '@test/mocking';
 
 describe('ActivationErrorsService', () => {
-	const cacheService = new CacheService();
+	const globalConfig = mockInstance(GlobalConfig, {
+		cache: { backend: 'memory', memory: { maxSize: 3 * 1024 * 1024, ttl: 3600 * 1000 } },
+	});
+	const cacheService = new CacheService(globalConfig);
 	const activationErrorsService = new ActivationErrorsService(cacheService);
 
 	const firstWorkflowId = 'GSG0etbfTA2CNPDX';
diff --git a/packages/cli/test/integration/active-workflow-manager.test.ts b/packages/cli/test/integration/active-workflow-manager.test.ts
index 03ce58e7ef6bc..de586b643a468 100644
--- a/packages/cli/test/integration/active-workflow-manager.test.ts
+++ b/packages/cli/test/integration/active-workflow-manager.test.ts
@@ -8,8 +8,8 @@ import { ActiveWorkflowManager } from '@/ActiveWorkflowManager';
 import { ExternalHooks } from '@/ExternalHooks';
 import { Push } from '@/push';
 import { SecretsHelper } from '@/SecretsHelpers';
-import { WebhookService } from '@/services/webhook.service';
-import * as WebhookHelpers from '@/WebhookHelpers';
+import { WebhookService } from '@/webhooks/webhook.service';
+import * as WebhookHelpers from '@/webhooks/WebhookHelpers';
 import * as AdditionalData from '@/WorkflowExecuteAdditionalData';
 import type { WebhookEntity } from '@db/entities/WebhookEntity';
 import { NodeTypes } from '@/NodeTypes';
diff --git a/packages/cli/test/integration/commands/credentials.cmd.test.ts b/packages/cli/test/integration/commands/credentials.cmd.test.ts
index 386f3a41b20de..bcb6f0173b262 100644
--- a/packages/cli/test/integration/commands/credentials.cmd.test.ts
+++ b/packages/cli/test/integration/commands/credentials.cmd.test.ts
@@ -1,6 +1,5 @@
 import { nanoid } from 'nanoid';
 
-import { InternalHooks } from '@/InternalHooks';
 import { ImportCredentialsCommand } from '@/commands/import/credentials';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 
@@ -11,7 +10,6 @@ import { getAllCredentials, getAllSharedCredentials } from '../shared/db/credent
 import { createMember, createOwner } from '../shared/db/users';
 import { getPersonalProject } from '../shared/db/projects';
 
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 const command = setupTestCommand(ImportCredentialsCommand);
 
diff --git a/packages/cli/test/integration/commands/import.cmd.test.ts b/packages/cli/test/integration/commands/import.cmd.test.ts
index 3295f0de27b1c..ba72d64d775fe 100644
--- a/packages/cli/test/integration/commands/import.cmd.test.ts
+++ b/packages/cli/test/integration/commands/import.cmd.test.ts
@@ -1,6 +1,5 @@
 import { nanoid } from 'nanoid';
 
-import { InternalHooks } from '@/InternalHooks';
 import { ImportWorkflowsCommand } from '@/commands/import/workflow';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 
@@ -11,7 +10,6 @@ import { getAllSharedWorkflows, getAllWorkflows } from '../shared/db/workflows';
 import { createMember, createOwner } from '../shared/db/users';
 import { getPersonalProject } from '../shared/db/projects';
 
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 const command = setupTestCommand(ImportWorkflowsCommand);
 
diff --git a/packages/cli/test/integration/commands/ldap/reset.test.ts b/packages/cli/test/integration/commands/ldap/reset.test.ts
index 12833b633f018..720c98c401063 100644
--- a/packages/cli/test/integration/commands/ldap/reset.test.ts
+++ b/packages/cli/test/integration/commands/ldap/reset.test.ts
@@ -4,7 +4,6 @@ import { EntityNotFoundError } from '@n8n/typeorm';
 
 import { Reset } from '@/commands/ldap/reset';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
-import { InternalHooks } from '@/InternalHooks';
 import { WorkflowRepository } from '@db/repositories/workflow.repository';
 import { CredentialsRepository } from '@db/repositories/credentials.repository';
 import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
@@ -26,7 +25,6 @@ import { createTeamProject, findProject, getPersonalProject } from '../../shared
 mockInstance(Telemetry);
 
 mockInstance(Push);
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 const command = setupTestCommand(Reset);
 
diff --git a/packages/cli/test/integration/commands/license.cmd.test.ts b/packages/cli/test/integration/commands/license.cmd.test.ts
index 8637d2d02017d..1717e1a5ff185 100644
--- a/packages/cli/test/integration/commands/license.cmd.test.ts
+++ b/packages/cli/test/integration/commands/license.cmd.test.ts
@@ -1,4 +1,3 @@
-import { InternalHooks } from '@/InternalHooks';
 import { License } from '@/License';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import { ClearLicenseCommand } from '@/commands/license/clear';
@@ -6,7 +5,6 @@ import { ClearLicenseCommand } from '@/commands/license/clear';
 import { setupTestCommand } from '@test-integration/utils/testCommand';
 import { mockInstance } from '../../shared/mocking';
 
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 const license = mockInstance(License);
 const command = setupTestCommand(ClearLicenseCommand);
diff --git a/packages/cli/test/integration/commands/reset.cmd.test.ts b/packages/cli/test/integration/commands/reset.cmd.test.ts
index f38ea789d71b7..573e85043ea3c 100644
--- a/packages/cli/test/integration/commands/reset.cmd.test.ts
+++ b/packages/cli/test/integration/commands/reset.cmd.test.ts
@@ -1,7 +1,6 @@
 import { Container } from 'typedi';
 
 import { Reset } from '@/commands/user-management/reset';
-import { InternalHooks } from '@/InternalHooks';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import { NodeTypes } from '@/NodeTypes';
 import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
@@ -20,7 +19,6 @@ import { getPersonalProject } from '../shared/db/projects';
 import { encryptCredentialData, saveCredential } from '../shared/db/credentials';
 import { randomCredentialPayload } from '../shared/random';
 
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 mockInstance(NodeTypes);
 const command = setupTestCommand(Reset);
diff --git a/packages/cli/test/integration/commands/update/workflow.test.ts b/packages/cli/test/integration/commands/update/workflow.test.ts
index 315e64c5263af..95a25bc4f647e 100644
--- a/packages/cli/test/integration/commands/update/workflow.test.ts
+++ b/packages/cli/test/integration/commands/update/workflow.test.ts
@@ -1,4 +1,3 @@
-import { InternalHooks } from '@/InternalHooks';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import { UpdateWorkflowCommand } from '@/commands/update/workflow';
 
@@ -7,7 +6,6 @@ import * as testDb from '../../shared/testDb';
 import { createWorkflowWithTrigger, getAllWorkflows } from '../../shared/db/workflows';
 import { mockInstance } from '../../../shared/mocking';
 
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 const command = setupTestCommand(UpdateWorkflowCommand);
 
diff --git a/packages/cli/test/integration/commands/worker.cmd.test.ts b/packages/cli/test/integration/commands/worker.cmd.test.ts
index 0ffad7bc056ec..e7f783bf94126 100644
--- a/packages/cli/test/integration/commands/worker.cmd.test.ts
+++ b/packages/cli/test/integration/commands/worker.cmd.test.ts
@@ -1,39 +1,34 @@
 import { BinaryDataService } from 'n8n-core';
-import { mock } from 'jest-mock-extended';
 
 import { Worker } from '@/commands/worker';
 import config from '@/config';
 import { ExternalSecretsManager } from '@/ExternalSecrets/ExternalSecretsManager.ee';
 import { MessageEventBus } from '@/eventbus/MessageEventBus/MessageEventBus';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
-import { InternalHooks } from '@/InternalHooks';
 import { OrchestrationHandlerWorkerService } from '@/services/orchestration/worker/orchestration.handler.worker.service';
 import { OrchestrationWorkerService } from '@/services/orchestration/worker/orchestration.worker.service';
 import { License } from '@/License';
 import { ExternalHooks } from '@/ExternalHooks';
-import { type JobQueue, Queue } from '@/Queue';
+import { ScalingService } from '@/scaling/scaling.service';
 
 import { setupTestCommand } from '@test-integration/utils/testCommand';
 import { mockInstance } from '../../shared/mocking';
-import { AuditEventRelay } from '@/eventbus/audit-event-relay.service';
+import { LogStreamingEventRelay } from '@/events/log-streaming-event-relay';
 
 config.set('executions.mode', 'queue');
 config.set('binaryDataManager.availableModes', 'filesystem');
-mockInstance(InternalHooks);
 mockInstance(LoadNodesAndCredentials);
 const binaryDataService = mockInstance(BinaryDataService);
 const externalHooks = mockInstance(ExternalHooks);
 const externalSecretsManager = mockInstance(ExternalSecretsManager);
 const license = mockInstance(License);
 const messageEventBus = mockInstance(MessageEventBus);
-const auditEventRelay = mockInstance(AuditEventRelay);
+const logStreamingEventRelay = mockInstance(LogStreamingEventRelay);
 const orchestrationHandlerWorkerService = mockInstance(OrchestrationHandlerWorkerService);
-const queue = mockInstance(Queue);
+const scalingService = mockInstance(ScalingService);
 const orchestrationWorkerService = mockInstance(OrchestrationWorkerService);
 const command = setupTestCommand(Worker);
 
-queue.getBullObjectInstance.mockReturnValue(mock<JobQueue>({ on: jest.fn() }));
-
 test('worker initializes all its components', async () => {
 	const worker = await command.run();
 
@@ -45,9 +40,9 @@ test('worker initializes all its components', async () => {
 	expect(externalHooks.init).toHaveBeenCalledTimes(1);
 	expect(externalSecretsManager.init).toHaveBeenCalledTimes(1);
 	expect(messageEventBus.initialize).toHaveBeenCalledTimes(1);
-	expect(auditEventRelay.init).toHaveBeenCalledTimes(1);
-	expect(queue.init).toHaveBeenCalledTimes(1);
-	expect(queue.process).toHaveBeenCalledTimes(1);
+	expect(scalingService.setupQueue).toHaveBeenCalledTimes(1);
+	expect(scalingService.setupWorker).toHaveBeenCalledTimes(1);
+	expect(logStreamingEventRelay.init).toHaveBeenCalledTimes(1);
 	expect(orchestrationWorkerService.init).toHaveBeenCalledTimes(1);
 	expect(orchestrationHandlerWorkerService.initWithOptions).toHaveBeenCalledTimes(1);
 	expect(messageEventBus.send).toHaveBeenCalledTimes(1);
diff --git a/packages/cli/test/integration/community-packages.api.test.ts b/packages/cli/test/integration/community-packages.api.test.ts
index 661dbcd0fe4e9..46c7efad03434 100644
--- a/packages/cli/test/integration/community-packages.api.test.ts
+++ b/packages/cli/test/integration/community-packages.api.test.ts
@@ -179,7 +179,7 @@ describe('POST /community-packages', () => {
 		communityPackagesService.hasPackageLoaded.mockReturnValue(false);
 		communityPackagesService.checkNpmPackageStatus.mockResolvedValue({ status: 'OK' });
 		communityPackagesService.parseNpmPackageName.mockReturnValue(parsedNpmPackageName);
-		communityPackagesService.installNpmModule.mockResolvedValue(mockPackage());
+		communityPackagesService.installPackage.mockResolvedValue(mockPackage());
 
 		await authAgent.post('/community-packages').send({ name: mockPackageName() }).expect(200);
 
@@ -219,7 +219,7 @@ describe('DELETE /community-packages', () => {
 
 		await authAgent.delete('/community-packages').query({ name: mockPackageName() }).expect(200);
 
-		expect(communityPackagesService.removeNpmModule).toHaveBeenCalledTimes(1);
+		expect(communityPackagesService.removePackage).toHaveBeenCalledTimes(1);
 	});
 });
 
@@ -242,6 +242,6 @@ describe('PATCH /community-packages', () => {
 
 		await authAgent.patch('/community-packages').send({ name: mockPackageName() });
 
-		expect(communityPackagesService.updateNpmModule).toHaveBeenCalledTimes(1);
+		expect(communityPackagesService.updatePackage).toHaveBeenCalledTimes(1);
 	});
 });
diff --git a/packages/cli/test/integration/controllers/invitation/invitation.controller.integration.test.ts b/packages/cli/test/integration/controllers/invitation/invitation.controller.integration.test.ts
index 00e480f86f6f6..8b1048267da20 100644
--- a/packages/cli/test/integration/controllers/invitation/invitation.controller.integration.test.ts
+++ b/packages/cli/test/integration/controllers/invitation/invitation.controller.integration.test.ts
@@ -1,8 +1,6 @@
-import { mocked } from 'jest-mock';
 import Container from 'typedi';
 import { Not } from '@n8n/typeorm';
-
-import { InternalHooks } from '@/InternalHooks';
+import { EventService } from '@/events/event.service';
 import { ExternalHooks } from '@/ExternalHooks';
 import { UserManagementMailer } from '@/UserManagement/email';
 import { UserRepository } from '@/databases/repositories/user.repository';
@@ -31,7 +29,7 @@ import { ProjectRelationRepository } from '@/databases/repositories/projectRelat
 describe('InvitationController', () => {
 	const mailer = mockInstance(UserManagementMailer);
 	const externalHooks = mockInstance(ExternalHooks);
-	const internalHooks = mockInstance(InternalHooks);
+	const eventService = mockInstance(EventService);
 
 	const testServer = utils.setupTestServer({ endpointGroups: ['invitations'] });
 
@@ -413,14 +411,24 @@ describe('InvitationController', () => {
 			expect(externalHookName).toBe('user.invited');
 			expect(externalHookArg?.[0]).toStrictEqual([newUserEmail]);
 
-			// internal hooks
-
-			const calls = mocked(internalHooks).onUserTransactionalEmail.mock.calls;
-
-			for (const [onUserTransactionalEmailArg] of calls) {
-				expect(onUserTransactionalEmailArg.user_id).toBeDefined();
-				expect(onUserTransactionalEmailArg.message_type).toBe('New user invite');
-				expect(onUserTransactionalEmailArg.public_api).toBe(false);
+			for (const [eventName, payload] of eventService.emit.mock.calls) {
+				if (eventName === 'user-invited') {
+					expect(payload).toEqual({
+						user: expect.objectContaining({ id: expect.any(String) }),
+						targetUserId: expect.arrayContaining([expect.any(String), expect.any(String)]),
+						publicApi: false,
+						emailSent: true,
+						inviteeRole: 'global:member',
+					});
+				} else if (eventName === 'user-transactional-email-sent') {
+					expect(payload).toEqual({
+						userId: expect.any(String),
+						messageType: 'New user invite',
+						publicApi: false,
+					});
+				} else {
+					fail(`Unexpected event name: ${eventName}`);
+				}
 			}
 		});
 
diff --git a/packages/cli/test/integration/credentials/credentials.api.ee.test.ts b/packages/cli/test/integration/credentials/credentials.api.ee.test.ts
index df8a562a76768..6b74dd843c303 100644
--- a/packages/cli/test/integration/credentials/credentials.api.ee.test.ts
+++ b/packages/cli/test/integration/credentials/credentials.api.ee.test.ts
@@ -48,6 +48,7 @@ let memberPersonalProject: Project;
 let anotherMember: User;
 let anotherMemberPersonalProject: Project;
 let authOwnerAgent: SuperAgentTest;
+let authMemberAgent: SuperAgentTest;
 let authAnotherMemberAgent: SuperAgentTest;
 let saveCredential: SaveCredentialFunction;
 const mailer = mockInstance(UserManagementMailer);
@@ -73,6 +74,7 @@ beforeEach(async () => {
 	);
 
 	authOwnerAgent = testServer.authAgentFor(owner);
+	authMemberAgent = testServer.authAgentFor(member);
 	authAnotherMemberAgent = testServer.authAgentFor(anotherMember);
 
 	saveCredential = affixRoleToSaveCredential('credential:owner');
@@ -978,6 +980,128 @@ describe('PUT /credentials/:id/share', () => {
 
 		config.set('userManagement.emails.mode', 'smtp');
 	});
+
+	test('member should be able to share from personal project to team project that member has access to', async () => {
+		const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
+
+		const testProject = await createTeamProject();
+		await linkUserToProject(member, testProject, 'project:editor');
+
+		const response = await authMemberAgent
+			.put(`/credentials/${savedCredential.id}/share`)
+			.send({ shareWithIds: [testProject.id] });
+
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data).toBeUndefined();
+
+		const shares = await getCredentialSharings(savedCredential);
+		const testShare = shares.find((s) => s.projectId === testProject.id);
+		expect(testShare).not.toBeUndefined();
+		expect(testShare?.role).toBe('credential:user');
+	});
+
+	test('member should be able to share from team project to personal project', async () => {
+		const testProject = await createTeamProject(undefined, member);
+
+		const savedCredential = await saveCredential(randomCredentialPayload(), {
+			project: testProject,
+		});
+
+		const response = await authMemberAgent
+			.put(`/credentials/${savedCredential.id}/share`)
+			.send({ shareWithIds: [anotherMemberPersonalProject.id] });
+
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data).toBeUndefined();
+
+		const shares = await getCredentialSharings(savedCredential);
+		const testShare = shares.find((s) => s.projectId === anotherMemberPersonalProject.id);
+		expect(testShare).not.toBeUndefined();
+		expect(testShare?.role).toBe('credential:user');
+	});
+
+	test('member should be able to share from team project to team project that member has access to', async () => {
+		const testProject = await createTeamProject(undefined, member);
+		const testProject2 = await createTeamProject();
+		await linkUserToProject(member, testProject2, 'project:editor');
+
+		const savedCredential = await saveCredential(randomCredentialPayload(), {
+			project: testProject,
+		});
+
+		const response = await authMemberAgent
+			.put(`/credentials/${savedCredential.id}/share`)
+			.send({ shareWithIds: [testProject2.id] });
+
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data).toBeUndefined();
+
+		const shares = await getCredentialSharings(savedCredential);
+		const testShare = shares.find((s) => s.projectId === testProject2.id);
+		expect(testShare).not.toBeUndefined();
+		expect(testShare?.role).toBe('credential:user');
+	});
+
+	test('admins should be able to share from any team project to any team project ', async () => {
+		const testProject = await createTeamProject();
+		const testProject2 = await createTeamProject();
+
+		const savedCredential = await saveCredential(randomCredentialPayload(), {
+			project: testProject,
+		});
+
+		const response = await authOwnerAgent
+			.put(`/credentials/${savedCredential.id}/share`)
+			.send({ shareWithIds: [testProject2.id] });
+
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data).toBeUndefined();
+
+		const shares = await getCredentialSharings(savedCredential);
+		const testShare = shares.find((s) => s.projectId === testProject2.id);
+		expect(testShare).not.toBeUndefined();
+		expect(testShare?.role).toBe('credential:user');
+	});
+
+	test("admins should be able to share from any team project to any user's personal project ", async () => {
+		const testProject = await createTeamProject();
+
+		const savedCredential = await saveCredential(randomCredentialPayload(), {
+			project: testProject,
+		});
+
+		const response = await authOwnerAgent
+			.put(`/credentials/${savedCredential.id}/share`)
+			.send({ shareWithIds: [memberPersonalProject.id] });
+
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data).toBeUndefined();
+
+		const shares = await getCredentialSharings(savedCredential);
+		const testShare = shares.find((s) => s.projectId === memberPersonalProject.id);
+		expect(testShare).not.toBeUndefined();
+		expect(testShare?.role).toBe('credential:user');
+	});
+
+	test('admins should be able to share from any personal project to any team project ', async () => {
+		const testProject = await createTeamProject();
+
+		const savedCredential = await saveCredential(randomCredentialPayload(), {
+			user: member,
+		});
+
+		const response = await authOwnerAgent
+			.put(`/credentials/${savedCredential.id}/share`)
+			.send({ shareWithIds: [testProject.id] });
+
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data).toBeUndefined();
+
+		const shares = await getCredentialSharings(savedCredential);
+		const testShare = shares.find((s) => s.projectId === testProject.id);
+		expect(testShare).not.toBeUndefined();
+		expect(testShare?.role).toBe('credential:user');
+	});
 });
 
 describe('PUT /:credentialId/transfer', () => {
diff --git a/packages/cli/test/integration/credentials/credentials.api.test.ts b/packages/cli/test/integration/credentials/credentials.api.test.ts
index 54de47b16e948..cd461b3dafe66 100644
--- a/packages/cli/test/integration/credentials/credentials.api.test.ts
+++ b/packages/cli/test/integration/credentials/credentials.api.test.ts
@@ -142,7 +142,13 @@ describe('GET /credentials', () => {
 			// Team cred
 			expect(cred1.id).toBe(savedCredential1.id);
 			expect(cred1.scopes).toEqual(
-				['credential:move', 'credential:read', 'credential:update', 'credential:delete'].sort(),
+				[
+					'credential:move',
+					'credential:read',
+					'credential:update',
+					'credential:share',
+					'credential:delete',
+				].sort(),
 			);
 
 			// Shared cred
@@ -389,6 +395,21 @@ describe('GET /credentials', () => {
 			expect(response2.body.data).toHaveLength(0);
 		});
 
+		test('should return homeProject when filtering credentials by projectId', async () => {
+			const project = await createTeamProject(undefined, member);
+			const credential = await saveCredential(payload(), { user: owner, role: 'credential:owner' });
+			await shareCredentialWithProjects(credential, [project]);
+
+			const response: GetAllResponse = await testServer
+				.authAgentFor(member)
+				.get('/credentials')
+				.query(`filter={ "projectId": "${project.id}" }`)
+				.expect(200);
+
+			expect(response.body.data).toHaveLength(1);
+			expect(response.body.data[0].homeProject).not.toBeNull();
+		});
+
 		test('should return all credentials in a team project that member is part of', async () => {
 			const teamProjectWithMember = await createTeamProject('Team Project With member', owner);
 			void (await linkUserToProject(member, teamProjectWithMember, 'project:editor'));
diff --git a/packages/cli/test/integration/execution.service.integration.test.ts b/packages/cli/test/integration/execution.service.integration.test.ts
index e30d55602af95..41dcec3ce60e6 100644
--- a/packages/cli/test/integration/execution.service.integration.test.ts
+++ b/packages/cli/test/integration/execution.service.integration.test.ts
@@ -22,7 +22,6 @@ describe('ExecutionService', () => {
 			mock(),
 			mock(),
 			mock(),
-			mock(),
 			executionRepository,
 			Container.get(WorkflowRepository),
 			mock(),
@@ -30,6 +29,7 @@ describe('ExecutionService', () => {
 			mock(),
 			mock(),
 			mock(),
+			mock(),
 		);
 	});
 
diff --git a/packages/cli/test/integration/executions.controller.test.ts b/packages/cli/test/integration/executions.controller.test.ts
index 1e6d65a4f8368..94faa32351764 100644
--- a/packages/cli/test/integration/executions.controller.test.ts
+++ b/packages/cli/test/integration/executions.controller.test.ts
@@ -48,6 +48,16 @@ describe('GET /executions', () => {
 		const response2 = await testServer.authAgentFor(member).get('/executions').expect(200);
 		expect(response2.body.data.count).toBe(1);
 	});
+
+	test('should return a scopes array for each execution', async () => {
+		testServer.license.enable('feat:sharing');
+		const workflow = await createWorkflow({}, owner);
+		await shareWorkflowWithUsers(workflow, [member]);
+		await createSuccessfulExecution(workflow);
+
+		const response = await testServer.authAgentFor(member).get('/executions').expect(200);
+		expect(response.body.data.results[0].scopes).toContain('workflow:execute');
+	});
 });
 
 describe('GET /executions/:id', () => {
diff --git a/packages/cli/test/integration/mfa/mfa.api.test.ts b/packages/cli/test/integration/mfa/mfa.api.test.ts
index 7755ad4e3ceab..792ad1cb8876c 100644
--- a/packages/cli/test/integration/mfa/mfa.api.test.ts
+++ b/packages/cli/test/integration/mfa/mfa.api.test.ts
@@ -48,7 +48,8 @@ describe('Enable MFA setup', () => {
 				secondCall.body.data.recoveryCodes.join(''),
 			);
 
-			await testServer.authAgentFor(owner).delete('/mfa/disable').expect(200);
+			const token = new TOTPService().generateTOTP(firstCall.body.data.secret);
+			await testServer.authAgentFor(owner).post('/mfa/disable').send({ token }).expect(200);
 
 			const thirdCall = await testServer.authAgentFor(owner).get('/mfa/qr').expect(200);
 
@@ -135,9 +136,16 @@ describe('Enable MFA setup', () => {
 
 describe('Disable MFA setup', () => {
 	test('POST /disable should disable login with MFA', async () => {
-		const { user } = await createUserWithMfaEnabled();
+		const { user, rawSecret } = await createUserWithMfaEnabled();
+		const token = new TOTPService().generateTOTP(rawSecret);
 
-		await testServer.authAgentFor(user).delete('/mfa/disable').expect(200);
+		await testServer
+			.authAgentFor(user)
+			.post('/mfa/disable')
+			.send({
+				token,
+			})
+			.expect(200);
 
 		const dbUser = await Container.get(AuthUserRepository).findOneOrFail({
 			where: { id: user.id },
@@ -147,6 +155,18 @@ describe('Disable MFA setup', () => {
 		expect(dbUser.mfaSecret).toBe(null);
 		expect(dbUser.mfaRecoveryCodes.length).toBe(0);
 	});
+
+	test('POST /disable should fail if invalid token is given', async () => {
+		const { user } = await createUserWithMfaEnabled();
+
+		await testServer
+			.authAgentFor(user)
+			.post('/mfa/disable')
+			.send({
+				token: 'invalid token',
+			})
+			.expect(403);
+	});
 });
 
 describe('Change password with MFA enabled', () => {
diff --git a/packages/cli/test/integration/prometheus-metrics.test.ts b/packages/cli/test/integration/prometheus-metrics.test.ts
index 4c00a98f74a49..1eccb9b7d0ce2 100644
--- a/packages/cli/test/integration/prometheus-metrics.test.ts
+++ b/packages/cli/test/integration/prometheus-metrics.test.ts
@@ -5,45 +5,27 @@ import request, { type Response } from 'supertest';
 import { N8N_VERSION } from '@/constants';
 import { PrometheusMetricsService } from '@/metrics/prometheus-metrics.service';
 import { setupTestServer } from './shared/utils';
-import { mockInstance } from '@test/mocking';
 import { GlobalConfig } from '@n8n/config';
 
 jest.unmock('@/eventbus/MessageEventBus/MessageEventBus');
 
 const toLines = (response: Response) => response.text.trim().split('\n');
 
-mockInstance(GlobalConfig, {
-	database: {
-		type: 'sqlite',
-		sqlite: {
-			database: 'database.sqlite',
-			enableWAL: false,
-			executeVacuumOnStartup: false,
-			poolSize: 0,
-		},
-		logging: {
-			enabled: false,
-			maxQueryExecutionTime: 0,
-			options: 'error',
-		},
-		tablePrefix: '',
-	},
-	endpoints: {
-		metrics: {
-			prefix: 'n8n_test_',
-			includeDefaultMetrics: true,
-			includeApiEndpoints: true,
-			includeCacheMetrics: true,
-			includeMessageEventBusMetrics: true,
-			includeCredentialTypeLabel: false,
-			includeNodeTypeLabel: false,
-			includeWorkflowIdLabel: false,
-			includeApiPathLabel: true,
-			includeApiMethodLabel: true,
-			includeApiStatusCodeLabel: true,
-		},
-	},
-});
+const globalConfig = Container.get(GlobalConfig);
+globalConfig.endpoints.metrics = {
+	enable: true,
+	prefix: 'n8n_test_',
+	includeDefaultMetrics: true,
+	includeApiEndpoints: true,
+	includeCacheMetrics: true,
+	includeMessageEventBusMetrics: true,
+	includeCredentialTypeLabel: false,
+	includeNodeTypeLabel: false,
+	includeWorkflowIdLabel: false,
+	includeApiPathLabel: true,
+	includeApiMethodLabel: true,
+	includeApiStatusCodeLabel: true,
+};
 
 const server = setupTestServer({ endpointGroups: ['metrics'] });
 const agent = request.agent(server.app);
diff --git a/packages/cli/test/integration/pruning.service.test.ts b/packages/cli/test/integration/pruning.service.test.ts
index 09a43a5b5b123..37d218c09d438 100644
--- a/packages/cli/test/integration/pruning.service.test.ts
+++ b/packages/cli/test/integration/pruning.service.test.ts
@@ -1,5 +1,5 @@
 import config from '@/config';
-import { BinaryDataService } from 'n8n-core';
+import { BinaryDataService, InstanceSettings } from 'n8n-core';
 import type { ExecutionStatus } from 'n8n-workflow';
 import Container from 'typedi';
 
@@ -15,10 +15,11 @@ import { mockInstance } from '../shared/mocking';
 import { createWorkflow } from './shared/db/workflows';
 import { createExecution, createSuccessfulExecution } from './shared/db/executions';
 import { mock } from 'jest-mock-extended';
-import type { OrchestrationService } from '@/services/orchestration.service';
 
 describe('softDeleteOnPruningCycle()', () => {
 	let pruningService: PruningService;
+	const instanceSettings = new InstanceSettings();
+	instanceSettings.markAsLeader();
 
 	const now = new Date();
 	const yesterday = new Date(Date.now() - TIME.DAY);
@@ -29,9 +30,10 @@ describe('softDeleteOnPruningCycle()', () => {
 
 		pruningService = new PruningService(
 			mockInstance(Logger),
+			instanceSettings,
 			Container.get(ExecutionRepository),
 			mockInstance(BinaryDataService),
-			mock<OrchestrationService>(),
+			mock(),
 		);
 
 		workflow = await createWorkflow();
diff --git a/packages/cli/test/integration/publicApi/credentials.test.ts b/packages/cli/test/integration/publicApi/credentials.test.ts
index dfa6c44dd4037..b5ed2bfb31d82 100644
--- a/packages/cli/test/integration/publicApi/credentials.test.ts
+++ b/packages/cli/test/integration/publicApi/credentials.test.ts
@@ -9,9 +9,10 @@ import { randomApiKey, randomName } from '../shared/random';
 import * as utils from '../shared/utils/';
 import type { CredentialPayload, SaveCredentialFunction } from '../shared/types';
 import * as testDb from '../shared/testDb';
-import { affixRoleToSaveCredential } from '../shared/db/credentials';
+import { affixRoleToSaveCredential, createCredentials } from '../shared/db/credentials';
 import { addApiKey, createUser, createUserShell } from '../shared/db/users';
 import type { SuperAgentTest } from '../shared/types';
+import { createTeamProject } from '@test-integration/db/projects';
 
 let owner: User;
 let member: User;
@@ -256,6 +257,53 @@ describe('GET /credentials/schema/:credentialType', () => {
 	});
 });
 
+describe('PUT /credentials/:id/transfer', () => {
+	test('should transfer credential to project', async () => {
+		/**
+		 * Arrange
+		 */
+		const [firstProject, secondProject] = await Promise.all([
+			createTeamProject('first-project', owner),
+			createTeamProject('second-project', owner),
+		]);
+
+		const credentials = await createCredentials(
+			{ name: 'Test', type: 'test', data: '' },
+			firstProject,
+		);
+
+		/**
+		 * Act
+		 */
+		const response = await authOwnerAgent.put(`/credentials/${credentials.id}/transfer`).send({
+			destinationProjectId: secondProject.id,
+		});
+
+		/**
+		 * Assert
+		 */
+		expect(response.statusCode).toBe(204);
+	});
+
+	test('if no destination project, should reject', async () => {
+		/**
+		 * Arrange
+		 */
+		const project = await createTeamProject('first-project', member);
+		const credentials = await createCredentials({ name: 'Test', type: 'test', data: '' }, project);
+
+		/**
+		 * Act
+		 */
+		const response = await authOwnerAgent.put(`/credentials/${credentials.id}/transfer`).send({});
+
+		/**
+		 * Assert
+		 */
+		expect(response.statusCode).toBe(400);
+	});
+});
+
 const credentialPayload = (): CredentialPayload => ({
 	name: randomName(),
 	type: 'githubApi',
diff --git a/packages/cli/test/integration/publicApi/executions.test.ts b/packages/cli/test/integration/publicApi/executions.test.ts
index 9961dac545036..8dac97fc22381 100644
--- a/packages/cli/test/integration/publicApi/executions.test.ts
+++ b/packages/cli/test/integration/publicApi/executions.test.ts
@@ -20,6 +20,8 @@ import {
 import type { SuperAgentTest } from '../shared/types';
 import { mockInstance } from '@test/mocking';
 import { Telemetry } from '@/telemetry';
+import { createTeamProject } from '@test-integration/db/projects';
+import type { ExecutionEntity } from '@/databases/entities/ExecutionEntity';
 
 let owner: User;
 let user1: User;
@@ -447,6 +449,42 @@ describe('GET /executions', () => {
 		}
 	});
 
+	test('should return executions filtered by project ID', async () => {
+		/**
+		 * Arrange
+		 */
+		const [firstProject, secondProject] = await Promise.all([
+			createTeamProject(),
+			createTeamProject(),
+		]);
+		const [firstWorkflow, secondWorkflow] = await Promise.all([
+			createWorkflow({}, firstProject),
+			createWorkflow({}, secondProject),
+		]);
+		const [firstExecution, secondExecution, _] = await Promise.all([
+			createExecution({}, firstWorkflow),
+			createExecution({}, firstWorkflow),
+			createExecution({}, secondWorkflow),
+		]);
+
+		/**
+		 * Act
+		 */
+		const response = await authOwnerAgent.get('/executions').query({
+			projectId: firstProject.id,
+		});
+
+		/**
+		 * Assert
+		 */
+		expect(response.statusCode).toBe(200);
+		expect(response.body.data.length).toBe(2);
+		expect(response.body.nextCursor).toBeNull();
+		expect(response.body.data.map((execution: ExecutionEntity) => execution.id)).toEqual(
+			expect.arrayContaining([firstExecution.id, secondExecution.id]),
+		);
+	});
+
 	test('owner should retrieve all executions regardless of ownership', async () => {
 		const [firstWorkflowForUser1, secondWorkflowForUser1] = await createManyWorkflows(2, {}, user1);
 		await createManyExecutions(2, firstWorkflowForUser1, createSuccessfulExecution);
diff --git a/packages/cli/test/integration/publicApi/projects.test.ts b/packages/cli/test/integration/publicApi/projects.test.ts
new file mode 100644
index 0000000000000..0554fd6f4116f
--- /dev/null
+++ b/packages/cli/test/integration/publicApi/projects.test.ts
@@ -0,0 +1,401 @@
+import { setupTestServer } from '@test-integration/utils';
+import { createMember, createOwner } from '@test-integration/db/users';
+import * as testDb from '../shared/testDb';
+import { FeatureNotLicensedError } from '@/errors/feature-not-licensed.error';
+import { createTeamProject, getProjectByNameOrFail } from '@test-integration/db/projects';
+import { mockInstance } from '@test/mocking';
+import { Telemetry } from '@/telemetry';
+
+describe('Projects in Public API', () => {
+	const testServer = setupTestServer({ endpointGroups: ['publicApi'] });
+	mockInstance(Telemetry);
+
+	beforeAll(async () => {
+		await testDb.init();
+	});
+
+	beforeEach(async () => {
+		await testDb.truncate(['Project', 'User']);
+	});
+
+	describe('GET /projects', () => {
+		it('if licensed, should return all projects with pagination', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const owner = await createOwner({ withApiKey: true });
+			const projects = await Promise.all([
+				createTeamProject(),
+				createTeamProject(),
+				createTeamProject(),
+			]);
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).get('/projects');
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(200);
+			expect(response.body).toHaveProperty('data');
+			expect(response.body).toHaveProperty('nextCursor');
+			expect(Array.isArray(response.body.data)).toBe(true);
+			expect(response.body.data.length).toBe(projects.length + 1); // +1 for the owner's personal project
+
+			projects.forEach(({ id, name }) => {
+				expect(response.body.data).toContainEqual(expect.objectContaining({ id, name }));
+			});
+		});
+
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).get('/projects');
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+			expect(response.body).toHaveProperty('message', "'X-N8N-API-KEY' header required");
+		});
+
+		it('if not licensed, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: true });
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).get('/projects');
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty(
+				'message',
+				new FeatureNotLicensedError('feat:projectRole:admin').message,
+			);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const owner = await createMember({ withApiKey: true });
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).get('/projects');
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+	});
+
+	describe('POST /projects', () => {
+		it('if licensed, should create a new project', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const owner = await createOwner({ withApiKey: true });
+			const projectPayload = { name: 'some-project' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.post('/projects')
+				.send(projectPayload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(201);
+			expect(response.body).toEqual({
+				name: 'some-project',
+				type: 'team',
+				id: expect.any(String),
+				createdAt: expect.any(String),
+				updatedAt: expect.any(String),
+				role: 'project:admin',
+				scopes: expect.any(Array),
+			});
+			await expect(getProjectByNameOrFail(projectPayload.name)).resolves.not.toThrow();
+		});
+
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+			const projectPayload = { name: 'some-project' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.post('/projects')
+				.send(projectPayload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+			expect(response.body).toHaveProperty('message', "'X-N8N-API-KEY' header required");
+		});
+
+		it('if not licensed, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: true });
+			const projectPayload = { name: 'some-project' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.post('/projects')
+				.send(projectPayload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty(
+				'message',
+				new FeatureNotLicensedError('feat:projectRole:admin').message,
+			);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const member = await createMember({ withApiKey: true });
+			const projectPayload = { name: 'some-project' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(member)
+				.post('/projects')
+				.send(projectPayload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+	});
+
+	describe('DELETE /projects/:id', () => {
+		it('if licensed, should delete a project', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const owner = await createOwner({ withApiKey: true });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).delete(`/projects/${project.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(204);
+			await expect(getProjectByNameOrFail(project.id)).rejects.toThrow();
+		});
+
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).delete(`/projects/${project.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+			expect(response.body).toHaveProperty('message', "'X-N8N-API-KEY' header required");
+		});
+
+		it('if not licensed, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: true });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).delete(`/projects/${project.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty(
+				'message',
+				new FeatureNotLicensedError('feat:projectRole:admin').message,
+			);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const member = await createMember({ withApiKey: true });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(member).delete(`/projects/${project.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+	});
+
+	describe('PUT /projects/:id', () => {
+		it('if licensed, should update a project', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const owner = await createOwner({ withApiKey: true });
+			const project = await createTeamProject('old-name');
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.put(`/projects/${project.id}`)
+				.send({ name: 'new-name' });
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(204);
+			await expect(getProjectByNameOrFail('new-name')).resolves.not.toThrow();
+		});
+
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.put(`/projects/${project.id}`)
+				.send({ name: 'new-name' });
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+			expect(response.body).toHaveProperty('message', "'X-N8N-API-KEY' header required");
+		});
+
+		it('if not licensed, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: true });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.put(`/projects/${project.id}`)
+				.send({ name: 'new-name' });
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty(
+				'message',
+				new FeatureNotLicensedError('feat:projectRole:admin').message,
+			);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.setQuota('quota:maxTeamProjects', -1);
+			testServer.license.enable('feat:projectRole:admin');
+			const member = await createMember({ withApiKey: true });
+			const project = await createTeamProject();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(member)
+				.put(`/projects/${project.id}`)
+				.send({ name: 'new-name' });
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+	});
+});
diff --git a/packages/cli/test/integration/publicApi/users.ee.test.ts b/packages/cli/test/integration/publicApi/users.ee.test.ts
index 6e57a629d7dc7..be23d8f45a519 100644
--- a/packages/cli/test/integration/publicApi/users.ee.test.ts
+++ b/packages/cli/test/integration/publicApi/users.ee.test.ts
@@ -7,8 +7,10 @@ import { mockInstance } from '../../shared/mocking';
 import { randomApiKey } from '../shared/random';
 import * as utils from '../shared/utils/';
 import * as testDb from '../shared/testDb';
-import { createUser, createUserShell } from '../shared/db/users';
+import { createOwner, createUser, createUserShell } from '../shared/db/users';
 import type { SuperAgentTest } from '../shared/types';
+import { createTeamProject, linkUserToProject } from '@test-integration/db/projects';
+import type { User } from '@/databases/entities/User';
 
 mockInstance(License, {
 	getUsersLimit: jest.fn().mockReturnValue(-1),
@@ -84,6 +86,46 @@ describe('With license unlimited quota:users', () => {
 				expect(updatedAt).toBeDefined();
 			}
 		});
+
+		it('should return users filtered by project ID', async () => {
+			/**
+			 * Arrange
+			 */
+			const [owner, firstMember, secondMember, thirdMember] = await Promise.all([
+				createOwner({ withApiKey: true }),
+				createUser({ role: 'global:member' }),
+				createUser({ role: 'global:member' }),
+				createUser({ role: 'global:member' }),
+			]);
+
+			const [firstProject, secondProject] = await Promise.all([
+				createTeamProject(),
+				createTeamProject(),
+			]);
+
+			await Promise.all([
+				linkUserToProject(firstMember, firstProject, 'project:admin'),
+				linkUserToProject(secondMember, firstProject, 'project:viewer'),
+				linkUserToProject(thirdMember, secondProject, 'project:admin'),
+			]);
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).get('/users').query({
+				projectId: firstProject.id,
+			});
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(200);
+			expect(response.body.data.length).toBe(2);
+			expect(response.body.nextCursor).toBeNull();
+			expect(response.body.data.map((user: User) => user.id)).toEqual(
+				expect.arrayContaining([firstMember.id, secondMember.id]),
+			);
+		});
 	});
 
 	describe('GET /users/:id', () => {
diff --git a/packages/cli/test/integration/publicApi/users.test.ts b/packages/cli/test/integration/publicApi/users.test.ts
new file mode 100644
index 0000000000000..6021ae01a35f5
--- /dev/null
+++ b/packages/cli/test/integration/publicApi/users.test.ts
@@ -0,0 +1,252 @@
+import { setupTestServer } from '@test-integration/utils';
+import * as testDb from '../shared/testDb';
+import { createMember, createOwner, getUserById } from '@test-integration/db/users';
+import { mockInstance } from '@test/mocking';
+import { Telemetry } from '@/telemetry';
+import { FeatureNotLicensedError } from '@/errors/feature-not-licensed.error';
+
+describe('Users in Public API', () => {
+	const testServer = setupTestServer({ endpointGroups: ['publicApi'] });
+	mockInstance(Telemetry);
+
+	beforeAll(async () => {
+		await testDb.init();
+	});
+
+	beforeEach(async () => {
+		await testDb.truncate(['User']);
+	});
+
+	describe('POST /users', () => {
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+			const payload = { email: 'test@test.com', role: 'global:admin' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).post('/users').send(payload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.enable('feat:advancedPermissions');
+			const member = await createMember({ withApiKey: true });
+			const payload = [{ email: 'test@test.com', role: 'global:admin' }];
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(member).post('/users').send(payload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+
+		it('should create a user', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.enable('feat:advancedPermissions');
+			const owner = await createOwner({ withApiKey: true });
+			const payload = [{ email: 'test@test.com', role: 'global:admin' }];
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).post('/users').send(payload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(201);
+
+			expect(response.body).toHaveLength(1);
+
+			const [result] = response.body;
+			const { user: returnedUser, error } = result;
+			const payloadUser = payload[0];
+
+			expect(returnedUser).toHaveProperty('email', payload[0].email);
+			expect(typeof returnedUser.inviteAcceptUrl).toBe('string');
+			expect(typeof returnedUser.emailSent).toBe('boolean');
+			expect(error).toBe('');
+
+			const storedUser = await getUserById(returnedUser.id);
+			expect(returnedUser.id).toBe(storedUser.id);
+			expect(returnedUser.email).toBe(storedUser.email);
+			expect(returnedUser.email).toBe(payloadUser.email);
+			expect(storedUser.role).toBe(payloadUser.role);
+		});
+	});
+
+	describe('DELETE /users/:id', () => {
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+			const member = await createMember();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).delete(`/users/${member.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.enable('feat:advancedPermissions');
+			const firstMember = await createMember({ withApiKey: true });
+			const secondMember = await createMember();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(firstMember)
+				.delete(`/users/${secondMember.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+
+		it('should delete a user', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.enable('feat:advancedPermissions');
+			const owner = await createOwner({ withApiKey: true });
+			const member = await createMember();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).delete(`/users/${member.id}`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(204);
+			await expect(getUserById(member.id)).rejects.toThrow();
+		});
+	});
+
+	describe('PATCH /users/:id/role', () => {
+		it('if not authenticated, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: false });
+			const member = await createMember();
+
+			/**
+			 * Act
+			 */
+			const response = await testServer.publicApiAgentFor(owner).patch(`/users/${member.id}/role`);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(401);
+		});
+
+		it('if not licensed, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			const owner = await createOwner({ withApiKey: true });
+			const member = await createMember();
+			const payload = { newRoleName: 'global:admin' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.patch(`/users/${member.id}/role`)
+				.send(payload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty(
+				'message',
+				new FeatureNotLicensedError('feat:advancedPermissions').message,
+			);
+		});
+
+		it('if missing scope, should reject', async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.enable('feat:advancedPermissions');
+			const firstMember = await createMember({ withApiKey: true });
+			const secondMember = await createMember();
+			const payload = { newRoleName: 'global:admin' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(firstMember)
+				.patch(`/users/${secondMember.id}/role`)
+				.send(payload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(403);
+			expect(response.body).toHaveProperty('message', 'Forbidden');
+		});
+
+		it("should change a user's role", async () => {
+			/**
+			 * Arrange
+			 */
+			testServer.license.enable('feat:advancedPermissions');
+			const owner = await createOwner({ withApiKey: true });
+			const member = await createMember();
+			const payload = { newRoleName: 'global:admin' };
+
+			/**
+			 * Act
+			 */
+			const response = await testServer
+				.publicApiAgentFor(owner)
+				.patch(`/users/${member.id}/role`)
+				.send(payload);
+
+			/**
+			 * Assert
+			 */
+			expect(response.status).toBe(204);
+			const storedUser = await getUserById(member.id);
+			expect(storedUser.role).toBe(payload.newRoleName);
+		});
+	});
+});
diff --git a/packages/cli/test/integration/publicApi/workflows.test.ts b/packages/cli/test/integration/publicApi/workflows.test.ts
index 855e69e3df12a..5185f3862de89 100644
--- a/packages/cli/test/integration/publicApi/workflows.test.ts
+++ b/packages/cli/test/integration/publicApi/workflows.test.ts
@@ -267,8 +267,30 @@ describe('GET /workflows', () => {
 		}
 	});
 
-	test('should return all user-accessible workflows filtered by `projectId`', async () => {
-		license.setQuota('quota:maxTeamProjects', 2);
+	test('for owner, should return all workflows filtered by `projectId`', async () => {
+		license.setQuota('quota:maxTeamProjects', -1);
+		const firstProject = await Container.get(ProjectService).createTeamProject('First', owner);
+		const secondProject = await Container.get(ProjectService).createTeamProject('Second', member);
+
+		await Promise.all([
+			createWorkflow({ name: 'First workflow' }, firstProject),
+			createWorkflow({ name: 'Second workflow' }, secondProject),
+		]);
+
+		const firstResponse = await authOwnerAgent.get(`/workflows?projectId=${firstProject.id}`);
+		const secondResponse = await authOwnerAgent.get(`/workflows?projectId=${secondProject.id}`);
+
+		expect(firstResponse.statusCode).toBe(200);
+		expect(firstResponse.body.data.length).toBe(1);
+		expect(firstResponse.body.data[0].name).toBe('First workflow');
+
+		expect(secondResponse.statusCode).toBe(200);
+		expect(secondResponse.body.data.length).toBe(1);
+		expect(secondResponse.body.data[0].name).toBe('Second workflow');
+	});
+
+	test('for member, should return all member-accessible workflows filtered by `projectId`', async () => {
+		license.setQuota('quota:maxTeamProjects', -1);
 		const otherProject = await Container.get(ProjectService).createTeamProject(
 			'Other project',
 			member,
@@ -1493,7 +1515,7 @@ describe('PUT /workflows/:id/transfer', () => {
 		 * Arrange
 		 */
 		const firstProject = await createTeamProject('first-project', member);
-		const secondProject = await createTeamProject('secon-project', member);
+		const secondProject = await createTeamProject('second-project', member);
 		const workflow = await createWorkflow({}, firstProject);
 
 		/**
diff --git a/packages/cli/test/integration/shared/db/credentials.ts b/packages/cli/test/integration/shared/db/credentials.ts
index 046d27db261a0..588fee6b51196 100644
--- a/packages/cli/test/integration/shared/db/credentials.ts
+++ b/packages/cli/test/integration/shared/db/credentials.ts
@@ -38,11 +38,24 @@ export async function createManyCredentials(
 	);
 }
 
-export async function createCredentials(attributes: Partial<CredentialsEntity> = emptyAttributes) {
+export async function createCredentials(
+	attributes: Partial<CredentialsEntity> = emptyAttributes,
+	project?: Project,
+) {
 	const credentialsRepository = Container.get(CredentialsRepository);
-	const entity = credentialsRepository.create(attributes);
+	const credentials = await credentialsRepository.save(credentialsRepository.create(attributes));
+
+	if (project) {
+		await Container.get(SharedCredentialsRepository).save(
+			Container.get(SharedCredentialsRepository).create({
+				project,
+				credentials,
+				role: 'credential:owner',
+			}),
+		);
+	}
 
-	return await credentialsRepository.save(entity);
+	return credentials;
 }
 
 /**
diff --git a/packages/cli/test/integration/shared/db/projects.ts b/packages/cli/test/integration/shared/db/projects.ts
index 60548575b362b..3de7de5bb95f9 100644
--- a/packages/cli/test/integration/shared/db/projects.ts
+++ b/packages/cli/test/integration/shared/db/projects.ts
@@ -34,6 +34,10 @@ export const linkUserToProject = async (user: User, project: Project, role: Proj
 	);
 };
 
+export async function getProjectByNameOrFail(name: string) {
+	return await Container.get(ProjectRepository).findOneOrFail({ where: { name } });
+}
+
 export const getPersonalProject = async (user: User): Promise<Project> => {
 	return await Container.get(ProjectRepository).findOneOrFail({
 		where: {
diff --git a/packages/cli/test/integration/shared/db/users.ts b/packages/cli/test/integration/shared/db/users.ts
index f125f5ccded4f..98626bc549d9e 100644
--- a/packages/cli/test/integration/shared/db/users.ts
+++ b/packages/cli/test/integration/shared/db/users.ts
@@ -86,7 +86,11 @@ export async function createOwner({ withApiKey } = { withApiKey: false }) {
 	return await createUser({ role: 'global:owner' });
 }
 
-export async function createMember() {
+export async function createMember({ withApiKey } = { withApiKey: false }) {
+	if (withApiKey) {
+		return await addApiKey(await createUser({ role: 'global:member' }));
+	}
+
 	return await createUser({ role: 'global:member' });
 }
 
diff --git a/packages/cli/test/integration/shared/utils/testCommand.ts b/packages/cli/test/integration/shared/utils/testCommand.ts
index 7a8477c4dd1b8..9592b806c3c75 100644
--- a/packages/cli/test/integration/shared/utils/testCommand.ts
+++ b/packages/cli/test/integration/shared/utils/testCommand.ts
@@ -4,8 +4,11 @@ import { mock } from 'jest-mock-extended';
 
 import type { BaseCommand } from '@/commands/BaseCommand';
 import * as testDb from '../testDb';
-import { TelemetryEventRelay } from '@/telemetry/telemetry-event-relay.service';
+import { TelemetryEventRelay } from '@/events/telemetry-event-relay';
 import { mockInstance } from '@test/mocking';
+import { InternalHooks } from '@/InternalHooks';
+
+mockInstance(InternalHooks);
 
 export const setupTestCommand = <T extends BaseCommand>(Command: Class<T>) => {
 	const config = mock<Config>();
diff --git a/packages/cli/test/integration/shared/utils/testServer.ts b/packages/cli/test/integration/shared/utils/testServer.ts
index 7776b7e669415..319c4e2b588db 100644
--- a/packages/cli/test/integration/shared/utils/testServer.ts
+++ b/packages/cli/test/integration/shared/utils/testServer.ts
@@ -14,7 +14,6 @@ import { PostHogClient } from '@/posthog';
 import { Push } from '@/push';
 import { License } from '@/License';
 import { Logger } from '@/Logger';
-import { InternalHooks } from '@/InternalHooks';
 import { AuthService } from '@/auth/auth.service';
 import type { APIRequest } from '@/requests';
 
@@ -82,7 +81,6 @@ export const setupTestServer = ({
 
 	// Mock all telemetry and logging
 	mockInstance(Logger);
-	mockInstance(InternalHooks);
 	mockInstance(PostHogClient);
 	mockInstance(Push);
 
diff --git a/packages/cli/test/integration/webhooks.api.test.ts b/packages/cli/test/integration/webhooks.api.test.ts
index 64cb760c8ec69..5b61dd98611ac 100644
--- a/packages/cli/test/integration/webhooks.api.test.ts
+++ b/packages/cli/test/integration/webhooks.api.test.ts
@@ -4,7 +4,6 @@ import type { INodeType, INodeTypeDescription, IWebhookFunctions } from 'n8n-wor
 
 import { AbstractServer } from '@/AbstractServer';
 import { ExternalHooks } from '@/ExternalHooks';
-import { InternalHooks } from '@/InternalHooks';
 import { NodeTypes } from '@/NodeTypes';
 import { Push } from '@/push';
 import type { WorkflowEntity } from '@db/entities/WorkflowEntity';
@@ -21,7 +20,6 @@ mockInstance(Telemetry);
 
 describe('Webhook API', () => {
 	mockInstance(ExternalHooks);
-	mockInstance(InternalHooks);
 	mockInstance(Push);
 
 	let agent: SuperAgentTest;
diff --git a/packages/cli/test/unit/webhooks.test.ts b/packages/cli/test/integration/webhooks.test.ts
similarity index 84%
rename from packages/cli/test/unit/webhooks.test.ts
rename to packages/cli/test/integration/webhooks.test.ts
index c891588597ac5..a729f9515818a 100644
--- a/packages/cli/test/unit/webhooks.test.ts
+++ b/packages/cli/test/integration/webhooks.test.ts
@@ -3,15 +3,14 @@ import { agent as testAgent } from 'supertest';
 import { mock } from 'jest-mock-extended';
 
 import { AbstractServer } from '@/AbstractServer';
-import { ActiveWebhooks } from '@/ActiveWebhooks';
+import { LiveWebhooks } from '@/webhooks/LiveWebhooks';
 import { ExternalHooks } from '@/ExternalHooks';
-import { InternalHooks } from '@/InternalHooks';
-import { TestWebhooks } from '@/TestWebhooks';
-import { WaitingWebhooks } from '@/WaitingWebhooks';
+import { TestWebhooks } from '@/webhooks/TestWebhooks';
+import { WaitingWebhooks } from '@/webhooks/WaitingWebhooks';
 import { WaitingForms } from '@/WaitingForms';
-import type { IResponseCallbackData } from '@/Interfaces';
+import type { IWebhookResponseCallbackData } from '@/webhooks/webhook.types';
 
-import { mockInstance } from '../shared/mocking';
+import { mockInstance } from '@test/mocking';
 import { GlobalConfig } from '@n8n/config';
 import Container from 'typedi';
 
@@ -19,11 +18,10 @@ let agent: SuperAgentTest;
 
 describe('WebhookServer', () => {
 	mockInstance(ExternalHooks);
-	mockInstance(InternalHooks);
 
 	describe('CORS', () => {
 		const corsOrigin = 'https://example.com';
-		const activeWebhooks = mockInstance(ActiveWebhooks);
+		const liveWebhooks = mockInstance(LiveWebhooks);
 		const testWebhooks = mockInstance(TestWebhooks);
 		mockInstance(WaitingWebhooks);
 		mockInstance(WaitingForms);
@@ -37,7 +35,7 @@ describe('WebhookServer', () => {
 		});
 
 		const tests = [
-			['webhook', activeWebhooks],
+			['webhook', liveWebhooks],
 			['webhookTest', testWebhooks],
 			// TODO: enable webhookWaiting & waitingForms after CORS support is added
 			// ['webhookWaiting', waitingWebhooks],
@@ -80,7 +78,7 @@ describe('WebhookServer', () => {
 		}
 
 		const mockResponse = (data = {}, headers = {}, status = 200) => {
-			const response = mock<IResponseCallbackData>();
+			const response = mock<IWebhookResponseCallbackData>();
 			response.responseCode = status;
 			response.data = data;
 			response.headers = headers;
diff --git a/packages/cli/test/unit/shared/mockObjects.ts b/packages/cli/test/shared/mockObjects.ts
similarity index 94%
rename from packages/cli/test/unit/shared/mockObjects.ts
rename to packages/cli/test/shared/mockObjects.ts
index e7a165977301f..a8795e8e1013f 100644
--- a/packages/cli/test/unit/shared/mockObjects.ts
+++ b/packages/cli/test/shared/mockObjects.ts
@@ -8,7 +8,7 @@ import {
 	randomEmail,
 	randomName,
 	uniqueId,
-} from '../../integration/shared/random';
+} from '../integration/shared/random';
 
 export const mockCredential = (): CredentialsEntity =>
 	Object.assign(new CredentialsEntity(), randomCredentialPayload());
diff --git a/packages/cli/test/unit/shared/testData.ts b/packages/cli/test/shared/testData.ts
similarity index 100%
rename from packages/cli/test/unit/shared/testData.ts
rename to packages/cli/test/shared/testData.ts
diff --git a/packages/cli/test/unit/Helpers.ts b/packages/cli/test/unit/Helpers.ts
deleted file mode 100644
index 50b9f43489076..0000000000000
--- a/packages/cli/test/unit/Helpers.ts
+++ /dev/null
@@ -1,38 +0,0 @@
-import type { INodeTypeData } from 'n8n-workflow';
-
-/**
- * Ensure all pending promises settle. The promise's `resolve` is placed in
- * the macrotask queue and so called at the next iteration of the event loop
- * after all promises in the microtask queue have settled first.
- */
-export const flushPromises = async () => await new Promise(setImmediate);
-
-export function mockNodeTypesData(
-	nodeNames: string[],
-	options?: {
-		addTrigger?: boolean;
-	},
-) {
-	return nodeNames.reduce<INodeTypeData>((acc, nodeName) => {
-		return (
-			(acc[`n8n-nodes-base.${nodeName}`] = {
-				sourcePath: '',
-				type: {
-					description: {
-						displayName: nodeName,
-						name: nodeName,
-						group: [],
-						description: '',
-						version: 1,
-						defaults: {},
-						inputs: [],
-						outputs: [],
-						properties: [],
-					},
-					trigger: options?.addTrigger ? async () => undefined : undefined,
-				},
-			}),
-			acc
-		);
-	}, {});
-}
diff --git a/packages/cli/test/unit/WebhookHelpers.test.ts b/packages/cli/test/unit/WebhookHelpers.test.ts
deleted file mode 100644
index 391d01b6fcfe4..0000000000000
--- a/packages/cli/test/unit/WebhookHelpers.test.ts
+++ /dev/null
@@ -1,142 +0,0 @@
-import { type Response } from 'express';
-import { mock } from 'jest-mock-extended';
-import { randomString } from 'n8n-workflow';
-import type { IHttpRequestMethods } from 'n8n-workflow';
-
-import type { IWebhookManager, WebhookCORSRequest, WebhookRequest } from '@/Interfaces';
-import { webhookRequestHandler } from '@/WebhookHelpers';
-
-describe('WebhookHelpers', () => {
-	describe('webhookRequestHandler', () => {
-		const webhookManager = mock<Required<IWebhookManager>>();
-		const handler = webhookRequestHandler(webhookManager);
-
-		beforeEach(() => {
-			jest.resetAllMocks();
-		});
-
-		it('should throw for unsupported methods', async () => {
-			const req = mock<WebhookRequest | WebhookCORSRequest>({
-				method: 'CONNECT' as IHttpRequestMethods,
-			});
-			const res = mock<Response>();
-			res.status.mockReturnValue(res);
-
-			await handler(req, res);
-
-			expect(res.status).toHaveBeenCalledWith(500);
-			expect(res.json).toHaveBeenCalledWith({
-				code: 0,
-				message: 'The method CONNECT is not supported.',
-			});
-		});
-
-		describe('preflight requests', () => {
-			it('should handle missing header for requested method', async () => {
-				const req = mock<WebhookRequest | WebhookCORSRequest>({
-					method: 'OPTIONS',
-					headers: {
-						origin: 'https://example.com',
-						'access-control-request-method': undefined,
-					},
-					params: { path: 'test' },
-				});
-				const res = mock<Response>();
-				res.status.mockReturnValue(res);
-
-				webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
-
-				await handler(req, res);
-
-				expect(res.status).toHaveBeenCalledWith(204);
-				expect(res.header).toHaveBeenCalledWith(
-					'Access-Control-Allow-Methods',
-					'OPTIONS, GET, PATCH',
-				);
-			});
-
-			it('should handle default origin and max-age', async () => {
-				const req = mock<WebhookRequest | WebhookCORSRequest>({
-					method: 'OPTIONS',
-					headers: {
-						origin: 'https://example.com',
-						'access-control-request-method': 'GET',
-					},
-					params: { path: 'test' },
-				});
-				const res = mock<Response>();
-				res.status.mockReturnValue(res);
-
-				webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
-
-				await handler(req, res);
-
-				expect(res.status).toHaveBeenCalledWith(204);
-				expect(res.header).toHaveBeenCalledWith(
-					'Access-Control-Allow-Methods',
-					'OPTIONS, GET, PATCH',
-				);
-				expect(res.header).toHaveBeenCalledWith(
-					'Access-Control-Allow-Origin',
-					'https://example.com',
-				);
-				expect(res.header).toHaveBeenCalledWith('Access-Control-Max-Age', '300');
-			});
-
-			it('should handle wildcard origin', async () => {
-				const randomOrigin = randomString(10);
-				const req = mock<WebhookRequest | WebhookCORSRequest>({
-					method: 'OPTIONS',
-					headers: {
-						origin: randomOrigin,
-						'access-control-request-method': 'GET',
-					},
-					params: { path: 'test' },
-				});
-				const res = mock<Response>();
-				res.status.mockReturnValue(res);
-
-				webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
-				webhookManager.findAccessControlOptions.mockResolvedValue({
-					allowedOrigins: '*',
-				});
-
-				await handler(req, res);
-
-				expect(res.status).toHaveBeenCalledWith(204);
-				expect(res.header).toHaveBeenCalledWith(
-					'Access-Control-Allow-Methods',
-					'OPTIONS, GET, PATCH',
-				);
-				expect(res.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', randomOrigin);
-			});
-
-			it('should handle custom origin', async () => {
-				const req = mock<WebhookRequest | WebhookCORSRequest>({
-					method: 'OPTIONS',
-					headers: {
-						origin: 'https://example.com',
-						'access-control-request-method': 'GET',
-					},
-					params: { path: 'test' },
-				});
-				const res = mock<Response>();
-				res.status.mockReturnValue(res);
-
-				webhookManager.getWebhookMethods.mockResolvedValue(['GET', 'PATCH']);
-				webhookManager.findAccessControlOptions.mockResolvedValue({
-					allowedOrigins: 'https://test.com',
-				});
-
-				await handler(req, res);
-
-				expect(res.status).toHaveBeenCalledWith(204);
-				expect(res.header).toHaveBeenCalledWith(
-					'Access-Control-Allow-Methods',
-					'OPTIONS, GET, PATCH',
-				);
-				expect(res.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', 'https://test.com');
-			});
-		});
-	});
-});
diff --git a/packages/core/README.md b/packages/core/README.md
index 0518567fc9bce..ad67d1a3798d6 100644
--- a/packages/core/README.md
+++ b/packages/core/README.md
@@ -10,8 +10,4 @@ npm install n8n-core
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/core/bin/generate-ui-types b/packages/core/bin/generate-ui-types
index 988462d604e08..8cecb6b054d74 100755
--- a/packages/core/bin/generate-ui-types
+++ b/packages/core/bin/generate-ui-types
@@ -33,8 +33,11 @@ function findReferencedMethods(obj, refs = {}, latestName = '') {
 	const knownCredentials = loader.known.credentials;
 	const credentialTypes = Object.values(loader.credentialTypes).map((data) => {
 		const credentialType = data.type;
-		if (knownCredentials[credentialType.name].supportedNodes?.length > 0) {
-			delete credentialType.httpRequestNode;
+		if (
+			knownCredentials[credentialType.name].supportedNodes?.length > 0 &&
+			credentialType.httpRequestNode
+		) {
+			credentialType.httpRequestNode.hidden = true;
 		}
 		return credentialType;
 	});
diff --git a/packages/core/package.json b/packages/core/package.json
index dfcc23db99d92..1f857b47e5ea5 100644
--- a/packages/core/package.json
+++ b/packages/core/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-core",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "description": "Core functionality of n8n",
   "main": "dist/index",
   "types": "dist/index.d.ts",
diff --git a/packages/core/src/InstanceSettings.ts b/packages/core/src/InstanceSettings.ts
index e8ab9aa553223..f75e1df712108 100644
--- a/packages/core/src/InstanceSettings.ts
+++ b/packages/core/src/InstanceSettings.ts
@@ -14,6 +14,8 @@ interface WritableSettings {
 
 type Settings = ReadOnlySettings & WritableSettings;
 
+type InstanceRole = 'unset' | 'leader' | 'follower';
+
 const inTest = process.env.NODE_ENV === 'test';
 
 @Service()
@@ -38,6 +40,25 @@ export class InstanceSettings {
 
 	readonly instanceId = this.generateInstanceId();
 
+	/** Always `leader` in single-main setup. `leader` or `follower` in multi-main setup. */
+	private instanceRole: InstanceRole = 'unset';
+
+	get isLeader() {
+		return this.instanceRole === 'leader';
+	}
+
+	markAsLeader() {
+		this.instanceRole = 'leader';
+	}
+
+	get isFollower() {
+		return this.instanceRole === 'follower';
+	}
+
+	markAsFollower() {
+		this.instanceRole = 'follower';
+	}
+
 	get encryptionKey() {
 		return this.settings.encryptionKey;
 	}
diff --git a/packages/core/src/NodeExecuteFunctions.ts b/packages/core/src/NodeExecuteFunctions.ts
index cf677ba5bd036..f97d86805911f 100644
--- a/packages/core/src/NodeExecuteFunctions.ts
+++ b/packages/core/src/NodeExecuteFunctions.ts
@@ -1342,7 +1342,9 @@ export async function requestOAuth2(
 	// if it's the first time using the credentials, get the access token and save it into the DB.
 	if (
 		credentials.grantType === 'clientCredentials' &&
-		(oauthTokenData === undefined || Object.keys(oauthTokenData).length === 0)
+		(oauthTokenData === undefined ||
+			Object.keys(oauthTokenData).length === 0 ||
+			oauthTokenData.access_token === '') // stub
 	) {
 		const { data } = await oAuthClient.credentials.getToken();
 		// Find the credentials
@@ -3324,7 +3326,7 @@ const getAllowedPaths = () => {
 	return allowedPaths;
 };
 
-function isFilePathBlocked(filePath: string): boolean {
+export function isFilePathBlocked(filePath: string): boolean {
 	const allowedPaths = getAllowedPaths();
 	const resolvedFilePath = path.resolve(filePath);
 	const blockFileAccessToN8nFiles = process.env[BLOCK_FILE_ACCESS_TO_N8N_FILES] !== 'false';
@@ -3340,10 +3342,10 @@ function isFilePathBlocked(filePath: string): boolean {
 		return true;
 	}
 
-	//restrict access to .n8n folder and other .env config related paths
+	//restrict access to .n8n folder, ~/.cache/n8n/public, and other .env config related paths
 	if (blockFileAccessToN8nFiles) {
-		const { n8nFolder } = Container.get(InstanceSettings);
-		const restrictedPaths = [n8nFolder];
+		const { n8nFolder, staticCacheDir } = Container.get(InstanceSettings);
+		const restrictedPaths = [n8nFolder, staticCacheDir];
 
 		if (process.env[CONFIG_FILES]) {
 			restrictedPaths.push(...process.env[CONFIG_FILES].split(','));
diff --git a/packages/core/src/WorkflowExecute.ts b/packages/core/src/WorkflowExecute.ts
index ce17eafa9bb0d..303b46b20aa2f 100644
--- a/packages/core/src/WorkflowExecute.ts
+++ b/packages/core/src/WorkflowExecute.ts
@@ -44,7 +44,7 @@ import {
 	ApplicationError,
 	NodeExecutionOutput,
 	sleep,
-	OBFUSCATED_ERROR_MESSAGE,
+	ErrorReporterProxy,
 } from 'n8n-workflow';
 import get from 'lodash/get';
 import * as NodeExecuteFunctions from './NodeExecuteFunctions';
@@ -1318,12 +1318,30 @@ export class WorkflowExecute {
 						} catch (error) {
 							this.runExecutionData.resultData.lastNodeExecuted = executionData.node.name;
 
-							const message =
-								error instanceof ApplicationError ? error.message : OBFUSCATED_ERROR_MESSAGE;
+							let toReport: Error | undefined;
+							if (error instanceof ApplicationError) {
+								// Report any unhandled errors that were wrapped in by one of our error classes
+								if (error.cause instanceof Error) toReport = error.cause;
+							} else {
+								// Report any unhandled and non-wrapped errors to Sentry
+								toReport = error;
+								// Set obfuscate to true so that the error would be obfuscated in th UI
+								error.obfuscate = true;
+							}
+							if (toReport) {
+								ErrorReporterProxy.error(toReport, {
+									extra: {
+										nodeName: executionNode.name,
+										nodeType: executionNode.type,
+										nodeVersion: executionNode.typeVersion,
+										workflowId: workflow.id,
+									},
+								});
+							}
 
 							const e = error as unknown as ExecutionBaseError;
 
-							executionError = { ...e, message, stack: e.stack };
+							executionError = { ...e, message: e.message, stack: e.stack };
 
 							Logger.debug(`Running node "${executionNode.name}" finished with error`, {
 								node: executionNode.name,
diff --git a/packages/core/test/NodeExecuteFunctions.test.ts b/packages/core/test/NodeExecuteFunctions.test.ts
index 8ff4ca22e59a8..3af9c752f67d1 100644
--- a/packages/core/test/NodeExecuteFunctions.test.ts
+++ b/packages/core/test/NodeExecuteFunctions.test.ts
@@ -4,6 +4,7 @@ import {
 	copyInputItems,
 	ensureType,
 	getBinaryDataBuffer,
+	isFilePathBlocked,
 	parseIncomingMessage,
 	parseRequestObject,
 	proxyRequestToAxios,
@@ -34,6 +35,7 @@ import { join } from 'path';
 import Container from 'typedi';
 import type { Agent } from 'https';
 import toPlainObject from 'lodash/toPlainObject';
+import { InstanceSettings } from '@/InstanceSettings';
 
 const temporaryDir = mkdtempSync(join(tmpdir(), 'n8n'));
 
@@ -663,3 +665,11 @@ describe('NodeExecuteFunctions', () => {
 		});
 	});
 });
+
+describe('isFilePathBlocked', () => {
+	test('should return true for static cache dir', () => {
+		const filePath = Container.get(InstanceSettings).staticCacheDir;
+
+		expect(isFilePathBlocked(filePath)).toBe(true);
+	});
+});
diff --git a/packages/design-system/.storybook/storybook.scss b/packages/design-system/.storybook/storybook.scss
index 86a675f90cff2..16aaf700f403e 100644
--- a/packages/design-system/.storybook/storybook.scss
+++ b/packages/design-system/.storybook/storybook.scss
@@ -15,3 +15,7 @@
 #storybook-root > * {
 	margin: var(--spacing-5xs);
 }
+
+body {
+	padding: 0 !important;
+}
diff --git a/packages/design-system/README.md b/packages/design-system/README.md
index ea69f24524a5b..c43317d077334 100644
--- a/packages/design-system/README.md
+++ b/packages/design-system/README.md
@@ -48,8 +48,4 @@ pnpm watch:theme
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/design-system/package.json b/packages/design-system/package.json
index 9885f9872f2f3..9c04bd801b3af 100644
--- a/packages/design-system/package.json
+++ b/packages/design-system/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-design-system",
-  "version": "1.43.0",
+  "version": "1.44.0",
   "main": "src/main.ts",
   "import": "src/main.ts",
   "scripts": {
@@ -22,9 +22,9 @@
     "@testing-library/jest-dom": "^6.1.5",
     "@testing-library/user-event": "^14.5.1",
     "@testing-library/vue": "^8.0.1",
-    "@types/markdown-it": "^12.2.3",
+    "@types/markdown-it": "^13.0.9",
     "@types/markdown-it-emoji": "^2.0.2",
-    "@types/markdown-it-link-attributes": "^3.0.1",
+    "@types/markdown-it-link-attributes": "^3.0.5",
     "@types/sanitize-html": "^2.11.0",
     "@vitejs/plugin-vue": "^5.0.4",
     "@vitest/coverage-v8": "catalog:frontend",
@@ -45,7 +45,7 @@
     "@fortawesome/free-solid-svg-icons": "^5.15.4",
     "@fortawesome/vue-fontawesome": "^3.0.3",
     "element-plus": "2.4.3",
-    "markdown-it": "^13.0.1",
+    "markdown-it": "^13.0.2",
     "markdown-it-emoji": "^2.0.2",
     "markdown-it-link-attributes": "^4.0.1",
     "markdown-it-task-lists": "^2.1.1",
diff --git a/packages/design-system/src/components/N8nActionBox/ActionBox.vue b/packages/design-system/src/components/N8nActionBox/ActionBox.vue
index 94f2e1376e702..575895ab1585b 100644
--- a/packages/design-system/src/components/N8nActionBox/ActionBox.vue
+++ b/packages/design-system/src/components/N8nActionBox/ActionBox.vue
@@ -15,13 +15,19 @@
 				</slot>
 			</N8nText>
 		</div>
-		<N8nButton
-			v-if="buttonText"
-			:label="buttonText"
-			:type="buttonType"
-			size="large"
-			@click="$emit('click:button', $event)"
-		/>
+		<N8nTooltip :disabled="!buttonDisabled">
+			<template #content>
+				<slot name="disabledButtonTooltip"></slot>
+			</template>
+			<N8nButton
+				v-if="buttonText"
+				:label="buttonText"
+				:type="buttonType"
+				:disabled="buttonDisabled"
+				size="large"
+				@click="$emit('click:button', $event)"
+			/>
+		</N8nTooltip>
 		<N8nCallout
 			v-if="calloutText"
 			:theme="calloutTheme"
@@ -41,12 +47,14 @@ import N8nHeading from '../N8nHeading';
 import N8nText from '../N8nText';
 import N8nCallout, { type CalloutTheme } from '../N8nCallout';
 import type { ButtonType } from 'n8n-design-system/types/button';
+import N8nTooltip from 'n8n-design-system/components/N8nTooltip/Tooltip.vue';
 
 interface ActionBoxProps {
 	emoji: string;
 	heading: string;
 	buttonText: string;
 	buttonType: ButtonType;
+	buttonDisabled?: boolean;
 	description: string;
 	calloutText?: string;
 	calloutTheme?: CalloutTheme;
diff --git a/packages/design-system/src/components/N8nActionBox/__tests__/__snapshots__/ActionBox.spec.ts.snap b/packages/design-system/src/components/N8nActionBox/__tests__/__snapshots__/ActionBox.spec.ts.snap
index 32b699e7d580a..9b56278cddfd8 100644
--- a/packages/design-system/src/components/N8nActionBox/__tests__/__snapshots__/ActionBox.spec.ts.snap
+++ b/packages/design-system/src/components/N8nActionBox/__tests__/__snapshots__/ActionBox.spec.ts.snap
@@ -9,7 +9,9 @@ exports[`N8NActionBox > should render correctly 1`] = `
   <div class="description">
     <n8n-text-stub color="text-base" bold="false" size="medium" compact="false" tag="span"></n8n-text-stub>
   </div>
-  <n8n-button-stub block="false" element="button" label="Do something" square="false" active="false" disabled="false" loading="false" outline="false" size="large" text="false" type="primary"></n8n-button-stub>
+  <n8n-button-stub block="false" element="button" label="Do something" square="false" active="false" disabled="false" loading="false" outline="false" size="large" text="false" type="primary" class="el-tooltip__trigger"></n8n-button-stub>
+  <!--teleport start-->
+  <!--teleport end-->
   <!--v-if-->
 </div>"
 `;
diff --git a/packages/design-system/src/components/N8nActionDropdown/ActionDropdown.vue b/packages/design-system/src/components/N8nActionDropdown/ActionDropdown.vue
index 79a8e883f9fb3..649d4bc570491 100644
--- a/packages/design-system/src/components/N8nActionDropdown/ActionDropdown.vue
+++ b/packages/design-system/src/components/N8nActionDropdown/ActionDropdown.vue
@@ -6,6 +6,7 @@
 			:trigger="trigger"
 			:popper-class="popperClass"
 			:teleported="teleported"
+			:disabled="disabled"
 			@command="onSelect"
 			@visible-change="onVisibleChange"
 		>
@@ -76,6 +77,7 @@ interface ActionDropdownProps {
 	trigger?: (typeof TRIGGER)[number];
 	hideArrow?: boolean;
 	teleported?: boolean;
+	disabled?: boolean;
 }
 
 const props = withDefaults(defineProps<ActionDropdownProps>(), {
@@ -86,6 +88,7 @@ const props = withDefaults(defineProps<ActionDropdownProps>(), {
 	trigger: 'click',
 	hideArrow: false,
 	teleported: true,
+	disabled: false,
 });
 
 const attrs = useAttrs();
diff --git a/packages/design-system/src/components/N8nAvatar/Avatar.vue b/packages/design-system/src/components/N8nAvatar/Avatar.vue
index f7993a84a0038..348af6ed4784a 100644
--- a/packages/design-system/src/components/N8nAvatar/Avatar.vue
+++ b/packages/design-system/src/components/N8nAvatar/Avatar.vue
@@ -1,14 +1,14 @@
 <template>
 	<span :class="['n8n-avatar', $style.container]" v-bind="$attrs">
 		<Avatar
-			v-if="firstName"
+			v-if="name"
 			:size="getSize(size)"
-			:name="firstName + ' ' + lastName"
+			:name="name"
 			variant="marble"
 			:colors="getColors(colors)"
 		/>
-		<div v-else :class="[$style.empty, $style[size]]"></div>
-		<span v-if="firstName" :class="$style.initials">{{ initials }}</span>
+		<span v-else :class="[$style.empty, $style[size]]" />
+		<span v-if="name" :class="$style.initials">{{ initials }}</span>
 	</span>
 </template>
 
@@ -38,7 +38,8 @@ const props = withDefaults(defineProps<AvatarProps>(), {
 	],
 });
 
-const initials = computed(() => getInitials(`${props.firstName} ${props.lastName}`));
+const name = computed(() => `${props.firstName} ${props.lastName}`.trim());
+const initials = computed(() => getInitials(name.value));
 
 const getColors = (colors: string[]): string[] => {
 	const style = getComputedStyle(document.body);
@@ -62,6 +63,7 @@ const getSize = (size: string): number => sizes[size];
 }
 
 .empty {
+	display: block;
 	border-radius: 50%;
 	background-color: var(--color-foreground-dark);
 	opacity: 0.3;
@@ -72,7 +74,8 @@ const getSize = (size: string): number => sizes[size];
 	font-size: var(--font-size-2xs);
 	font-weight: var(--font-weight-bold);
 	color: var(--color-avatar-font);
-	text-shadow: 0px 1px 6px rgba(25, 11, 9, 0.3);
+	text-shadow: 0 1px 6px rgba(25, 11, 9, 0.3);
+	text-transform: uppercase;
 }
 
 .small {
diff --git a/packages/design-system/src/components/N8nAvatar/__tests__/Avatar.test.ts b/packages/design-system/src/components/N8nAvatar/__tests__/Avatar.test.ts
new file mode 100644
index 0000000000000..4fdeef6229795
--- /dev/null
+++ b/packages/design-system/src/components/N8nAvatar/__tests__/Avatar.test.ts
@@ -0,0 +1,25 @@
+import { render } from '@testing-library/vue';
+import N8nAvatar from '../Avatar.vue';
+
+describe('components', () => {
+	describe('N8nAlert', () => {
+		test.each([
+			['Firstname', 'Lastname', 'FL'],
+			['Firstname', undefined, 'Fi'],
+			[undefined, 'Lastname', 'La'],
+			[undefined, undefined, ''],
+			['', '', ''],
+		])('should render initials for name "%s %s" as %s', (firstName, lastName, initials) => {
+			const { container, getByText } = render(N8nAvatar, {
+				props: { firstName, lastName },
+			});
+
+			if (firstName || lastName) {
+				expect(container.querySelector('svg')).toBeVisible();
+				expect(getByText(initials)).toBeVisible();
+			} else {
+				expect(container.querySelector('svg')).not.toBeInTheDocument();
+			}
+		});
+	});
+});
diff --git a/packages/design-system/src/components/N8nFormBox/FormBox.vue b/packages/design-system/src/components/N8nFormBox/FormBox.vue
index ed01219eb914e..7881c4b5c9ba4 100644
--- a/packages/design-system/src/components/N8nFormBox/FormBox.vue
+++ b/packages/design-system/src/components/N8nFormBox/FormBox.vue
@@ -44,7 +44,7 @@ import N8nHeading from '../N8nHeading';
 import N8nLink from '../N8nLink';
 import N8nButton from '../N8nButton';
 import type { IFormInput } from 'n8n-design-system/types';
-import { createEventBus } from '../../utils';
+import { createFormEventBus } from '../../utils';
 
 interface FormBoxProps {
 	title?: string;
@@ -67,7 +67,7 @@ withDefaults(defineProps<FormBoxProps>(), {
 	redirectLink: '',
 });
 
-const formBus = createEventBus();
+const formBus = createFormEventBus();
 const emit = defineEmits<{
 	submit: [value: { [key: string]: Value }];
 	update: [value: { name: string; value: Value }];
diff --git a/packages/design-system/src/components/N8nFormInputs/FormInputs.vue b/packages/design-system/src/components/N8nFormInputs/FormInputs.vue
index 620778cd2cb9d..977a10a88fe16 100644
--- a/packages/design-system/src/components/N8nFormInputs/FormInputs.vue
+++ b/packages/design-system/src/components/N8nFormInputs/FormInputs.vue
@@ -3,12 +3,12 @@ import { computed, onMounted, reactive, ref, watch } from 'vue';
 import N8nFormInput from '../N8nFormInput';
 import type { IFormInput } from '../../types';
 import ResizeObserver from '../ResizeObserver';
-import type { EventBus } from '../../utils';
-import { createEventBus } from '../../utils';
+import type { FormEventBus } from '../../utils';
+import { createFormEventBus } from '../../utils';
 
 export type FormInputsProps = {
 	inputs?: IFormInput[];
-	eventBus?: EventBus;
+	eventBus?: FormEventBus;
 	columnView?: boolean;
 	verticalSpacing?: '' | 'xs' | 's' | 'm' | 'l' | 'xl';
 	teleported?: boolean;
@@ -19,7 +19,7 @@ type Value = string | number | boolean | null | undefined;
 
 const props = withDefaults(defineProps<FormInputsProps>(), {
 	inputs: () => [],
-	eventBus: createEventBus,
+	eventBus: createFormEventBus,
 	columnView: false,
 	verticalSpacing: '',
 	teleported: true,
diff --git a/packages/design-system/src/components/N8nTabs/Tabs.vue b/packages/design-system/src/components/N8nTabs/Tabs.vue
index 1cd2792c9957f..967f08a430701 100644
--- a/packages/design-system/src/components/N8nTabs/Tabs.vue
+++ b/packages/design-system/src/components/N8nTabs/Tabs.vue
@@ -13,7 +13,7 @@
 				:key="option.value"
 				:class="{ [$style.alignRight]: option.align === 'right' }"
 			>
-				<n8n-tooltip :disabled="!option.tooltip" placement="bottom">
+				<N8nTooltip :disabled="!option.tooltip" placement="bottom">
 					<template #content>
 						<div @click="handleTooltipClick(option.value, $event)" v-html="option.tooltip" />
 					</template>
@@ -31,14 +31,14 @@
 							</span>
 						</div>
 					</a>
-					<RouterLink
+					<router-link
 						v-else-if="option.to"
 						:to="option.to"
 						:class="[$style.tab, { [$style.activeTab]: modelValue === option.value }]"
 					>
 						<N8nIcon v-if="option.icon" :icon="option.icon" size="medium" />
 						<span v-if="option.label">{{ option.label }}</span>
-					</RouterLink>
+					</router-link>
 					<div
 						v-else
 						:class="{ [$style.tab]: true, [$style.activeTab]: modelValue === option.value }"
@@ -48,7 +48,7 @@
 						<N8nIcon v-if="option.icon" :icon="option.icon" size="small" />
 						<span v-if="option.label">{{ option.label }}</span>
 					</div>
-				</n8n-tooltip>
+				</N8nTooltip>
 			</div>
 		</div>
 	</div>
diff --git a/packages/design-system/src/css/_tokens.dark.scss b/packages/design-system/src/css/_tokens.dark.scss
index 4c3c078384bd3..15930499e4097 100644
--- a/packages/design-system/src/css/_tokens.dark.scss
+++ b/packages/design-system/src/css/_tokens.dark.scss
@@ -101,6 +101,7 @@
 	--color-pending-resolvable-foreground: var(--color-text-base);
 	--color-pending-resolvable-background: var(--prim-gray-70-alpha-01);
 	--color-expression-editor-background: var(--prim-gray-800);
+	--color-expression-editor-modal-background: var(--prim-gray-800);
 	--color-expression-syntax-example: var(--prim-gray-670);
 	--color-autocomplete-item-selected: var(--prim-color-secondary-tint-200);
 	--color-autocomplete-section-header-border: var(--prim-gray-540);
diff --git a/packages/design-system/src/css/_tokens.scss b/packages/design-system/src/css/_tokens.scss
index 40bf465cfa786..c63c5eb64baf5 100644
--- a/packages/design-system/src/css/_tokens.scss
+++ b/packages/design-system/src/css/_tokens.scss
@@ -135,6 +135,7 @@
 	--color-pending-resolvable-foreground: var(--color-text-base);
 	--color-pending-resolvable-background: var(--prim-gray-40);
 	--color-expression-editor-background: var(--prim-gray-0);
+	--color-expression-editor-modal-background: var(--color-background-base);
 	--color-expression-syntax-example: var(--prim-gray-40);
 	--color-autocomplete-item-selected: var(--color-secondary);
 	--color-autocomplete-section-header-border: var(--color-foreground-light);
diff --git a/packages/design-system/src/css/dropdown.scss b/packages/design-system/src/css/dropdown.scss
index a15d17f0268a4..e3ff966a4fcdf 100644
--- a/packages/design-system/src/css/dropdown.scss
+++ b/packages/design-system/src/css/dropdown.scss
@@ -19,6 +19,14 @@
 		}
 	}
 
+	@include mixins.when(disabled) {
+		.el-tooltip__trigger {
+			opacity: 0.25;
+			cursor: not-allowed;
+			background: unset;
+		}
+	}
+
 	& .el-dropdown__caret-button {
 		padding-left: 5px;
 		padding-right: 5px;
diff --git a/packages/design-system/src/utils/__tests__/event-bus.spec.ts b/packages/design-system/src/utils/__tests__/event-bus.spec.ts
index e403b61008f4e..2fb0735404ee0 100644
--- a/packages/design-system/src/utils/__tests__/event-bus.spec.ts
+++ b/packages/design-system/src/utils/__tests__/event-bus.spec.ts
@@ -14,18 +14,30 @@ describe('createEventBus()', () => {
 
 			expect(handler).toHaveBeenCalled();
 		});
+	});
 
-		it('should return unregister fn', () => {
+	describe('once()', () => {
+		it('should register event handler', () => {
 			const handler = vi.fn();
 			const eventName = 'test';
 
-			const unregister = eventBus.on(eventName, handler);
+			eventBus.once(eventName, handler);
+
+			eventBus.emit(eventName, {});
+
+			expect(handler).toHaveBeenCalled();
+		});
+
+		it('should unregister event handler after first call', () => {
+			const handler = vi.fn();
+			const eventName = 'test';
 
-			unregister();
+			eventBus.once(eventName, handler);
 
+			eventBus.emit(eventName, {});
 			eventBus.emit(eventName, {});
 
-			expect(handler).not.toHaveBeenCalled();
+			expect(handler).toHaveBeenCalledTimes(1);
 		});
 	});
 
diff --git a/packages/design-system/src/utils/event-bus.ts b/packages/design-system/src/utils/event-bus.ts
index f6ffc597f5fd6..eb08228b47afe 100644
--- a/packages/design-system/src/utils/event-bus.ts
+++ b/packages/design-system/src/utils/event-bus.ts
@@ -1,51 +1,84 @@
 // eslint-disable-next-line @typescript-eslint/ban-types
 export type CallbackFn = Function;
-export type UnregisterFn = () => void;
 
-export interface EventBus {
-	on: (eventName: string, fn: CallbackFn) => UnregisterFn;
-	off: (eventName: string, fn: CallbackFn) => void;
-	emit: <T = Event>(eventName: string, event?: T) => void;
-}
+type Payloads<ListenerMap> = {
+	[E in keyof ListenerMap]: unknown;
+};
 
-export function createEventBus(): EventBus {
-	const handlers = new Map<string, CallbackFn[]>();
+type Listener<Payload> = (payload: Payload) => void;
 
-	function off(eventName: string, fn: CallbackFn) {
-		const eventFns = handlers.get(eventName);
+// TODO: Fix all usages of `createEventBus` and convert `any` to `unknown`
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export interface EventBus<ListenerMap extends Payloads<ListenerMap> = Record<string, any>> {
+	on<EventName extends keyof ListenerMap & string>(
+		eventName: EventName,
+		fn: Listener<ListenerMap[EventName]>,
+	): void;
 
-		if (eventFns) {
-			eventFns.splice(eventFns.indexOf(fn) >>> 0, 1);
-		}
-	}
+	once<EventName extends keyof ListenerMap & string>(
+		eventName: EventName,
+		fn: Listener<ListenerMap[EventName]>,
+	): void;
 
-	function on(eventName: string, fn: CallbackFn): UnregisterFn {
-		let eventFns = handlers.get(eventName);
+	off<EventName extends keyof ListenerMap & string>(
+		eventName: EventName,
+		fn: Listener<ListenerMap[EventName]>,
+	): void;
 
-		if (!eventFns) {
-			eventFns = [fn];
-		} else {
-			eventFns.push(fn);
-		}
+	emit<EventName extends keyof ListenerMap & string>(
+		eventName: EventName,
+		event?: ListenerMap[EventName],
+	): void;
+}
 
-		handlers.set(eventName, eventFns);
+/**
+ * Creates an event bus with the given listener map.
+ *
+ * @example
+ * ```ts
+ * const eventBus = createEventBus<{
+ *   'user-logged-in': { username: string };
+ *   'user-logged-out': never;
+ * }>();
+ */
+export function createEventBus<
+	// TODO: Fix all usages of `createEventBus` and convert `any` to `unknown`
+	// eslint-disable-next-line @typescript-eslint/no-explicit-any
+	ListenerMap extends Payloads<ListenerMap> = Record<string, any>,
+>(): EventBus<ListenerMap> {
+	const handlers = new Map<string, CallbackFn[]>();
 
-		return () => off(eventName, fn);
-	}
+	return {
+		on(eventName, fn) {
+			let eventFns = handlers.get(eventName);
+			if (!eventFns) {
+				eventFns = [fn];
+			} else {
+				eventFns.push(fn);
+			}
+			handlers.set(eventName, eventFns);
+		},
 
-	function emit<T = Event>(eventName: string, event?: T) {
-		const eventFns = handlers.get(eventName);
+		once(eventName, fn) {
+			const handler: typeof fn = (payload) => {
+				this.off(eventName, handler);
+				fn(payload);
+			};
+			this.on(eventName, handler);
+		},
 
-		if (eventFns) {
-			eventFns.slice().forEach(async (handler) => {
-				await handler(event);
-			});
-		}
-	}
+		off(eventName, fn) {
+			const eventFns = handlers.get(eventName);
+			if (eventFns) {
+				eventFns.splice(eventFns.indexOf(fn) >>> 0, 1);
+			}
+		},
 
-	return {
-		on,
-		off,
-		emit,
+		emit(eventName, event) {
+			const eventFns = handlers.get(eventName);
+			if (eventFns) {
+				eventFns.slice().forEach((handler) => handler(event));
+			}
+		},
 	};
 }
diff --git a/packages/design-system/src/utils/form-event-bus.ts b/packages/design-system/src/utils/form-event-bus.ts
new file mode 100644
index 0000000000000..5b518c8a4233d
--- /dev/null
+++ b/packages/design-system/src/utils/form-event-bus.ts
@@ -0,0 +1,12 @@
+import { createEventBus } from './event-bus';
+
+export interface FormEventBusEvents {
+	submit: never;
+}
+
+export type FormEventBus = ReturnType<typeof createFormEventBus>;
+
+/**
+ * Creates a new event bus to be used with the `FormInputs` component.
+ */
+export const createFormEventBus = createEventBus<FormEventBusEvents>;
diff --git a/packages/design-system/src/utils/index.ts b/packages/design-system/src/utils/index.ts
index a6948fc0063cc..be6ddc63754b0 100644
--- a/packages/design-system/src/utils/index.ts
+++ b/packages/design-system/src/utils/index.ts
@@ -1,4 +1,5 @@
 export * from './event-bus';
+export * from './form-event-bus';
 export * from './markdown';
 export * from './typeguards';
 export * from './uid';
diff --git a/packages/editor-ui/README.md b/packages/editor-ui/README.md
index c8583ffbbdd31..75b8026fb8bae 100644
--- a/packages/editor-ui/README.md
+++ b/packages/editor-ui/README.md
@@ -56,8 +56,4 @@ See [Configuration Reference](https://cli.vuejs.org/config/).
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/editor-ui/package.json b/packages/editor-ui/package.json
index caf156fa83c9e..956f5b361a4de 100644
--- a/packages/editor-ui/package.json
+++ b/packages/editor-ui/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-editor-ui",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "description": "Workflow Editor UI for n8n",
   "main": "index.js",
   "scripts": {
@@ -70,7 +70,7 @@
     "vue-chartjs": "^5.2.0",
     "vue-i18n": "^9.2.2",
     "vue-json-pretty": "2.2.4",
-    "vue-markdown-render": "^2.0.1",
+    "vue-markdown-render": "catalog:frontend",
     "vue-router": "^4.2.2",
     "vue3-touch-events": "^4.1.3",
     "xss": "^1.0.14"
diff --git a/packages/editor-ui/src/Interface.ts b/packages/editor-ui/src/Interface.ts
index 770cfe2298238..986336a396d64 100644
--- a/packages/editor-ui/src/Interface.ts
+++ b/packages/editor-ui/src/Interface.ts
@@ -207,19 +207,6 @@ export interface ITableData {
 	hasJson: { [key: string]: boolean };
 }
 
-export interface IVariableItemSelected {
-	variable: string;
-}
-
-export interface IVariableSelectorOption {
-	name: string;
-	key?: string;
-	value?: string;
-	options?: IVariableSelectorOption[] | null;
-	allowParentSelect?: boolean;
-	dataType?: string;
-}
-
 // Simple version of n8n-workflow.Workflow
 export interface IWorkflowData {
 	id?: string;
@@ -1564,6 +1551,11 @@ export declare namespace DynamicNodeParameters {
 	interface ResourceMapperFieldsRequest extends BaseRequest {
 		methodName: string;
 	}
+
+	interface ActionResultRequest extends BaseRequest {
+		handler: string;
+		payload: IDataObject | string | undefined;
+	}
 }
 
 export interface EnvironmentVariable {
@@ -1808,8 +1800,8 @@ export type AddedNode = {
 } & Partial<INodeUi>;
 
 export type AddedNodeConnection = {
-	from: { nodeIndex: number; outputIndex?: number };
-	to: { nodeIndex: number; inputIndex?: number };
+	from: { nodeIndex: number; outputIndex?: number; type?: NodeConnectionType };
+	to: { nodeIndex: number; inputIndex?: number; type?: NodeConnectionType };
 };
 
 export type AddedNodesAndConnections = {
diff --git a/packages/editor-ui/src/api/mfa.ts b/packages/editor-ui/src/api/mfa.ts
index dcc5d2131399e..09cfb84df40bf 100644
--- a/packages/editor-ui/src/api/mfa.ts
+++ b/packages/editor-ui/src/api/mfa.ts
@@ -18,6 +18,10 @@ export async function verifyMfaToken(
 	return await makeRestApiRequest(context, 'POST', '/mfa/verify', data);
 }
 
-export async function disableMfa(context: IRestApiContext): Promise<void> {
-	return await makeRestApiRequest(context, 'DELETE', '/mfa/disable');
+export type DisableMfaParams = {
+	token: string;
+};
+
+export async function disableMfa(context: IRestApiContext, data: DisableMfaParams): Promise<void> {
+	return await makeRestApiRequest(context, 'POST', '/mfa/disable', data);
 }
diff --git a/packages/editor-ui/src/api/nodeTypes.ts b/packages/editor-ui/src/api/nodeTypes.ts
index 300b25390d121..f4d516aaeff82 100644
--- a/packages/editor-ui/src/api/nodeTypes.ts
+++ b/packages/editor-ui/src/api/nodeTypes.ts
@@ -5,6 +5,7 @@ import type {
 	INodePropertyOptions,
 	INodeTypeDescription,
 	INodeTypeNameVersion,
+	NodeParameterValueType,
 	ResourceMapperFields,
 } from 'n8n-workflow';
 import axios from 'axios';
@@ -57,3 +58,15 @@ export async function getResourceMapperFields(
 		sendData,
 	);
 }
+
+export async function getNodeParameterActionResult(
+	context: IRestApiContext,
+	sendData: DynamicNodeParameters.ActionResultRequest,
+): Promise<NodeParameterValueType> {
+	return await makeRestApiRequest(
+		context,
+		'POST',
+		'/dynamic-node-parameters/action-result',
+		sendData,
+	);
+}
diff --git a/packages/editor-ui/src/api/users.ts b/packages/editor-ui/src/api/users.ts
index 0085baadc1a99..bb730c671c70a 100644
--- a/packages/editor-ui/src/api/users.ts
+++ b/packages/editor-ui/src/api/users.ts
@@ -116,9 +116,15 @@ export async function updateOtherUserSettings(
 	return await makeRestApiRequest(context, 'PATCH', `/users/${userId}/settings`, settings);
 }
 
+export type UpdateUserPasswordParams = {
+	newPassword: string;
+	currentPassword: string;
+	mfaCode?: string;
+};
+
 export async function updateCurrentUserPassword(
 	context: IRestApiContext,
-	params: { newPassword: string; currentPassword: string },
+	params: UpdateUserPasswordParams,
 ): Promise<void> {
 	return await makeRestApiRequest(context, 'PATCH', '/me/password', params);
 }
diff --git a/packages/editor-ui/src/components/AboutModal.vue b/packages/editor-ui/src/components/AboutModal.vue
index 1aeeed0fb5715..8552044e4b30b 100644
--- a/packages/editor-ui/src/components/AboutModal.vue
+++ b/packages/editor-ui/src/components/AboutModal.vue
@@ -29,7 +29,7 @@
 						<n8n-text>{{ $locale.baseText('about.license') }}</n8n-text>
 					</el-col>
 					<el-col :span="16">
-						<n8n-link to="https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md">
+						<n8n-link to="https://github.com/n8n-io/n8n/blob/master/LICENSE.md">
 							{{ $locale.baseText('about.n8nLicense') }}
 						</n8n-link>
 					</el-col>
diff --git a/packages/editor-ui/src/components/ButtonParameter/ButtonParameter.vue b/packages/editor-ui/src/components/ButtonParameter/ButtonParameter.vue
new file mode 100644
index 0000000000000..d7e05b0f5bf85
--- /dev/null
+++ b/packages/editor-ui/src/components/ButtonParameter/ButtonParameter.vue
@@ -0,0 +1,281 @@
+<script setup lang="ts">
+import { ApplicationError, type INodeProperties, type NodePropertyAction } from 'n8n-workflow';
+import type { INodeUi, IUpdateInformation } from '@/Interface';
+import { ref, computed, onMounted } from 'vue';
+import { N8nButton, N8nInput, N8nTooltip } from 'n8n-design-system/components';
+import { useI18n } from '@/composables/useI18n';
+import { useToast } from '@/composables/useToast';
+import { useNDVStore } from '@/stores/ndv.store';
+import { getSchemas, getParentNodes } from './utils';
+import { ASK_AI_EXPERIMENT } from '@/constants';
+import { usePostHog } from '@/stores/posthog.store';
+import { useRootStore } from '@/stores/root.store';
+import { generateCodeForPrompt } from '@/api/ai';
+
+import { format } from 'prettier';
+import jsParser from 'prettier/plugins/babel';
+import * as estree from 'prettier/plugins/estree';
+
+const emit = defineEmits<{
+	valueChanged: [value: IUpdateInformation];
+}>();
+
+const props = defineProps<{
+	parameter: INodeProperties;
+	value: string;
+	path: string;
+}>();
+
+const posthog = usePostHog();
+const rootStore = useRootStore();
+
+const i18n = useI18n();
+
+const isLoading = ref(false);
+const prompt = ref(props.value);
+const parentNodes = ref<INodeUi[]>([]);
+
+const hasExecutionData = computed(() => (useNDVStore().ndvInputData || []).length > 0);
+const hasInputField = computed(() => props.parameter.typeOptions?.buttonConfig?.hasInputField);
+const inputFieldMaxLength = computed(
+	() => props.parameter.typeOptions?.buttonConfig?.inputFieldMaxLength,
+);
+const buttonLabel = computed(
+	() => props.parameter.typeOptions?.buttonConfig?.label ?? props.parameter.displayName,
+);
+const isSubmitEnabled = computed(() => {
+	if (!hasExecutionData.value) return false;
+	if (!prompt.value) return false;
+
+	const maxlength = inputFieldMaxLength.value;
+	if (maxlength && prompt.value.length > maxlength) return false;
+
+	return true;
+});
+
+function startLoading() {
+	isLoading.value = true;
+}
+
+function stopLoading() {
+	setTimeout(() => {
+		isLoading.value = false;
+	}, 200);
+}
+
+function getPath(parameter: string) {
+	return (props.path ? `${props.path}.` : '') + parameter;
+}
+
+function createPrompt(prompt: string) {
+	return `
+Important! The original input must remain unchanged. If there is a risk of modifying the original input, create a copy of it before making any changes. Use appropriate methods to ensure that the properties of objects are not directly altered.
+
+Always return an array
+
+${prompt}
+`;
+}
+
+async function onSubmit() {
+	const { activeNode } = useNDVStore();
+	const { showMessage } = useToast();
+	const action: string | NodePropertyAction | undefined =
+		props.parameter.typeOptions?.buttonConfig?.action;
+
+	if (!action || !activeNode) return;
+
+	if (typeof action === 'string') {
+		switch (action) {
+			default:
+				return;
+		}
+	}
+
+	emit('valueChanged', {
+		name: getPath(props.parameter.name),
+		value: prompt.value,
+	});
+
+	const { type, target } = action;
+
+	startLoading();
+
+	try {
+		const schemas = getSchemas();
+		const version = rootStore.versionCli;
+		const model =
+			usePostHog().getVariant(ASK_AI_EXPERIMENT.name) === ASK_AI_EXPERIMENT.gpt4
+				? 'gpt-4'
+				: 'gpt-3.5-turbo-16k';
+
+		const payload = {
+			question: createPrompt(prompt.value),
+			context: {
+				schema: schemas.parentNodesSchemas,
+				inputSchema: schemas.inputSchema!,
+				ndvPushRef: useNDVStore().pushRef,
+				pushRef: rootStore.pushRef,
+			},
+			model,
+			n8nVersion: version,
+		};
+		switch (type) {
+			case 'askAiCodeGeneration':
+				let value;
+				if (posthog.isAiEnabled()) {
+					const { restApiContext } = useRootStore();
+					const { code } = await generateCodeForPrompt(restApiContext, payload);
+					value = code;
+				} else {
+					throw new ApplicationError('AI code generation is not enabled');
+				}
+
+				if (value === undefined) return;
+
+				const formattedCode = await format(String(value), {
+					parser: 'babel',
+					plugins: [jsParser, estree],
+				});
+
+				const updateInformation = {
+					name: getPath(target as string),
+					value: formattedCode,
+				};
+
+				emit('valueChanged', updateInformation);
+				break;
+			default:
+				return;
+		}
+
+		showMessage({
+			type: 'success',
+			title: i18n.baseText('codeNodeEditor.askAi.generationCompleted'),
+		});
+
+		stopLoading();
+	} catch (error) {
+		showMessage({
+			type: 'error',
+			title: i18n.baseText('codeNodeEditor.askAi.generationFailed'),
+			message: error.message,
+		});
+		stopLoading();
+	}
+}
+
+function onPromptInput(inputValue: string) {
+	prompt.value = inputValue;
+	emit('valueChanged', {
+		name: getPath(props.parameter.name),
+		value: inputValue,
+	});
+}
+
+onMounted(() => {
+	parentNodes.value = getParentNodes();
+});
+</script>
+
+<template>
+	<div>
+		<n8n-input-label
+			v-if="hasInputField"
+			:label="i18n.nodeText().inputLabelDisplayName(parameter, path)"
+			:tooltip-text="i18n.nodeText().inputLabelDescription(parameter, path)"
+			:bold="false"
+			size="small"
+			color="text-dark"
+		>
+		</n8n-input-label>
+		<div :class="$style.inputContainer" :hidden="!hasInputField">
+			<div :class="$style.meta">
+				<span
+					v-if="inputFieldMaxLength"
+					v-show="prompt.length > 1"
+					:class="$style.counter"
+					v-text="`${prompt.length} / ${inputFieldMaxLength}`"
+				/>
+			</div>
+			<N8nInput
+				v-model="prompt"
+				:class="$style.input"
+				style="border: 1px solid var(--color-foreground-base)"
+				type="textarea"
+				:rows="6"
+				:maxlength="inputFieldMaxLength"
+				:placeholder="parameter.placeholder"
+				@input="onPromptInput"
+			/>
+		</div>
+		<div :class="$style.controls">
+			<N8nTooltip :disabled="isSubmitEnabled">
+				<div>
+					<N8nButton
+						:disabled="!isSubmitEnabled"
+						size="small"
+						:loading="isLoading"
+						type="secondary"
+						@click="onSubmit"
+					>
+						{{ buttonLabel }}
+					</N8nButton>
+				</div>
+				<template #content>
+					<span
+						v-if="!hasExecutionData"
+						v-text="i18n.baseText('codeNodeEditor.askAi.noInputData')"
+					/>
+					<span
+						v-else-if="prompt.length === 0"
+						v-text="i18n.baseText('codeNodeEditor.askAi.noPrompt')"
+					/>
+				</template>
+			</N8nTooltip>
+		</div>
+	</div>
+</template>
+
+<style module lang="scss">
+.input * {
+	border: 0 !important;
+}
+.input textarea {
+	font-size: var(--font-size-2xs);
+	padding-bottom: var(--spacing-2xl);
+	font-family: var(--font-family);
+	resize: none;
+}
+.intro {
+	font-weight: var(--font-weight-bold);
+	font-size: var(--font-size-2xs);
+	color: var(--color-text-dark);
+	padding: var(--spacing-2xs) 0 0;
+}
+.inputContainer {
+	position: relative;
+}
+.meta {
+	display: flex;
+	justify-content: space-between;
+	position: absolute;
+	bottom: var(--spacing-2xs);
+	left: var(--spacing-xs);
+	right: var(--spacing-xs);
+	z-index: 1;
+
+	* {
+		font-size: var(--font-size-2xs);
+		line-height: 1;
+	}
+}
+.counter {
+	color: var(--color-text-light);
+}
+.controls {
+	padding: var(--spacing-2xs) 0;
+	display: flex;
+	justify-content: flex-end;
+}
+</style>
diff --git a/packages/editor-ui/src/components/ButtonParameter/utils.ts b/packages/editor-ui/src/components/ButtonParameter/utils.ts
new file mode 100644
index 0000000000000..14d3ca4d78334
--- /dev/null
+++ b/packages/editor-ui/src/components/ButtonParameter/utils.ts
@@ -0,0 +1,46 @@
+import type { Schema } from '@/Interface';
+import type { INodeExecutionData } from 'n8n-workflow';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import { useNDVStore } from '@/stores/ndv.store';
+import { useDataSchema } from '@/composables/useDataSchema';
+import { executionDataToJson } from '@/utils/nodeTypesUtils';
+
+export function getParentNodes() {
+	const activeNode = useNDVStore().activeNode;
+	const { getCurrentWorkflow, getNodeByName } = useWorkflowsStore();
+	const workflow = getCurrentWorkflow();
+
+	if (!activeNode || !workflow) return [];
+
+	return workflow
+		.getParentNodesByDepth(activeNode?.name)
+		.filter(({ name }, i, nodes) => {
+			return name !== activeNode.name && nodes.findIndex((node) => node.name === name) === i;
+		})
+		.map((n) => getNodeByName(n.name))
+		.filter((n) => n !== null);
+}
+
+export function getSchemas() {
+	const parentNodes = getParentNodes();
+	const parentNodesNames = parentNodes.map((node) => node?.name);
+	const { getSchemaForExecutionData, getInputDataWithPinned } = useDataSchema();
+	const parentNodesSchemas: Array<{ nodeName: string; schema: Schema }> = parentNodes
+		.map((node) => {
+			const inputData: INodeExecutionData[] = getInputDataWithPinned(node);
+
+			return {
+				nodeName: node?.name || '',
+				schema: getSchemaForExecutionData(executionDataToJson(inputData), true),
+			};
+		})
+		.filter((node) => node.schema?.value.length > 0);
+
+	const inputSchema = parentNodesSchemas.shift();
+
+	return {
+		parentNodesNames,
+		inputSchema,
+		parentNodesSchemas,
+	};
+}
diff --git a/packages/editor-ui/src/components/ChangePasswordModal.vue b/packages/editor-ui/src/components/ChangePasswordModal.vue
index 978ec9cedb830..24de3b5dfb18c 100644
--- a/packages/editor-ui/src/components/ChangePasswordModal.vue
+++ b/packages/editor-ui/src/components/ChangePasswordModal.vue
@@ -1,7 +1,7 @@
 <template>
 	<Modal
 		:name="CHANGE_PASSWORD_MODAL_KEY"
-		:title="$locale.baseText('auth.changePassword')"
+		:title="i18n.baseText('auth.changePassword')"
 		:center="true"
 		width="460px"
 		:event-bus="modalBus"
@@ -19,7 +19,7 @@
 		<template #footer>
 			<n8n-button
 				:loading="loading"
-				:label="$locale.baseText('auth.changePassword')"
+				:label="i18n.baseText('auth.changePassword')"
 				float="right"
 				data-test-id="change-password-button"
 				@click="onSubmitClick"
@@ -28,127 +28,135 @@
 	</Modal>
 </template>
 
-<script lang="ts">
-import { defineComponent } from 'vue';
-
-import { CHANGE_PASSWORD_MODAL_KEY } from '../constants';
+<script setup lang="ts">
+import { ref, onMounted } from 'vue';
 import { useToast } from '@/composables/useToast';
+import { CHANGE_PASSWORD_MODAL_KEY } from '../constants';
 import Modal from '@/components/Modal.vue';
-import type { IFormInputs } from '@/Interface';
-import { mapStores } from 'pinia';
 import { useUsersStore } from '@/stores/users.store';
 import { createEventBus } from 'n8n-design-system/utils';
+import type { IFormInputs, IFormInput } from '@/Interface';
+import { useI18n } from '@/composables/useI18n';
 
-export default defineComponent({
-	name: 'ChangePasswordModal',
-	components: { Modal },
-	props: {
-		modalName: {
-			type: String,
-		},
-	},
-	setup() {
-		return {
-			...useToast(),
-		};
-	},
-	data() {
+const config = ref<IFormInputs | null>(null);
+const formBus = createEventBus();
+const modalBus = createEventBus();
+const password = ref('');
+const loading = ref(false);
+
+const i18n = useI18n();
+const { showMessage, showError } = useToast();
+const usersStore = useUsersStore();
+
+const passwordsMatch = (value: string | number | boolean | null | undefined) => {
+	if (typeof value !== 'string') {
+		return false;
+	}
+
+	if (value !== password.value) {
 		return {
-			config: null as null | IFormInputs,
-			formBus: createEventBus(),
-			modalBus: createEventBus(),
-			password: '',
-			loading: false,
-			CHANGE_PASSWORD_MODAL_KEY,
+			messageKey: 'auth.changePassword.passwordsMustMatchError',
 		};
-	},
-	computed: {
-		...mapStores(useUsersStore),
-	},
-	mounted() {
-		const form: IFormInputs = [
-			{
-				name: 'currentPassword',
-				properties: {
-					label: this.$locale.baseText('auth.changePassword.currentPassword'),
-					type: 'password',
-					required: true,
-					autocomplete: 'current-password',
-					capitalize: true,
-					focusInitially: true,
-				},
+	}
+
+	return false;
+};
+
+const onInput = (e: { name: string; value: string }) => {
+	if (e.name === 'password') {
+		password.value = e.value;
+	}
+};
+
+const onSubmit = async (values: {
+	currentPassword: string;
+	password: string;
+	mfaCode?: string;
+}) => {
+	try {
+		loading.value = true;
+		await usersStore.updateCurrentUserPassword({
+			currentPassword: values.currentPassword,
+			newPassword: values.password,
+			mfaCode: values.mfaCode,
+		});
+
+		showMessage({
+			type: 'success',
+			title: i18n.baseText('auth.changePassword.passwordUpdated'),
+			message: i18n.baseText('auth.changePassword.passwordUpdatedMessage'),
+		});
+
+		modalBus.emit('close');
+	} catch (error) {
+		showError(error, i18n.baseText('auth.changePassword.error'));
+	} finally {
+		loading.value = false;
+	}
+};
+
+const onSubmitClick = () => {
+	formBus.emit('submit');
+};
+
+onMounted(() => {
+	const inputs: Record<string, IFormInput> = {
+		currentPassword: {
+			name: 'currentPassword',
+			properties: {
+				label: i18n.baseText('auth.changePassword.currentPassword'),
+				type: 'password',
+				required: true,
+				autocomplete: 'current-password',
+				capitalize: true,
+				focusInitially: true,
 			},
-			{
-				name: 'password',
-				properties: {
-					label: this.$locale.baseText('auth.newPassword'),
-					type: 'password',
-					required: true,
-					validationRules: [{ name: 'DEFAULT_PASSWORD_RULES' }],
-					infoText: this.$locale.baseText('auth.defaultPasswordRequirements'),
-					autocomplete: 'new-password',
-					capitalize: true,
-				},
+		},
+		mfaCode: {
+			name: 'mfaCode',
+			properties: {
+				label: i18n.baseText('auth.changePassword.mfaCode'),
+				type: 'text',
+				required: true,
+				capitalize: true,
 			},
-			{
-				name: 'password2',
-				properties: {
-					label: this.$locale.baseText('auth.changePassword.reenterNewPassword'),
-					type: 'password',
-					required: true,
-					validators: {
-						TWO_PASSWORDS_MATCH: {
-							validate: this.passwordsMatch,
-						},
+		},
+		newPassword: {
+			name: 'password',
+			properties: {
+				label: i18n.baseText('auth.newPassword'),
+				type: 'password',
+				required: true,
+				validationRules: [{ name: 'DEFAULT_PASSWORD_RULES' }],
+				infoText: i18n.baseText('auth.defaultPasswordRequirements'),
+				autocomplete: 'new-password',
+				capitalize: true,
+			},
+		},
+		newPasswordAgain: {
+			name: 'password2',
+			properties: {
+				label: i18n.baseText('auth.changePassword.reenterNewPassword'),
+				type: 'password',
+				required: true,
+				validators: {
+					TWO_PASSWORDS_MATCH: {
+						validate: passwordsMatch,
 					},
-					validationRules: [{ name: 'TWO_PASSWORDS_MATCH' }],
-					autocomplete: 'new-password',
-					capitalize: true,
 				},
+				validationRules: [{ name: 'TWO_PASSWORDS_MATCH' }],
+				autocomplete: 'new-password',
+				capitalize: true,
 			},
-		];
-
-		this.config = form;
-	},
-	methods: {
-		passwordsMatch(value: string | number | boolean | null | undefined) {
-			if (typeof value !== 'string') {
-				return false;
-			}
-
-			if (value !== this.password) {
-				return {
-					messageKey: 'auth.changePassword.passwordsMustMatchError',
-				};
-			}
-
-			return false;
-		},
-		onInput(e: { name: string; value: string }) {
-			if (e.name === 'password') {
-				this.password = e.value;
-			}
 		},
-		async onSubmit(values: { currentPassword: string; password: string }) {
-			try {
-				this.loading = true;
-				await this.usersStore.updateCurrentUserPassword(values);
+	};
 
-				this.showMessage({
-					type: 'success',
-					title: this.$locale.baseText('auth.changePassword.passwordUpdated'),
-					message: this.$locale.baseText('auth.changePassword.passwordUpdatedMessage'),
-				});
+	const { currentUser } = usersStore;
 
-				this.modalBus.emit('close');
-			} catch (error) {
-				this.showError(error, this.$locale.baseText('auth.changePassword.error'));
-			}
-			this.loading = false;
-		},
-		onSubmitClick() {
-			this.formBus.emit('submit');
-		},
-	},
+	const form: IFormInputs = currentUser?.mfaEnabled
+		? [inputs.currentPassword, inputs.mfaCode, inputs.newPassword, inputs.newPasswordAgain]
+		: [inputs.currentPassword, inputs.newPassword, inputs.newPasswordAgain];
+
+	config.value = form;
 });
 </script>
diff --git a/packages/editor-ui/src/components/CodeNodeEditor/CodeNodeEditor.vue b/packages/editor-ui/src/components/CodeNodeEditor/CodeNodeEditor.vue
index d59a13e98ee60..f4ba1febf2471 100644
--- a/packages/editor-ui/src/components/CodeNodeEditor/CodeNodeEditor.vue
+++ b/packages/editor-ui/src/components/CodeNodeEditor/CodeNodeEditor.vue
@@ -60,13 +60,12 @@ import jsParser from 'prettier/plugins/babel';
 import * as estree from 'prettier/plugins/estree';
 import { type Ref, computed, nextTick, onBeforeUnmount, onMounted, ref, watch } from 'vue';
 
-import { ASK_AI_EXPERIMENT, CODE_NODE_TYPE } from '@/constants';
+import { CODE_NODE_TYPE } from '@/constants';
 import { codeNodeEditorEventBus } from '@/event-bus';
 import { useRootStore } from '@/stores/root.store';
 import { usePostHog } from '@/stores/posthog.store';
 
 import { useMessage } from '@/composables/useMessage';
-import { useSettingsStore } from '@/stores/settings.store';
 import AskAI from './AskAI/AskAI.vue';
 import { readOnlyEditorExtensions, writableEditorExtensions } from './baseExtensions';
 import { useCompleter } from './completer';
@@ -114,7 +113,6 @@ const { autocompletionExtension } = useCompleter(() => props.mode, editor);
 const { createLinter } = useLinter(() => props.mode, editor);
 
 const rootStore = useRootStore();
-const settingsStore = useSettingsStore();
 const posthog = usePostHog();
 const i18n = useI18n();
 const telemetry = useTelemetry();
@@ -191,13 +189,7 @@ onBeforeUnmount(() => {
 });
 
 const aiEnabled = computed(() => {
-	const isAiExperimentEnabled = [ASK_AI_EXPERIMENT.gpt3, ASK_AI_EXPERIMENT.gpt4].includes(
-		(posthog.getVariant(ASK_AI_EXPERIMENT.name) ?? '') as string,
-	);
-
-	return (
-		isAiExperimentEnabled && settingsStore.settings.ai.enabled && props.language === 'javaScript'
-	);
+	return posthog.isAiEnabled() && props.language === 'javaScript';
 });
 
 const placeholder = computed(() => {
diff --git a/packages/editor-ui/src/components/CredentialCard.vue b/packages/editor-ui/src/components/CredentialCard.vue
index d9ac12ffd9a54..33ffefa37811f 100644
--- a/packages/editor-ui/src/components/CredentialCard.vue
+++ b/packages/editor-ui/src/components/CredentialCard.vue
@@ -5,7 +5,7 @@ import type { ICredentialsResponse } from '@/Interface';
 import { MODAL_CONFIRM, PROJECT_MOVE_RESOURCE_MODAL } from '@/constants';
 import { useMessage } from '@/composables/useMessage';
 import CredentialIcon from '@/components/CredentialIcon.vue';
-import { getCredentialPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import { useUIStore } from '@/stores/ui.store';
 import { useCredentialsStore } from '@/stores/credentials.store';
 import TimeAgo from '@/components/TimeAgo.vue';
@@ -48,7 +48,7 @@ const projectsStore = useProjectsStore();
 
 const resourceTypeLabel = computed(() => locale.baseText('generic.credential').toLowerCase());
 const credentialType = computed(() => credentialsStore.getCredentialTypeByName(props.data.type));
-const credentialPermissions = computed(() => getCredentialPermissions(props.data));
+const credentialPermissions = computed(() => getResourcePermissions(props.data.scopes).credential);
 const actions = computed(() => {
 	const items = [
 		{
diff --git a/packages/editor-ui/src/components/CredentialEdit/CredentialConfig.vue b/packages/editor-ui/src/components/CredentialEdit/CredentialConfig.vue
index 1bfda209de447..ca79b07f836dd 100644
--- a/packages/editor-ui/src/components/CredentialEdit/CredentialConfig.vue
+++ b/packages/editor-ui/src/components/CredentialEdit/CredentialConfig.vue
@@ -172,14 +172,13 @@ import EnterpriseEdition from '@/components/EnterpriseEdition.ee.vue';
 import { useI18n } from '@/composables/useI18n';
 import { useTelemetry } from '@/composables/useTelemetry';
 import { BUILTIN_CREDENTIALS_DOCS_URL, DOCS_DOMAIN, EnterpriseEditionFeature } from '@/constants';
-import type { PermissionsMap } from '@/permissions';
+import type { PermissionsRecord } from '@/permissions';
 import { addCredentialTranslation } from '@/plugins/i18n';
 import { useCredentialsStore } from '@/stores/credentials.store';
 import { useNDVStore } from '@/stores/ndv.store';
 import { useRootStore } from '@/stores/root.store';
 import { useUIStore } from '@/stores/ui.store';
 import { useWorkflowsStore } from '@/stores/workflows.store';
-import type { CredentialScope } from '@n8n/permissions';
 import Banner from '../Banner.vue';
 import CopyInput from '../CopyInput.vue';
 import CredentialInputs from './CredentialInputs.vue';
@@ -194,7 +193,7 @@ type Props = {
 	credentialProperties: INodeProperties[];
 	credentialData: ICredentialDataDecryptedObject;
 	credentialId?: string;
-	credentialPermissions?: PermissionsMap<CredentialScope>;
+	credentialPermissions: PermissionsRecord['credential'];
 	parentTypes?: string[];
 	showValidationWarning?: boolean;
 	authError?: string;
@@ -212,7 +211,7 @@ const props = withDefaults(defineProps<Props>(), {
 	credentialId: '',
 	authError: '',
 	showValidationWarning: false,
-	credentialPermissions: () => ({}) as PermissionsMap<CredentialScope>,
+	credentialPermissions: () => ({}) as PermissionsRecord['credential'],
 });
 const emit = defineEmits<{
 	update: [value: IUpdateInformation];
diff --git a/packages/editor-ui/src/components/CredentialEdit/CredentialEdit.vue b/packages/editor-ui/src/components/CredentialEdit/CredentialEdit.vue
index fd539fed7554f..e2c7c428e5a36 100644
--- a/packages/editor-ui/src/components/CredentialEdit/CredentialEdit.vue
+++ b/packages/editor-ui/src/components/CredentialEdit/CredentialEdit.vue
@@ -145,8 +145,7 @@ import { useMessage } from '@/composables/useMessage';
 import { useNodeHelpers } from '@/composables/useNodeHelpers';
 import { useToast } from '@/composables/useToast';
 import { CREDENTIAL_EDIT_MODAL_KEY, EnterpriseEditionFeature, MODAL_CONFIRM } from '@/constants';
-import type { PermissionsMap } from '@/permissions';
-import { getCredentialPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import { useCredentialsStore } from '@/stores/credentials.store';
 import { useNDVStore } from '@/stores/ndv.store';
 import { useNodeTypesStore } from '@/stores/nodeTypes.store';
@@ -169,7 +168,6 @@ import {
 	updateNodeAuthType,
 } from '@/utils/nodeTypesUtils';
 import { isCredentialModalState, isValidCredentialResponse } from '@/utils/typeGuards';
-import type { CredentialScope } from '@n8n/permissions';
 
 type Props = {
 	modalName: string;
@@ -395,14 +393,11 @@ const requiredPropertiesFilled = computed(() => {
 	return true;
 });
 
-const credentialPermissions = computed<PermissionsMap<CredentialScope>>(() => {
-	if (loading.value) {
-		return {} as PermissionsMap<CredentialScope>;
-	}
-
-	return getCredentialPermissions(
-		(credentialId.value ? currentCredential.value : credentialData.value) as ICredentialsResponse,
-	);
+const credentialPermissions = computed(() => {
+	return getResourcePermissions(
+		((credentialId.value ? currentCredential.value : credentialData.value) as ICredentialsResponse)
+			?.scopes,
+	).credential;
 });
 
 const sidebarItems = computed(() => {
@@ -446,6 +441,11 @@ const showSaveButton = computed(() => {
 
 const showSharingContent = computed(() => activeTab.value === 'sharing' && !!credentialType.value);
 
+const homeProject = computed(() => {
+	const { currentProject, personalProject } = projectsStore;
+	return currentProject ?? personalProject;
+});
+
 onMounted(async () => {
 	requiredCredentials.value =
 		isCredentialModalState(uiStore.modalsById[CREDENTIAL_EDIT_MODAL_KEY]) &&
@@ -456,14 +456,12 @@ onMounted(async () => {
 			credentialTypeName: defaultCredentialTypeName.value,
 		});
 
-		const { currentProject, personalProject } = projectsStore;
-		const scopes = currentProject?.scopes ?? personalProject?.scopes ?? [];
-		const homeProject = currentProject ?? personalProject ?? {};
+		const scopes = homeProject.value?.scopes ?? [];
 
 		credentialData.value = {
 			...credentialData.value,
 			scopes,
-			homeProject,
+			...(homeProject.value ? { homeProject: homeProject.value } : {}),
 		};
 	} else {
 		await loadCurrentCredential();
@@ -793,6 +791,10 @@ async function saveCredential(): Promise<ICredentialsResponse | null> {
 			.sharedWithProjects as ProjectSharingData[];
 	}
 
+	if (credentialData.value.homeProject) {
+		credentialDetails.homeProject = credentialData.value.homeProject as ProjectSharingData;
+	}
+
 	let credential: ICredentialsResponse | null = null;
 
 	const isNewCredential = props.mode === 'new' && !credentialId.value;
diff --git a/packages/editor-ui/src/components/CredentialEdit/CredentialSharing.ee.vue b/packages/editor-ui/src/components/CredentialEdit/CredentialSharing.ee.vue
index 133b00ca4d46e..f86e48a0c5a2c 100644
--- a/packages/editor-ui/src/components/CredentialEdit/CredentialSharing.ee.vue
+++ b/packages/editor-ui/src/components/CredentialEdit/CredentialSharing.ee.vue
@@ -1,7 +1,7 @@
 <template>
 	<div :class="$style.container">
 		<div v-if="!isSharingEnabled">
-			<n8n-action-box
+			<N8nActionBox
 				:heading="
 					$locale.baseText(
 						uiStore.contextBasedTranslationKeys.credentials.sharing.unavailable.title,
@@ -21,52 +21,28 @@
 			/>
 		</div>
 		<div v-else>
-			<n8n-info-tip
-				v-if="!credentialPermissions.share && !isHomeTeamProject"
-				:bold="false"
-				class="mb-s"
-			>
+			<N8nInfoTip v-if="credentialPermissions.share" :bold="false" class="mb-s">
+				{{ $locale.baseText('credentialEdit.credentialSharing.info.owner') }}
+			</N8nInfoTip>
+			<N8nInfoTip v-else-if="isHomeTeamProject" :bold="false" class="mb-s">
+				{{ $locale.baseText('credentialEdit.credentialSharing.info.sharee.team') }}
+			</N8nInfoTip>
+			<N8nInfoTip v-else :bold="false" class="mb-s">
 				{{
-					$locale.baseText('credentialEdit.credentialSharing.info.sharee', {
+					$locale.baseText('credentialEdit.credentialSharing.info.sharee.personal', {
 						interpolate: { credentialOwnerName },
 					})
 				}}
-			</n8n-info-tip>
-			<n8n-info-tip
-				v-if="credentialPermissions.share && !isHomeTeamProject"
-				:bold="false"
-				class="mb-s"
-			>
-				{{ $locale.baseText('credentialEdit.credentialSharing.info.owner') }}
-			</n8n-info-tip>
+			</N8nInfoTip>
 			<ProjectSharing
 				v-model="sharedWithProjects"
 				:projects="projects"
 				:roles="credentialRoles"
 				:home-project="homeProject"
 				:readonly="!credentialPermissions.share"
-				:static="isHomeTeamProject || !credentialPermissions.share"
-				:placeholder="$locale.baseText('workflows.shareModal.select.placeholder')"
+				:static="!credentialPermissions.share"
+				:placeholder="sharingSelectPlaceholder"
 			/>
-			<n8n-info-tip v-if="isHomeTeamProject" :bold="false" class="mt-s">
-				<i18n-t keypath="credentials.shareModal.info.members" tag="span">
-					<template #projectName>
-						{{ homeProject?.name }}
-					</template>
-					<template #members>
-						<strong>
-							{{
-								$locale.baseText('credentials.shareModal.info.members.number', {
-									interpolate: {
-										number: String(numberOfMembersInHomeTeamProject),
-									},
-									adjustToNumber: numberOfMembersInHomeTeamProject,
-								})
-							}}
-						</strong>
-					</template>
-				</i18n-t>
-			</n8n-info-tip>
 		</div>
 	</div>
 </template>
@@ -89,14 +65,14 @@ import { useUsageStore } from '@/stores/usage.store';
 import { EnterpriseEditionFeature } from '@/constants';
 import ProjectSharing from '@/components/Projects/ProjectSharing.vue';
 import { useProjectsStore } from '@/stores/projects.store';
-import type { ProjectListItem, ProjectSharingData, Project } from '@/types/projects.types';
+import type { ProjectListItem, ProjectSharingData } from '@/types/projects.types';
 import { ProjectTypes } from '@/types/projects.types';
 import type { ICredentialDataDecryptedObject } from 'n8n-workflow';
-import type { PermissionsMap } from '@/permissions';
-import type { CredentialScope } from '@n8n/permissions';
+import type { PermissionsRecord } from '@/permissions';
 import type { EventBus } from 'n8n-design-system/utils';
 import { useRolesStore } from '@/stores/roles.store';
 import type { RoleMap } from '@/types/roles.types';
+import { splitName } from '@/utils/projects.utils';
 
 export default defineComponent({
 	name: 'CredentialSharing',
@@ -117,7 +93,7 @@ export default defineComponent({
 			required: true,
 		},
 		credentialPermissions: {
-			type: Object as PropType<PermissionsMap<CredentialScope>>,
+			type: Object as PropType<PermissionsRecord['credential']>,
 			required: true,
 		},
 		modalBus: {
@@ -134,7 +110,6 @@ export default defineComponent({
 	data() {
 		return {
 			sharedWithProjects: [...(this.credential?.sharedWithProjects ?? [])] as ProjectSharingData[],
-			teamProject: null as Project | null,
 		};
 	},
 	computed: {
@@ -159,7 +134,8 @@ export default defineComponent({
 			return this.settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Sharing];
 		},
 		credentialOwnerName(): string {
-			return this.credentialsStore.getCredentialOwnerNameById(`${this.credentialId}`);
+			const { firstName, lastName, email } = splitName(this.credential?.homeProject?.name ?? '');
+			return firstName || lastName ? `${firstName}${lastName ? ' ' + lastName : ''}` : email ?? '';
 		},
 		credentialDataHomeProject(): ProjectSharingData | undefined {
 			const credentialContainsProjectSharingData = (
@@ -182,7 +158,7 @@ export default defineComponent({
 			});
 		},
 		projects(): ProjectListItem[] {
-			return this.projectsStore.personalProjects.filter(
+			return this.projectsStore.projects.filter(
 				(project) =>
 					project.id !== this.credential?.homeProject?.id &&
 					project.id !== this.credentialDataHomeProject?.id,
@@ -194,9 +170,6 @@ export default defineComponent({
 		isHomeTeamProject(): boolean {
 			return this.homeProject?.type === ProjectTypes.Team;
 		},
-		numberOfMembersInHomeTeamProject(): number {
-			return this.teamProject?.relations.length ?? 0;
-		},
 		credentialRoleTranslations(): Record<string, string> {
 			return {
 				'credential:user': this.$locale.baseText('credentialEdit.credentialSharing.role.user'),
@@ -210,6 +183,11 @@ export default defineComponent({
 				licensed,
 			}));
 		},
+		sharingSelectPlaceholder() {
+			return this.projectsStore.teamProjects.length
+				? this.$locale.baseText('projects.sharing.select.placeholder.project')
+				: this.$locale.baseText('projects.sharing.select.placeholder.user');
+		},
 	},
 	watch: {
 		sharedWithProjects: {
@@ -221,10 +199,6 @@ export default defineComponent({
 	},
 	async mounted() {
 		await Promise.all([this.usersStore.fetchUsers(), this.projectsStore.getAllProjects()]);
-
-		if (this.homeProject && this.isHomeTeamProject) {
-			this.teamProject = await this.projectsStore.fetchProject(this.homeProject.id);
-		}
 	},
 	methods: {
 		goToUpgrade() {
diff --git a/packages/editor-ui/src/components/DeleteUserModal.vue b/packages/editor-ui/src/components/DeleteUserModal.vue
index 7516466a340b6..2fdb0ad73468f 100644
--- a/packages/editor-ui/src/components/DeleteUserModal.vue
+++ b/packages/editor-ui/src/components/DeleteUserModal.vue
@@ -3,7 +3,7 @@
 		:name="modalName"
 		:title="title"
 		:center="true"
-		width="460px"
+		width="520"
 		:event-bus="modalBus"
 		@enter="onSubmit"
 	>
@@ -147,7 +147,7 @@ export default defineComponent({
 			return false;
 		},
 		projects(): ProjectListItem[] {
-			return this.projectsStore.personalProjects.filter(
+			return this.projectsStore.projects.filter(
 				(project) =>
 					project.name !==
 					`${this.userToDelete?.firstName} ${this.userToDelete?.lastName} <${this.userToDelete?.email}>`,
diff --git a/packages/editor-ui/src/components/DraggableTarget.vue b/packages/editor-ui/src/components/DraggableTarget.vue
index 0dcadd856ef0c..6197d3c347837 100644
--- a/packages/editor-ui/src/components/DraggableTarget.vue
+++ b/packages/editor-ui/src/components/DraggableTarget.vue
@@ -26,7 +26,7 @@ const props = withDefaults(defineProps<Props>(), {
 });
 
 const emit = defineEmits<{
-	drop: [value: string];
+	drop: [value: string, event: MouseEvent];
 }>();
 
 const hovering = ref(false);
@@ -60,10 +60,10 @@ function onMouseLeave() {
 	hovering.value = false;
 }
 
-function onMouseUp() {
+function onMouseUp(event: MouseEvent) {
 	if (activeDrop.value) {
 		const data = ndvStore.draggableData;
-		emit('drop', data);
+		emit('drop', data, event);
 	}
 }
 
diff --git a/packages/editor-ui/src/components/Error/NodeErrorView.vue b/packages/editor-ui/src/components/Error/NodeErrorView.vue
index 5244371d0fc47..6b6238338d25e 100644
--- a/packages/editor-ui/src/components/Error/NodeErrorView.vue
+++ b/packages/editor-ui/src/components/Error/NodeErrorView.vue
@@ -21,6 +21,7 @@ import type { BaseTextKey } from '@/plugins/i18n';
 
 type Props = {
 	error: NodeError | NodeApiError | NodeOperationError;
+	compact?: boolean;
 };
 
 const props = defineProps<Props>();
@@ -178,6 +179,10 @@ function addItemIndexSuffix(message: string): string {
 }
 
 function getErrorMessage(): string {
+	if ('obfuscate' in props.error && props.error.obfuscate === true) {
+		return i18n.baseText('nodeErrorView.showMessage.obfuscate');
+	}
+
 	let message = '';
 
 	const isSubNodeError =
@@ -377,7 +382,7 @@ function copySuccess() {
 			></div>
 		</div>
 
-		<div class="node-error-view__info">
+		<div v-if="!compact" class="node-error-view__info">
 			<div class="node-error-view__info-header">
 				<p class="node-error-view__info-title">
 					{{ i18n.baseText('nodeErrorView.details.title') }}
diff --git a/packages/editor-ui/src/components/ExpressionEdit.vue b/packages/editor-ui/src/components/ExpressionEdit.vue
deleted file mode 100644
index e61b4dbe052c8..0000000000000
--- a/packages/editor-ui/src/components/ExpressionEdit.vue
+++ /dev/null
@@ -1,388 +0,0 @@
-<template>
-	<div v-if="dialogVisible" class="expression-edit" @keydown.stop>
-		<el-dialog
-			:model-value="dialogVisible"
-			class="expression-dialog classic"
-			width="80%"
-			:title="$locale.baseText('expressionEdit.editExpression')"
-			:before-close="closeDialog"
-		>
-			<el-row>
-				<el-col :span="8">
-					<div class="header-side-menu">
-						<div class="headline">
-							{{ $locale.baseText('expressionEdit.editExpression') }}
-						</div>
-						<div class="sub-headline">
-							{{ $locale.baseText('expressionEdit.variableSelector') }}
-						</div>
-					</div>
-
-					<div class="variable-selector">
-						<VariableSelector
-							:path="path"
-							:redact-values="redactValues"
-							@item-selected="itemSelected"
-						></VariableSelector>
-					</div>
-				</el-col>
-				<el-col :span="16" class="right-side">
-					<div class="expression-editor-wrapper">
-						<div class="editor-description">
-							<div>
-								{{ $locale.baseText('expressionEdit.expression') }}
-							</div>
-							<div class="hint">
-								<span>
-									{{ $locale.baseText('expressionEdit.anythingInside') }}
-								</span>
-								<div class="expression-syntax-example" v-text="`{{ }}`"></div>
-								<span>
-									{{ $locale.baseText('expressionEdit.isJavaScript') }}
-								</span>
-								{{ ' ' }}
-								<n8n-link size="medium" :to="expressionsDocsUrl">
-									{{ $locale.baseText('expressionEdit.learnMore') }}
-								</n8n-link>
-							</div>
-						</div>
-						<div class="expression-editor">
-							<ExpressionEditorModalInput
-								ref="inputFieldExpression"
-								:model-value="modelValue"
-								:is-read-only="isReadOnly"
-								:path="path"
-								:class="{ 'ph-no-capture': redactValues }"
-								data-test-id="expression-modal-input"
-								@change="valueChanged"
-								@close="closeDialog"
-							/>
-						</div>
-					</div>
-
-					<div class="expression-result-wrapper">
-						<div class="editor-description">
-							{{ $locale.baseText('expressionEdit.resultOfItem1') }}
-						</div>
-						<div :class="{ 'ph-no-capture': redactValues }">
-							<ExpressionOutput
-								ref="expressionResult"
-								:segments="segments"
-								:extensions="theme"
-								data-test-id="expression-modal-output"
-							/>
-						</div>
-					</div>
-				</el-col>
-			</el-row>
-		</el-dialog>
-	</div>
-</template>
-
-<script lang="ts">
-import { type PropType, defineComponent } from 'vue';
-import { mapStores } from 'pinia';
-import ExpressionEditorModalInput from '@/components/ExpressionEditorModal/ExpressionEditorModalInput.vue';
-import VariableSelector from '@/components/VariableSelector.vue';
-
-import type { IVariableItemSelected } from '@/Interface';
-
-import { EXPRESSIONS_DOCS_URL } from '@/constants';
-
-import { useWorkflowsStore } from '@/stores/workflows.store';
-import { useNDVStore } from '@/stores/ndv.store';
-import { useExternalHooks } from '@/composables/useExternalHooks';
-import { createExpressionTelemetryPayload } from '@/utils/telemetryUtils';
-import { useDebounce } from '@/composables/useDebounce';
-
-import type { Segment } from '@/types/expressions';
-import ExpressionOutput from './InlineExpressionEditor/ExpressionOutput.vue';
-import { outputTheme } from './ExpressionEditorModal/theme';
-import type { INodeProperties } from 'n8n-workflow';
-
-export default defineComponent({
-	name: 'ExpressionEdit',
-	components: {
-		ExpressionEditorModalInput,
-		ExpressionOutput,
-		VariableSelector,
-	},
-	props: {
-		dialogVisible: {
-			type: Boolean,
-			default: false,
-		},
-		parameter: {
-			type: Object as PropType<INodeProperties>,
-			default: () => ({}),
-		},
-		path: {
-			type: String,
-			default: '',
-		},
-		modelValue: {
-			type: String,
-			default: '',
-		},
-		eventSource: {
-			type: String,
-			default: '',
-		},
-		redactValues: {
-			type: Boolean,
-			default: false,
-		},
-		isReadOnly: {
-			type: Boolean,
-			default: false,
-		},
-	},
-	setup() {
-		const externalHooks = useExternalHooks();
-		const { callDebounced } = useDebounce();
-
-		return {
-			callDebounced,
-			externalHooks,
-		};
-	},
-	data() {
-		return {
-			displayValue: '',
-			latestValue: '',
-			segments: [] as Segment[],
-			expressionsDocsUrl: EXPRESSIONS_DOCS_URL,
-			theme: outputTheme(),
-		};
-	},
-	computed: {
-		...mapStores(useNDVStore, useWorkflowsStore),
-	},
-	watch: {
-		dialogVisible(newValue) {
-			this.displayValue = this.modelValue;
-			this.latestValue = this.modelValue;
-
-			const resolvedExpressionValue =
-				(this.$refs.expressionResult as InstanceType<typeof ExpressionOutput>)?.getValue() || '';
-			void this.externalHooks.run('expressionEdit.dialogVisibleChanged', {
-				dialogVisible: newValue,
-				parameter: this.parameter,
-				value: this.modelValue,
-				resolvedExpressionValue,
-			});
-
-			if (!newValue) {
-				const telemetryPayload = createExpressionTelemetryPayload(
-					this.segments,
-					this.modelValue,
-					this.workflowsStore.workflowId,
-					this.ndvStore.pushRef,
-					this.ndvStore.activeNode?.type ?? '',
-				);
-
-				this.$telemetry.track('User closed Expression Editor', telemetryPayload);
-				void this.externalHooks.run('expressionEdit.closeDialog', telemetryPayload);
-			}
-		},
-	},
-	methods: {
-		valueChanged({ value, segments }: { value: string; segments: Segment[] }, forceUpdate = false) {
-			this.latestValue = value;
-			this.segments = segments;
-
-			if (forceUpdate) {
-				this.updateDisplayValue();
-				this.$emit('update:modelValue', this.latestValue);
-			} else {
-				void this.callDebounced(this.updateDisplayValue, {
-					debounceTime: 500,
-				});
-			}
-		},
-
-		updateDisplayValue() {
-			this.displayValue = this.latestValue;
-		},
-
-		closeDialog() {
-			if (this.latestValue !== this.modelValue) {
-				// Handle the close externally as the visible parameter is an external prop
-				// and is so not allowed to be changed here.
-				this.$emit('update:modelValue', this.latestValue);
-			}
-			this.$emit('closeDialog');
-			return false;
-		},
-
-		itemSelected(eventData: IVariableItemSelected) {
-			(
-				this.$refs.inputFieldExpression as {
-					itemSelected: (variable: IVariableItemSelected) => void;
-				}
-			).itemSelected(eventData);
-			void this.externalHooks.run('expressionEdit.itemSelected', {
-				parameter: this.parameter,
-				value: this.modelValue,
-				selectedItem: eventData,
-			});
-
-			const trackProperties: {
-				event_version: string;
-				node_type_dest: string;
-				node_type_source?: string;
-				parameter_name_dest: string;
-				parameter_name_source?: string;
-				variable_type?: string;
-				is_immediate_input: boolean;
-				variable_expression: string;
-				node_name: string;
-			} = {
-				event_version: '2',
-				node_type_dest: this.ndvStore.activeNode ? this.ndvStore.activeNode.type : '',
-				parameter_name_dest: this.parameter.displayName,
-				is_immediate_input: false,
-				variable_expression: eventData.variable,
-				node_name: this.ndvStore.activeNode ? this.ndvStore.activeNode.name : '',
-			};
-
-			if (eventData.variable) {
-				let splitVar = eventData.variable.split('.');
-
-				if (eventData.variable.startsWith('Object.keys')) {
-					splitVar = eventData.variable.split('(')[1].split(')')[0].split('.');
-					trackProperties.variable_type = 'Keys';
-				} else if (eventData.variable.startsWith('Object.values')) {
-					splitVar = eventData.variable.split('(')[1].split(')')[0].split('.');
-					trackProperties.variable_type = 'Values';
-				} else {
-					trackProperties.variable_type = 'Raw value';
-				}
-
-				if (splitVar[0].startsWith("$('")) {
-					const match = /\$\('(.*?)'\)/.exec(splitVar[0]);
-					if (match && match.length > 1) {
-						const sourceNodeName = match[1];
-						trackProperties.node_type_source =
-							this.workflowsStore.getNodeByName(sourceNodeName)?.type;
-						const nodeConnections: Array<Array<{ node: string }>> =
-							this.workflowsStore.outgoingConnectionsByNodeName(sourceNodeName).main;
-						trackProperties.is_immediate_input =
-							nodeConnections &&
-							nodeConnections[0] &&
-							nodeConnections[0].some(({ node }) => node === this.ndvStore.activeNode?.name || '');
-
-						if (splitVar[1].startsWith('parameter')) {
-							trackProperties.parameter_name_source = splitVar[1].split('"')[1];
-						}
-					}
-				} else {
-					trackProperties.is_immediate_input = true;
-
-					if (splitVar[0].startsWith('$parameter')) {
-						trackProperties.parameter_name_source = splitVar[0].split('"')[1];
-					}
-				}
-			}
-
-			this.$telemetry.track(
-				'User inserted item from Expression Editor variable selector',
-				trackProperties,
-			);
-		},
-	},
-});
-</script>
-
-<style scoped lang="scss">
-.expression-edit {
-	:deep(.expression-dialog) {
-		.el-dialog__header {
-			padding: 0;
-		}
-		.el-dialog__title {
-			display: none;
-		}
-
-		.el-dialog__body {
-			padding: 0;
-			font-size: var(--font-size-s);
-		}
-
-		.right-side {
-			background-color: var(--color-background-light);
-			border-top-right-radius: 8px;
-			border-bottom-right-radius: 8px;
-		}
-	}
-}
-
-.editor-description {
-	line-height: 1.5;
-	font-weight: bold;
-	padding: 0 0 0.5em 0.2em;
-	display: flex;
-	justify-content: space-between;
-
-	.hint {
-		color: var(--color-text-base);
-		font-weight: normal;
-		display: flex;
-
-		@media (max-width: $breakpoint-xs) {
-			display: none;
-		}
-
-		span {
-			margin-right: var(--spacing-4xs);
-		}
-		.expression-syntax-example {
-			display: inline-block;
-			margin-top: 3px;
-			height: 16px;
-			line-height: 1;
-			background-color: var(--color-expression-syntax-example);
-			color: var(--color-text-dark);
-			margin-right: var(--spacing-4xs);
-		}
-	}
-}
-
-.expression-result-wrapper,
-.expression-editor-wrapper {
-	padding: 10px;
-}
-
-.expression-result-wrapper {
-	margin-top: 1em;
-}
-
-.header-side-menu {
-	padding: 1em 0 0.5em var(--spacing-s);
-	border-top-left-radius: 8px;
-
-	background-color: var(--color-background-base);
-	color: var(--color-text-dark);
-	border-bottom: 1px solid $color-primary;
-	margin-bottom: 1em;
-
-	.headline {
-		font-size: 1.35em;
-		font-weight: 600;
-		line-height: 1.5;
-	}
-
-	.sub-headline {
-		font-weight: 600;
-		font-size: 1.1em;
-		text-align: center;
-		line-height: 1.5;
-		padding-top: 1.5em;
-		color: $color-primary;
-	}
-}
-
-.variable-selector {
-	margin: 0 var(--spacing-s);
-}
-</style>
diff --git a/packages/editor-ui/src/components/ExpressionEditModal.vue b/packages/editor-ui/src/components/ExpressionEditModal.vue
new file mode 100644
index 0000000000000..cb58f67a58217
--- /dev/null
+++ b/packages/editor-ui/src/components/ExpressionEditModal.vue
@@ -0,0 +1,336 @@
+<template>
+	<el-dialog
+		width="calc(100vw - var(--spacing-3xl))"
+		append-to-body
+		:class="$style.modal"
+		:model-value="dialogVisible"
+		:before-close="closeDialog"
+	>
+		<button :class="$style.close" @click="closeDialog">
+			<Close height="18" width="18" />
+		</button>
+		<div :class="$style.container">
+			<div :class="$style.sidebar">
+				<N8nInput
+					v-model="search"
+					size="small"
+					:class="$style.search"
+					:placeholder="i18n.baseText('ndv.search.placeholder.input.schema')"
+				>
+					<template #prefix>
+						<N8nIcon :class="$style.ioSearchIcon" icon="search" />
+					</template>
+				</N8nInput>
+
+				<RunDataSchema
+					:class="$style.schema"
+					:search="appliedSearch"
+					:nodes="parentNodes"
+					mapping-enabled
+					pane-type="input"
+					connection-type="main"
+				/>
+			</div>
+
+			<div :class="$style.io">
+				<div :class="$style.input">
+					<div :class="$style.header">
+						<N8nText bold size="large">
+							{{ i18n.baseText('expressionEdit.expression') }}
+						</N8nText>
+						<N8nText
+							:class="$style.tip"
+							size="small"
+							v-html="i18n.baseText('expressionTip.javascript')"
+						/>
+					</div>
+
+					<DraggableTarget :class="$style.editorContainer" type="mapping" @drop="onDrop">
+						<template #default>
+							<ExpressionEditorModalInput
+								ref="expressionInputRef"
+								:model-value="modelValue"
+								:is-read-only="isReadOnly"
+								:path="path"
+								:class="[
+									$style.editor,
+									{
+										'ph-no-capture': redactValues,
+									},
+								]"
+								data-test-id="expression-modal-input"
+								@change="valueChanged"
+								@close="closeDialog"
+							/>
+						</template>
+					</DraggableTarget>
+				</div>
+
+				<div :class="$style.output">
+					<div :class="$style.header">
+						<N8nText bold size="large">
+							{{ i18n.baseText('parameterInput.result') }}
+						</N8nText>
+						<OutputItemSelect />
+					</div>
+
+					<div :class="[$style.editorContainer, { 'ph-no-capture': redactValues }]">
+						<ExpressionOutput
+							ref="expressionResultRef"
+							:class="$style.editor"
+							:segments="segments"
+							:extensions="theme"
+							data-test-id="expression-modal-output"
+						/>
+					</div>
+				</div>
+			</div>
+		</div>
+	</el-dialog>
+</template>
+
+<script setup lang="ts">
+import ExpressionEditorModalInput from '@/components/ExpressionEditorModal/ExpressionEditorModalInput.vue';
+import { computed, ref, toRaw, watch } from 'vue';
+import Close from 'virtual:icons/mdi/close';
+
+import { useExternalHooks } from '@/composables/useExternalHooks';
+import { useNDVStore } from '@/stores/ndv.store';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import { createExpressionTelemetryPayload } from '@/utils/telemetryUtils';
+
+import { useTelemetry } from '@/composables/useTelemetry';
+import type { Segment } from '@/types/expressions';
+import type { INodeProperties } from 'n8n-workflow';
+import { outputTheme } from './ExpressionEditorModal/theme';
+import ExpressionOutput from './InlineExpressionEditor/ExpressionOutput.vue';
+import RunDataSchema from './RunDataSchema.vue';
+import OutputItemSelect from './InlineExpressionEditor/OutputItemSelect.vue';
+import { useI18n } from '@/composables/useI18n';
+import { useDebounce } from '@/composables/useDebounce';
+import DraggableTarget from './DraggableTarget.vue';
+import { dropInEditor } from '@/plugins/codemirror/dragAndDrop';
+
+type Props = {
+	parameter: INodeProperties;
+	path: string;
+	modelValue: string;
+	dialogVisible?: boolean;
+	eventSource?: string;
+	redactValues?: boolean;
+	isReadOnly?: boolean;
+};
+
+const props = withDefaults(defineProps<Props>(), {
+	eventSource: '',
+	dialogVisible: false,
+	redactValues: false,
+	isReadOnly: false,
+});
+const emit = defineEmits<{
+	'update:model-value': [value: string];
+	closeDialog: [];
+}>();
+
+const ndvStore = useNDVStore();
+const workflowsStore = useWorkflowsStore();
+
+const telemetry = useTelemetry();
+const i18n = useI18n();
+const externalHooks = useExternalHooks();
+const { debounce } = useDebounce();
+
+const segments = ref<Segment[]>([]);
+const search = ref('');
+const appliedSearch = ref('');
+const expressionInputRef = ref<InstanceType<typeof ExpressionEditorModalInput>>();
+const expressionResultRef = ref<InstanceType<typeof ExpressionOutput>>();
+const theme = outputTheme();
+
+const activeNode = computed(() => ndvStore.activeNode);
+const workflow = computed(() => workflowsStore.getCurrentWorkflow());
+const inputEditor = computed(() => expressionInputRef.value?.editor);
+const parentNodes = computed(() => {
+	const node = activeNode.value;
+	if (!node) return [];
+	const nodes = workflow.value.getParentNodesByDepth(node.name);
+
+	return nodes.filter(({ name }) => name !== node.name);
+});
+
+watch(
+	() => props.dialogVisible,
+	(newValue) => {
+		const resolvedExpressionValue = expressionResultRef.value?.getValue() ?? '';
+
+		void externalHooks.run('expressionEdit.dialogVisibleChanged', {
+			dialogVisible: newValue,
+			parameter: props.parameter,
+			value: props.modelValue,
+			resolvedExpressionValue,
+		});
+
+		if (!newValue) {
+			const telemetryPayload = createExpressionTelemetryPayload(
+				segments.value,
+				props.modelValue,
+				workflowsStore.workflowId,
+				ndvStore.pushRef,
+				ndvStore.activeNode?.type ?? '',
+			);
+
+			telemetry.track('User closed Expression Editor', telemetryPayload);
+			void externalHooks.run('expressionEdit.closeDialog', telemetryPayload);
+		}
+	},
+);
+
+watch(
+	search,
+	debounce(
+		(newSearch: string) => {
+			appliedSearch.value = newSearch;
+		},
+		{ debounceTime: 500 },
+	),
+);
+
+function valueChanged(update: { value: string; segments: Segment[] }) {
+	segments.value = update.segments;
+	emit('update:model-value', update.value);
+}
+
+function closeDialog() {
+	emit('closeDialog');
+}
+
+async function onDrop(expression: string, event: MouseEvent) {
+	if (!inputEditor.value) return;
+
+	await dropInEditor(toRaw(inputEditor.value), event, expression);
+}
+</script>
+
+<style module lang="scss">
+.modal {
+	--dialog-close-top: var(--spacing-m);
+	display: flex;
+	flex-direction: column;
+	overflow: clip;
+	height: calc(100% - var(--spacing-4xl));
+	margin-bottom: 0;
+
+	:global(.el-dialog__body) {
+		background-color: var(--color-expression-editor-modal-background);
+		height: 100%;
+		padding: var(--spacing-s);
+	}
+
+	:global(.el-dialog__header) {
+		display: none;
+	}
+}
+
+.container {
+	display: flex;
+	flex-flow: row nowrap;
+	gap: var(--spacing-s);
+	height: 100%;
+}
+
+.sidebar {
+	display: flex;
+	flex-direction: column;
+	gap: var(--spacing-s);
+	flex-basis: 360px;
+	flex-shrink: 0;
+	height: 100%;
+}
+
+.schema {
+	height: 100%;
+	overflow-y: auto;
+	padding-right: var(--spacing-4xs);
+}
+
+.editor {
+	display: flex;
+	flex: 1 1 0;
+	font-size: var(--font-size-xs);
+
+	> div {
+		flex: 1 1 0;
+	}
+}
+
+.editorContainer {
+	display: flex;
+	flex: 1 1 0;
+	min-height: 0;
+}
+
+.io {
+	display: flex;
+	flex: 1 1 0;
+	gap: var(--spacing-s);
+}
+
+.input,
+.output {
+	display: flex;
+	flex-direction: column;
+	gap: var(--spacing-2xs);
+	flex: 1 1 0;
+}
+
+.output {
+	[aria-readonly] {
+		background: var(--color-background-light);
+	}
+}
+
+.header {
+	display: flex;
+	flex-direction: column;
+
+	gap: var(--spacing-5xs);
+}
+
+.tip {
+	min-height: 22px;
+}
+
+.close {
+	display: flex;
+	border: none;
+	background: none;
+	cursor: pointer;
+	padding: var(--spacing-4xs);
+	position: absolute;
+	right: var(--spacing-s);
+	top: var(--spacing-s);
+	color: var(--color-button-secondary-font);
+
+	&:hover,
+	&:active {
+		color: var(--color-primary);
+	}
+}
+
+@media (max-width: $breakpoint-md) {
+	.io {
+		flex-direction: column;
+	}
+
+	.input,
+	.output {
+		height: 50%;
+	}
+
+	.header {
+		flex-direction: row;
+		align-items: baseline;
+		gap: var(--spacing-2xs);
+	}
+}
+</style>
diff --git a/packages/editor-ui/src/components/ExpressionEditorModal/ExpressionEditorModalInput.vue b/packages/editor-ui/src/components/ExpressionEditorModal/ExpressionEditorModalInput.vue
index 78c4400030df3..68a65ada6e84f 100644
--- a/packages/editor-ui/src/components/ExpressionEditorModal/ExpressionEditorModalInput.vue
+++ b/packages/editor-ui/src/components/ExpressionEditorModal/ExpressionEditorModalInput.vue
@@ -5,8 +5,8 @@
 <script setup lang="ts">
 import { history } from '@codemirror/commands';
 import { Prec } from '@codemirror/state';
-import { EditorView, keymap } from '@codemirror/view';
-import { computed, onMounted, ref, toValue, watch } from 'vue';
+import { dropCursor, EditorView, keymap } from '@codemirror/view';
+import { computed, onMounted, ref, watch } from 'vue';
 
 import { expressionInputHandler } from '@/plugins/codemirror/inputHandlers/expression.inputHandler';
 import { n8nAutocompletion, n8nLang } from '@/plugins/codemirror/n8nLang';
@@ -14,7 +14,6 @@ import { forceParse } from '@/utils/forceParse';
 import { completionStatus } from '@codemirror/autocomplete';
 import { inputTheme } from './theme';
 
-import type { IVariableItemSelected } from '@/Interface';
 import { useExpressionEditor } from '@/composables/useExpressionEditor';
 import {
 	autocompleteKeyMap,
@@ -22,9 +21,10 @@ import {
 	historyKeyMap,
 	tabKeyMap,
 } from '@/plugins/codemirror/keymap';
+import { infoBoxTooltips } from '@/plugins/codemirror/tooltips/InfoBoxTooltip';
 import type { Segment } from '@/types/expressions';
 import { removeExpressionPrefix } from '@/utils/expressions';
-import { infoBoxTooltips } from '@/plugins/codemirror/tooltips/InfoBoxTooltip';
+import { mappingDropCursor } from '@/plugins/codemirror/dragAndDrop';
 
 type Props = {
 	modelValue: string;
@@ -44,7 +44,7 @@ const emit = defineEmits<{
 
 const root = ref<HTMLElement>();
 const extensions = computed(() => [
-	inputTheme(),
+	inputTheme(props.isReadOnly),
 	Prec.highest(
 		keymap.of([
 			...tabKeyMap(),
@@ -65,6 +65,8 @@ const extensions = computed(() => [
 	),
 	n8nLang(),
 	n8nAutocompletion(),
+	mappingDropCursor(),
+	dropCursor(),
 	history(),
 	expressionInputHandler(),
 	EditorView.lineWrapping,
@@ -72,14 +74,7 @@ const extensions = computed(() => [
 	infoBoxTooltips(),
 ]);
 const editorValue = ref<string>(removeExpressionPrefix(props.modelValue));
-const {
-	editor: editorRef,
-	segments,
-	readEditorValue,
-	setCursorPosition,
-	hasFocus,
-	focus,
-} = useExpressionEditor({
+const { segments, readEditorValue, editor, hasFocus, focus } = useExpressionEditor({
 	editorRef: root,
 	editorValue,
 	extensions,
@@ -111,45 +106,11 @@ onMounted(() => {
 	focus();
 });
 
-function itemSelected({ variable }: IVariableItemSelected) {
-	const editor = toValue(editorRef);
-
-	if (!editor || props.isReadOnly) return;
-
-	const OPEN_MARKER = '{{';
-	const CLOSE_MARKER = '}}';
-
-	const { selection, doc } = editor.state;
-	const { head } = selection.main;
-
-	const isInsideResolvable =
-		editor.state.sliceDoc(0, head).includes(OPEN_MARKER) &&
-		editor.state.sliceDoc(head, doc.length).includes(CLOSE_MARKER);
-
-	const insert = isInsideResolvable ? variable : [OPEN_MARKER, variable, CLOSE_MARKER].join(' ');
-
-	editor.dispatch({
-		changes: {
-			from: head,
-			insert,
-		},
-	});
-
-	focus();
-	setCursorPosition(head + insert.length);
-}
-
-defineExpose({ itemSelected });
+defineExpose({ editor });
 </script>
 
 <style lang="scss" module>
-.editor div[contenteditable='false'] {
-	background-color: var(--disabled-fill, var(--color-background-light));
-	cursor: not-allowed;
-}
-</style>
-<style lang="scss" scoped>
-:deep(.cm-content) {
+:global(.cm-content) {
 	border-radius: var(--border-radius-base);
 }
 </style>
diff --git a/packages/editor-ui/src/components/ExpressionEditorModal/theme.ts b/packages/editor-ui/src/components/ExpressionEditorModal/theme.ts
index f47f7c1535ec3..a35a18643f9be 100644
--- a/packages/editor-ui/src/components/ExpressionEditorModal/theme.ts
+++ b/packages/editor-ui/src/components/ExpressionEditorModal/theme.ts
@@ -1,7 +1,7 @@
 import { EditorView } from '@codemirror/view';
 import { highlighter } from '@/plugins/codemirror/resolvableHighlighter';
 
-const commonThemeProps = {
+const commonThemeProps = (isReadOnly = false) => ({
 	'&': {
 		borderWidth: 'var(--border-width-base)',
 		borderStyle: 'var(--input-border-style, var(--border-style-base))',
@@ -9,31 +9,33 @@ const commonThemeProps = {
 		borderRadius: 'var(--input-border-radius, var(--border-radius-base))',
 		backgroundColor: 'var(--color-expression-editor-background)',
 	},
+	'.cm-cursor, .cm-dropCursor': {
+		borderLeftColor: 'var(--color-code-caret)',
+	},
 	'&.cm-focused': {
 		borderColor: 'var(--color-secondary)',
 		outline: '0 !important',
 	},
 	'.cm-content': {
 		fontFamily: 'var(--font-family-monospace)',
-		height: '220px',
 		padding: 'var(--spacing-xs)',
 		color: 'var(--input-font-color, var(--color-text-dark))',
-		caretColor: 'var(--color-code-caret)',
+		caretColor: isReadOnly ? 'transparent' : 'var(--color-code-caret)',
 	},
 	'.cm-line': {
 		padding: '0',
 	},
-};
+});
 
-export const inputTheme = () => {
-	const theme = EditorView.theme(commonThemeProps);
+export const inputTheme = (isReadOnly = false) => {
+	const theme = EditorView.theme(commonThemeProps(isReadOnly));
 
 	return [theme, highlighter.resolvableStyle];
 };
 
 export const outputTheme = () => {
 	const theme = EditorView.theme({
-		...commonThemeProps,
+		...commonThemeProps(true),
 		'.cm-valid-resolvable': {
 			padding: '0 2px',
 			borderRadius: '2px',
diff --git a/packages/editor-ui/src/components/ExpressionParameterInput.vue b/packages/editor-ui/src/components/ExpressionParameterInput.vue
index 5618c3ae269d1..86e4c540a2ed9 100644
--- a/packages/editor-ui/src/components/ExpressionParameterInput.vue
+++ b/packages/editor-ui/src/components/ExpressionParameterInput.vue
@@ -1,5 +1,5 @@
 <script setup lang="ts">
-import { computed, ref, watch } from 'vue';
+import { computed, nextTick, onBeforeUnmount, onMounted, ref, toRaw, watch } from 'vue';
 
 import ExpressionFunctionIcon from '@/components/ExpressionFunctionIcon.vue';
 import InlineExpressionEditorInput from '@/components/InlineExpressionEditor/InlineExpressionEditorInput.vue';
@@ -9,10 +9,12 @@ import { useWorkflowsStore } from '@/stores/workflows.store';
 import { createExpressionTelemetryPayload } from '@/utils/telemetryUtils';
 
 import { useTelemetry } from '@/composables/useTelemetry';
+import { dropInEditor } from '@/plugins/codemirror/dragAndDrop';
 import type { Segment } from '@/types/expressions';
-import { createEventBus, type EventBus } from 'n8n-design-system/utils';
-import type { IDataObject } from 'n8n-workflow';
+import { startCompletion } from '@codemirror/autocomplete';
 import type { EditorState, SelectionRange } from '@codemirror/state';
+import type { IDataObject } from 'n8n-workflow';
+import { createEventBus, type EventBus } from 'n8n-design-system';
 
 const isFocused = ref(false);
 const segments = ref<Segment[]>([]);
@@ -25,9 +27,9 @@ type Props = {
 	modelValue: string;
 	rows?: number;
 	additionalExpressionData?: IDataObject;
-	eventBus?: EventBus;
 	isReadOnly?: boolean;
 	isAssignment?: boolean;
+	eventBus?: EventBus;
 };
 
 const props = withDefaults(defineProps<Props>(), {
@@ -109,6 +111,45 @@ function onSelectionChange({
 	selection.value = newSelection;
 }
 
+async function onDrop(value: string, event: MouseEvent) {
+	if (!inlineInput.value) return;
+	const { editor, setCursorPosition } = inlineInput.value;
+
+	if (!editor) return;
+
+	const droppedSelection = await dropInEditor(toRaw(editor), event, value);
+
+	if (!ndvStore.isAutocompleteOnboarded) {
+		setCursorPosition((droppedSelection.ranges.at(0)?.head ?? 3) - 3);
+		setTimeout(() => {
+			startCompletion(editor);
+		});
+	}
+}
+
+async function onDropOnFixedInput() {
+	await nextTick();
+
+	if (!inlineInput.value) return;
+	const { editor, setCursorPosition } = inlineInput.value;
+
+	if (!editor || ndvStore.isAutocompleteOnboarded) return;
+
+	setCursorPosition('lastExpression');
+	setTimeout(() => {
+		focus();
+		startCompletion(editor);
+	});
+}
+
+onMounted(() => {
+	props.eventBus.on('drop', onDropOnFixedInput);
+});
+
+onBeforeUnmount(() => {
+	props.eventBus.off('drop', onDropOnFixedInput);
+});
+
 watch(isDragging, (newIsDragging) => {
 	if (newIsDragging) {
 		onBlur();
@@ -134,19 +175,23 @@ defineExpose({ focus });
 				<span v-if="isAssignment">=</span>
 				<ExpressionFunctionIcon v-else />
 			</div>
-			<InlineExpressionEditorInput
-				ref="inlineInput"
-				:model-value="modelValue"
-				:path="path"
-				:is-read-only="isReadOnly"
-				:rows="rows"
-				:additional-data="additionalExpressionData"
-				:event-bus="eventBus"
-				@focus="onFocus"
-				@blur="onBlur"
-				@update:model-value="onValueChange"
-				@update:selection="onSelectionChange"
-			/>
+			<DraggableTarget type="mapping" :disabled="isReadOnly" @drop="onDrop">
+				<template #default="{ activeDrop, droppable }">
+					<InlineExpressionEditorInput
+						ref="inlineInput"
+						:model-value="modelValue"
+						:path="path"
+						:is-read-only="isReadOnly"
+						:rows="rows"
+						:additional-data="additionalExpressionData"
+						:class="{ [$style.activeDrop]: activeDrop, [$style.droppable]: droppable }"
+						@focus="onFocus"
+						@blur="onBlur"
+						@update:model-value="onValueChange"
+						@update:selection="onSelectionChange"
+					/>
+				</template>
+			</DraggableTarget>
 			<n8n-button
 				v-if="!isDragging"
 				square
@@ -240,4 +285,26 @@ defineExpose({ focus });
 	border-bottom-right-radius: 0;
 	background-color: var(--color-code-background);
 }
+
+.droppable {
+	--input-border-color: var(--color-ndv-droppable-parameter);
+	--input-border-right-color: var(--color-ndv-droppable-parameter);
+	--input-border-style: dashed;
+
+	:global(.cm-editor) {
+		border-width: 1.5px;
+	}
+}
+
+.activeDrop {
+	--input-border-color: var(--color-success);
+	--input-border-right-color: var(--color-success);
+	--input-background-color: var(--color-foreground-xlight);
+	--input-border-style: solid;
+
+	:global(.cm-editor) {
+		cursor: grabbing !important;
+		border-width: 1px;
+	}
+}
 </style>
diff --git a/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorInput.vue b/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorInput.vue
index 96f263fb03bdc..19a869b2e694d 100644
--- a/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorInput.vue
+++ b/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorInput.vue
@@ -1,11 +1,11 @@
 <script setup lang="ts">
-import { startCompletion } from '@codemirror/autocomplete';
 import { history } from '@codemirror/commands';
 import { type EditorState, Prec, type SelectionRange } from '@codemirror/state';
-import { EditorView, keymap } from '@codemirror/view';
-import { computed, nextTick, onBeforeUnmount, onMounted, ref, toValue, watch } from 'vue';
+import { dropCursor, EditorView, keymap } from '@codemirror/view';
+import { computed, ref, watch } from 'vue';
 
 import { useExpressionEditor } from '@/composables/useExpressionEditor';
+import { mappingDropCursor } from '@/plugins/codemirror/dragAndDrop';
 import { expressionInputHandler } from '@/plugins/codemirror/inputHandlers/expression.inputHandler';
 import {
 	autocompleteKeyMap,
@@ -14,13 +14,11 @@ import {
 	tabKeyMap,
 } from '@/plugins/codemirror/keymap';
 import { n8nAutocompletion, n8nLang } from '@/plugins/codemirror/n8nLang';
-import { useNDVStore } from '@/stores/ndv.store';
+import { infoBoxTooltips } from '@/plugins/codemirror/tooltips/InfoBoxTooltip';
 import type { Segment } from '@/types/expressions';
 import { removeExpressionPrefix } from '@/utils/expressions';
-import { createEventBus, type EventBus } from 'n8n-design-system/utils';
 import type { IDataObject } from 'n8n-workflow';
 import { inputTheme } from './theme';
-import { infoBoxTooltips } from '@/plugins/codemirror/tooltips/InfoBoxTooltip';
 
 type Props = {
 	modelValue: string;
@@ -28,14 +26,12 @@ type Props = {
 	rows?: number;
 	isReadOnly?: boolean;
 	additionalData?: IDataObject;
-	eventBus?: EventBus;
 };
 
 const props = withDefaults(defineProps<Props>(), {
 	rows: 5,
 	isReadOnly: false,
 	additionalData: () => ({}),
-	eventBus: () => createEventBus(),
 });
 
 const emit = defineEmits<{
@@ -44,8 +40,6 @@ const emit = defineEmits<{
 	focus: [];
 }>();
 
-const ndvStore = useNDVStore();
-
 const root = ref<HTMLElement>();
 const extensions = computed(() => [
 	Prec.highest(
@@ -55,6 +49,8 @@ const extensions = computed(() => [
 	n8nAutocompletion(),
 	inputTheme({ isReadOnly: props.isReadOnly, rows: props.rows }),
 	history(),
+	mappingDropCursor(),
+	dropCursor(),
 	expressionInputHandler(),
 	EditorView.lineWrapping,
 	infoBoxTooltips(),
@@ -77,32 +73,6 @@ const {
 	additionalData: props.additionalData,
 });
 
-defineExpose({
-	focus: () => {
-		if (!hasFocus.value) {
-			setCursorPosition('lastExpression');
-			focus();
-		}
-	},
-});
-
-async function onDrop() {
-	await nextTick();
-
-	const editor = toValue(editorRef);
-	if (!editor) return;
-
-	focus();
-
-	setCursorPosition('lastExpression');
-
-	if (!ndvStore.isAutocompleteOnboarded) {
-		setTimeout(() => {
-			startCompletion(editor);
-		});
-	}
-}
-
 watch(
 	() => props.modelValue,
 	(newValue) => {
@@ -130,12 +100,15 @@ watch(hasFocus, (focused) => {
 	if (focused) emit('focus');
 });
 
-onMounted(() => {
-	props.eventBus.on('drop', onDrop);
-});
-
-onBeforeUnmount(() => {
-	props.eventBus.off('drop', onDrop);
+defineExpose({
+	editor: editorRef,
+	setCursorPosition,
+	focus: () => {
+		if (!hasFocus.value) {
+			setCursorPosition('lastExpression');
+			focus();
+		}
+	},
 });
 </script>
 
diff --git a/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorOutput.vue b/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorOutput.vue
index ff0eaa673237f..634c8d340f201 100644
--- a/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorOutput.vue
+++ b/packages/editor-ui/src/components/InlineExpressionEditor/InlineExpressionEditorOutput.vue
@@ -2,13 +2,13 @@
 import type { EditorState, SelectionRange } from '@codemirror/state';
 
 import { useI18n } from '@/composables/useI18n';
+import { useNDVStore } from '@/stores/ndv.store';
 import type { Segment } from '@/types/expressions';
+import { onBeforeUnmount } from 'vue';
 import ExpressionOutput from './ExpressionOutput.vue';
+import OutputItemSelect from './OutputItemSelect.vue';
 import InlineExpressionTip from './InlineExpressionTip.vue';
 import { outputTheme } from './theme';
-import { computed, onBeforeUnmount } from 'vue';
-import { useNDVStore } from '@/stores/ndv.store';
-import { N8nTooltip } from 'n8n-design-system/components';
 
 interface InlineExpressionEditorOutputProps {
 	segments: Segment[];
@@ -29,31 +29,6 @@ const i18n = useI18n();
 const theme = outputTheme();
 const ndvStore = useNDVStore();
 
-const hideTableHoverHint = computed(() => ndvStore.isTableHoverOnboarded);
-const hoveringItem = computed(() => ndvStore.getHoveringItem);
-const hoveringItemIndex = computed(() => hoveringItem.value?.itemIndex);
-const isHoveringItem = computed(() => Boolean(hoveringItem.value));
-const itemsLength = computed(() => ndvStore.ndvInputDataWithPinnedData.length);
-const itemIndex = computed(() => hoveringItemIndex.value ?? ndvStore.expressionOutputItemIndex);
-const max = computed(() => Math.max(itemsLength.value - 1, 0));
-const isItemIndexEditable = computed(() => !isHoveringItem.value && itemsLength.value > 0);
-const canSelectPrevItem = computed(() => isItemIndexEditable.value && itemIndex.value !== 0);
-const canSelectNextItem = computed(
-	() => isItemIndexEditable.value && itemIndex.value < itemsLength.value - 1,
-);
-
-function updateItemIndex(index: number) {
-	ndvStore.expressionOutputItemIndex = index;
-}
-
-function nextItem() {
-	ndvStore.expressionOutputItemIndex = ndvStore.expressionOutputItemIndex + 1;
-}
-
-function prevItem() {
-	ndvStore.expressionOutputItemIndex = ndvStore.expressionOutputItemIndex - 1;
-}
-
 onBeforeUnmount(() => {
 	ndvStore.expressionOutputItemIndex = 0;
 });
@@ -66,48 +41,7 @@ onBeforeUnmount(() => {
 				{{ i18n.baseText('parameterInput.result') }}
 			</n8n-text>
 
-			<div :class="$style.item">
-				<n8n-text size="small" color="text-base" compact>
-					{{ i18n.baseText('parameterInput.item') }}
-				</n8n-text>
-
-				<div :class="$style.controls">
-					<N8nInputNumber
-						data-test-id="inline-expression-editor-item-input"
-						size="mini"
-						:controls="false"
-						:class="[$style.input, { [$style.hovering]: isHoveringItem }]"
-						:min="0"
-						:max="max"
-						:model-value="itemIndex"
-						@update:model-value="updateItemIndex"
-					></N8nInputNumber>
-					<N8nIconButton
-						data-test-id="inline-expression-editor-item-prev"
-						icon="chevron-left"
-						type="tertiary"
-						text
-						size="mini"
-						:disabled="!canSelectPrevItem"
-						@click="prevItem"
-					></N8nIconButton>
-
-					<N8nTooltip placement="right" :disabled="hideTableHoverHint">
-						<template #content>
-							<div>{{ i18n.baseText('parameterInput.hoverTableItemTip') }}</div>
-						</template>
-						<N8nIconButton
-							data-test-id="inline-expression-editor-item-next"
-							icon="chevron-right"
-							type="tertiary"
-							text
-							size="mini"
-							:disabled="!canSelectNextItem"
-							@click="nextItem"
-						></N8nIconButton>
-					</N8nTooltip>
-				</div>
-			</div>
+			<OutputItemSelect />
 		</div>
 		<n8n-text :class="$style.body">
 			<ExpressionOutput
@@ -164,12 +98,6 @@ onBeforeUnmount(() => {
 		padding-top: var(--spacing-2xs);
 	}
 
-	.item {
-		display: flex;
-		align-items: center;
-		gap: var(--spacing-4xs);
-	}
-
 	.body {
 		padding-top: 0;
 		padding-left: var(--spacing-2xs);
@@ -179,33 +107,5 @@ onBeforeUnmount(() => {
 			padding-top: var(--spacing-2xs);
 		}
 	}
-
-	.controls {
-		display: flex;
-		align-items: center;
-	}
-
-	.input {
-		--input-height: 22px;
-		--input-width: 26px;
-		--input-border-top-left-radius: var(--border-radius-base);
-		--input-border-bottom-left-radius: var(--border-radius-base);
-		--input-border-top-right-radius: var(--border-radius-base);
-		--input-border-bottom-right-radius: var(--border-radius-base);
-		max-width: var(--input-width);
-		line-height: calc(var(--input-height) - var(--spacing-4xs));
-
-		&.hovering {
-			--input-font-color: var(--color-secondary);
-		}
-
-		:global(.el-input__inner) {
-			height: var(--input-height);
-			min-height: var(--input-height);
-			line-height: var(--input-height);
-			text-align: center;
-			padding: 0 var(--spacing-4xs);
-		}
-	}
 }
 </style>
diff --git a/packages/editor-ui/src/components/InlineExpressionEditor/OutputItemSelect.vue b/packages/editor-ui/src/components/InlineExpressionEditor/OutputItemSelect.vue
new file mode 100644
index 0000000000000..6845b77bf5c74
--- /dev/null
+++ b/packages/editor-ui/src/components/InlineExpressionEditor/OutputItemSelect.vue
@@ -0,0 +1,114 @@
+<script setup lang="ts">
+import { useI18n } from '@/composables/useI18n';
+import { useNDVStore } from '@/stores/ndv.store';
+import { computed } from 'vue';
+
+const i18n = useI18n();
+const ndvStore = useNDVStore();
+
+const hoveringItem = computed(() => ndvStore.getHoveringItem);
+const hoveringItemIndex = computed(() => hoveringItem.value?.itemIndex);
+const isHoveringItem = computed(() => Boolean(hoveringItem.value));
+const itemsLength = computed(() => ndvStore.ndvInputDataWithPinnedData.length);
+const itemIndex = computed(() => hoveringItemIndex.value ?? ndvStore.expressionOutputItemIndex);
+const max = computed(() => Math.max(itemsLength.value - 1, 0));
+const isItemIndexEditable = computed(() => !isHoveringItem.value && itemsLength.value > 0);
+const hideTableHoverHint = computed(() => ndvStore.isTableHoverOnboarded);
+const canSelectPrevItem = computed(() => isItemIndexEditable.value && itemIndex.value !== 0);
+const canSelectNextItem = computed(
+	() => isItemIndexEditable.value && itemIndex.value < itemsLength.value - 1,
+);
+
+function updateItemIndex(index: number) {
+	ndvStore.expressionOutputItemIndex = index;
+}
+
+function nextItem() {
+	ndvStore.expressionOutputItemIndex = ndvStore.expressionOutputItemIndex + 1;
+}
+
+function prevItem() {
+	ndvStore.expressionOutputItemIndex = ndvStore.expressionOutputItemIndex - 1;
+}
+</script>
+
+<template>
+	<div :class="$style.item">
+		<n8n-text size="small" color="text-base" compact>
+			{{ i18n.baseText('parameterInput.item') }}
+		</n8n-text>
+
+		<div :class="$style.controls">
+			<N8nInputNumber
+				data-test-id="inline-expression-editor-item-input"
+				size="mini"
+				:controls="false"
+				:class="[$style.input, { [$style.hovering]: isHoveringItem }]"
+				:min="0"
+				:max="max"
+				:model-value="itemIndex"
+				@update:model-value="updateItemIndex"
+			></N8nInputNumber>
+			<N8nIconButton
+				data-test-id="inline-expression-editor-item-prev"
+				icon="chevron-left"
+				type="tertiary"
+				text
+				size="mini"
+				:disabled="!canSelectPrevItem"
+				@click="prevItem"
+			></N8nIconButton>
+
+			<N8nTooltip placement="right" :disabled="hideTableHoverHint">
+				<template #content>
+					<div>{{ i18n.baseText('parameterInput.hoverTableItemTip') }}</div>
+				</template>
+				<N8nIconButton
+					data-test-id="inline-expression-editor-item-next"
+					icon="chevron-right"
+					type="tertiary"
+					text
+					size="mini"
+					:disabled="!canSelectNextItem"
+					@click="nextItem"
+				></N8nIconButton>
+			</N8nTooltip>
+		</div>
+	</div>
+</template>
+
+<style lang="scss" module>
+.item {
+	display: flex;
+	align-items: center;
+	gap: var(--spacing-4xs);
+}
+
+.controls {
+	display: flex;
+	align-items: center;
+}
+
+.input {
+	--input-height: 22px;
+	--input-width: 26px;
+	--input-border-top-left-radius: var(--border-radius-base);
+	--input-border-bottom-left-radius: var(--border-radius-base);
+	--input-border-top-right-radius: var(--border-radius-base);
+	--input-border-bottom-right-radius: var(--border-radius-base);
+	max-width: var(--input-width);
+	line-height: calc(var(--input-height) - var(--spacing-4xs));
+
+	&.hovering {
+		--input-font-color: var(--color-secondary);
+	}
+
+	:global(.el-input__inner) {
+		height: var(--input-height);
+		min-height: var(--input-height);
+		line-height: var(--input-height);
+		text-align: center;
+		padding: 0 var(--spacing-4xs);
+	}
+}
+</style>
diff --git a/packages/editor-ui/src/components/InlineExpressionEditor/theme.ts b/packages/editor-ui/src/components/InlineExpressionEditor/theme.ts
index 384cf4a01f1a6..732996f6b7c74 100644
--- a/packages/editor-ui/src/components/InlineExpressionEditor/theme.ts
+++ b/packages/editor-ui/src/components/InlineExpressionEditor/theme.ts
@@ -41,6 +41,9 @@ export const inputTheme = ({ rows, isReadOnly } = { rows: 5, isReadOnly: false }
 				'var(--input-border-bottom-right-radius, var(--input-border-radius, var(--border-radius-base)))',
 			backgroundColor: 'white',
 		},
+		'.cm-cursor, .cm-dropCursor': {
+			borderLeftColor: 'var(--color-code-caret)',
+		},
 		'.cm-scroller': {
 			lineHeight: '1.68',
 		},
diff --git a/packages/editor-ui/src/components/JsEditor/JsEditor.vue b/packages/editor-ui/src/components/JsEditor/JsEditor.vue
index 40692ab32392c..5a5f2cb411878 100644
--- a/packages/editor-ui/src/components/JsEditor/JsEditor.vue
+++ b/packages/editor-ui/src/components/JsEditor/JsEditor.vue
@@ -1,5 +1,5 @@
 <template>
-	<div :class="$style.editor">
+	<div :class="$style.editor" :style="isReadOnly ? 'opacity: 0.7' : ''">
 		<div ref="jsEditorRef" class="ph-no-capture js-editor"></div>
 		<slot name="suffix" />
 	</div>
@@ -21,7 +21,7 @@ import {
 	keymap,
 	lineNumbers,
 } from '@codemirror/view';
-import { computed, onMounted, ref } from 'vue';
+import { computed, onMounted, ref, watch } from 'vue';
 
 import {
 	autocompleteKeyMap,
@@ -45,11 +45,37 @@ const emit = defineEmits<{
 }>();
 
 onMounted(() => {
+	createEditor();
+});
+
+watch(
+	() => props.modelValue,
+	(newValue: string) => {
+		const editorValue = editor.value?.state?.doc.toString();
+
+		// If model value changes from outside the component
+		if (
+			editorValue !== undefined &&
+			editorValue.length !== newValue.length &&
+			editorValue !== newValue
+		) {
+			destroyEditor();
+			createEditor();
+		}
+	},
+);
+
+function createEditor() {
 	const state = EditorState.create({ doc: props.modelValue, extensions: extensions.value });
 	const parent = jsEditorRef.value;
+
 	editor.value = new EditorView({ parent, state });
 	editorState.value = editor.value.state;
-});
+}
+
+function destroyEditor() {
+	editor.value?.destroy();
+}
 
 const jsEditorRef = ref<HTMLDivElement>();
 const editor = ref<EditorView | null>(null);
diff --git a/packages/editor-ui/src/components/MainHeader/WorkflowDetails.vue b/packages/editor-ui/src/components/MainHeader/WorkflowDetails.vue
index fb103720206e5..12c9cc33a1c4b 100644
--- a/packages/editor-ui/src/components/MainHeader/WorkflowDetails.vue
+++ b/packages/editor-ui/src/components/MainHeader/WorkflowDetails.vue
@@ -13,9 +13,6 @@ import {
 	WORKFLOW_SETTINGS_MODAL_KEY,
 	WORKFLOW_SHARE_MODAL_KEY,
 } from '@/constants';
-import type { PermissionsMap } from '@/permissions';
-import type { WorkflowScope } from '@n8n/permissions';
-
 import ShortenName from '@/components/ShortenName.vue';
 import TagsContainer from '@/components/TagsContainer.vue';
 import PushConnectionTracker from '@/components/PushConnectionTracker.vue';
@@ -38,8 +35,7 @@ import { saveAs } from 'file-saver';
 import { useTitleChange } from '@/composables/useTitleChange';
 import { useMessage } from '@/composables/useMessage';
 import { useToast } from '@/composables/useToast';
-
-import { getWorkflowPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import { createEventBus } from 'n8n-design-system/utils';
 import { nodeViewEventBus } from '@/event-bus';
 import { hasPermission } from '@/utils/rbac/permissions';
@@ -55,7 +51,7 @@ import type {
 } from '@/Interface';
 import { useI18n } from '@/composables/useI18n';
 import { useTelemetry } from '@/composables/useTelemetry';
-import type { BaseTextKey } from '../../plugins/i18n';
+import type { BaseTextKey } from '@/plugins/i18n';
 import { useNpsSurveyStore } from '@/stores/npsSurvey.store';
 import { useLocalStorage } from '@vueuse/core';
 
@@ -96,9 +92,17 @@ const importFileRef = ref<HTMLInputElement | undefined>();
 const tagsEventBus = createEventBus();
 const sourceControlModalEventBus = createEventBus();
 
-const nodeViewSwitcher = useLocalStorage('NodeView.switcher', import.meta.env.DEV ? 'true' : '');
+const nodeViewSwitcher = useLocalStorage('NodeView.switcher', '');
 const nodeViewVersion = useLocalStorage('NodeView.version', '1');
 
+const isNodeViewSwitcherEnabled = computed(() => {
+	return (
+		import.meta.env.DEV ||
+		nodeViewSwitcher.value === 'true' ||
+		settingsStore.deploymentType === 'n8n-internal'
+	);
+});
+
 const hasChanged = (prev: string[], curr: string[]) => {
 	if (prev.length !== curr.length) {
 		return true;
@@ -132,9 +136,9 @@ const onExecutionsTab = computed(() => {
 	].includes((route.name as string) || '');
 });
 
-const workflowPermissions = computed<PermissionsMap<WorkflowScope>>(() => {
-	return getWorkflowPermissions(workflowsStore.getWorkflowById(props.workflow.id));
-});
+const workflowPermissions = computed(
+	() => getResourcePermissions(workflowsStore.getWorkflowById(props.workflow.id)?.scopes).workflow,
+);
 
 const workflowMenuItems = computed<ActionDropdownItem[]>(() => {
 	const actions: ActionDropdownItem[] = [
@@ -145,7 +149,7 @@ const workflowMenuItems = computed<ActionDropdownItem[]>(() => {
 		},
 	];
 
-	if (!props.readOnly) {
+	if ((workflowPermissions.value.delete && !props.readOnly) || isNewWorkflow.value) {
 		actions.unshift({
 			id: WORKFLOW_MENU_ACTIONS.DUPLICATE,
 			label: locale.baseText('menuActions.duplicate'),
@@ -184,7 +188,7 @@ const workflowMenuItems = computed<ActionDropdownItem[]>(() => {
 		disabled: !onWorkflowPage.value || isNewWorkflow.value,
 	});
 
-	if (nodeViewSwitcher.value === 'true') {
+	if (isNodeViewSwitcherEnabled.value) {
 		actions.push({
 			id: WORKFLOW_MENU_ACTIONS.SWITCH_NODE_VIEW_VERSION,
 			label:
@@ -623,7 +627,7 @@ function showCreateWorkflowSuccessToast(id?: string) {
 							:preview-value="shortenedName"
 							:is-edit-enabled="isNameEditEnabled"
 							:max-length="MAX_WORKFLOW_NAME_LENGTH"
-							:disabled="readOnly"
+							:disabled="readOnly || (!isNewWorkflow && !workflowPermissions.update)"
 							placeholder="Enter workflow name"
 							class="name"
 							@toggle="onNameToggle"
@@ -636,10 +640,9 @@ function showCreateWorkflowSuccessToast(id?: string) {
 
 		<span v-if="settingsStore.areTagsEnabled" class="tags" data-test-id="workflow-tags-container">
 			<TagsDropdown
-				v-if="isTagsEditEnabled && !readOnly"
+				v-if="isTagsEditEnabled && !readOnly && (isNewWorkflow || workflowPermissions.update)"
 				ref="dropdown"
 				v-model="appliedTagIds"
-				:create-enabled="true"
 				:event-bus="tagsEventBus"
 				:placeholder="$locale.baseText('workflowDetails.chooseOrCreateATag')"
 				class="tags-edit"
@@ -647,7 +650,13 @@ function showCreateWorkflowSuccessToast(id?: string) {
 				@blur="onTagsBlur"
 				@esc="onTagsEditEsc"
 			/>
-			<div v-else-if="(workflow.tags ?? []).length === 0 && !readOnly">
+			<div
+				v-else-if="
+					(workflow.tags ?? []).length === 0 &&
+					!readOnly &&
+					(isNewWorkflow || workflowPermissions.update)
+				"
+			>
 				<span class="add-tag clickable" data-test-id="new-tag-link" @click="onTagsEditEnable">
 					+ {{ $locale.baseText('workflowDetails.addTag') }}
 				</span>
@@ -666,7 +675,11 @@ function showCreateWorkflowSuccessToast(id?: string) {
 
 		<PushConnectionTracker class="actions">
 			<span :class="`activator ${$style.group}`">
-				<WorkflowActivator :workflow-active="workflow.active" :workflow-id="workflow.id" />
+				<WorkflowActivator
+					:workflow-active="workflow.active"
+					:workflow-id="workflow.id"
+					:workflow-permissions="workflowPermissions"
+				/>
 			</span>
 			<EnterpriseEdition :features="[EnterpriseEditionFeature.Sharing]">
 				<div :class="$style.group">
@@ -710,9 +723,11 @@ function showCreateWorkflowSuccessToast(id?: string) {
 				<SaveButton
 					type="primary"
 					:saved="!uiStore.stateIsDirty && !isNewWorkflow"
-					:disabled="isWorkflowSaving || readOnly"
+					:disabled="
+						isWorkflowSaving || readOnly || (!isNewWorkflow && !workflowPermissions.update)
+					"
 					:is-saving="isWorkflowSaving"
-					with-shortcut
+					:with-shortcut="!readOnly && workflowPermissions.update"
 					:shortcut-tooltip="$locale.baseText('saveWorkflowButton.hint')"
 					data-test-id="workflow-save-button"
 					@click="onSaveButtonClick"
diff --git a/packages/editor-ui/src/components/MainSidebar.vue b/packages/editor-ui/src/components/MainSidebar.vue
index c66e0a89b5c68..08707e76ceae9 100644
--- a/packages/editor-ui/src/components/MainSidebar.vue
+++ b/packages/editor-ui/src/components/MainSidebar.vue
@@ -56,12 +56,7 @@
 				<div :class="$style.userArea">
 					<div class="ml-3xs" data-test-id="main-sidebar-user-menu">
 						<!-- This dropdown is only enabled when sidebar is collapsed -->
-						<el-dropdown
-							:disabled="!isCollapsed"
-							placement="right-end"
-							trigger="click"
-							@command="onUserActionToggle"
-						>
+						<el-dropdown placement="right-end" trigger="click" @command="onUserActionToggle">
 							<div :class="{ [$style.avatar]: true, ['clickable']: isCollapsed }">
 								<n8n-avatar
 									:first-name="usersStore.currentUser?.firstName"
@@ -69,7 +64,7 @@
 									size="small"
 								/>
 							</div>
-							<template #dropdown>
+							<template v-if="isCollapsed" #dropdown>
 								<el-dropdown-menu>
 									<el-dropdown-item command="settings">
 										{{ $locale.baseText('settings') }}
diff --git a/packages/editor-ui/src/components/Modal.vue b/packages/editor-ui/src/components/Modal.vue
index 7a26314ad0dc8..141e93a521472 100644
--- a/packages/editor-ui/src/components/Modal.vue
+++ b/packages/editor-ui/src/components/Modal.vue
@@ -1,7 +1,7 @@
 <template>
 	<el-dialog
 		:model-value="uiStore.modalsById[name].open"
-		:before-close="closeDialog"
+		:before-close="onCloseDialog"
 		:class="{
 			'dialog-wrapper': true,
 			scrollable: scrollable,
@@ -34,7 +34,7 @@
 			class="modal-content"
 			@keydown.stop
 			@keydown.enter="handleEnter"
-			@keydown.esc="closeDialog"
+			@keydown.esc="onCloseDialog"
 		>
 			<slot v-if="!loading" name="content" />
 			<div v-else :class="$style.loader">
@@ -182,7 +182,10 @@ export default defineComponent({
 				this.$emit('enter');
 			}
 		},
-		async closeDialog() {
+		async onCloseDialog() {
+			await this.closeDialog();
+		},
+		async closeDialog(returnData?: unknown) {
 			if (this.beforeClose) {
 				const shouldClose = await this.beforeClose();
 				if (shouldClose === false) {
@@ -191,6 +194,7 @@ export default defineComponent({
 				}
 			}
 			this.uiStore.closeModal(this.name);
+			this.eventBus?.emit('closed', returnData);
 		},
 		getCustomClass() {
 			let classes = this.customClass || '';
diff --git a/packages/editor-ui/src/components/Modals.vue b/packages/editor-ui/src/components/Modals.vue
index 4e34daf40db9a..adf39802375f0 100644
--- a/packages/editor-ui/src/components/Modals.vue
+++ b/packages/editor-ui/src/components/Modals.vue
@@ -30,6 +30,7 @@ import {
 	SETUP_CREDENTIALS_MODAL_KEY,
 	PROJECT_MOVE_RESOURCE_MODAL,
 	PROJECT_MOVE_RESOURCE_CONFIRM_MODAL,
+	PROMPT_MFA_CODE_MODAL_KEY,
 } from '@/constants';
 
 import AboutModal from '@/components/AboutModal.vue';
@@ -63,6 +64,7 @@ import WorkflowHistoryVersionRestoreModal from '@/components/WorkflowHistory/Wor
 import SetupWorkflowCredentialsModal from '@/components/SetupWorkflowCredentialsModal/SetupWorkflowCredentialsModal.vue';
 import ProjectMoveResourceModal from '@/components/Projects/ProjectMoveResourceModal.vue';
 import ProjectMoveResourceConfirmModal from '@/components/Projects/ProjectMoveResourceConfirmModal.vue';
+import PromptMfaCodeModal from './PromptMfaCodeModal/PromptMfaCodeModal.vue';
 </script>
 
 <template>
@@ -144,6 +146,10 @@ import ProjectMoveResourceConfirmModal from '@/components/Projects/ProjectMoveRe
 			<MfaSetupModal />
 		</ModalRoot>
 
+		<ModalRoot :name="PROMPT_MFA_CODE_MODAL_KEY">
+			<PromptMfaCodeModal />
+		</ModalRoot>
+
 		<ModalRoot :name="WORKFLOW_SHARE_MODAL_KEY">
 			<template #default="{ modalName, active, data }">
 				<WorkflowShareModal :data="data" :is-active="active" :modal-name="modalName" />
diff --git a/packages/editor-ui/src/components/Node/NodeCreator/composables/useActions.ts b/packages/editor-ui/src/components/Node/NodeCreator/composables/useActions.ts
index 2346968f798ab..e9f7917385eec 100644
--- a/packages/editor-ui/src/components/Node/NodeCreator/composables/useActions.ts
+++ b/packages/editor-ui/src/components/Node/NodeCreator/composables/useActions.ts
@@ -1,5 +1,10 @@
 import { computed } from 'vue';
-import type { IDataObject, INodeParameters } from 'n8n-workflow';
+import {
+	CHAIN_LLM_LANGCHAIN_NODE_TYPE,
+	NodeConnectionType,
+	type IDataObject,
+	type INodeParameters,
+} from 'n8n-workflow';
 import type {
 	ActionTypeDescription,
 	AddedNode,
@@ -11,6 +16,7 @@ import type {
 } from '@/Interface';
 import {
 	AGENT_NODE_TYPE,
+	AI_CATEGORY_LANGUAGE_MODELS,
 	BASIC_CHAIN_NODE_TYPE,
 	CHAT_TRIGGER_NODE_TYPE,
 	MANUAL_CHAT_TRIGGER_NODE_TYPE,
@@ -37,11 +43,12 @@ import { useExternalHooks } from '@/composables/useExternalHooks';
 
 import { sortNodeCreateElements, transformNodeType } from '../utils';
 import { useI18n } from '@/composables/useI18n';
+import { useCanvasStore } from '@/stores/canvas.store';
 
 export const useActions = () => {
 	const nodeCreatorStore = useNodeCreatorStore();
+	const nodeTypesStore = useNodeTypesStore();
 	const i18n = useI18n();
-
 	const singleNodeOpenSources = [
 		NODE_CREATOR_OPEN_SOURCES.PLUS_ENDPOINT,
 		NODE_CREATOR_OPEN_SOURCES.NODE_CONNECTION_ACTION,
@@ -216,6 +223,19 @@ export const useActions = () => {
 		return isCompatibleNode && isChatTriggerMissing;
 	}
 
+	// AI-226: Prepend LLM Chain node when adding a language model
+	function shouldPrependLLMChain(addedNodes: AddedNode[]): boolean {
+		const canvasHasAINodes = useCanvasStore().aiNodes.length > 0;
+		if (canvasHasAINodes) return false;
+
+		return addedNodes.some((node) => {
+			const nodeType = nodeTypesStore.getNodeType(node.type);
+			return Object.keys(nodeType?.codex?.subcategories ?? {}).includes(
+				AI_CATEGORY_LANGUAGE_MODELS,
+			);
+		});
+	}
+
 	function getAddedNodesAndConnections(addedNodes: AddedNode[]): AddedNodesAndConnections {
 		if (addedNodes.length === 0) {
 			return { nodes: [], connections: [] };
@@ -230,7 +250,14 @@ export const useActions = () => {
 			nodeToAutoOpen.openDetail = true;
 		}
 
-		if (shouldPrependChatTrigger(addedNodes)) {
+		if (shouldPrependLLMChain(addedNodes) || shouldPrependChatTrigger(addedNodes)) {
+			if (shouldPrependLLMChain(addedNodes)) {
+				addedNodes.unshift({ type: CHAIN_LLM_LANGCHAIN_NODE_TYPE, isAutoAdd: true });
+				connections.push({
+					from: { nodeIndex: 2, type: NodeConnectionType.AiLanguageModel },
+					to: { nodeIndex: 1 },
+				});
+			}
 			addedNodes.unshift({ type: CHAT_TRIGGER_NODE_TYPE, isAutoAdd: true });
 			connections.push({
 				from: { nodeIndex: 0 },
diff --git a/packages/editor-ui/src/components/Node/NodeCreator/utils.ts b/packages/editor-ui/src/components/Node/NodeCreator/utils.ts
index a76c62a7ca97c..7bacf6b701abf 100644
--- a/packages/editor-ui/src/components/Node/NodeCreator/utils.ts
+++ b/packages/editor-ui/src/components/Node/NodeCreator/utils.ts
@@ -9,6 +9,7 @@ import type {
 import {
 	AI_CATEGORY_AGENTS,
 	AI_SUBCATEGORY,
+	AI_TRANSFORM_NODE_TYPE,
 	CORE_NODES_CATEGORY,
 	DEFAULT_SUBCATEGORY,
 } from '@/constants';
@@ -19,6 +20,8 @@ import type { NodeViewItemSection } from './viewsData';
 import { i18n } from '@/plugins/i18n';
 import { sortBy } from 'lodash-es';
 
+import { usePostHog } from '@/stores/posthog.store';
+
 export function transformNodeType(
 	node: SimplifiedNodeType,
 	subcategory?: string,
@@ -74,6 +77,11 @@ export function sortNodeCreateElements(nodes: INodeCreateElement[]) {
 }
 
 export function searchNodes(searchFilter: string, items: INodeCreateElement[]) {
+	const aiEnabled = usePostHog().isAiEnabled();
+	if (!aiEnabled) {
+		items = items.filter((item) => item.key !== AI_TRANSFORM_NODE_TYPE);
+	}
+
 	// In order to support the old search we need to remove the 'trigger' part
 	const trimmedFilter = searchFilter.toLowerCase().replace('trigger', '').trimEnd();
 
diff --git a/packages/editor-ui/src/components/Node/NodeCreator/viewsData.ts b/packages/editor-ui/src/components/Node/NodeCreator/viewsData.ts
index ba9cb59c3aa05..479a85f644739 100644
--- a/packages/editor-ui/src/components/Node/NodeCreator/viewsData.ts
+++ b/packages/editor-ui/src/components/Node/NodeCreator/viewsData.ts
@@ -1,4 +1,5 @@
 import {
+	AI_TRANSFORM_NODE_TYPE,
 	CORE_NODES_CATEGORY,
 	WEBHOOK_NODE_TYPE,
 	OTHER_TRIGGER_NODES_SUBCATEGORY,
@@ -63,6 +64,7 @@ import { NodeConnectionType } from 'n8n-workflow';
 import { useTemplatesStore } from '@/stores/templates.store';
 import type { BaseTextKey } from '@/plugins/i18n';
 import { camelCase } from 'lodash-es';
+import { usePostHog } from '@/stores/posthog.store';
 
 export interface NodeViewItemSection {
 	key: string;
@@ -429,6 +431,13 @@ export function TriggerView() {
 export function RegularView(nodes: SimplifiedNodeType[]) {
 	const i18n = useI18n();
 
+	const popularItemsSubcategory = [SET_NODE_TYPE, CODE_NODE_TYPE, DATETIME_NODE_TYPE];
+	const aiEnabled = usePostHog().isAiEnabled();
+
+	if (aiEnabled) {
+		popularItemsSubcategory.push(AI_TRANSFORM_NODE_TYPE);
+	}
+
 	const view: NodeView = {
 		value: REGULAR_NODE_CREATOR_VIEW,
 		title: i18n.baseText('nodeCreator.triggerHelperPanel.whatHappensNext'),
@@ -453,7 +462,7 @@ export function RegularView(nodes: SimplifiedNodeType[]) {
 						{
 							key: 'popular',
 							title: i18n.baseText('nodeCreator.sectionNames.popular'),
-							items: [SET_NODE_TYPE, CODE_NODE_TYPE, DATETIME_NODE_TYPE],
+							items: popularItemsSubcategory,
 						},
 						{
 							key: 'addOrRemove',
diff --git a/packages/editor-ui/src/components/NpsSurvey.vue b/packages/editor-ui/src/components/NpsSurvey.vue
index 8efe8ef8a1d28..41b69b110d6b6 100644
--- a/packages/editor-ui/src/components/NpsSurvey.vue
+++ b/packages/editor-ui/src/components/NpsSurvey.vue
@@ -94,6 +94,7 @@ async function send() {
 			message: Number(form.value.value) >= 8 ? i18n.baseText('prompts.npsSurvey.reviewUs') : '',
 			type: 'success',
 			duration: 15000,
+			dangerouslyUseHTMLString: true,
 		});
 
 		setTimeout(() => {
diff --git a/packages/editor-ui/src/components/OutputPanel.vue b/packages/editor-ui/src/components/OutputPanel.vue
index 6d76c34295978..af1a7801f6652 100644
--- a/packages/editor-ui/src/components/OutputPanel.vue
+++ b/packages/editor-ui/src/components/OutputPanel.vue
@@ -28,6 +28,7 @@
 			<div :class="$style.titleSection">
 				<template v-if="hasAiMetadata">
 					<n8n-radio-buttons
+						data-test-id="ai-output-mode-select"
 						v-model="outputMode"
 						:options="outputTypes"
 						@update:model-value="onUpdateOutputMode"
@@ -83,6 +84,7 @@
 		<template v-if="outputMode === 'logs' && node" #content>
 			<RunDataAi :node="node" :run-index="runIndex" />
 		</template>
+
 		<template #recovered-artificial-output-data>
 			<div :class="$style.recoveredOutputData">
 				<n8n-text tag="div" :bold="true" color="text-dark" size="large">{{
@@ -101,8 +103,8 @@
 </template>
 
 <script setup lang="ts">
-import { ref, computed } from 'vue';
-import type { IRunData, IRunExecutionData, Workflow } from 'n8n-workflow';
+import { ref, computed, onMounted, watch } from 'vue';
+import type { IRunData, IRunExecutionData, NodeError, Workflow } from 'n8n-workflow';
 import RunData from './RunData.vue';
 import RunInfo from './RunInfo.vue';
 import { storeToRefs } from 'pinia';
@@ -183,7 +185,7 @@ const pinnedData = usePinnedData(activeNode, {
 
 // Data
 
-const outputMode = ref<OutputType>('regular');
+const outputMode = ref<OutputType>(OUTPUT_TYPE.REGULAR);
 const outputTypes = ref([
 	{ label: i18n.baseText('ndv.output.outType.regular'), value: OUTPUT_TYPE.REGULAR },
 	{ label: i18n.baseText('ndv.output.outType.logs'), value: OUTPUT_TYPE.LOGS },
@@ -213,6 +215,16 @@ const hasAiMetadata = computed(() => {
 	return false;
 });
 
+// Determine the initial output mode to logs if the node has an error and the logs are available
+const defaultOutputMode = computed<OutputType>(() => {
+	const hasError =
+		workflowRunData.value &&
+		node.value &&
+		(workflowRunData.value[node.value.name]?.[props.runIndex]?.error as NodeError);
+
+	return Boolean(hasError) && hasAiMetadata.value ? OUTPUT_TYPE.LOGS : OUTPUT_TYPE.REGULAR;
+});
+
 const isNodeRunning = computed(() => {
 	return !!node.value && workflowsStore.isNodeExecuting(node.value.name);
 });
@@ -351,6 +363,20 @@ const onUpdateOutputMode = (outputMode: OutputType) => {
 	}
 };
 
+// Set the initial output mode when the component is mounted
+onMounted(() => {
+	outputMode.value = defaultOutputMode.value;
+});
+
+// In case the output panel was opened when the node has not run yet,
+// defaultOutputMode will be "regular" at the time of mounting.
+// This is why we need to watch the defaultOutputMode and change the outputMode to "logs" if the node has run and criteria are met.
+watch(defaultOutputMode, (newValue: OutputType, oldValue: OutputType) => {
+	if (newValue === OUTPUT_TYPE.LOGS && oldValue === OUTPUT_TYPE.REGULAR && hasNodeRun.value) {
+		outputMode.value = defaultOutputMode.value;
+	}
+});
+
 const activatePane = () => {
 	emit('activatePane');
 };
diff --git a/packages/editor-ui/src/components/ParameterInput.vue b/packages/editor-ui/src/components/ParameterInput.vue
index 588cf2bc3957c..533ad6c49d3cb 100644
--- a/packages/editor-ui/src/components/ParameterInput.vue
+++ b/packages/editor-ui/src/components/ParameterInput.vue
@@ -1,16 +1,18 @@
 <template>
 	<div ref="wrapper" :class="parameterInputClasses" @keydown.stop>
-		<ExpressionEdit
+		<ExpressionEditModal
 			:dialog-visible="expressionEditDialogVisible"
 			:model-value="modelValueExpressionEdit"
 			:parameter="parameter"
+			:node="node"
 			:path="path"
 			:event-source="eventSource || 'ndv'"
 			:is-read-only="isReadOnly"
 			:redact-values="shouldRedactValue"
 			@close-dialog="closeExpressionEditDialog"
 			@update:model-value="expressionUpdated"
-		></ExpressionEdit>
+		></ExpressionEditModal>
+
 		<div class="parameter-input ignore-key-press" :style="parameterInputWrapperStyle">
 			<ResourceLocator
 				v-if="isResourceLocatorParameter"
@@ -134,13 +136,14 @@
 					:model-value="modelValueString"
 					:default-value="parameter.default"
 					:language="editorLanguage"
-					:is-read-only="isReadOnly"
+					:is-read-only="isReadOnly || editorIsReadOnly"
 					:rows="editorRows"
 					:ai-button-enabled="settingsStore.isCloudDeployment"
 					@update:model-value="valueChangedDebounced"
 				>
 					<template #suffix>
 						<n8n-icon
+							v-if="!editorIsReadOnly"
 							data-test-id="code-editor-fullscreen-button"
 							icon="external-link-alt"
 							size="xsmall"
@@ -198,12 +201,13 @@
 					v-else-if="editorType === 'jsEditor'"
 					:key="'js-' + codeEditDialogVisible.toString()"
 					:model-value="modelValueString"
-					:is-read-only="isReadOnly"
+					:is-read-only="isReadOnly || editorIsReadOnly"
 					:rows="editorRows"
 					@update:model-value="valueChangedDebounced"
 				>
 					<template #suffix>
 						<n8n-icon
+							v-if="!editorIsReadOnly"
 							data-test-id="code-editor-fullscreen-button"
 							icon="external-link-alt"
 							size="xsmall"
@@ -495,7 +499,7 @@ import { CREDENTIAL_EMPTY_VALUE, NodeHelpers } from 'n8n-workflow';
 
 import CodeNodeEditor from '@/components/CodeNodeEditor/CodeNodeEditor.vue';
 import CredentialsSelect from '@/components/CredentialsSelect.vue';
-import ExpressionEdit from '@/components/ExpressionEdit.vue';
+import ExpressionEditModal from '@/components/ExpressionEditModal.vue';
 import ExpressionParameterInput from '@/components/ExpressionParameterInput.vue';
 import HtmlEditor from '@/components/HtmlEditor/HtmlEditor.vue';
 import JsEditor from '@/components/JsEditor/JsEditor.vue';
@@ -859,6 +863,9 @@ const getIssues = computed<string[]>(() => {
 const editorType = computed<EditorType | 'json' | 'code'>(() => {
 	return getArgument<EditorType>('editor');
 });
+const editorIsReadOnly = computed<boolean>(() => {
+	return getArgument<boolean>('editorIsReadOnly') ?? false;
+});
 
 const editorLanguage = computed<CodeNodeEditorLanguage>(() => {
 	if (editorType.value === 'json' || props.parameter.type === 'json')
diff --git a/packages/editor-ui/src/components/ParameterInputFull.vue b/packages/editor-ui/src/components/ParameterInputFull.vue
index 807eaa5e42139..f2107df7db988 100644
--- a/packages/editor-ui/src/components/ParameterInputFull.vue
+++ b/packages/editor-ui/src/components/ParameterInputFull.vue
@@ -24,13 +24,12 @@
 		<DraggableTarget
 			type="mapping"
 			:disabled="isDropDisabled"
-			:sticky="true"
-			:sticky-offset="isExpression ? [26, 3] : [3, 3]"
+			sticky
+			:sticky-offset="[3, 3]"
 			@drop="onDrop"
 		>
 			<template #default="{ droppable, activeDrop }">
 				<ParameterInputWrapper
-					ref="param"
 					:parameter="parameter"
 					:model-value="value"
 					:path="path"
@@ -79,7 +78,6 @@
 
 <script setup lang="ts">
 import { computed, ref } from 'vue';
-
 import type { IUpdateInformation } from '@/Interface';
 
 import DraggableTarget from '@/components/DraggableTarget.vue';
@@ -141,7 +139,11 @@ const isInputTypeString = computed(() => props.parameter.type === 'string');
 const isInputTypeNumber = computed(() => props.parameter.type === 'number');
 const isResourceLocator = computed(() => props.parameter.type === 'resourceLocator');
 const isDropDisabled = computed(
-	() => props.parameter.noDataExpression || props.isReadOnly || isResourceLocator.value,
+	() =>
+		props.parameter.noDataExpression ||
+		props.isReadOnly ||
+		isResourceLocator.value ||
+		isExpression.value,
 );
 const isExpression = computed(() => isValueExpression(props.parameter, props.value));
 const showExpressionSelector = computed(() =>
diff --git a/packages/editor-ui/src/components/ParameterInputList.vue b/packages/editor-ui/src/components/ParameterInputList.vue
index 1ff04da89cbfc..3e27b8c96cd7b 100644
--- a/packages/editor-ui/src/components/ParameterInputList.vue
+++ b/packages/editor-ui/src/components/ParameterInputList.vue
@@ -35,14 +35,15 @@
 				@action="onNoticeAction"
 			/>
 
-			<n8n-button
-				v-else-if="parameter.type === 'button'"
-				class="parameter-item"
-				block
-				@click="onButtonAction(parameter)"
-			>
-				{{ $locale.nodeText().inputLabelDisplayName(parameter, path) }}
-			</n8n-button>
+			<div v-else-if="parameter.type === 'button'" class="parameter-item">
+				<ButtonParameter
+					:parameter="parameter"
+					:path="path"
+					:value="getParameterValue(parameter.name)"
+					:is-read-only="isReadOnly"
+					@value-changed="valueChanged"
+				/>
+			</div>
 
 			<div
 				v-else-if="['collection', 'fixedCollection'].includes(parameter.type)"
@@ -177,6 +178,7 @@ import AssignmentCollection from '@/components/AssignmentCollection/AssignmentCo
 import FilterConditions from '@/components/FilterConditions/FilterConditions.vue';
 import ImportCurlParameter from '@/components/ImportCurlParameter.vue';
 import MultipleParameter from '@/components/MultipleParameter.vue';
+import ButtonParameter from '@/components/ButtonParameter/ButtonParameter.vue';
 import ParameterInputFull from '@/components/ParameterInputFull.vue';
 import ResourceMapper from '@/components/ResourceMapper/ResourceMapper.vue';
 import { useNodeHelpers } from '@/composables/useNodeHelpers';
@@ -483,14 +485,6 @@ function onNoticeAction(action: string) {
  * Handles default node button parameter type actions
  * @param parameter
  */
-function onButtonAction(parameter: INodeProperties) {
-	const action: string | undefined = parameter.typeOptions?.action;
-
-	switch (action) {
-		default:
-			return;
-	}
-}
 
 function shouldHideAuthRelatedParameter(parameter: INodeProperties): boolean {
 	// TODO: For now, hide all fields that are used in authentication fields displayOptions
diff --git a/packages/editor-ui/src/components/Projects/ProjectCardBadge.vue b/packages/editor-ui/src/components/Projects/ProjectCardBadge.vue
index 832c329f26284..6bcd1aade75b2 100644
--- a/packages/editor-ui/src/components/Projects/ProjectCardBadge.vue
+++ b/packages/editor-ui/src/components/Projects/ProjectCardBadge.vue
@@ -20,6 +20,7 @@ const enum ProjectState {
 	Owned = 'owned',
 	Personal = 'personal',
 	Team = 'team',
+	SharedTeam = 'shared-team',
 	Unknown = 'unknown',
 }
 
@@ -44,6 +45,9 @@ const projectState = computed(() => {
 		}
 		return ProjectState.Personal;
 	} else if (props.resource.homeProject?.type === ProjectTypes.Team) {
+		if (props.resource.sharedWithProjects?.length) {
+			return ProjectState.SharedTeam;
+		}
 		return ProjectState.Team;
 	}
 	return ProjectState.Unknown;
@@ -65,6 +69,7 @@ const badgeIcon = computed(() => {
 		case ProjectState.SharedOwned:
 			return 'user-friends';
 		case ProjectState.Team:
+		case ProjectState.SharedTeam:
 			return 'archive';
 		default:
 			return '';
@@ -99,6 +104,13 @@ const badgeTooltip = computed(() => {
 					name: badgeText.value,
 				},
 			});
+		case ProjectState.SharedTeam:
+			return i18n.baseText('projects.badge.tooltip.sharedTeam', {
+				interpolate: {
+					resourceTypeLabel: props.resourceTypeLabel,
+					name: badgeText.value,
+				},
+			});
 		default:
 			return '';
 	}
diff --git a/packages/editor-ui/src/components/Projects/ProjectSharing.vue b/packages/editor-ui/src/components/Projects/ProjectSharing.vue
index 0166f43615057..b8a3ba9fefce0 100644
--- a/packages/editor-ui/src/components/Projects/ProjectSharing.vue
+++ b/packages/editor-ui/src/components/Projects/ProjectSharing.vue
@@ -29,11 +29,7 @@ const emit = defineEmits<{
 const selectedProject = ref(Array.isArray(model.value) ? '' : model.value?.id ?? '');
 const filter = ref('');
 const selectPlaceholder = computed(
-	() =>
-		props.placeholder ??
-		(Array.isArray(model.value)
-			? locale.baseText('projects.sharing.placeholder')
-			: locale.baseText('projects.sharing.placeholder.single')),
+	() => props.placeholder ?? locale.baseText('projects.sharing.select.placeholder'),
 );
 const noDataText = computed(
 	() => props.emptyOptionsText ?? locale.baseText('projects.sharing.noMatchingUsers'),
diff --git a/packages/editor-ui/src/components/Projects/ProjectTabs.test.ts b/packages/editor-ui/src/components/Projects/ProjectTabs.test.ts
index 91c197a794ace..e31e7caeefbfc 100644
--- a/packages/editor-ui/src/components/Projects/ProjectTabs.test.ts
+++ b/packages/editor-ui/src/components/Projects/ProjectTabs.test.ts
@@ -1,7 +1,8 @@
-import { createComponentRenderer } from '@/__tests__/render';
-import ProjectTabs from '@/components/Projects/ProjectTabs.vue';
+import { createPinia, setActivePinia } from 'pinia';
 import { useRoute } from 'vue-router';
+import { createComponentRenderer } from '@/__tests__/render';
 import { createTestProject } from '@/__tests__/data/projects';
+import ProjectTabs from '@/components/Projects/ProjectTabs.vue';
 import { useProjectsStore } from '@/stores/projects.store';
 
 vi.mock('vue-router', () => {
@@ -17,28 +18,25 @@ vi.mock('vue-router', () => {
 		RouterLink: vi.fn(),
 	};
 });
-
-vi.mock('@/stores/users.store', () => ({
-	useUsersStore: vi.fn().mockImplementation(() => ({
-		currentUser: {},
-	})),
-}));
-
-vi.mock('@/stores/projects.store', () => ({
-	useProjectsStore: vi.fn().mockReturnValue({}),
-}));
-
-vi.mock('@/utils/rbac/permissions', () => ({
-	hasPermission: vi.fn().mockReturnValue(false),
-}));
-
-const renderComponent = createComponentRenderer(ProjectTabs);
+const renderComponent = createComponentRenderer(ProjectTabs, {
+	global: {
+		stubs: {
+			'router-link': {
+				template: '<div><slot /></div>',
+			},
+		},
+	},
+});
 
 let route: ReturnType<typeof useRoute>;
+let projectsStore: ReturnType<typeof useProjectsStore>;
 
 describe('ProjectTabs', () => {
 	beforeEach(() => {
+		const pinia = createPinia();
+		setActivePinia(pinia);
 		route = useRoute();
+		projectsStore = useProjectsStore();
 	});
 
 	it('should render home tabs', async () => {
@@ -49,16 +47,9 @@ describe('ProjectTabs', () => {
 		expect(queryByText('Project settings')).not.toBeInTheDocument();
 	});
 
-	it('should render project tabs if use has permissions', () => {
+	it('should render project tab Settings if user has permissions', () => {
 		route.params.projectId = '123';
-		vi.mocked(useProjectsStore).mockImplementationOnce(
-			() =>
-				({
-					currentProject: createTestProject({
-						scopes: ['project:update'],
-					}),
-				}) as ReturnType<typeof useProjectsStore>,
-		);
+		projectsStore.setCurrentProject(createTestProject({ scopes: ['project:update'] }));
 		const { getByText } = renderComponent();
 
 		expect(getByText('Workflows')).toBeInTheDocument();
@@ -66,16 +57,9 @@ describe('ProjectTabs', () => {
 		expect(getByText('Project settings')).toBeInTheDocument();
 	});
 
-	it('should render project tabs', () => {
+	it('should render project tabs without Settings if no permission', () => {
 		route.params.projectId = '123';
-		vi.mocked(useProjectsStore).mockImplementationOnce(
-			() =>
-				({
-					currentProject: createTestProject({
-						scopes: ['project:read'],
-					}),
-				}) as ReturnType<typeof useProjectsStore>,
-		);
+		projectsStore.setCurrentProject(createTestProject({ scopes: ['project:read'] }));
 		const { queryByText, getByText } = renderComponent();
 
 		expect(getByText('Workflows')).toBeInTheDocument();
diff --git a/packages/editor-ui/src/components/Projects/ProjectTabs.vue b/packages/editor-ui/src/components/Projects/ProjectTabs.vue
index f7c0d275df26b..ddacebdddd77d 100644
--- a/packages/editor-ui/src/components/Projects/ProjectTabs.vue
+++ b/packages/editor-ui/src/components/Projects/ProjectTabs.vue
@@ -5,7 +5,7 @@ import { useRoute } from 'vue-router';
 import { VIEWS } from '@/constants';
 import { useI18n } from '@/composables/useI18n';
 import { useProjectsStore } from '@/stores/projects.store';
-import { getProjectPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 
 const locale = useI18n();
 const route = useRoute();
@@ -13,6 +13,9 @@ const route = useRoute();
 const projectsStore = useProjectsStore();
 
 const selectedTab = ref<RouteRecordName | null | undefined>('');
+const projectPermissions = computed(
+	() => getResourcePermissions(projectsStore.currentProject?.scopes).project,
+);
 const options = computed(() => {
 	const projectId = route?.params?.projectId;
 	const to = projectId
@@ -47,7 +50,7 @@ const options = computed(() => {
 		},
 	];
 
-	if (projectId && getProjectPermissions(projectsStore.currentProject).update) {
+	if (projectId && projectPermissions.value.update) {
 		tabs.push({
 			label: locale.baseText('projects.settings'),
 			value: VIEWS.PROJECT_SETTINGS,
diff --git a/packages/editor-ui/src/components/PromptMfaCodeModal/PromptMfaCodeModal.vue b/packages/editor-ui/src/components/PromptMfaCodeModal/PromptMfaCodeModal.vue
new file mode 100644
index 0000000000000..6580fc2d66b95
--- /dev/null
+++ b/packages/editor-ui/src/components/PromptMfaCodeModal/PromptMfaCodeModal.vue
@@ -0,0 +1,84 @@
+<template>
+	<Modal
+		width="460px"
+		height="300px"
+		max-height="640px"
+		:title="i18n.baseText('mfa.prompt.code.modal.title')"
+		:event-bus="promptMfaCodeBus"
+		:name="PROMPT_MFA_CODE_MODAL_KEY"
+		:center="true"
+	>
+		<template #content>
+			<div :class="[$style.formContainer]">
+				<n8n-form-inputs
+					data-test-id="mfa-code-form"
+					:inputs="formFields"
+					:event-bus="formBus"
+					@submit="onSubmit"
+					@ready="onFormReady"
+				/>
+			</div>
+		</template>
+		<template #footer>
+			<div>
+				<n8n-button
+					float="right"
+					:disabled="!readyToSubmit"
+					:label="i18n.baseText('settings.personal.save')"
+					size="large"
+					data-test-id="mfa-save-button"
+					@click="onClickSave"
+				/>
+			</div>
+		</template>
+	</Modal>
+</template>
+
+<script setup lang="ts">
+import { ref } from 'vue';
+import Modal from '../Modal.vue';
+import { PROMPT_MFA_CODE_MODAL_KEY } from '@/constants';
+import { useI18n } from '@/composables/useI18n';
+import { promptMfaCodeBus } from '@/event-bus';
+import type { IFormInputs } from '@/Interface';
+import { createFormEventBus } from 'n8n-design-system';
+
+const i18n = useI18n();
+
+const formBus = ref(createFormEventBus());
+const readyToSubmit = ref(false);
+
+const formFields: IFormInputs = [
+	{
+		name: 'mfaCode',
+		initialValue: '',
+		properties: {
+			label: i18n.baseText('mfa.code.input.label'),
+			placeholder: i18n.baseText('mfa.code.input.placeholder'),
+			focusInitially: true,
+			capitalize: true,
+			required: true,
+		},
+	},
+];
+
+function onSubmit(values: { mfaCode: string }) {
+	promptMfaCodeBus.emit('close', {
+		mfaCode: values.mfaCode,
+	});
+}
+
+function onClickSave() {
+	formBus.value.emit('submit');
+}
+
+function onFormReady(isReady: boolean) {
+	readyToSubmit.value = isReady;
+}
+</script>
+
+<style lang="scss" module>
+.formContainer {
+	padding-bottom: var(--spacing-xl);
+}
+</style>
diff --git a/packages/editor-ui/src/components/RunData.vue b/packages/editor-ui/src/components/RunData.vue
index c858cc34aa54b..a9188f2358efc 100644
--- a/packages/editor-ui/src/components/RunData.vue
+++ b/packages/editor-ui/src/components/RunData.vue
@@ -281,7 +281,15 @@
 						})
 					}}
 				</n8n-text>
-				<slot v-else-if="$slots['content']" name="content"></slot>
+				<div v-else-if="$slots['content']">
+					<NodeErrorView
+						v-if="workflowRunErrorAsNodeError"
+						:error="workflowRunErrorAsNodeError"
+						:class="$style.inlineError"
+						compact
+					/>
+					<slot name="content"></slot>
+				</div>
 				<NodeErrorView
 					v-else-if="workflowRunErrorAsNodeError"
 					:error="workflowRunErrorAsNodeError"
@@ -427,6 +435,7 @@
 					:output-index="currentOutputIndex"
 					:total-runs="maxRunIndex"
 					:search="search"
+					:class="$style.schema"
 					@clear:search="onSearchClear"
 				/>
 			</Suspense>
@@ -1147,7 +1156,7 @@ export default defineComponent({
 			const error = this.workflowRunData?.[this.node.name]?.[this.runIndex]?.error;
 			const errorsToTrack = ['unknown error'];
 
-			if (error && errorsToTrack.some((e) => error.message.toLowerCase().includes(e))) {
+			if (error && errorsToTrack.some((e) => error.message?.toLowerCase().includes(e))) {
 				this.$telemetry.track(
 					`User encountered an error: "${error.message}"`,
 					{
@@ -1776,6 +1785,13 @@ export default defineComponent({
 	height: 100%;
 }
 
+.inlineError {
+	line-height: var(--font-line-height-xloose);
+	padding-left: var(--spacing-s);
+	padding-right: var(--spacing-s);
+	padding-bottom: var(--spacing-s);
+}
+
 .outputs {
 	display: flex;
 	flex-direction: column;
@@ -1993,6 +2009,10 @@ export default defineComponent({
 	margin-left: var(--spacing-s);
 	margin-right: var(--spacing-s);
 }
+
+.schema {
+	padding: 0 var(--spacing-s);
+}
 </style>
 
 <style lang="scss" scoped>
diff --git a/packages/editor-ui/src/components/RunDataSchema.vue b/packages/editor-ui/src/components/RunDataSchema.vue
index 44fe4c683ae5a..c087c39ce0c45 100644
--- a/packages/editor-ui/src/components/RunDataSchema.vue
+++ b/packages/editor-ui/src/components/RunDataSchema.vue
@@ -7,11 +7,12 @@ import NodeIcon from '@/components/NodeIcon.vue';
 import Draggable from '@/components/Draggable.vue';
 import { useNDVStore } from '@/stores/ndv.store';
 import { telemetry } from '@/plugins/telemetry';
-import type {
-	ConnectionTypes,
-	IConnectedNode,
-	IDataObject,
-	INodeTypeDescription,
+import {
+	NodeConnectionType,
+	type ConnectionTypes,
+	type IConnectedNode,
+	type IDataObject,
+	type INodeTypeDescription,
 } from 'n8n-workflow';
 import { useExternalHooks } from '@/composables/useExternalHooks';
 import { i18n } from '@/plugins/i18n';
@@ -27,13 +28,13 @@ type Props = {
 	nodes?: IConnectedNode[];
 	node?: INodeUi | null;
 	data?: IDataObject[];
-	mappingEnabled: boolean;
-	runIndex: number;
-	outputIndex: number;
-	totalRuns: number;
+	mappingEnabled?: boolean;
+	runIndex?: number;
+	outputIndex?: number;
+	totalRuns?: number;
 	paneType: 'input' | 'output';
-	connectionType: ConnectionTypes;
-	search: string;
+	connectionType?: ConnectionTypes;
+	search?: string;
 };
 
 type SchemaNode = {
@@ -51,6 +52,12 @@ const props = withDefaults(defineProps<Props>(), {
 	distanceFromActive: 1,
 	node: null,
 	data: undefined,
+	runIndex: 0,
+	outputIndex: 0,
+	totalRuns: 1,
+	connectionType: NodeConnectionType.Main,
+	search: '',
+	mappingEnabled: false,
 });
 
 const draggingPath = ref<string>('');
@@ -414,9 +421,7 @@ watch(
 	--title-spacing-left: 38px;
 	display: flex;
 	flex-direction: column;
-	padding: 0 0 var(--spacing-s) var(--spacing-s);
 	container: schema / inline-size;
-	min-height: 100%;
 
 	&.animating {
 		overflow: hidden;
@@ -437,7 +442,6 @@ watch(
 
 .schema {
 	display: grid;
-	padding-right: var(--spacing-s);
 	grid-template-rows: 1fr;
 
 	&.animated {
@@ -480,7 +484,6 @@ watch(
 	top: 0;
 	z-index: 1;
 	padding-bottom: var(--spacing-2xs);
-	padding-right: var(--spacing-s);
 	background: var(--color-run-data-background);
 }
 
diff --git a/packages/editor-ui/src/components/TagsDropdown.vue b/packages/editor-ui/src/components/TagsDropdown.vue
index 0a5ac3b4933a3..bcd02fd6fa482 100644
--- a/packages/editor-ui/src/components/TagsDropdown.vue
+++ b/packages/editor-ui/src/components/TagsDropdown.vue
@@ -13,7 +13,6 @@
 			:filter-method="filterOptions"
 			filterable
 			multiple
-			:allow-create="createEnabled"
 			:reserve-keyword="false"
 			loading-text="..."
 			popper-class="tags-dropdown"
@@ -23,7 +22,7 @@
 			@remove-tag="onRemoveTag"
 		>
 			<n8n-option
-				v-if="options.length === 0 && filter && createEnabled"
+				v-if="options.length === 0 && filter"
 				:key="CREATE_KEY"
 				ref="createRef"
 				:value="CREATE_KEY"
@@ -35,11 +34,11 @@
 				</span>
 			</n8n-option>
 			<n8n-option v-else-if="options.length === 0" value="message" disabled>
-				<span v-if="createEnabled">{{ i18n.baseText('tagsDropdown.typeToCreateATag') }}</span>
-				<span v-else-if="allTags.length > 0">{{
+				<span>{{ i18n.baseText('tagsDropdown.typeToCreateATag') }}</span>
+				<span v-if="allTags.length > 0">{{
 					i18n.baseText('tagsDropdown.noMatchingTagsExist')
 				}}</span>
-				<span v-else>{{ i18n.baseText('tagsDropdown.noTagsExist') }}</span>
+				<span v-else-if="filter">{{ i18n.baseText('tagsDropdown.noTagsExist') }}</span>
 			</n8n-option>
 
 			<!-- key is id+index for keyboard navigation to work well with filter -->
@@ -90,10 +89,6 @@ export default defineComponent({
 			type: Array as PropType<string[]>,
 			default: () => [],
 		},
-		createEnabled: {
-			type: Boolean,
-			default: false,
-		},
 		eventBus: {
 			type: Object as PropType<EventBus>,
 			default: null,
diff --git a/packages/editor-ui/src/components/VariableSelector.vue b/packages/editor-ui/src/components/VariableSelector.vue
deleted file mode 100644
index 9d380083f1da9..0000000000000
--- a/packages/editor-ui/src/components/VariableSelector.vue
+++ /dev/null
@@ -1,889 +0,0 @@
-<script setup lang="ts">
-import { ref, computed } from 'vue';
-import { useRouter } from 'vue-router';
-import { storeToRefs } from 'pinia';
-import { PLACEHOLDER_FILLED_AT_EXECUTION_TIME, STICKY_NODE_TYPE } from '@/constants';
-
-import type {
-	GenericValue,
-	IContextObject,
-	IDataObject,
-	INodeExecutionData,
-	IPinData,
-	IRunData,
-	IRunExecutionData,
-	IWorkflowDataProxyAdditionalKeys,
-	Workflow,
-} from 'n8n-workflow';
-import { NodeConnectionType, WorkflowDataProxy } from 'n8n-workflow';
-
-import VariableSelectorItem from '@/components/VariableSelectorItem.vue';
-import type { IVariableItemSelected, IVariableSelectorOption } from '@/Interface';
-
-import { useWorkflowsStore } from '@/stores/workflows.store';
-import { useNDVStore } from '@/stores/ndv.store';
-import { useWorkflowHelpers } from '@/composables/useWorkflowHelpers';
-import { useI18n } from '@/composables/useI18n';
-import { escapeMappingString } from '@/utils/mappingUtils';
-
-// Node types that should not be displayed in variable selector
-const SKIPPED_NODE_TYPES = [STICKY_NODE_TYPE];
-
-const props = defineProps<{
-	path: string;
-	redactValues: boolean;
-}>();
-
-const emit = defineEmits<{
-	itemSelected: [value: IVariableItemSelected];
-}>();
-
-const router = useRouter();
-const i18n = useI18n();
-const workflowHelpers = useWorkflowHelpers({ router });
-
-const workflowsStore = useWorkflowsStore();
-const ndvStore = useNDVStore();
-
-const { activeNode } = storeToRefs(ndvStore);
-
-const variableFilter = ref('');
-
-const extendAll = computed(() => !!variableFilter.value);
-
-const currentResults = computed(() => getFilterResults(variableFilter.value.toLowerCase(), 0));
-
-const workflow = computed(() => workflowHelpers.getCurrentWorkflow());
-
-// Helper functions
-
-/**
- * Sorts the options alphabetically. Categories get sorted before items.
- */
-function sortOptions(options: IVariableSelectorOption[] | null): IVariableSelectorOption[] | null {
-	if (options === null) {
-		return null;
-	}
-	return options.sort((a: IVariableSelectorOption, b: IVariableSelectorOption) => {
-		const aHasOptions = a.hasOwnProperty('options');
-		const bHasOptions = b.hasOwnProperty('options');
-
-		if (bHasOptions && !aHasOptions) {
-			// When b has options but a not list it first
-			return 1;
-		} else if (!bHasOptions && aHasOptions) {
-			// When a has options but b not list it first
-			return -1;
-		}
-
-		// Else simply sort alphabetically
-		if (a.name < b.name) {
-			return -1;
-		}
-		if (a.name > b.name) {
-			return 1;
-		}
-		return 0;
-	});
-}
-
-/**
- * Removes all empty entries from the list
- */
-function removeEmptyEntries(
-	inputData: IVariableSelectorOption[] | IVariableSelectorOption | null,
-): IVariableSelectorOption[] | IVariableSelectorOption | null {
-	if (Array.isArray(inputData)) {
-		const newItems: IVariableSelectorOption[] = [];
-		let tempItem: IVariableSelectorOption;
-		inputData.forEach((item) => {
-			tempItem = removeEmptyEntries(item) as IVariableSelectorOption;
-			if (tempItem !== null) {
-				newItems.push(tempItem);
-			}
-		});
-		return newItems;
-	}
-
-	if (inputData?.options) {
-		const newOptions = removeEmptyEntries(inputData.options);
-		if (Array.isArray(newOptions) && newOptions.length) {
-			// Has still options left so return
-			inputData.options = newOptions;
-			return inputData;
-		} else if (Array.isArray(newOptions) && newOptions.length === 0) {
-			delete inputData.options;
-			return inputData;
-		}
-		// Has no options left so remove
-		return null;
-	} else {
-		// Is an item no category
-		return inputData;
-	}
-}
-
-/**
- * Normalizes the path so compare paths which have use dots or brakets
- */
-function getPathNormalized(path: string | undefined): string {
-	if (path === undefined) {
-		return '';
-	}
-	const pathArray = path.split('.');
-
-	const finalArray = [];
-	let item: string;
-	for (const pathPart of pathArray) {
-		const pathParts = pathPart.match(/\[.*?\]/g);
-		if (pathParts === null) {
-			// Does not have any brakets so add as it is
-			finalArray.push(pathPart);
-		} else {
-			// Has brakets so clean up the items and add them
-			if (pathPart.charAt(0) !== '[') {
-				// Does not start with a braket so there is a part before
-				// we have to add
-				finalArray.push(pathPart.substr(0, pathPart.indexOf('[')));
-			}
-
-			for (item of pathParts) {
-				item = item.slice(1, -1);
-				if (['"', "'"].includes(item.charAt(0))) {
-					// Is a string
-					item = item.slice(1, -1);
-					finalArray.push(item);
-				} else {
-					// Is a number
-					finalArray.push(`[${item}]`);
-				}
-			}
-		}
-	}
-
-	return finalArray.join('|');
-}
-
-function jsonDataToFilterOption(
-	inputData: IDataObject | GenericValue | IDataObject[] | GenericValue[] | null,
-	parentPath: string,
-	propertyName: string,
-	filterText?: string,
-	propertyIndex?: number,
-	displayName?: string,
-	skipKey?: string,
-): IVariableSelectorOption[] {
-	let fullpath = `${parentPath}["${propertyName}"]`;
-	if (propertyIndex !== undefined) {
-		fullpath += `[${propertyIndex}]`;
-	}
-
-	const returnData: IVariableSelectorOption[] = [];
-	if (inputData === null) {
-		returnData.push({
-			name: propertyName,
-			key: fullpath,
-			value: '[null]',
-		} as IVariableSelectorOption);
-		return returnData;
-	} else if (Array.isArray(inputData)) {
-		let newPropertyName = propertyName;
-		let newParentPath = parentPath;
-		if (propertyIndex !== undefined) {
-			newParentPath += `["${propertyName}"]`;
-			newPropertyName = propertyIndex.toString();
-		}
-
-		const arrayData: IVariableSelectorOption[] = [];
-
-		for (let i = 0; i < inputData.length; i++) {
-			arrayData.push(
-				...jsonDataToFilterOption(
-					inputData[i],
-					newParentPath,
-					newPropertyName,
-					filterText,
-					i,
-					`[Item: ${i}]`,
-					skipKey,
-				),
-			);
-		}
-
-		returnData.push({
-			name: displayName || propertyName,
-			options: arrayData,
-			key: fullpath,
-			allowParentSelect: true,
-			dataType: 'array',
-		} as IVariableSelectorOption);
-	} else if (typeof inputData === 'object') {
-		const tempValue: IVariableSelectorOption[] = [];
-
-		for (const key of Object.keys(inputData)) {
-			tempValue.push(
-				...jsonDataToFilterOption(
-					(inputData as IDataObject)[key],
-					fullpath,
-					key,
-					filterText,
-					undefined,
-					undefined,
-					skipKey,
-				),
-			);
-		}
-
-		if (tempValue.length) {
-			returnData.push({
-				name: displayName || propertyName,
-				options: sortOptions(tempValue),
-				key: fullpath,
-				allowParentSelect: true,
-				dataType: 'object',
-			} as IVariableSelectorOption);
-		}
-	} else {
-		if (filterText !== undefined && propertyName.toLowerCase().indexOf(filterText) === -1) {
-			// If filter is set apply it
-			return returnData;
-		}
-
-		// Skip is currently only needed for leafs so only check here
-		if (getPathNormalized(skipKey) !== getPathNormalized(fullpath)) {
-			returnData.push({
-				name: propertyName,
-				key: fullpath,
-				value: inputData,
-			} as IVariableSelectorOption);
-		}
-	}
-
-	return returnData;
-}
-
-/**
- * Get the node's output using runData
- *
- * @param {string} nodeName The name of the node to get the data of
- * @param {IRunData} runData The data of the run to get the data of
- * @param {string} filterText Filter text for parameters
- * @param {number} [itemIndex=0] The index of the item
- * @param {number} [runIndex=0] The index of the run
- * @param {string} [inputName=NodeConnectionType.Main] The name of the input
- * @param {number} [outputIndex=0] The index of the output
- * @param {boolean} [useShort=false] Use short notation $json vs. $('NodeName').json
- */
-function getNodeRunDataOutput(
-	nodeName: string,
-	runData: IRunData,
-	filterText: string,
-	itemIndex = 0,
-	runIndex = 0,
-	inputName = NodeConnectionType.Main,
-	outputIndex = 0,
-	useShort = false,
-): IVariableSelectorOption[] | null {
-	if (!runData.hasOwnProperty(nodeName)) {
-		// No data found for node
-		return null;
-	}
-
-	if (runData[nodeName].length <= runIndex) {
-		// No data for given runIndex
-		return null;
-	}
-
-	if (
-		!runData[nodeName][runIndex].hasOwnProperty('data') ||
-		runData[nodeName][runIndex].data === null ||
-		runData[nodeName][runIndex].data === undefined
-	) {
-		// Data property does not exist or is not set (even though it normally has to)
-		return null;
-	}
-
-	if (!runData[nodeName][runIndex].data.hasOwnProperty(inputName)) {
-		// No data found for inputName
-		return null;
-	}
-
-	if (runData[nodeName][runIndex].data[inputName].length <= outputIndex) {
-		// No data found for output Index
-		return null;
-	}
-
-	// The data should be identical no matter to which node it gets so always select the first one
-	if (
-		runData[nodeName][runIndex].data[inputName][outputIndex] === null ||
-		runData[nodeName][runIndex].data[inputName][outputIndex].length <= itemIndex
-	) {
-		// No data found for node connection found
-		return null;
-	}
-
-	const outputData = runData[nodeName][runIndex].data[inputName][outputIndex][itemIndex];
-
-	return getNodeOutput(nodeName, outputData, filterText, useShort);
-}
-
-/**
- * Get the node's output using pinData
- *
- * @param {string} nodeName The name of the node to get the data of
- * @param {IPinData[string]} pinData The node's pin data
- * @param {string} filterText Filter text for parameters
- * @param {boolean} [useShort=false] Use short notation $json vs. $('NodeName').json
- */
-function getNodePinDataOutput(
-	nodeName: string,
-	pinData: IPinData[string],
-	filterText: string,
-	useShort = false,
-): IVariableSelectorOption[] | null {
-	const outputData = pinData.map((data) => ({ json: data }) as INodeExecutionData)[0];
-
-	return getNodeOutput(nodeName, outputData, filterText, useShort);
-}
-
-/**
- * Returns the node's output data
- *
- * @param {string} nodeName The name of the node to get the data of
- * @param {INodeExecutionData} outputData The data of the run to get the data of
- * @param {string} filterText Filter text for parameters
- * @param {boolean} [useShort=false] Use short notation
- */
-function getNodeOutput(
-	nodeName: string,
-	outputData: INodeExecutionData,
-	filterText: string,
-	useShort = false,
-): IVariableSelectorOption[] | null {
-	const returnData: IVariableSelectorOption[] = [];
-
-	// Get json data
-	if (outputData.hasOwnProperty('json')) {
-		const jsonPropertyPrefix = useShort
-			? '$json'
-			: `$('${escapeMappingString(nodeName)}').item.json`;
-
-		const jsonDataOptions: IVariableSelectorOption[] = [];
-		for (const propertyName of Object.keys(outputData.json)) {
-			jsonDataOptions.push(
-				...jsonDataToFilterOption(
-					outputData.json[propertyName],
-					jsonPropertyPrefix,
-					propertyName,
-					filterText,
-				),
-			);
-		}
-
-		if (jsonDataOptions.length) {
-			returnData.push({
-				name: 'JSON',
-				options: sortOptions(jsonDataOptions),
-			});
-		}
-	}
-
-	// Get binary data
-	if (outputData.hasOwnProperty('binary')) {
-		const binaryPropertyPrefix = useShort
-			? '$binary'
-			: `$('${escapeMappingString(nodeName)}').item.binary`;
-
-		const binaryData = [];
-		let binaryPropertyData: IVariableSelectorOption[] = [];
-
-		for (const dataPropertyName of Object.keys(outputData.binary ?? {})) {
-			binaryPropertyData = [];
-			for (const propertyName in outputData.binary?.[dataPropertyName]) {
-				if (propertyName === 'data') {
-					continue;
-				}
-
-				if (filterText && propertyName.toLowerCase().indexOf(filterText) === -1) {
-					// If filter is set apply it
-					continue;
-				}
-
-				binaryPropertyData.push({
-					name: propertyName,
-					key: `${binaryPropertyPrefix}.${dataPropertyName}.${propertyName}`,
-					value: outputData.binary?.[dataPropertyName][propertyName]?.toString(),
-				});
-			}
-
-			if (binaryPropertyData.length) {
-				binaryData.push({
-					name: dataPropertyName,
-					key: `${binaryPropertyPrefix}.${dataPropertyName}`,
-					options: sortOptions(binaryPropertyData),
-					allowParentSelect: true,
-				});
-			}
-		}
-		if (binaryData.length) {
-			returnData.push({
-				name: 'Binary',
-				key: binaryPropertyPrefix,
-				options: sortOptions(binaryData),
-				allowParentSelect: true,
-			});
-		}
-	}
-
-	return returnData;
-}
-
-function getNodeContext(
-	workflow: Workflow,
-	runExecutionData: IRunExecutionData | null,
-	parentNode: string[],
-	nodeName: string,
-	filterText: string,
-): IVariableSelectorOption[] | null {
-	const itemIndex = 0;
-	const inputName = NodeConnectionType.Main;
-	const runIndex = 0;
-	const returnData: IVariableSelectorOption[] = [];
-
-	if (activeNode.value === null) {
-		return returnData;
-	}
-
-	const nodeConnection = workflow.getNodeConnectionIndexes(
-		activeNode.value.name,
-		parentNode[0],
-		inputName,
-	);
-	const connectionInputData = workflowHelpers.connectionInputData(
-		parentNode,
-		nodeName,
-		inputName,
-		runIndex,
-		nodeConnection,
-	);
-
-	if (connectionInputData === null) {
-		return returnData;
-	}
-
-	const additionalKeys: IWorkflowDataProxyAdditionalKeys = {
-		$execution: {
-			id: PLACEHOLDER_FILLED_AT_EXECUTION_TIME,
-			mode: 'test',
-			resumeUrl: PLACEHOLDER_FILLED_AT_EXECUTION_TIME,
-			resumeFormUrl: PLACEHOLDER_FILLED_AT_EXECUTION_TIME,
-		},
-
-		// deprecated
-		$executionId: PLACEHOLDER_FILLED_AT_EXECUTION_TIME,
-		$resumeWebhookUrl: PLACEHOLDER_FILLED_AT_EXECUTION_TIME,
-	};
-
-	const dataProxy = new WorkflowDataProxy(
-		workflow,
-		runExecutionData,
-		runIndex,
-		itemIndex,
-		nodeName,
-		connectionInputData,
-		{},
-		'manual',
-		additionalKeys,
-	);
-	const proxy = dataProxy.getDataProxy();
-
-	const nodeContext = proxy.$node[nodeName].context as IContextObject;
-	for (const key of Object.keys(nodeContext)) {
-		if (filterText !== undefined && key.toLowerCase().indexOf(filterText) === -1) {
-			// If filter is set apply it
-			continue;
-		}
-
-		returnData.push({
-			name: key,
-			key: `$('${escapeMappingString(nodeName)}').context['${escapeMappingString(key)}']`,
-			value: nodeContext[key],
-		});
-	}
-
-	return returnData;
-}
-
-/**
- * Returns all the node parameters with values
- *
- * @param {string} nodeName The name of the node to return data of
- * @param {string} path The path to the node to pretend to key
- * @param {string} [skipParameter] Parameter to skip
- * @param {string} [filterText] Filter text for parameters
- */
-function getNodeParameters(
-	nodeName: string,
-	path: string,
-	skipParameter?: string,
-	filterText?: string,
-): IVariableSelectorOption[] | null {
-	const node = workflow.value.getNode(nodeName);
-	if (node === null) {
-		return null;
-	}
-
-	const returnParameters: IVariableSelectorOption[] = [];
-	for (const parameterName in node.parameters) {
-		if (parameterName === skipParameter) {
-			// Skip the parameter
-			continue;
-		}
-
-		if (filterText !== undefined && parameterName.toLowerCase().indexOf(filterText) === -1) {
-			// If filter is set apply it
-			continue;
-		}
-
-		returnParameters.push(
-			...jsonDataToFilterOption(
-				node.parameters[parameterName],
-				path,
-				parameterName,
-				filterText,
-				undefined,
-				undefined,
-				skipParameter,
-			),
-		);
-	}
-
-	return returnParameters;
-}
-
-function getFilterResults(filterText: string, itemIndex: number): IVariableSelectorOption[] {
-	const inputName = NodeConnectionType.Main;
-
-	if (activeNode.value === null) {
-		return [];
-	}
-
-	const executionData = workflowsStore.getWorkflowExecution;
-	let parentNode = workflow.value.getParentNodes(activeNode.value.name, inputName, 1);
-	let runData = workflowsStore.getWorkflowRunData;
-
-	if (runData === null) {
-		runData = {};
-	}
-
-	let returnData: IVariableSelectorOption[] | null = [];
-	// -----------------------------------------
-	// Add the parameters of the current node
-	// -----------------------------------------
-
-	// Add the parameters
-	const currentNodeData: IVariableSelectorOption[] = [];
-
-	let tempOptions: IVariableSelectorOption[];
-
-	if (executionData?.data !== undefined) {
-		const runExecutionData: IRunExecutionData = executionData.data;
-
-		tempOptions = getNodeContext(
-			workflow.value,
-			runExecutionData,
-			parentNode,
-			activeNode.value.name,
-			filterText,
-		) as IVariableSelectorOption[];
-		if (tempOptions.length) {
-			currentNodeData.push({
-				name: 'Context',
-				options: sortOptions(tempOptions),
-			} as IVariableSelectorOption);
-		}
-	}
-
-	let tempOutputData: IVariableSelectorOption[] | null | undefined;
-
-	if (parentNode.length) {
-		// If the node has an input node add the input data
-
-		let ndvInputNodeName = ndvStore.ndvInputNodeName;
-		if (!ndvInputNodeName) {
-			// If no input node is set use the first parent one
-			// this is important for config-nodes which do not have
-			// a main input
-			ndvInputNodeName = parentNode[0];
-		}
-
-		const activeInputParentNode = parentNode.find((node) => node === ndvInputNodeName);
-		if (!activeInputParentNode) {
-			return [];
-		}
-		// Check from which output to read the data.
-		// Depends on how the nodes are connected.
-		// (example "IF" node. If node is connected to "true" or to "false" output)
-		const nodeConnection = workflow.value.getNodeConnectionIndexes(
-			activeNode.value.name,
-			activeInputParentNode,
-			inputName,
-		);
-		const outputIndex = nodeConnection === undefined ? 0 : nodeConnection.sourceIndex;
-
-		tempOutputData = getNodeRunDataOutput(
-			activeInputParentNode,
-			runData,
-			filterText,
-			itemIndex,
-			0,
-			inputName,
-			outputIndex,
-			true,
-		) as IVariableSelectorOption[];
-
-		const pinDataOptions: IVariableSelectorOption[] = [
-			{
-				name: 'JSON',
-				options: [],
-			},
-		];
-		parentNode.forEach((parentNodeName) => {
-			const pinData = workflowsStore.pinDataByNodeName(parentNodeName);
-
-			if (pinData) {
-				const output = getNodePinDataOutput(parentNodeName, pinData, filterText, true);
-
-				if (pinDataOptions[0].options) {
-					pinDataOptions[0].options = pinDataOptions[0].options.concat(output?.[0]?.options ?? []);
-				}
-			}
-		});
-
-		if ((pinDataOptions[0]?.options ?? []).length > 0) {
-			if (tempOutputData) {
-				const jsonTempOutputData = tempOutputData.find((tempData) => tempData.name === 'JSON');
-
-				if (jsonTempOutputData) {
-					if (!jsonTempOutputData.options) {
-						jsonTempOutputData.options = [];
-					}
-
-					(pinDataOptions[0].options ?? []).forEach((pinDataOption) => {
-						const existingOptionIndex = jsonTempOutputData.options!.findIndex(
-							(option) => option.name === pinDataOption.name,
-						);
-						if (existingOptionIndex !== -1) {
-							jsonTempOutputData.options![existingOptionIndex] = pinDataOption;
-						} else {
-							jsonTempOutputData.options!.push(pinDataOption);
-						}
-					});
-				} else {
-					tempOutputData.push(pinDataOptions[0]);
-				}
-			} else {
-				tempOutputData = pinDataOptions;
-			}
-		}
-
-		if (tempOutputData) {
-			if (JSON.stringify(tempOutputData).length < 102400) {
-				// Data is reasonable small (< 100kb) so add it
-				currentNodeData.push({
-					name: 'Input Data',
-					options: sortOptions(tempOutputData),
-				});
-			} else {
-				// Data is to large so do not add
-				currentNodeData.push({
-					name: 'Input Data',
-					options: [
-						{
-							name: '[Data to large]',
-						},
-					],
-				});
-			}
-		}
-	}
-
-	const initialPath = '$parameter';
-	let skipParameter = props.path;
-	if (skipParameter.startsWith('parameters.')) {
-		skipParameter = initialPath + skipParameter.substring(10);
-	}
-
-	currentNodeData.push({
-		name: i18n.baseText('variableSelector.parameters'),
-		options: sortOptions(
-			getNodeParameters(
-				activeNode.value.name,
-				initialPath,
-				skipParameter,
-				filterText,
-			) as IVariableSelectorOption[],
-		),
-	});
-
-	returnData.push({
-		name: i18n.baseText('variableSelector.currentNode'),
-		options: sortOptions(currentNodeData),
-	});
-
-	// Add the input data
-
-	// -----------------------------------------
-	// Add all the nodes and their data
-	// -----------------------------------------
-	const allNodesData: IVariableSelectorOption[] = [];
-	let nodeOptions: IVariableSelectorOption[];
-	const upstreamNodes = workflow.value.getParentNodes(activeNode.value.name, inputName);
-
-	const workflowNodes = Object.entries(workflow.value.nodes);
-
-	// Sort the nodes according to their position relative to the current node
-	workflowNodes.sort((a, b) => {
-		return upstreamNodes.indexOf(b[0]) - upstreamNodes.indexOf(a[0]);
-	});
-
-	for (const [nodeName, node] of workflowNodes) {
-		// Add the parameters of all nodes
-		// TODO: Later have to make sure that no parameters can be referenced which have expression which use input-data (for nodes which are not parent nodes)
-
-		if (nodeName === activeNode.value.name) {
-			// Skip the current node as this one get added separately
-			continue;
-		}
-		// If node type should be skipped, continue
-		if (SKIPPED_NODE_TYPES.includes(node.type)) {
-			continue;
-		}
-
-		nodeOptions = [
-			{
-				name: i18n.baseText('variableSelector.parameters'),
-				options: sortOptions(
-					getNodeParameters(
-						nodeName,
-						`$('${escapeMappingString(nodeName)}').params`,
-						undefined,
-						filterText,
-					),
-				),
-			} as IVariableSelectorOption,
-		];
-
-		if (executionData?.data !== undefined) {
-			const runExecutionData: IRunExecutionData = executionData.data;
-
-			parentNode = workflow.value.getParentNodes(nodeName, inputName, 1);
-			tempOptions = getNodeContext(
-				workflow.value,
-				runExecutionData,
-				parentNode,
-				nodeName,
-				filterText,
-			) as IVariableSelectorOption[];
-			if (tempOptions.length) {
-				nodeOptions = [
-					{
-						name: i18n.baseText('variableSelector.context'),
-						options: sortOptions(tempOptions),
-					} as IVariableSelectorOption,
-				];
-			}
-		}
-
-		if (upstreamNodes.includes(nodeName)) {
-			// If the node is an upstream node add also the output data which can be referenced
-			const pinData = workflowsStore.pinDataByNodeName(nodeName);
-			tempOutputData = pinData
-				? getNodePinDataOutput(nodeName, pinData, filterText)
-				: getNodeRunDataOutput(nodeName, runData, filterText, itemIndex);
-
-			if (tempOutputData) {
-				nodeOptions.push({
-					name: i18n.baseText('variableSelector.outputData'),
-					options: sortOptions(tempOutputData),
-				} as IVariableSelectorOption);
-			}
-		}
-
-		const shortNodeType = i18n.shortNodeType(node.type);
-
-		allNodesData.push({
-			name: i18n.headerText({
-				key: `headers.${shortNodeType}.displayName`,
-				fallback: nodeName,
-			}),
-			options: sortOptions(nodeOptions),
-		});
-	}
-
-	returnData.push({
-		name: i18n.baseText('variableSelector.nodes'),
-		options: allNodesData,
-	});
-
-	// Remove empty entries and return
-	returnData = removeEmptyEntries(returnData) as IVariableSelectorOption[] | null;
-
-	if (returnData === null) {
-		return [];
-	}
-
-	return returnData;
-}
-
-function forwardItemSelected(eventData: IVariableItemSelected) {
-	emit('itemSelected', eventData);
-}
-</script>
-
-<template>
-	<div class="variable-selector-wrapper" @keydown.stop>
-		<div class="input-wrapper">
-			<n8n-input
-				ref="inputField"
-				v-model="variableFilter"
-				:placeholder="i18n.baseText('variableSelector.variableFilter')"
-				size="small"
-				type="text"
-			></n8n-input>
-		</div>
-
-		<div class="result-wrapper">
-			<VariableSelectorItem
-				v-for="option in currentResults"
-				:key="option.key"
-				:item="option"
-				:extend-all="extendAll"
-				:redact-values="redactValues"
-				@item-selected="forwardItemSelected"
-			></VariableSelectorItem>
-		</div>
-	</div>
-</template>
-
-<style scoped lang="scss">
-.variable-selector-wrapper {
-	border-radius: 0 0 4px 4px;
-	width: 100%;
-	height: 100%;
-	position: relative;
-}
-
-.result-wrapper {
-	line-height: 1em;
-	height: 370px;
-	overflow-x: hidden;
-	overflow-y: auto;
-	margin: 0.5em 0;
-	width: 100%;
-}
-
-.result-item {
-	font-size: 0.7em;
-}
-</style>
diff --git a/packages/editor-ui/src/components/VariableSelectorItem.vue b/packages/editor-ui/src/components/VariableSelectorItem.vue
deleted file mode 100644
index cc633b40c94ea..0000000000000
--- a/packages/editor-ui/src/components/VariableSelectorItem.vue
+++ /dev/null
@@ -1,185 +0,0 @@
-<template>
-	<div class="item">
-		<div v-if="item.options" class="options">
-			<div v-if="item.options.length" class="headline clickable" @click="extended = !extended">
-				<div v-if="extendAll !== true" class="options-toggle">
-					<font-awesome-icon v-if="extended" icon="angle-down" />
-					<font-awesome-icon v-else icon="angle-right" />
-				</div>
-				<div class="option-title" :title="item.key">
-					{{ item.name }}
-
-					<el-dropdown
-						v-if="allowParentSelect === true"
-						trigger="click"
-						@click.stop
-						@command="optionSelected($event, item)"
-					>
-						<span class="el-dropdown-link clickable" @click.stop>
-							<font-awesome-icon
-								icon="dot-circle"
-								:title="$locale.baseText('variableSelectorItem.selectItem')"
-							/>
-						</span>
-						<template #dropdown>
-							<el-dropdown-menu>
-								<el-dropdown-item
-									v-for="operation in itemAddOperations"
-									:key="operation.command"
-									:command="operation.command"
-									>{{ operation.displayName }}</el-dropdown-item
-								>
-							</el-dropdown-menu>
-						</template>
-					</el-dropdown>
-				</div>
-			</div>
-			<div v-if="item.options && (extended === true || extendAll === true)">
-				<variable-selector-item
-					v-for="option in item.options"
-					:key="option.key"
-					:item="option"
-					:extend-all="extendAll"
-					:allow-parent-select="option.allowParentSelect"
-					:redact-values="redactValues"
-					class="sub-level"
-					@item-selected="forwardItemSelected"
-				></variable-selector-item>
-			</div>
-		</div>
-		<div v-else class="value clickable" @click="selectItem(item)">
-			<div class="item-title" :title="item.key">
-				{{ item.name }}:
-				<font-awesome-icon icon="dot-circle" title="Select Item" />
-			</div>
-			<div :class="{ 'ph-no-capture': redactValues, 'item-value': true }">
-				{{ item.value !== undefined ? item.value : $locale.baseText('variableSelectorItem.empty') }}
-			</div>
-		</div>
-	</div>
-</template>
-
-<script setup lang="ts">
-import { ref, computed, onMounted } from 'vue';
-import type { IVariableSelectorOption, IVariableItemSelected } from '@/Interface';
-
-const props = defineProps<{
-	allowParentSelect?: boolean;
-	extendAll?: boolean;
-	item: IVariableSelectorOption;
-	redactValues?: boolean;
-}>();
-
-const emit = defineEmits<{
-	itemSelected: [value: IVariableItemSelected];
-}>();
-
-const extended = ref(false);
-
-const itemAddOperations = computed(() => {
-	const returnOptions = [
-		{
-			command: 'raw',
-			displayName: 'Raw value',
-		},
-	];
-	if (props.item.dataType === 'array') {
-		returnOptions.push(
-			{
-				command: 'arrayLength',
-				displayName: 'Length',
-			},
-			{
-				command: 'arrayValues',
-				displayName: 'Values',
-			},
-		);
-	} else if (props.item.dataType === 'object') {
-		returnOptions.push(
-			{
-				command: 'objectKeys',
-				displayName: 'Keys',
-			},
-			{
-				command: 'objectValues',
-				displayName: 'Values',
-			},
-		);
-	}
-	return returnOptions;
-});
-
-onMounted(() => {
-	if (extended.value) return;
-
-	const shouldAutoExtend =
-		['Current Node', 'Input Data', 'Binary', 'JSON'].includes(props.item.name) &&
-		props.item.key === undefined;
-
-	if (shouldAutoExtend) {
-		extended.value = true;
-	}
-});
-
-const optionSelected = (command: string, item: IVariableSelectorOption) => {
-	let variable = item.key ?? '';
-	if (command === 'arrayValues') {
-		variable = `${item.key}.join(', ')`;
-	} else if (command === 'arrayLength') {
-		variable = `${item.key}.length`;
-	} else if (command === 'objectKeys') {
-		variable = `Object.keys(${item.key}).join(', ')`;
-	} else if (command === 'objectValues') {
-		variable = `Object.values(${item.key}).join(', ')`;
-	}
-	emit('itemSelected', { variable });
-};
-
-const selectItem = (item: IVariableSelectorOption) => {
-	emit('itemSelected', { variable: item.key ?? '' });
-};
-
-const forwardItemSelected = (eventData: IVariableItemSelected) => {
-	emit('itemSelected', eventData);
-};
-</script>
-
-<style scoped lang="scss">
-.option-title {
-	position: relative;
-	display: inline-block;
-	font-size: 0.9em;
-	font-weight: 600;
-	padding: 0.2em 1em 0.2em 0.4em;
-}
-.item-title {
-	font-weight: 600;
-	font-size: 0.8em;
-	white-space: nowrap;
-	overflow: hidden;
-	text-overflow: ellipsis;
-}
-.headline {
-	position: relative;
-	margin: 2px;
-	margin-top: 10px;
-	color: $color-primary;
-}
-.options-toggle {
-	position: relative;
-	top: 1px;
-	margin: 0 3px 0 8px;
-	display: inline;
-}
-.value {
-	margin: 0.2em;
-	padding: 0.1em 0.3em;
-}
-.item-value {
-	font-size: 0.6em;
-	overflow-x: auto;
-}
-.sub-level {
-	padding-left: 20px;
-}
-</style>
diff --git a/packages/editor-ui/src/components/VariablesRow.vue b/packages/editor-ui/src/components/VariablesRow.vue
index 3f45bda4f663f..f970bd91ae625 100644
--- a/packages/editor-ui/src/components/VariablesRow.vue
+++ b/packages/editor-ui/src/components/VariablesRow.vue
@@ -8,7 +8,7 @@ import { useClipboard } from '@/composables/useClipboard';
 import { EnterpriseEditionFeature } from '@/constants';
 import { useSettingsStore } from '@/stores/settings.store';
 import { useUsersStore } from '@/stores/users.store';
-import { getVariablesPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import type { IResource } from './layouts/ResourcesListLayout.vue';
 
 const i18n = useI18n();
@@ -34,7 +34,9 @@ const props = withDefaults(
 	},
 );
 
-const permissions = computed(() => getVariablesPermissions(usersStore.currentUser));
+const permissions = computed(
+	() => getResourcePermissions(usersStore.currentUser?.globalScopes).variable,
+);
 const modelValue = ref<IResource>({ ...props.data });
 
 const formValidationStatus = ref<Record<string, boolean>>({
diff --git a/packages/editor-ui/src/components/WorkflowActivator.vue b/packages/editor-ui/src/components/WorkflowActivator.vue
index 8b7b55672af73..cc5d4cf2ad494 100644
--- a/packages/editor-ui/src/components/WorkflowActivator.vue
+++ b/packages/editor-ui/src/components/WorkflowActivator.vue
@@ -5,8 +5,14 @@ import { useWorkflowsStore } from '@/stores/workflows.store';
 import { getActivatableTriggerNodes } from '@/utils/nodeTypesUtils';
 import { computed } from 'vue';
 import { useI18n } from '@/composables/useI18n';
+import type { PermissionsRecord } from '@/permissions';
+import { PLACEHOLDER_EMPTY_WORKFLOW_ID } from '@/constants';
 
-const props = defineProps<{ workflowActive: boolean; workflowId: string }>();
+const props = defineProps<{
+	workflowActive: boolean;
+	workflowId: string;
+	workflowPermissions: PermissionsRecord['workflow'];
+}>();
 const { showMessage } = useToast();
 const workflowActivate = useWorkflowActivate();
 
@@ -35,9 +41,15 @@ const containsTrigger = computed((): boolean => {
 	return foundTriggers.length > 0;
 });
 
+const isNewWorkflow = computed(
+	() =>
+		!props.workflowId ||
+		props.workflowId === PLACEHOLDER_EMPTY_WORKFLOW_ID ||
+		props.workflowId === 'new',
+);
+
 const disabled = computed((): boolean => {
-	const isNewWorkflow = !props.workflowId;
-	if (isNewWorkflow || isCurrentWorkflow.value) {
+	if (isNewWorkflow.value || isCurrentWorkflow.value) {
 		return !props.workflowActive && !containsTrigger.value;
 	}
 
@@ -108,7 +120,11 @@ async function displayActivationError() {
 						? i18n.baseText('workflowActivator.deactivateWorkflow')
 						: i18n.baseText('workflowActivator.activateWorkflow')
 				"
-				:disabled="disabled || workflowActivate.updatingWorkflowActivation.value"
+				:disabled="
+					disabled ||
+					workflowActivate.updatingWorkflowActivation.value ||
+					(!isNewWorkflow && !workflowPermissions.update)
+				"
 				:active-color="getActiveColor"
 				inactive-color="#8899AA"
 				data-test-id="workflow-activate-switch"
diff --git a/packages/editor-ui/src/components/WorkflowCard.vue b/packages/editor-ui/src/components/WorkflowCard.vue
index 6cc73db627817..f929bea6298ef 100644
--- a/packages/editor-ui/src/components/WorkflowCard.vue
+++ b/packages/editor-ui/src/components/WorkflowCard.vue
@@ -10,7 +10,7 @@ import {
 } from '@/constants';
 import { useMessage } from '@/composables/useMessage';
 import { useToast } from '@/composables/useToast';
-import { getWorkflowPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import dateformat from 'dateformat';
 import WorkflowActivator from '@/components/WorkflowActivator.vue';
 import { useUIStore } from '@/stores/ui.store';
@@ -75,7 +75,7 @@ const projectsStore = useProjectsStore();
 
 const resourceTypeLabel = computed(() => locale.baseText('generic.workflow').toLowerCase());
 const currentUser = computed(() => usersStore.currentUser ?? ({} as IUser));
-const workflowPermissions = computed(() => getWorkflowPermissions(props.data));
+const workflowPermissions = computed(() => getResourcePermissions(props.data.scopes).workflow);
 const actions = computed(() => {
 	const items = [
 		{
@@ -88,7 +88,7 @@ const actions = computed(() => {
 		},
 	];
 
-	if (!props.readOnly) {
+	if (workflowPermissions.value.create && !props.readOnly) {
 		items.push({
 			label: locale.baseText('workflows.item.duplicate'),
 			value: WORKFLOW_LIST_ITEM_ACTIONS.DUPLICATE,
@@ -274,6 +274,7 @@ function moveResource() {
 					class="mr-s"
 					:workflow-active="data.active"
 					:workflow-id="data.id"
+					:workflow-permissions="workflowPermissions"
 					data-test-id="workflow-card-activator"
 				/>
 
diff --git a/packages/editor-ui/src/components/__tests__/WorkflowSettings.spec.ts b/packages/editor-ui/src/components/WorkflowSettings.spec.ts
similarity index 95%
rename from packages/editor-ui/src/components/__tests__/WorkflowSettings.spec.ts
rename to packages/editor-ui/src/components/WorkflowSettings.spec.ts
index 427ba49ef5866..04a3b824f8eab 100644
--- a/packages/editor-ui/src/components/__tests__/WorkflowSettings.spec.ts
+++ b/packages/editor-ui/src/components/WorkflowSettings.spec.ts
@@ -16,6 +16,8 @@ import { EnterpriseEditionFeature, WORKFLOW_SETTINGS_MODAL_KEY } from '@/constan
 
 import { nextTick } from 'vue';
 import type { IWorkflowDb } from '@/Interface';
+import * as permissions from '@/permissions';
+import type { PermissionsRecord } from '@/permissions';
 
 let pinia: ReturnType<typeof createPinia>;
 let workflowsStore: ReturnType<typeof useWorkflowsStore>;
@@ -52,6 +54,11 @@ describe('WorkflowSettingsVue', () => {
 			updatedAt: 1,
 			versionId: '123',
 		} as IWorkflowDb);
+		vi.spyOn(permissions, 'getResourcePermissions').mockReturnValue({
+			workflow: {
+				update: true,
+			},
+		} as PermissionsRecord);
 
 		uiStore.modalsById[WORKFLOW_SETTINGS_MODAL_KEY] = {
 			open: true,
diff --git a/packages/editor-ui/src/components/WorkflowSettings.vue b/packages/editor-ui/src/components/WorkflowSettings.vue
index 85a26bee70524..42eac67db091c 100644
--- a/packages/editor-ui/src/components/WorkflowSettings.vue
+++ b/packages/editor-ui/src/components/WorkflowSettings.vue
@@ -23,7 +23,7 @@
 							placeholder="Select Execution Order"
 							size="medium"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-execution-order"
 						>
@@ -53,7 +53,7 @@
 							v-model="workflowSettings.errorWorkflow"
 							placeholder="Select Workflow"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-error-workflow"
 						>
@@ -82,7 +82,7 @@
 						<el-col :span="14" class="ignore-key-press">
 							<n8n-select
 								v-model="workflowSettings.callerPolicy"
-								:disabled="readOnlyEnv"
+								:disabled="readOnlyEnv || !workflowPermissions.update"
 								:placeholder="$locale.baseText('workflowSettings.selectOption')"
 								filterable
 								:limit-popper-width="true"
@@ -110,7 +110,7 @@
 						<el-col :span="14">
 							<n8n-input
 								v-model="workflowSettings.callerIds"
-								:disabled="readOnlyEnv"
+								:disabled="readOnlyEnv || !workflowPermissions.update"
 								:placeholder="$locale.baseText('workflowSettings.callerIds.placeholder')"
 								type="text"
 								data-test-id="workflow-caller-policy-workflow-ids"
@@ -134,7 +134,7 @@
 							v-model="workflowSettings.timezone"
 							placeholder="Select Timezone"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-timezone"
 						>
@@ -163,7 +163,7 @@
 							v-model="workflowSettings.saveDataErrorExecution"
 							:placeholder="$locale.baseText('workflowSettings.selectOption')"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-save-failed-executions"
 						>
@@ -192,7 +192,7 @@
 							v-model="workflowSettings.saveDataSuccessExecution"
 							:placeholder="$locale.baseText('workflowSettings.selectOption')"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-save-success-executions"
 						>
@@ -221,7 +221,7 @@
 							v-model="workflowSettings.saveManualExecutions"
 							:placeholder="$locale.baseText('workflowSettings.selectOption')"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-save-manual-executions"
 						>
@@ -250,7 +250,7 @@
 							v-model="workflowSettings.saveExecutionProgress"
 							:placeholder="$locale.baseText('workflowSettings.selectOption')"
 							filterable
-							:disabled="readOnlyEnv"
+							:disabled="readOnlyEnv || !workflowPermissions.update"
 							:limit-popper-width="true"
 							data-test-id="workflow-settings-save-execution-progress"
 						>
@@ -278,7 +278,7 @@
 						<div>
 							<el-switch
 								ref="inputField"
-								:disabled="readOnlyEnv"
+								:disabled="readOnlyEnv || !workflowPermissions.update"
 								:model-value="(workflowSettings.executionTimeout ?? -1) > -1"
 								active-color="#13ce66"
 								data-test-id="workflow-settings-timeout-workflow"
@@ -303,7 +303,7 @@
 						</el-col>
 						<el-col :span="4">
 							<n8n-input
-								:disabled="readOnlyEnv"
+								:disabled="readOnlyEnv || !workflowPermissions.update"
 								:model-value="timeoutHMS.hours"
 								:min="0"
 								@update:model-value="(value: string) => setTimeout('hours', value)"
@@ -313,7 +313,7 @@
 						</el-col>
 						<el-col :span="4" class="timeout-input">
 							<n8n-input
-								:disabled="readOnlyEnv"
+								:disabled="readOnlyEnv || !workflowPermissions.update"
 								:model-value="timeoutHMS.minutes"
 								:min="0"
 								:max="60"
@@ -324,7 +324,7 @@
 						</el-col>
 						<el-col :span="4" class="timeout-input">
 							<n8n-input
-								:disabled="readOnlyEnv"
+								:disabled="readOnlyEnv || !workflowPermissions.update"
 								:model-value="timeoutHMS.seconds"
 								:min="0"
 								:max="60"
@@ -340,7 +340,7 @@
 		<template #footer>
 			<div class="action-buttons" data-test-id="workflow-settings-save-button">
 				<n8n-button
-					:disabled="readOnlyEnv"
+					:disabled="readOnlyEnv || !workflowPermissions.update"
 					:label="$locale.baseText('workflowSettings.save')"
 					size="large"
 					float="right"
@@ -379,12 +379,10 @@ import { useRootStore } from '@/stores/root.store';
 import { useWorkflowsEEStore } from '@/stores/workflows.ee.store';
 import { useWorkflowsStore } from '@/stores/workflows.store';
 import { createEventBus } from 'n8n-design-system/utils';
-import type { PermissionsMap } from '@/permissions';
-import type { WorkflowScope } from '@n8n/permissions';
-import { getWorkflowPermissions } from '@/permissions';
 import { useExternalHooks } from '@/composables/useExternalHooks';
 import { useSourceControlStore } from '@/stores/sourceControl.store';
 import { ProjectTypes } from '@/types/projects.types';
+import { getResourcePermissions } from '@/permissions';
 
 export default defineComponent({
 	name: 'WorkflowSettings',
@@ -489,8 +487,8 @@ export default defineComponent({
 
 			return this.workflowsEEStore.getWorkflowOwnerName(`${this.workflowId}`, fallback);
 		},
-		workflowPermissions(): PermissionsMap<WorkflowScope> {
-			return getWorkflowPermissions(this.workflow);
+		workflowPermissions() {
+			return getResourcePermissions(this.workflow?.scopes).workflow;
 		},
 	},
 	async mounted() {
@@ -515,17 +513,17 @@ export default defineComponent({
 		this.defaultValues.workflowCallerPolicy = this.settingsStore.workflowCallerPolicyDefaultOption;
 
 		this.isLoading = true;
-		const promises = [];
-		promises.push(this.loadWorkflows());
-		promises.push(this.loadSaveDataErrorExecutionOptions());
-		promises.push(this.loadSaveDataSuccessExecutionOptions());
-		promises.push(this.loadSaveExecutionProgressOptions());
-		promises.push(this.loadSaveManualOptions());
-		promises.push(this.loadTimezones());
-		promises.push(this.loadWorkflowCallerPolicyOptions());
 
 		try {
-			await Promise.all(promises);
+			await Promise.all([
+				this.loadWorkflows(),
+				this.loadSaveDataErrorExecutionOptions(),
+				this.loadSaveDataSuccessExecutionOptions(),
+				this.loadSaveExecutionProgressOptions(),
+				this.loadSaveManualOptions(),
+				this.loadTimezones(),
+				this.loadWorkflowCallerPolicyOptions(),
+			]);
 		} catch (error) {
 			this.showError(
 				error,
diff --git a/packages/editor-ui/src/components/WorkflowShareModal.ee.vue b/packages/editor-ui/src/components/WorkflowShareModal.ee.vue
index 8aa11f4b5abfb..886ac5017644b 100644
--- a/packages/editor-ui/src/components/WorkflowShareModal.ee.vue
+++ b/packages/editor-ui/src/components/WorkflowShareModal.ee.vue
@@ -130,9 +130,7 @@ import {
 	WORKFLOW_SHARE_MODAL_KEY,
 } from '@/constants';
 import type { IUser, IWorkflowDb } from '@/Interface';
-import type { PermissionsMap } from '@/permissions';
-import type { WorkflowScope } from '@n8n/permissions';
-import { getWorkflowPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import { useMessage } from '@/composables/useMessage';
 import { useToast } from '@/composables/useToast';
 import { nodeViewEventBus } from '@/event-bus';
@@ -224,8 +222,8 @@ export default defineComponent({
 		currentUser(): IUser | null {
 			return this.usersStore.currentUser;
 		},
-		workflowPermissions(): PermissionsMap<WorkflowScope> {
-			return getWorkflowPermissions(this.workflow);
+		workflowPermissions() {
+			return getResourcePermissions(this.workflow?.scopes).workflow;
 		},
 		workflowOwnerName(): string {
 			return this.workflowsEEStore.getWorkflowOwnerName(`${this.workflow.id}`);
diff --git a/packages/editor-ui/src/components/__tests__/ButtonParameter.test.ts b/packages/editor-ui/src/components/__tests__/ButtonParameter.test.ts
new file mode 100644
index 0000000000000..28e80091e5f19
--- /dev/null
+++ b/packages/editor-ui/src/components/__tests__/ButtonParameter.test.ts
@@ -0,0 +1,136 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { mount } from '@vue/test-utils';
+import { createTestingPinia } from '@pinia/testing';
+import ButtonParameter from '@/components/ButtonParameter/ButtonParameter.vue';
+import { useNDVStore } from '@/stores/ndv.store';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import { usePostHog } from '@/stores/posthog.store';
+import { useRootStore } from '@/stores/root.store';
+import { useI18n } from '@/composables/useI18n';
+import { useToast } from '@/composables/useToast';
+import type { INodeProperties } from 'n8n-workflow';
+
+vi.mock('@/stores/ndv.store');
+vi.mock('@/stores/workflows.store');
+vi.mock('@/stores/posthog.store');
+vi.mock('@/stores/root.store');
+vi.mock('@/api/ai');
+vi.mock('@/composables/useI18n');
+vi.mock('@/composables/useToast');
+
+describe('ButtonParameter', () => {
+	const defaultProps = {
+		parameter: {
+			name: 'testParam',
+			displayName: 'Test Parameter',
+			type: 'string',
+			default: '',
+			typeOptions: {
+				buttonConfig: {
+					label: 'Generate',
+					action: {
+						type: 'askAiCodeGeneration',
+						target: 'targetParam',
+					},
+					hasInputField: true,
+				},
+			},
+		} as INodeProperties,
+		value: '',
+		path: 'testPath',
+	};
+
+	beforeEach(() => {
+		vi.mocked(useNDVStore).mockReturnValue({
+			ndvInputData: [{}],
+			activeNode: { name: 'TestNode' },
+		} as any);
+
+		vi.mocked(useWorkflowsStore).mockReturnValue({
+			getCurrentWorkflow: vi.fn().mockReturnValue({
+				getParentNodesByDepth: vi.fn().mockReturnValue([]),
+			}),
+			getNodeByName: vi.fn().mockReturnValue({}),
+		} as any);
+
+		vi.mocked(usePostHog).mockReturnValue({
+			isAiEnabled: vi.fn().mockReturnValue(true),
+			getVariant: vi.fn().mockReturnValue('gpt-3.5-turbo-16k'),
+		} as any);
+
+		vi.mocked(useRootStore).mockReturnValue({
+			versionCli: '1.0.0',
+			pushRef: 'testPushRef',
+		} as any);
+
+		vi.mocked(useI18n).mockReturnValue({
+			baseText: vi.fn().mockReturnValue('Mocked Text'),
+			nodeText: () => ({
+				inputLabelDisplayName: vi.fn().mockReturnValue('Mocked Display Name'),
+				inputLabelDescription: vi.fn().mockReturnValue('Mocked Description'),
+			}),
+		} as any);
+
+		vi.mocked(useToast).mockReturnValue({
+			showMessage: vi.fn(),
+		} as any);
+	});
+
+	const mountComponent = (props = defaultProps) => {
+		return mount(ButtonParameter, {
+			props,
+			global: {
+				plugins: [createTestingPinia()],
+			},
+		});
+	};
+
+	it('renders correctly', () => {
+		const wrapper = mountComponent();
+		expect(wrapper.find('textarea').exists()).toBe(true);
+		expect(wrapper.find('button').text()).toBe('Generate');
+	});
+
+	it('emits valueChanged event on input', async () => {
+		const wrapper = mountComponent();
+		const input = wrapper.find('textarea');
+		await input.setValue('Test prompt');
+		expect(wrapper.emitted('valueChanged')).toBeTruthy();
+		expect(wrapper.emitted('valueChanged')![0][0]).toEqual({
+			name: 'testPath.testParam',
+			value: 'Test prompt',
+		});
+	});
+
+	it('disables submit button when there is no execution data', async () => {
+		vi.mocked(useNDVStore).mockReturnValue({
+			ndvInputData: [],
+		} as any);
+		const wrapper = mountComponent();
+		expect(wrapper.find('button').attributes('disabled')).toBeDefined();
+	});
+
+	it('disables submit button when prompt is empty', async () => {
+		const wrapper = mountComponent();
+		expect(wrapper.find('button').attributes('disabled')).toBeDefined();
+	});
+
+	it('enables submit button when there is execution data and prompt', async () => {
+		const wrapper = mountComponent();
+		await wrapper.find('textarea').setValue('Test prompt');
+		expect(wrapper.find('button').attributes('disabled')).toBeUndefined();
+	});
+
+	it('calls onSubmit when button is clicked', async () => {
+		const wrapper = mountComponent();
+		await wrapper.find('textarea').setValue('Test prompt');
+
+		const submitButton = wrapper.find('button');
+		expect(submitButton.attributes('disabled')).toBeUndefined();
+
+		await submitButton.trigger('click');
+
+		expect(useToast().showMessage).toHaveBeenCalled();
+	});
+});
diff --git a/packages/editor-ui/src/components/__tests__/ChangePasswordModal.test.ts b/packages/editor-ui/src/components/__tests__/ChangePasswordModal.test.ts
new file mode 100644
index 0000000000000..7248774c81e24
--- /dev/null
+++ b/packages/editor-ui/src/components/__tests__/ChangePasswordModal.test.ts
@@ -0,0 +1,20 @@
+import { createTestingPinia } from '@pinia/testing';
+import ChangePasswordModal from '@/components/ChangePasswordModal.vue';
+import type { createPinia } from 'pinia';
+import { createComponentRenderer } from '@/__tests__/render';
+
+const renderComponent = createComponentRenderer(ChangePasswordModal);
+
+describe('ChangePasswordModal', () => {
+	let pinia: ReturnType<typeof createPinia>;
+
+	beforeEach(() => {
+		pinia = createTestingPinia({});
+	});
+
+	it('should render correctly', () => {
+		const wrapper = renderComponent({ pinia });
+
+		expect(wrapper.html()).toMatchSnapshot();
+	});
+});
diff --git a/packages/editor-ui/src/components/__tests__/__snapshots__/ChangePasswordModal.test.ts.snap b/packages/editor-ui/src/components/__tests__/__snapshots__/ChangePasswordModal.test.ts.snap
new file mode 100644
index 0000000000000..db656032b2c0b
--- /dev/null
+++ b/packages/editor-ui/src/components/__tests__/__snapshots__/ChangePasswordModal.test.ts.snap
@@ -0,0 +1,6 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`ChangePasswordModal > should render correctly 1`] = `
+"<!--teleport start-->
+<!--teleport end-->"
+`;
diff --git a/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.test.ts b/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.test.ts
index 52bac78f2fd44..5b2c9c7486133 100644
--- a/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.test.ts
+++ b/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.test.ts
@@ -100,6 +100,9 @@ describe('GlobalExecutionsList', () => {
 		const { queryAllByTestId, queryByTestId, getByTestId } = renderComponent({
 			props: {
 				executions: [],
+				filters: {},
+				total: 0,
+				estimated: false,
 			},
 			pinia,
 		});
@@ -121,6 +124,8 @@ describe('GlobalExecutionsList', () => {
 					executions: executionsData[0].results,
 					total: executionsData[0].count,
 					filteredExecutions: executionsData[0].results,
+					filters: {},
+					estimated: false,
 				},
 				pinia,
 			});
@@ -185,6 +190,8 @@ describe('GlobalExecutionsList', () => {
 				executions: executionsData[0].results,
 				total: executionsData[0].count,
 				filteredExecutions: executionsData[0].results,
+				filters: {},
+				estimated: false,
 			},
 			pinia,
 		});
diff --git a/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.vue b/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.vue
index a9e98e52b791e..a0ec5726977c8 100644
--- a/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.vue
+++ b/packages/editor-ui/src/components/executions/global/GlobalExecutionsList.vue
@@ -11,6 +11,8 @@ import type { ExecutionFilterType, IWorkflowDb } from '@/Interface';
 import type { ExecutionSummary } from 'n8n-workflow';
 import { useWorkflowsStore } from '@/stores/workflows.store';
 import { useExecutionsStore } from '@/stores/executions.store';
+import type { PermissionsRecord } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 
 const props = withDefaults(
 	defineProps<{
@@ -162,6 +164,12 @@ function getExecutionWorkflowName(execution: ExecutionSummary): string {
 	);
 }
 
+function getExecutionWorkflowPermissions(
+	execution: ExecutionSummary,
+): PermissionsRecord['workflow'] {
+	return getResourcePermissions(execution.scopes).workflow;
+}
+
 function getWorkflowName(workflowId: string): string | undefined {
 	return workflows.value.find((data: IWorkflowDb) => data.id === workflowId)?.name;
 }
@@ -344,7 +352,9 @@ async function onAutoRefreshToggle(value: boolean) {
 						:key="execution.id"
 						:execution="execution"
 						:workflow-name="getExecutionWorkflowName(execution)"
+						:workflow-permissions="getExecutionWorkflowPermissions(execution)"
 						:selected="selectedItems[execution.id] || allExistingSelected"
+						data-test-id="global-execution-list-item"
 						@stop="stopExecution"
 						@delete="deleteExecution"
 						@select="toggleSelectExecution"
diff --git a/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.test.ts b/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.test.ts
index a1f7cb75b1721..5f15c9534f8c7 100644
--- a/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.test.ts
+++ b/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.test.ts
@@ -55,6 +55,9 @@ describe('GlobalExecutionsListItem', () => {
 					retrySuccessfulId: undefined,
 					waitTill: false,
 				},
+				workflowPermissions: {
+					execute: true,
+				},
 			},
 		});
 
@@ -73,6 +76,9 @@ describe('GlobalExecutionsListItem', () => {
 					id: 123,
 					stoppedAt: undefined,
 				},
+				workflowPermissions: {
+					update: true,
+				},
 			},
 		});
 
@@ -84,7 +90,10 @@ describe('GlobalExecutionsListItem', () => {
 		global.window.open = vi.fn();
 
 		const { getByText } = renderComponent({
-			props: { execution: { status: 'success', id: 123, workflowName: 'TestWorkflow' } },
+			props: {
+				execution: { status: 'success', id: 123, workflowName: 'TestWorkflow' },
+				workflowPermissions: {},
+			},
 		});
 
 		await fireEvent.click(getByText('TestWorkflow'));
@@ -94,7 +103,10 @@ describe('GlobalExecutionsListItem', () => {
 	it('should show formatted start date', () => {
 		const testDate = '2022-01-01T12:00:00Z';
 		const { getByText } = renderComponent({
-			props: { execution: { status: 'success', id: 123, startedAt: testDate } },
+			props: {
+				execution: { status: 'success', id: 123, startedAt: testDate },
+				workflowPermissions: {},
+			},
 		});
 
 		expect(
diff --git a/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.vue b/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.vue
index e6fc6dacf2677..43d85e8e277e6 100644
--- a/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.vue
+++ b/packages/editor-ui/src/components/executions/global/GlobalExecutionsListItem.vue
@@ -8,6 +8,7 @@ import { convertToDisplayDate } from '@/utils/formatters/dateFormatter';
 import { i18n as locale } from '@/plugins/i18n';
 import ExecutionsTime from '@/components/executions/ExecutionsTime.vue';
 import { useExecutionHelpers } from '@/composables/useExecutionHelpers';
+import type { PermissionsRecord } from '@/permissions';
 
 type Command = 'retrySaved' | 'retryOriginal' | 'delete';
 
@@ -24,9 +25,11 @@ const props = withDefaults(
 		execution: ExecutionSummary;
 		selected?: boolean;
 		workflowName?: string;
+		workflowPermissions: PermissionsRecord['workflow'];
 	}>(),
 	{
 		selected: false,
+		workflowName: '',
 	},
 );
 
@@ -266,6 +269,7 @@ async function handleActionItemClick(commandData: Command) {
 							data-test-id="execution-retry-saved-dropdown-item"
 							:class="$style.retryAction"
 							command="retrySaved"
+							:disabled="!workflowPermissions.execute"
 						>
 							{{ i18n.baseText('executionsList.retryWithCurrentlySavedWorkflow') }}
 						</ElDropdownItem>
@@ -274,6 +278,7 @@ async function handleActionItemClick(commandData: Command) {
 							data-test-id="execution-retry-original-dropdown-item"
 							:class="$style.retryAction"
 							command="retryOriginal"
+							:disabled="!workflowPermissions.execute"
 						>
 							{{ i18n.baseText('executionsList.retryWithOriginalWorkflow') }}
 						</ElDropdownItem>
@@ -281,6 +286,7 @@ async function handleActionItemClick(commandData: Command) {
 							data-test-id="execution-delete-dropdown-item"
 							:class="$style.deleteAction"
 							command="delete"
+							:disabled="!workflowPermissions.update"
 						>
 							{{ i18n.baseText('generic.delete') }}
 						</ElDropdownItem>
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.test.ts b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.test.ts
index ec850664740ea..182a5942af754 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.test.ts
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.test.ts
@@ -2,6 +2,13 @@ import { createComponentRenderer } from '@/__tests__/render';
 import WorkflowExecutionsCard from '@/components/executions/workflow/WorkflowExecutionsCard.vue';
 import { createPinia, setActivePinia } from 'pinia';
 
+vi.mock('vue-router', () => ({
+	useRoute: () => ({
+		params: {},
+	}),
+	RouterLink: vi.fn(),
+}));
+
 const renderComponent = createComponentRenderer(WorkflowExecutionsCard, {
 	global: {
 		stubs: {
@@ -25,53 +32,102 @@ describe('WorkflowExecutionsCard', () => {
 	test.each([
 		[
 			{
-				id: '1',
-				mode: 'manual',
-				status: 'success',
-				retryOf: null,
-				retrySuccessId: null,
+				execution: {
+					id: '1',
+					mode: 'manual',
+					status: 'success',
+					retryOf: null,
+					retrySuccessId: null,
+				},
+				workflowPermissions: {
+					execute: true,
+				},
 			},
 			false,
+			false,
 		],
 		[
 			{
-				id: '2',
-				mode: 'manual',
-				status: 'error',
-				retryOf: null,
-				retrySuccessId: null,
+				execution: {
+					id: '2',
+					mode: 'manual',
+					status: 'error',
+					retryOf: null,
+					retrySuccessId: null,
+				},
+				workflowPermissions: {
+					execute: true,
+				},
 			},
 			true,
+			false,
 		],
 		[
 			{
-				id: '3',
-				mode: 'manual',
-				status: 'error',
-				retryOf: '2',
-				retrySuccessId: null,
+				execution: {
+					id: '3',
+					mode: 'manual',
+					status: 'error',
+					retryOf: null,
+					retrySuccessId: '3',
+				},
+				workflowPermissions: {
+					execute: true,
+				},
 			},
 			false,
+			false,
 		],
 		[
 			{
-				id: '4',
-				mode: 'manual',
-				status: 'error',
-				retryOf: null,
-				retrySuccessId: '3',
+				execution: {
+					id: '4',
+					mode: 'manual',
+					status: 'success',
+					retryOf: '4',
+					retrySuccessId: null,
+				},
+				workflowPermissions: {
+					execute: true,
+				},
 			},
 			false,
+			false,
 		],
-	])('with execution %j retry button visibility is %s', (execution, shouldRenderRetryBtn) => {
-		const { queryByTestId } = renderComponent({
-			props: {
-				execution,
+		[
+			{
+				execution: {
+					id: '2',
+					mode: 'manual',
+					status: 'error',
+					retryOf: null,
+					retrySuccessId: null,
+				},
+				workflowPermissions: {},
 			},
-		});
+			true,
+			true,
+		],
+	])(
+		'with execution %j retry button visibility is %s and if visible is disabled %s',
+		(props, shouldRenderRetryBtn, disabled) => {
+			const { queryByTestId } = renderComponent({
+				props,
+			});
 
-		expect(!!queryByTestId('retry-execution-button') && shouldRenderRetryBtn).toBe(
-			shouldRenderRetryBtn,
-		);
-	});
+			const retryButton = queryByTestId('retry-execution-button');
+
+			if (shouldRenderRetryBtn) {
+				expect(retryButton).toBeVisible();
+
+				if (disabled) {
+					expect(retryButton?.querySelector('.is-disabled')).toBeVisible();
+				} else {
+					expect(retryButton?.querySelector('.is-disabled')).toBe(null);
+				}
+			} else {
+				expect(retryButton).toBe(null);
+			}
+		},
+	);
 });
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.vue b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.vue
index 4c84a270425b9..c1efe3c8d882a 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.vue
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsCard.vue
@@ -1,3 +1,59 @@
+<script setup lang="ts">
+import { computed, onMounted } from 'vue';
+import { useRoute } from 'vue-router';
+import type { IExecutionUIData } from '@/composables/useExecutionHelpers';
+import { VIEWS } from '@/constants';
+import ExecutionsTime from '@/components/executions/ExecutionsTime.vue';
+import { useExecutionHelpers } from '@/composables/useExecutionHelpers';
+import type { ExecutionSummary } from 'n8n-workflow';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import { useI18n } from '@/composables/useI18n';
+import type { PermissionsRecord } from '@/permissions';
+
+const props = defineProps<{
+	execution: ExecutionSummary;
+	highlight?: boolean;
+	showGap?: boolean;
+	workflowPermissions: PermissionsRecord['workflow'];
+}>();
+
+const emit = defineEmits<{
+	retryExecution: [{ execution: ExecutionSummary; command: string }];
+	mounted: [string];
+}>();
+
+const route = useRoute();
+const locale = useI18n();
+
+const executionHelpers = useExecutionHelpers();
+const workflowsStore = useWorkflowsStore();
+
+const currentWorkflow = computed(() => (route.params.name as string) || workflowsStore.workflowId);
+const retryExecutionActions = computed(() => [
+	{
+		id: 'current-workflow',
+		label: locale.baseText('executionsList.retryWithCurrentlySavedWorkflow'),
+	},
+	{
+		id: 'original-workflow',
+		label: locale.baseText('executionsList.retryWithOriginalWorkflow'),
+	},
+]);
+const executionUIDetails = computed<IExecutionUIData>(() =>
+	executionHelpers.getUIDetails(props.execution),
+);
+const isActive = computed(() => props.execution.id === route.params.executionId);
+const isRetriable = computed(() => executionHelpers.isExecutionRetriable(props.execution));
+
+onMounted(() => {
+	emit('mounted', props.execution.id);
+});
+
+function onRetryMenuItemSelect(action: string): void {
+	emit('retryExecution', { execution: props.execution, command: action });
+}
+</script>
+
 <template>
 	<div
 		:class="{
@@ -12,153 +68,74 @@
 		<router-link
 			:class="$style.executionLink"
 			:to="{
-				name: executionPreviewViewName,
+				name: VIEWS.EXECUTION_PREVIEW,
 				params: { name: currentWorkflow, executionId: execution.id },
 			}"
 			:data-test-execution-status="executionUIDetails.name"
 		>
 			<div :class="$style.description">
-				<n8n-text color="text-dark" :bold="true" size="medium" data-test-id="execution-time">
+				<N8nText color="text-dark" :bold="true" size="medium" data-test-id="execution-time">
 					{{ executionUIDetails.startTime }}
-				</n8n-text>
+				</N8nText>
 				<div :class="$style.executionStatus">
-					<n8n-spinner
+					<N8nSpinner
 						v-if="executionUIDetails.name === 'running'"
 						size="small"
 						:class="[$style.spinner, 'mr-4xs']"
 					/>
-					<n8n-text :class="$style.statusLabel" size="small">{{
-						executionUIDetails.label
-					}}</n8n-text>
+					<N8nText :class="$style.statusLabel" size="small">{{ executionUIDetails.label }}</N8nText>
 					{{ ' ' }}
-					<n8n-text
+					<N8nText
 						v-if="executionUIDetails.name === 'running'"
 						:color="isActive ? 'text-dark' : 'text-base'"
 						size="small"
 					>
-						{{ $locale.baseText('executionDetails.runningTimeRunning') }}
+						{{ locale.baseText('executionDetails.runningTimeRunning') }}
 						<ExecutionsTime :start-time="execution.startedAt" />
-					</n8n-text>
-					<n8n-text
+					</N8nText>
+					<N8nText
 						v-else-if="executionUIDetails.runningTime !== ''"
 						:color="isActive ? 'text-dark' : 'text-base'"
 						size="small"
 					>
 						{{
-							$locale.baseText('executionDetails.runningTimeFinished', {
+							locale.baseText('executionDetails.runningTimeFinished', {
 								interpolate: { time: executionUIDetails?.runningTime },
 							})
 						}}
-					</n8n-text>
+					</N8nText>
 				</div>
 				<div v-if="execution.mode === 'retry'">
-					<n8n-text :color="isActive ? 'text-dark' : 'text-base'" size="small">
-						{{ $locale.baseText('executionDetails.retry') }} #{{ execution.retryOf }}
-					</n8n-text>
+					<N8nText :color="isActive ? 'text-dark' : 'text-base'" size="small">
+						{{ locale.baseText('executionDetails.retry') }} #{{ execution.retryOf }}
+					</N8nText>
 				</div>
 			</div>
 			<div :class="$style.icons">
-				<n8n-action-dropdown
+				<N8nActionDropdown
 					v-if="isRetriable"
 					:class="[$style.icon, $style.retry]"
 					:items="retryExecutionActions"
+					:disabled="!workflowPermissions.execute"
 					activator-icon="redo"
 					data-test-id="retry-execution-button"
 					@select="onRetryMenuItemSelect"
 				/>
-				<n8n-tooltip v-if="execution.mode === 'manual'" placement="top">
+				<N8nTooltip v-if="execution.mode === 'manual'" placement="top">
 					<template #content>
-						<span>{{ $locale.baseText('executionsList.test') }}</span>
+						<span>{{ locale.baseText('executionsList.test') }}</span>
 					</template>
-					<font-awesome-icon
+					<FontAwesomeIcon
 						v-if="execution.mode === 'manual'"
 						:class="[$style.icon, $style.manual]"
 						icon="flask"
 					/>
-				</n8n-tooltip>
+				</N8nTooltip>
 			</div>
 		</router-link>
 	</div>
 </template>
 
-<script lang="ts">
-import { defineComponent } from 'vue';
-import type { IExecutionUIData } from '@/composables/useExecutionHelpers';
-import { VIEWS } from '@/constants';
-import ExecutionsTime from '@/components/executions/ExecutionsTime.vue';
-import { useExecutionHelpers } from '@/composables/useExecutionHelpers';
-import type { ExecutionSummary } from 'n8n-workflow';
-import { mapStores } from 'pinia';
-import { useWorkflowsStore } from '@/stores/workflows.store';
-
-export default defineComponent({
-	name: 'WorkflowExecutionsCard',
-	components: {
-		ExecutionsTime,
-	},
-	props: {
-		execution: {
-			type: Object as () => ExecutionSummary,
-			required: true,
-		},
-		highlight: {
-			type: Boolean,
-			default: false,
-		},
-		showGap: {
-			type: Boolean,
-			default: false,
-		},
-	},
-	emits: ['retryExecution', 'mounted'],
-	setup() {
-		const executionHelpers = useExecutionHelpers();
-
-		return {
-			executionHelpers,
-		};
-	},
-	computed: {
-		...mapStores(useWorkflowsStore),
-		currentWorkflow(): string {
-			return (this.$route.params.name as string) || this.workflowsStore.workflowId;
-		},
-		retryExecutionActions(): object[] {
-			return [
-				{
-					id: 'current-workflow',
-					label: this.$locale.baseText('executionsList.retryWithCurrentlySavedWorkflow'),
-				},
-				{
-					id: 'original-workflow',
-					label: this.$locale.baseText('executionsList.retryWithOriginalWorkflow'),
-				},
-			];
-		},
-		executionUIDetails(): IExecutionUIData {
-			return this.executionHelpers.getUIDetails(this.execution);
-		},
-		isActive(): boolean {
-			return this.execution.id === this.$route.params.executionId;
-		},
-		isRetriable(): boolean {
-			return this.executionHelpers.isExecutionRetriable(this.execution);
-		},
-		executionPreviewViewName() {
-			return VIEWS.EXECUTION_PREVIEW;
-		},
-	},
-	mounted() {
-		this.$emit('mounted', this.execution.id);
-	},
-	methods: {
-		onRetryMenuItemSelect(action: string): void {
-			this.$emit('retryExecution', { execution: this.execution, command: action });
-		},
-	},
-});
-</script>
-
 <style module lang="scss">
 @import '@/styles/variables';
 
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsInfoAccordion.vue b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsInfoAccordion.vue
index ed431fa84ee25..25c456d2ca6e7 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsInfoAccordion.vue
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsInfoAccordion.vue
@@ -1,5 +1,194 @@
+<script setup lang="ts">
+import { computed, ref, watch, onMounted } from 'vue';
+import { useRouter } from 'vue-router';
+import { useSettingsStore } from '@/stores/settings.store';
+import { useUIStore } from '@/stores/ui.store';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import { PLACEHOLDER_EMPTY_WORKFLOW_ID, WORKFLOW_SETTINGS_MODAL_KEY } from '@/constants';
+import type { IWorkflowSettings } from 'n8n-workflow';
+import { deepCopy } from 'n8n-workflow';
+import { useWorkflowHelpers } from '@/composables/useWorkflowHelpers';
+import { useNpsSurveyStore } from '@/stores/npsSurvey.store';
+import { useI18n } from '@/composables/useI18n';
+
+interface IWorkflowSaveSettings {
+	saveFailedExecutions: boolean;
+	saveSuccessfulExecutions: boolean;
+	saveTestExecutions: boolean;
+}
+
+const props = withDefaults(
+	defineProps<{
+		initiallyExpanded: boolean;
+	}>(),
+	{
+		initiallyExpanded: false,
+	},
+);
+
+const router = useRouter();
+const workflowHelpers = useWorkflowHelpers({ router });
+const locale = useI18n();
+
+const settingsStore = useSettingsStore();
+const uiStore = useUIStore();
+const workflowsStore = useWorkflowsStore();
+const npsSurveyStore = useNpsSurveyStore();
+
+const defaultValues = ref({
+	saveFailedExecutions: 'all',
+	saveSuccessfulExecutions: 'all',
+	saveManualExecutions: false,
+});
+const workflowSaveSettings = ref({
+	saveFailedExecutions: false,
+	saveSuccessfulExecutions: false,
+	saveTestExecutions: false,
+} as IWorkflowSaveSettings);
+
+const accordionItems = computed(() => [
+	{
+		id: 'productionExecutions',
+		label: locale.baseText('executionsLandingPage.emptyState.accordion.productionExecutions'),
+		icon: productionExecutionsIcon.value.icon,
+		iconColor: productionExecutionsIcon.value.color,
+		tooltip:
+			productionExecutionsStatus.value === 'unknown'
+				? locale.baseText(
+						'executionsLandingPage.emptyState.accordion.productionExecutionsWarningTooltip',
+					)
+				: null,
+	},
+	{
+		id: 'manualExecutions',
+		label: locale.baseText('executionsLandingPage.emptyState.accordion.testExecutions'),
+		icon: workflowSaveSettings.value.saveTestExecutions ? 'check' : 'times',
+		iconColor: workflowSaveSettings.value.saveTestExecutions ? 'success' : 'danger',
+	},
+]);
+const shouldExpandAccordion = computed(() => {
+	if (!props.initiallyExpanded) {
+		return false;
+	}
+	return (
+		!workflowSaveSettings.value.saveFailedExecutions ||
+		!workflowSaveSettings.value.saveSuccessfulExecutions ||
+		!workflowSaveSettings.value.saveTestExecutions
+	);
+});
+const productionExecutionsIcon = computed(() => {
+	if (productionExecutionsStatus.value === 'saving') {
+		return { icon: 'check', color: 'success' };
+	} else if (productionExecutionsStatus.value === 'not-saving') {
+		return { icon: 'times', color: 'danger' };
+	}
+	return { icon: 'exclamation-triangle', color: 'warning' };
+});
+const productionExecutionsStatus = computed(() => {
+	if (
+		workflowSaveSettings.value.saveSuccessfulExecutions ===
+		workflowSaveSettings.value.saveFailedExecutions
+	) {
+		if (workflowSaveSettings.value.saveSuccessfulExecutions) {
+			return 'saving';
+		}
+		return 'not-saving';
+	} else {
+		return 'unknown';
+	}
+});
+const workflowSettings = computed(() => deepCopy(workflowsStore.workflowSettings));
+const accordionIcon = computed(() => {
+	if (
+		!workflowSaveSettings.value.saveTestExecutions ||
+		productionExecutionsStatus.value !== 'saving'
+	) {
+		return { icon: 'exclamation-triangle', color: 'warning' };
+	}
+	return null;
+});
+const currentWorkflowId = computed(() => workflowsStore.workflowId);
+const isNewWorkflow = computed(() => {
+	return (
+		!currentWorkflowId.value ||
+		currentWorkflowId.value === PLACEHOLDER_EMPTY_WORKFLOW_ID ||
+		currentWorkflowId.value === 'new'
+	);
+});
+const workflowName = computed(() => workflowsStore.workflowName);
+const currentWorkflowTagIds = computed(() => workflowsStore.workflowTags);
+
+watch(workflowSettings, (newSettings: IWorkflowSettings) => {
+	updateSettings(newSettings);
+});
+
+onMounted(() => {
+	defaultValues.value.saveFailedExecutions = settingsStore.saveDataErrorExecution;
+	defaultValues.value.saveSuccessfulExecutions = settingsStore.saveDataSuccessExecution;
+	defaultValues.value.saveManualExecutions = settingsStore.saveManualExecutions;
+	updateSettings(workflowSettings.value);
+});
+
+function updateSettings(wfSettings: IWorkflowSettings): void {
+	workflowSaveSettings.value.saveFailedExecutions =
+		wfSettings.saveDataErrorExecution === undefined
+			? defaultValues.value.saveFailedExecutions === 'all'
+			: wfSettings.saveDataErrorExecution === 'all';
+	workflowSaveSettings.value.saveSuccessfulExecutions =
+		wfSettings.saveDataSuccessExecution === undefined
+			? defaultValues.value.saveSuccessfulExecutions === 'all'
+			: wfSettings.saveDataSuccessExecution === 'all';
+	workflowSaveSettings.value.saveTestExecutions =
+		wfSettings.saveManualExecutions === undefined
+			? defaultValues.value.saveManualExecutions
+			: (wfSettings.saveManualExecutions as boolean);
+}
+
+function onAccordionClick(event: MouseEvent): void {
+	if (event.target instanceof HTMLAnchorElement) {
+		event.preventDefault();
+		uiStore.openModal(WORKFLOW_SETTINGS_MODAL_KEY);
+	}
+}
+
+function onItemTooltipClick(item: string, event: MouseEvent): void {
+	if (item === 'productionExecutions' && event.target instanceof HTMLAnchorElement) {
+		event.preventDefault();
+		uiStore.openModal(WORKFLOW_SETTINGS_MODAL_KEY);
+	}
+}
+
+function openWorkflowSettings(): void {
+	uiStore.openModal(WORKFLOW_SETTINGS_MODAL_KEY);
+}
+
+async function onSaveWorkflowClick(): Promise<void> {
+	let currentId: string | undefined = undefined;
+	if (currentWorkflowId.value !== PLACEHOLDER_EMPTY_WORKFLOW_ID) {
+		currentId = currentWorkflowId.value;
+	} else if (
+		router.currentRoute.value.params.name &&
+		router.currentRoute.value.params.name !== 'new'
+	) {
+		const routeName = router.currentRoute.value.params.name;
+		currentId = Array.isArray(routeName) ? routeName[0] : routeName;
+	}
+	if (!currentId) {
+		return;
+	}
+	const saved = await workflowHelpers.saveCurrentWorkflow({
+		id: currentId,
+		name: workflowName.value,
+		tags: currentWorkflowTagIds.value,
+	});
+	if (saved) {
+		await npsSurveyStore.fetchPromptsData();
+	}
+}
+</script>
+
 <template>
-	<n8n-info-accordion
+	<N8nInfoAccordion
 		:class="[$style.accordion, 'mt-2xl']"
 		:title="$locale.baseText('executionsLandingPage.emptyState.accordion.title')"
 		:items="accordionItems"
@@ -11,232 +200,30 @@
 		<template #customContent>
 			<footer class="mt-2xs">
 				{{ $locale.baseText('executionsLandingPage.emptyState.accordion.footer') }}
-				<n8n-tooltip :disabled="!isNewWorkflow">
+				<N8nTooltip :disabled="!isNewWorkflow">
 					<template #content>
 						<div>
-							<n8n-link @click.prevent="onSaveWorkflowClick">{{
+							<N8nLink @click.prevent="onSaveWorkflowClick">{{
 								$locale.baseText('executionsLandingPage.emptyState.accordion.footer.tooltipLink')
-							}}</n8n-link>
+							}}</N8nLink>
 							{{
 								$locale.baseText('executionsLandingPage.emptyState.accordion.footer.tooltipText')
 							}}
 						</div>
 					</template>
-					<n8n-link
+					<N8nLink
 						:class="{ [$style.disabled]: isNewWorkflow }"
 						size="small"
 						@click.prevent="openWorkflowSettings"
 					>
 						{{ $locale.baseText('executionsLandingPage.emptyState.accordion.footer.settingsLink') }}
-					</n8n-link>
-				</n8n-tooltip>
+					</N8nLink>
+				</N8nTooltip>
 			</footer>
 		</template>
-	</n8n-info-accordion>
+	</N8nInfoAccordion>
 </template>
 
-<script lang="ts">
-import { defineComponent } from 'vue';
-import { mapStores } from 'pinia';
-import { useRouter } from 'vue-router';
-import { useRootStore } from '@/stores/root.store';
-import { useSettingsStore } from '@/stores/settings.store';
-import { useUIStore } from '@/stores/ui.store';
-import { useWorkflowsStore } from '@/stores/workflows.store';
-import { PLACEHOLDER_EMPTY_WORKFLOW_ID, WORKFLOW_SETTINGS_MODAL_KEY } from '@/constants';
-import type { IWorkflowSettings } from 'n8n-workflow';
-import { deepCopy } from 'n8n-workflow';
-import { useWorkflowHelpers } from '@/composables/useWorkflowHelpers';
-import { useNpsSurveyStore } from '@/stores/npsSurvey.store';
-
-interface IWorkflowSaveSettings {
-	saveFailedExecutions: boolean;
-	saveSuccessfulExecutions: boolean;
-	saveTestExecutions: boolean;
-}
-
-export default defineComponent({
-	name: 'WorkflowExecutionsInfoAccordion',
-	props: {
-		initiallyExpanded: {
-			type: Boolean,
-			default: false,
-		},
-	},
-	setup() {
-		const router = useRouter();
-		const workflowHelpers = useWorkflowHelpers({ router });
-
-		return {
-			workflowHelpers,
-		};
-	},
-	data() {
-		return {
-			defaultValues: {
-				saveFailedExecutions: 'all',
-				saveSuccessfulExecutions: 'all',
-				saveManualExecutions: false,
-			},
-			workflowSaveSettings: {
-				saveFailedExecutions: false,
-				saveSuccessfulExecutions: false,
-				saveTestExecutions: false,
-			} as IWorkflowSaveSettings,
-		};
-	},
-	computed: {
-		...mapStores(useRootStore, useSettingsStore, useUIStore, useWorkflowsStore, useNpsSurveyStore),
-		accordionItems(): object[] {
-			return [
-				{
-					id: 'productionExecutions',
-					label: this.$locale.baseText(
-						'executionsLandingPage.emptyState.accordion.productionExecutions',
-					),
-					icon: this.productionExecutionsIcon.icon,
-					iconColor: this.productionExecutionsIcon.color,
-					tooltip:
-						this.productionExecutionsStatus === 'unknown'
-							? this.$locale.baseText(
-									'executionsLandingPage.emptyState.accordion.productionExecutionsWarningTooltip',
-								)
-							: null,
-				},
-				{
-					id: 'manualExecutions',
-					label: this.$locale.baseText('executionsLandingPage.emptyState.accordion.testExecutions'),
-					icon: this.workflowSaveSettings.saveTestExecutions ? 'check' : 'times',
-					iconColor: this.workflowSaveSettings.saveTestExecutions ? 'success' : 'danger',
-				},
-			];
-		},
-		shouldExpandAccordion(): boolean {
-			if (!this.initiallyExpanded) {
-				return false;
-			}
-			return (
-				!this.workflowSaveSettings.saveFailedExecutions ||
-				!this.workflowSaveSettings.saveSuccessfulExecutions ||
-				!this.workflowSaveSettings.saveTestExecutions
-			);
-		},
-		productionExecutionsIcon(): { icon: string; color: string } {
-			if (this.productionExecutionsStatus === 'saving') {
-				return { icon: 'check', color: 'success' };
-			} else if (this.productionExecutionsStatus === 'not-saving') {
-				return { icon: 'times', color: 'danger' };
-			}
-			return { icon: 'exclamation-triangle', color: 'warning' };
-		},
-		productionExecutionsStatus(): string {
-			if (
-				this.workflowSaveSettings.saveSuccessfulExecutions ===
-				this.workflowSaveSettings.saveFailedExecutions
-			) {
-				if (this.workflowSaveSettings.saveSuccessfulExecutions) {
-					return 'saving';
-				}
-				return 'not-saving';
-			} else {
-				return 'unknown';
-			}
-		},
-		workflowSettings(): IWorkflowSettings {
-			const workflowSettings = deepCopy(this.workflowsStore.workflowSettings);
-			return workflowSettings;
-		},
-		accordionIcon(): { icon: string; color: string } | null {
-			if (
-				!this.workflowSaveSettings.saveTestExecutions ||
-				this.productionExecutionsStatus !== 'saving'
-			) {
-				return { icon: 'exclamation-triangle', color: 'warning' };
-			}
-			return null;
-		},
-		currentWorkflowId(): string {
-			return this.workflowsStore.workflowId;
-		},
-		isNewWorkflow(): boolean {
-			return (
-				!this.currentWorkflowId ||
-				this.currentWorkflowId === PLACEHOLDER_EMPTY_WORKFLOW_ID ||
-				this.currentWorkflowId === 'new'
-			);
-		},
-		workflowName(): string {
-			return this.workflowsStore.workflowName;
-		},
-		currentWorkflowTagIds(): string[] {
-			return this.workflowsStore.workflowTags;
-		},
-	},
-	watch: {
-		workflowSettings(newSettings: IWorkflowSettings) {
-			this.updateSettings(newSettings);
-		},
-	},
-	mounted() {
-		this.defaultValues.saveFailedExecutions = this.settingsStore.saveDataErrorExecution;
-		this.defaultValues.saveSuccessfulExecutions = this.settingsStore.saveDataSuccessExecution;
-		this.defaultValues.saveManualExecutions = this.settingsStore.saveManualExecutions;
-		this.updateSettings(this.workflowSettings);
-	},
-	methods: {
-		updateSettings(workflowSettings: IWorkflowSettings): void {
-			this.workflowSaveSettings.saveFailedExecutions =
-				workflowSettings.saveDataErrorExecution === undefined
-					? this.defaultValues.saveFailedExecutions === 'all'
-					: workflowSettings.saveDataErrorExecution === 'all';
-			this.workflowSaveSettings.saveSuccessfulExecutions =
-				workflowSettings.saveDataSuccessExecution === undefined
-					? this.defaultValues.saveSuccessfulExecutions === 'all'
-					: workflowSettings.saveDataSuccessExecution === 'all';
-			this.workflowSaveSettings.saveTestExecutions =
-				workflowSettings.saveManualExecutions === undefined
-					? this.defaultValues.saveManualExecutions
-					: (workflowSettings.saveManualExecutions as boolean);
-		},
-		onAccordionClick(event: MouseEvent): void {
-			if (event.target instanceof HTMLAnchorElement) {
-				event.preventDefault();
-				this.uiStore.openModal(WORKFLOW_SETTINGS_MODAL_KEY);
-			}
-		},
-		onItemTooltipClick(item: string, event: MouseEvent): void {
-			if (item === 'productionExecutions' && event.target instanceof HTMLAnchorElement) {
-				event.preventDefault();
-				this.uiStore.openModal(WORKFLOW_SETTINGS_MODAL_KEY);
-			}
-		},
-		openWorkflowSettings(): void {
-			this.uiStore.openModal(WORKFLOW_SETTINGS_MODAL_KEY);
-		},
-		async onSaveWorkflowClick(): Promise<void> {
-			let currentId: string | undefined = undefined;
-			if (this.currentWorkflowId !== PLACEHOLDER_EMPTY_WORKFLOW_ID) {
-				currentId = this.currentWorkflowId;
-			} else if (this.$route.params.name && this.$route.params.name !== 'new') {
-				const routeName = this.$route.params.name;
-				currentId = Array.isArray(routeName) ? routeName[0] : routeName;
-			}
-			if (!currentId) {
-				return;
-			}
-			const saved = await this.workflowHelpers.saveCurrentWorkflow({
-				id: currentId,
-				name: this.workflowName,
-				tags: this.currentWorkflowTagIds,
-			});
-			if (saved) {
-				await this.npsSurveyStore.fetchPromptsData();
-			}
-		},
-	},
-});
-</script>
-
 <style module lang="scss">
 .accordion {
 	background: none;
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsLandingPage.vue b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsLandingPage.vue
index 59245e3a3eee0..1ac815c1b1f26 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsLandingPage.vue
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsLandingPage.vue
@@ -1,67 +1,62 @@
+<script setup lang="ts">
+import { computed } from 'vue';
+import { useRoute, useRouter } from 'vue-router';
+import { PLACEHOLDER_EMPTY_WORKFLOW_ID, VIEWS } from '@/constants';
+import { useUIStore } from '@/stores/ui.store';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import WorkflowExecutionsInfoAccordion from './WorkflowExecutionsInfoAccordion.vue';
+import { useI18n } from '@/composables/useI18n';
+
+const router = useRouter();
+const route = useRoute();
+const locale = useI18n();
+
+const uiStore = useUIStore();
+const workflowsStore = useWorkflowsStore();
+
+const executionCount = computed(() => workflowsStore.currentWorkflowExecutions.length);
+const containsTrigger = computed(() => workflowsStore.workflowTriggerNodes.length > 0);
+
+function onSetupFirstStep(): void {
+	uiStore.addFirstStepOnLoad = true;
+	const workflowRoute = getWorkflowRoute();
+	void router.push(workflowRoute);
+}
+
+function getWorkflowRoute(): { name: string; params: {} } {
+	const workflowId = workflowsStore.workflowId || route.params.name;
+	if (workflowId === PLACEHOLDER_EMPTY_WORKFLOW_ID) {
+		return { name: VIEWS.NEW_WORKFLOW, params: {} };
+	} else {
+		return { name: VIEWS.WORKFLOW, params: { name: workflowId } };
+	}
+}
+</script>
+
 <template>
 	<div :class="['workflow-executions-container', $style.container]">
 		<div v-if="executionCount === 0" :class="[$style.messageContainer, $style.noExecutionsMessage]">
 			<div v-if="!containsTrigger">
-				<n8n-heading tag="h2" size="xlarge" color="text-dark" class="mb-2xs">
-					{{ $locale.baseText('executionsLandingPage.emptyState.noTrigger.heading') }}
-				</n8n-heading>
-				<n8n-text size="medium">
-					{{ $locale.baseText('executionsLandingPage.emptyState.message') }}
-				</n8n-text>
-				<n8n-button class="mt-l" type="tertiary" size="large" @click="onSetupFirstStep">
-					{{ $locale.baseText('executionsLandingPage.emptyState.noTrigger.buttonText') }}
-				</n8n-button>
+				<N8nHeading tag="h2" size="xlarge" color="text-dark" class="mb-2xs">
+					{{ locale.baseText('executionsLandingPage.emptyState.noTrigger.heading') }}
+				</N8nHeading>
+				<N8nText size="medium">
+					{{ locale.baseText('executionsLandingPage.emptyState.message') }}
+				</N8nText>
+				<N8nButton class="mt-l" type="tertiary" size="large" @click="onSetupFirstStep">
+					{{ locale.baseText('executionsLandingPage.emptyState.noTrigger.buttonText') }}
+				</N8nButton>
 			</div>
 			<div v-else>
-				<n8n-heading tag="h2" size="xlarge" color="text-dark" class="mb-2xs">
-					{{ $locale.baseText('executionsLandingPage.emptyState.heading') }}
-				</n8n-heading>
+				<N8nHeading tag="h2" size="xlarge" color="text-dark" class="mb-2xs">
+					{{ locale.baseText('executionsLandingPage.emptyState.heading') }}
+				</N8nHeading>
 				<WorkflowExecutionsInfoAccordion />
 			</div>
 		</div>
 	</div>
 </template>
 
-<script lang="ts">
-import { PLACEHOLDER_EMPTY_WORKFLOW_ID, VIEWS } from '@/constants';
-import { useUIStore } from '@/stores/ui.store';
-import { useWorkflowsStore } from '@/stores/workflows.store';
-import { mapStores } from 'pinia';
-import { defineComponent } from 'vue';
-import WorkflowExecutionsInfoAccordion from './WorkflowExecutionsInfoAccordion.vue';
-
-export default defineComponent({
-	name: 'ExecutionsLandingPage',
-	components: {
-		WorkflowExecutionsInfoAccordion,
-	},
-	computed: {
-		...mapStores(useUIStore, useWorkflowsStore),
-		executionCount(): number {
-			return this.workflowsStore.currentWorkflowExecutions.length;
-		},
-		containsTrigger(): boolean {
-			return this.workflowsStore.workflowTriggerNodes.length > 0;
-		},
-	},
-	methods: {
-		onSetupFirstStep(): void {
-			this.uiStore.addFirstStepOnLoad = true;
-			const workflowRoute = this.getWorkflowRoute();
-			void this.$router.push(workflowRoute);
-		},
-		getWorkflowRoute(): { name: string; params: {} } {
-			const workflowId = this.workflowsStore.workflowId || this.$route.params.name;
-			if (workflowId === PLACEHOLDER_EMPTY_WORKFLOW_ID) {
-				return { name: VIEWS.NEW_WORKFLOW, params: {} };
-			} else {
-				return { name: VIEWS.WORKFLOW, params: { name: workflowId } };
-			}
-		},
-	},
-});
-</script>
-
 <style module lang="scss">
 .container {
 	width: 100%;
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsList.vue b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsList.vue
index 9e66df8117baa..fda8e084876bb 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsList.vue
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsList.vue
@@ -1,30 +1,5 @@
-<template>
-	<div :class="$style.container">
-		<WorkflowExecutionsSidebar
-			:executions="executions"
-			:loading="loading && !executions.length"
-			:loading-more="loadingMore"
-			:temporary-execution="temporaryExecution"
-			@update:auto-refresh="emit('update:auto-refresh', $event)"
-			@reload-executions="emit('reload')"
-			@filter-updated="emit('update:filters', $event)"
-			@load-more="emit('load-more')"
-			@retry-execution="onRetryExecution"
-		/>
-		<div v-if="!hidePreview" :class="$style.content">
-			<router-view
-				name="executionPreview"
-				:execution="execution"
-				@delete-current-execution="onDeleteCurrentExecution"
-				@retry-execution="onRetryExecution"
-				@stop-execution="onStopExecution"
-			/>
-		</div>
-	</div>
-</template>
-
 <script setup lang="ts">
-import { computed } from 'vue';
+import { computed, watch } from 'vue';
 import { onBeforeRouteLeave, useRouter } from 'vue-router';
 import WorkflowExecutionsSidebar from '@/components/executions/workflow/WorkflowExecutionsSidebar.vue';
 import { MAIN_HEADER_TABS, VIEWS } from '@/constants';
@@ -32,7 +7,6 @@ import type { ExecutionFilterType, IWorkflowDb } from '@/Interface';
 import type { ExecutionSummary } from 'n8n-workflow';
 import { getNodeViewTab } from '@/utils/canvasUtils';
 import { useWorkflowHelpers } from '@/composables/useWorkflowHelpers';
-import { watch } from 'vue';
 
 const props = withDefaults(
 	defineProps<{
@@ -62,10 +36,11 @@ const emit = defineEmits<{
 const workflowHelpers = useWorkflowHelpers({ router: useRouter() });
 const router = useRouter();
 
-const temporaryExecution = computed(() => {
-	const isTemporary = !props.executions.find((execution) => execution.id === props.execution?.id);
-	return isTemporary ? props.execution : undefined;
-});
+const temporaryExecution = computed<ExecutionSummary | undefined>(() =>
+	props.executions.find((execution) => execution.id === props.execution?.id)
+		? undefined
+		: props.execution ?? undefined,
+);
 
 const hidePreview = computed(() => {
 	return props.loading || (!props.execution && props.executions.length);
@@ -118,6 +93,32 @@ onBeforeRouteLeave(async (to, _, next) => {
 });
 </script>
 
+<template>
+	<div :class="$style.container">
+		<WorkflowExecutionsSidebar
+			:executions="executions"
+			:loading="loading && !executions.length"
+			:loading-more="loadingMore"
+			:temporary-execution="temporaryExecution"
+			:workflow="workflow"
+			@update:auto-refresh="emit('update:auto-refresh', $event)"
+			@reload-executions="emit('reload')"
+			@filter-updated="emit('update:filters', $event)"
+			@load-more="emit('load-more')"
+			@retry-execution="onRetryExecution"
+		/>
+		<div v-if="!hidePreview" :class="$style.content">
+			<router-view
+				name="executionPreview"
+				:execution="execution"
+				@delete-current-execution="onDeleteCurrentExecution"
+				@retry-execution="onRetryExecution"
+				@stop-execution="onStopExecution"
+			/>
+		</div>
+	</div>
+</template>
+
 <style module lang="scss">
 .container {
 	display: flex;
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.test.ts b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.test.ts
index eb09c96974120..ce092dab46a8a 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.test.ts
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.test.ts
@@ -11,6 +11,8 @@ import { EnterpriseEditionFeature, VIEWS } from '@/constants';
 import { i18nInstance, I18nPlugin } from '@/plugins/i18n';
 import { FontAwesomePlugin } from '@/plugins/icons';
 import { GlobalComponentsPlugin } from '@/plugins/components';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import type { IWorkflowDb } from '@/Interface';
 
 let pinia: ReturnType<typeof createPinia>;
 
@@ -59,10 +61,12 @@ const executionDataFactory = (): ExecutionSummary => ({
 	nodeExecutionStatus: {},
 	retryOf: generateUndefinedNullOrString(),
 	retrySuccessId: generateUndefinedNullOrString(),
+	scopes: ['workflow:update'],
 });
 
 describe('WorkflowExecutionsPreview.vue', () => {
 	let settingsStore: ReturnType<typeof useSettingsStore>;
+	let workflowsStore: ReturnType<typeof useWorkflowsStore>;
 	const executionData: ExecutionSummary = executionDataFactory();
 
 	beforeEach(() => {
@@ -70,19 +74,25 @@ describe('WorkflowExecutionsPreview.vue', () => {
 		setActivePinia(pinia);
 
 		settingsStore = useSettingsStore();
+		workflowsStore = useWorkflowsStore();
 	});
 
 	test.each([
-		[false, '/'],
-		[true, `/workflow/${executionData.workflowId}/debug/${executionData.id}`],
+		[false, [], '/'],
+		[false, ['workflow:update'], '/'],
+		[true, [], '/'],
+		[true, ['workflow:read'], '/'],
+		[true, ['workflow:update'], `/workflow/${executionData.workflowId}/debug/${executionData.id}`],
 	])(
-		'when debug enterprise feature is %s it should handle debug link click accordingly',
-		async (availability, path) => {
+		'when debug enterprise feature is %s with workflow scopes %s it should handle debug link click accordingly',
+		async (availability, scopes, path) => {
 			settingsStore.settings.enterprise = {
 				...(settingsStore.settings.enterprise ?? {}),
 				[EnterpriseEditionFeature.DebugInEditor]: availability,
 			};
 
+			vi.spyOn(workflowsStore, 'getWorkflowById').mockReturnValue({ scopes } as IWorkflowDb);
+
 			// Not using createComponentRenderer helper here because this component should not stub `router-link`
 			const { getByTestId } = render(WorkflowExecutionsPreview, {
 				props: {
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.vue b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.vue
index af5c725a716be..677046f4bdc79 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.vue
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsPreview.vue
@@ -1,22 +1,113 @@
+<script lang="ts" setup>
+import { computed, ref } from 'vue';
+import { useRoute } from 'vue-router';
+import { ElDropdown } from 'element-plus';
+import { useExecutionDebugging } from '@/composables/useExecutionDebugging';
+import { useMessage } from '@/composables/useMessage';
+import WorkflowPreview from '@/components/WorkflowPreview.vue';
+import { MODAL_CONFIRM, VIEWS } from '@/constants';
+import type { ExecutionSummary } from 'n8n-workflow';
+import type { IExecutionUIData } from '@/composables/useExecutionHelpers';
+import { useExecutionHelpers } from '@/composables/useExecutionHelpers';
+import { useWorkflowsStore } from '@/stores/workflows.store';
+import { useI18n } from '@/composables/useI18n';
+import { getResourcePermissions } from '@/permissions';
+
+type RetryDropdownRef = InstanceType<typeof ElDropdown>;
+
+const props = defineProps<{
+	execution: ExecutionSummary;
+}>();
+
+const emit = defineEmits<{
+	deleteCurrentExecution: [];
+	retryExecution: Array<{ execution: ExecutionSummary; command: string }>;
+	stopExecution: [];
+}>();
+
+const route = useRoute();
+const locale = useI18n();
+
+const executionHelpers = useExecutionHelpers();
+const message = useMessage();
+const executionDebugging = useExecutionDebugging();
+const workflowsStore = useWorkflowsStore();
+
+const retryDropdownRef = ref<RetryDropdownRef | null>(null);
+const workflowId = computed(() => route.params.name as string);
+const workflowPermissions = computed(
+	() => getResourcePermissions(workflowsStore.getWorkflowById(workflowId.value)?.scopes).workflow,
+);
+const executionId = computed(() => route.params.executionId as string);
+const executionUIDetails = computed<IExecutionUIData | null>(() =>
+	props.execution ? executionHelpers.getUIDetails(props.execution) : null,
+);
+const debugButtonData = computed(() =>
+	props.execution?.status === 'success'
+		? {
+				text: locale.baseText('executionsList.debug.button.copyToEditor'),
+				type: 'secondary',
+			}
+		: {
+				text: locale.baseText('executionsList.debug.button.debugInEditor'),
+				type: 'primary',
+			},
+);
+const isRetriable = computed(
+	() => !!props.execution && executionHelpers.isExecutionRetriable(props.execution),
+);
+
+async function onDeleteExecution(): Promise<void> {
+	const deleteConfirmed = await message.confirm(
+		locale.baseText('executionDetails.confirmMessage.message'),
+		locale.baseText('executionDetails.confirmMessage.headline'),
+		{
+			type: 'warning',
+			confirmButtonText: locale.baseText('executionDetails.confirmMessage.confirmButtonText'),
+			cancelButtonText: '',
+		},
+	);
+	if (deleteConfirmed !== MODAL_CONFIRM) {
+		return;
+	}
+	emit('deleteCurrentExecution');
+}
+
+function handleRetryClick(command: string) {
+	emit('retryExecution', { execution: props.execution, command });
+}
+
+function handleStopClick() {
+	emit('stopExecution');
+}
+
+function onRetryButtonBlur(event: FocusEvent) {
+	// Hide dropdown when clicking outside of current document
+	if (retryDropdownRef.value && event.relatedTarget === null) {
+		retryDropdownRef.value.handleClose();
+	}
+}
+</script>
+
 <template>
 	<div v-if="executionUIDetails?.name === 'new'" :class="$style.newInfo">
-		<n8n-text :class="$style.newMessage" color="text-light">
-			{{ $locale.baseText('executionDetails.newMessage') }}
-		</n8n-text>
-		<n8n-button class="mt-l" type="tertiary" @click="handleStopClick">
-			{{ $locale.baseText('executionsList.stopExecution') }}
-		</n8n-button>
+		<N8nText :class="$style.newMessage" color="text-light">
+			{{ locale.baseText('executionDetails.newMessage') }}
+		</N8nText>
+		<N8nButton class="mt-l" type="tertiary" @click="handleStopClick">
+			{{ locale.baseText('executionsList.stopExecution') }}
+		</N8nButton>
 	</div>
 	<div v-else-if="executionUIDetails?.name === 'running'" :class="$style.runningInfo">
 		<div :class="$style.spinner">
-			<n8n-spinner type="ring" />
+			<N8nSpinner type="ring" />
 		</div>
-		<n8n-text :class="$style.runningMessage" color="text-light">
-			{{ $locale.baseText('executionDetails.runningMessage') }}
-		</n8n-text>
-		<n8n-button class="mt-l" type="tertiary" @click="handleStopClick">
-			{{ $locale.baseText('executionsList.stopExecution') }}
-		</n8n-button>
+		<N8nText :class="$style.runningMessage" color="text-light">
+			{{ locale.baseText('executionDetails.runningMessage') }}
+		</N8nText>
+		<N8nButton class="mt-l" type="tertiary" @click="handleStopClick">
+			{{ locale.baseText('executionsList.stopExecution') }}
+		</N8nButton>
 	</div>
 	<div v-else-if="executionUIDetails" :class="$style.previewContainer">
 		<div
@@ -25,57 +116,53 @@
 			:data-test-id="`execution-preview-details-${executionId}`"
 		>
 			<div>
-				<n8n-text size="large" color="text-base" :bold="true" data-test-id="execution-time">{{
+				<N8nText size="large" color="text-base" :bold="true" data-test-id="execution-time">{{
 					executionUIDetails?.startTime
-				}}</n8n-text
+				}}</N8nText
 				><br />
-				<n8n-spinner
+				<N8nSpinner
 					v-if="executionUIDetails?.name === 'running'"
 					size="small"
 					:class="[$style.spinner, 'mr-4xs']"
 				/>
-				<n8n-text
+				<N8nText
 					size="medium"
 					:class="[$style.status, $style[executionUIDetails.name]]"
 					data-test-id="execution-preview-label"
 				>
 					{{ executionUIDetails.label }}
-				</n8n-text>
+				</N8nText>
 				{{ ' ' }}
-				<n8n-text
-					v-if="executionUIDetails?.showTimestamp === false"
-					color="text-base"
-					size="medium"
-				>
+				<N8nText v-if="executionUIDetails?.showTimestamp === false" color="text-base" size="medium">
 					| ID#{{ execution.id }}
-				</n8n-text>
-				<n8n-text v-else-if="executionUIDetails.name === 'running'" color="text-base" size="medium">
+				</N8nText>
+				<N8nText v-else-if="executionUIDetails.name === 'running'" color="text-base" size="medium">
 					{{
-						$locale.baseText('executionDetails.runningTimeRunning', {
+						locale.baseText('executionDetails.runningTimeRunning', {
 							interpolate: { time: executionUIDetails?.runningTime },
 						})
 					}}
 					| ID#{{ execution.id }}
-				</n8n-text>
-				<n8n-text
+				</N8nText>
+				<N8nText
 					v-else-if="executionUIDetails.name !== 'waiting'"
 					color="text-base"
 					size="medium"
 					data-test-id="execution-preview-id"
 				>
 					{{
-						$locale.baseText('executionDetails.runningTimeFinished', {
+						locale.baseText('executionDetails.runningTimeFinished', {
 							interpolate: { time: executionUIDetails?.runningTime ?? 'unknown' },
 						})
 					}}
 					| ID#{{ execution.id }}
-				</n8n-text>
-				<br /><n8n-text v-if="execution.mode === 'retry'" color="text-base" size="medium">
-					{{ $locale.baseText('executionDetails.retry') }}
+				</N8nText>
+				<br /><N8nText v-if="execution.mode === 'retry'" color="text-base" size="medium">
+					{{ locale.baseText('executionDetails.retry') }}
 					<router-link
 						:class="$style.executionLink"
 						:to="{
-							name: executionPreviewViewName,
+							name: VIEWS.EXECUTION_PREVIEW,
 							params: {
 								workflowId: execution.workflowId,
 								executionId: execution.retryOf,
@@ -84,24 +171,31 @@
 					>
 						#{{ execution.retryOf }}
 					</router-link>
-				</n8n-text>
+				</N8nText>
 			</div>
 			<div>
-				<n8n-button size="medium" :type="debugButtonData.type" :class="$style.debugLink">
-					<router-link
-						:to="{
-							name: executionDebugViewName,
-							params: {
-								name: execution.workflowId,
-								executionId: execution.id,
-							},
-						}"
+				<router-link
+					:to="{
+						name: VIEWS.EXECUTION_DEBUG,
+						params: {
+							name: execution.workflowId,
+							executionId: execution.id,
+						},
+					}"
+				>
+					<N8nButton
+						size="medium"
+						:type="debugButtonData.type"
+						:class="$style.debugLink"
+						:disabled="!workflowPermissions.update"
 					>
-						<span data-test-id="execution-debug-button" @click="handleDebugLinkClick">{{
-							debugButtonData.text
-						}}</span>
-					</router-link>
-				</n8n-button>
+						<span
+							data-test-id="execution-debug-button"
+							@click="executionDebugging.handleDebugLinkClick"
+							>{{ debugButtonData.text }}</span
+						>
+					</N8nButton>
+				</router-link>
 
 				<ElDropdown
 					v-if="isRetriable"
@@ -111,28 +205,30 @@
 					@command="handleRetryClick"
 				>
 					<span class="retry-button">
-						<n8n-icon-button
+						<N8nIconButton
 							size="medium"
 							type="tertiary"
-							:title="$locale.baseText('executionsList.retryExecution')"
+							:title="locale.baseText('executionsList.retryExecution')"
+							:disabled="!workflowPermissions.update"
 							icon="redo"
 							data-test-id="execution-preview-retry-button"
 							@blur="onRetryButtonBlur"
 						/>
 					</span>
 					<template #dropdown>
-						<el-dropdown-menu>
-							<el-dropdown-item command="current-workflow">
-								{{ $locale.baseText('executionsList.retryWithCurrentlySavedWorkflow') }}
-							</el-dropdown-item>
-							<el-dropdown-item command="original-workflow">
-								{{ $locale.baseText('executionsList.retryWithOriginalWorkflow') }}
-							</el-dropdown-item>
-						</el-dropdown-menu>
+						<ElDropdownMenu>
+							<ElDropdownItem command="current-workflow">
+								{{ locale.baseText('executionsList.retryWithCurrentlySavedWorkflow') }}
+							</ElDropdownItem>
+							<ElDropdownItem command="original-workflow">
+								{{ locale.baseText('executionsList.retryWithOriginalWorkflow') }}
+							</ElDropdownItem>
+						</ElDropdownMenu>
 					</template>
 				</ElDropdown>
-				<n8n-icon-button
-					:title="$locale.baseText('executionDetails.deleteExecution')"
+				<N8nIconButton
+					:title="locale.baseText('executionDetails.deleteExecution')"
+					:disabled="!workflowPermissions.update"
 					icon="trash"
 					size="medium"
 					type="tertiary"
@@ -145,115 +241,11 @@
 			mode="execution"
 			loader-type="spinner"
 			:execution-id="executionId"
-			:execution-mode="executionMode"
+			:execution-mode="execution?.mode || ''"
 		/>
 	</div>
 </template>
 
-<script lang="ts">
-import type { PropType } from 'vue';
-import { defineComponent } from 'vue';
-import { ElDropdown } from 'element-plus';
-import { useExecutionDebugging } from '@/composables/useExecutionDebugging';
-import { useMessage } from '@/composables/useMessage';
-import WorkflowPreview from '@/components/WorkflowPreview.vue';
-import { MODAL_CONFIRM, VIEWS } from '@/constants';
-import type { ExecutionSummary } from 'n8n-workflow';
-import type { IExecutionUIData } from '@/composables/useExecutionHelpers';
-import { useExecutionHelpers } from '@/composables/useExecutionHelpers';
-import { useWorkflowsStore } from '@/stores/workflows.store';
-import { mapStores } from 'pinia';
-
-type RetryDropdownRef = InstanceType<typeof ElDropdown> & { hide: () => void };
-
-export default defineComponent({
-	name: 'WorkflowExecutionsPreview',
-	components: {
-		ElDropdown,
-		WorkflowPreview,
-	},
-	props: {
-		execution: {
-			type: Object as PropType<ExecutionSummary>,
-			required: true,
-		},
-	},
-	setup() {
-		const executionHelpers = useExecutionHelpers();
-
-		return {
-			executionHelpers,
-			...useMessage(),
-			...useExecutionDebugging(),
-		};
-	},
-	computed: {
-		...mapStores(useWorkflowsStore),
-		executionId(): string {
-			return this.$route.params.executionId as string;
-		},
-		executionUIDetails(): IExecutionUIData | null {
-			return this.execution ? this.executionHelpers.getUIDetails(this.execution) : null;
-		},
-		executionMode(): string {
-			return this.execution?.mode || '';
-		},
-		debugButtonData(): Record<string, string> {
-			return this.execution?.status === 'success'
-				? {
-						text: this.$locale.baseText('executionsList.debug.button.copyToEditor'),
-						type: 'secondary',
-					}
-				: {
-						text: this.$locale.baseText('executionsList.debug.button.debugInEditor'),
-						type: 'primary',
-					};
-		},
-		isRetriable(): boolean {
-			return !!this.execution && this.executionHelpers.isExecutionRetriable(this.execution);
-		},
-		executionDebugViewName() {
-			return VIEWS.EXECUTION_DEBUG;
-		},
-		executionPreviewViewName() {
-			return VIEWS.EXECUTION_PREVIEW;
-		},
-	},
-	methods: {
-		async onDeleteExecution(): Promise<void> {
-			const deleteConfirmed = await this.confirm(
-				this.$locale.baseText('executionDetails.confirmMessage.message'),
-				this.$locale.baseText('executionDetails.confirmMessage.headline'),
-				{
-					type: 'warning',
-					confirmButtonText: this.$locale.baseText(
-						'executionDetails.confirmMessage.confirmButtonText',
-					),
-					cancelButtonText: '',
-				},
-			);
-			if (deleteConfirmed !== MODAL_CONFIRM) {
-				return;
-			}
-			this.$emit('deleteCurrentExecution');
-		},
-		handleRetryClick(command: string): void {
-			this.$emit('retryExecution', { execution: this.execution, command });
-		},
-		handleStopClick(): void {
-			this.$emit('stopExecution');
-		},
-		onRetryButtonBlur(event: FocusEvent): void {
-			// Hide dropdown when clicking outside of current document
-			const retryDropdownRef = this.$refs.retryDropdown as RetryDropdownRef | undefined;
-			if (retryDropdownRef && event.relatedTarget === null) {
-				retryDropdownRef.handleClose();
-			}
-		},
-	},
-});
-</script>
-
 <style module lang="scss">
 .previewContainer {
 	position: relative;
@@ -321,7 +313,6 @@ export default defineComponent({
 
 .debugLink {
 	margin-right: var(--spacing-xs);
-	padding: 0;
 
 	a > span {
 		display: block;
diff --git a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsSidebar.vue b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsSidebar.vue
index 0186ef4830a1a..fec95888ee43e 100644
--- a/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsSidebar.vue
+++ b/packages/editor-ui/src/components/executions/workflow/WorkflowExecutionsSidebar.vue
@@ -1,6 +1,170 @@
+<script setup lang="ts">
+import { ref, computed, watch } from 'vue';
+import type { ComponentPublicInstance } from 'vue';
+import type { RouteLocationNormalizedLoaded } from 'vue-router';
+import { useRoute, useRouter } from 'vue-router';
+import WorkflowExecutionsCard from '@/components/executions/workflow/WorkflowExecutionsCard.vue';
+import WorkflowExecutionsInfoAccordion from '@/components/executions/workflow/WorkflowExecutionsInfoAccordion.vue';
+import ExecutionsFilter from '@/components/executions/ExecutionsFilter.vue';
+import { VIEWS } from '@/constants';
+import type { ExecutionSummary } from 'n8n-workflow';
+import { useExecutionsStore } from '@/stores/executions.store';
+import type { ExecutionFilterType, IWorkflowDb } from '@/Interface';
+import { isComponentPublicInstance } from '@/utils/typeGuards';
+import { getResourcePermissions } from '@/permissions';
+
+type AutoScrollDeps = { activeExecutionSet: boolean; cardsMounted: boolean; scroll: boolean };
+
+const props = defineProps<{
+	workflow?: IWorkflowDb;
+	executions: ExecutionSummary[];
+	loading: boolean;
+	loadingMore: boolean;
+	temporaryExecution?: ExecutionSummary;
+}>();
+
+const emit = defineEmits<{
+	retryExecution: [payload: { execution: ExecutionSummary; command: string }];
+	loadMore: [amount: number];
+	filterUpdated: [filter: ExecutionFilterType];
+	'update:autoRefresh': [boolean];
+}>();
+
+const route = useRoute();
+const router = useRouter();
+
+const executionsStore = useExecutionsStore();
+
+const mountedItems = ref<string[]>([]);
+const autoScrollDeps = ref<AutoScrollDeps>({
+	activeExecutionSet: false,
+	cardsMounted: false,
+	scroll: true,
+});
+const currentWorkflowExecutionsCardRefs = ref<Record<string, ComponentPublicInstance>>({});
+const sidebarContainerRef = ref<HTMLElement | null>(null);
+const executionListRef = ref<HTMLElement | null>(null);
+
+const workflowPermissions = computed(() => getResourcePermissions(props.workflow?.scopes).workflow);
+
+watch(
+	() => route,
+	(to: RouteLocationNormalizedLoaded, from: RouteLocationNormalizedLoaded) => {
+		if (from.name === VIEWS.EXECUTION_PREVIEW && to.name === VIEWS.EXECUTION_HOME) {
+			// Skip parent route when navigating through executions with back button
+			router.go(-1);
+		}
+	},
+);
+
+watch(
+	() => executionsStore.activeExecution,
+	(newValue: ExecutionSummary | null, oldValue: ExecutionSummary | null) => {
+		if (newValue && newValue.id !== oldValue?.id) {
+			autoScrollDeps.value.activeExecutionSet = true;
+		}
+	},
+);
+
+watch(
+	autoScrollDeps,
+	(updatedDeps: AutoScrollDeps) => {
+		if (Object.values(updatedDeps).every(Boolean)) {
+			scrollToActiveCard();
+		}
+	},
+	{ deep: true },
+);
+
+function addCurrentWorkflowExecutionsCardRef(
+	comp: Element | ComponentPublicInstance | null,
+	id?: string,
+) {
+	if (comp && isComponentPublicInstance(comp) && id) {
+		currentWorkflowExecutionsCardRefs.value[id] = comp;
+	}
+}
+
+function onItemMounted(id: string): void {
+	mountedItems.value.push(id);
+	if (mountedItems.value.length === props.executions.length) {
+		autoScrollDeps.value.cardsMounted = true;
+		checkListSize();
+	}
+
+	if (executionsStore.activeExecution?.id === id) {
+		autoScrollDeps.value.activeExecutionSet = true;
+	}
+}
+
+function loadMore(limit = 20): void {
+	if (!props.loading) {
+		if (executionListRef.value) {
+			const diff =
+				executionListRef.value.offsetHeight -
+				(executionListRef.value.scrollHeight - executionListRef.value.scrollTop);
+			if (diff > -10 && diff < 10) {
+				emit('loadMore', limit);
+			}
+		}
+	}
+}
+
+function onRetryExecution(payload: { execution: ExecutionSummary; command: string }) {
+	emit('retryExecution', payload);
+}
+
+function onFilterChanged(filter: ExecutionFilterType) {
+	autoScrollDeps.value.activeExecutionSet = false;
+	autoScrollDeps.value.scroll = true;
+	mountedItems.value = [];
+	emit('filterUpdated', filter);
+}
+
+function onAutoRefreshChange(enabled: boolean) {
+	emit('update:autoRefresh', enabled);
+}
+
+function checkListSize(): void {
+	// Find out how many execution card can fit into list
+	// and load more if needed
+	const cards = Object.values(currentWorkflowExecutionsCardRefs.value);
+	if (sidebarContainerRef.value && cards.length) {
+		const cardElement = cards[0].$el as HTMLElement;
+		const listCapacity = Math.ceil(
+			sidebarContainerRef.value.clientHeight / cardElement.clientHeight,
+		);
+
+		if (listCapacity > props.executions.length) {
+			emit('loadMore', listCapacity - props.executions.length);
+		}
+	}
+}
+
+function scrollToActiveCard(): void {
+	if (
+		executionListRef.value &&
+		executionsStore.activeExecution &&
+		currentWorkflowExecutionsCardRefs.value[executionsStore.activeExecution.id]
+	) {
+		const cardElement =
+			currentWorkflowExecutionsCardRefs.value[executionsStore.activeExecution.id].$el;
+		const cardRect = cardElement.getBoundingClientRect();
+		const LIST_HEADER_OFFSET = 200;
+		if (cardRect.top > executionListRef.value.offsetHeight) {
+			autoScrollDeps.value.scroll = false;
+			executionListRef.value.scrollTo({
+				top: cardRect.top - LIST_HEADER_OFFSET,
+				behavior: 'smooth',
+			});
+		}
+	}
+}
+</script>
+
 <template>
 	<div
-		ref="container"
+		ref="sidebarContainerRef"
 		:class="['executions-sidebar', $style.container]"
 		data-test-id="executions-sidebar"
 	>
@@ -13,14 +177,14 @@
 			<el-checkbox
 				v-model="executionsStore.autoRefresh"
 				data-test-id="auto-refresh-checkbox"
-				@update:model-value="$emit('update:autoRefresh', $event)"
+				@update:model-value="onAutoRefreshChange"
 			>
 				{{ $locale.baseText('executionsList.autoRefresh') }}
 			</el-checkbox>
 			<ExecutionsFilter popover-placement="left-start" @filter-changed="onFilterChanged" />
 		</div>
 		<div
-			ref="executionList"
+			ref="executionListRef"
 			:class="$style.executionList"
 			data-test-id="current-executions-list"
 			@scroll="loadMore(20)"
@@ -39,18 +203,20 @@
 			</div>
 			<WorkflowExecutionsCard
 				v-else-if="temporaryExecution"
-				:ref="`execution-${temporaryExecution.id}`"
+				:ref="(el) => addCurrentWorkflowExecutionsCardRef(el, temporaryExecution?.id)"
 				:execution="temporaryExecution"
 				:data-test-id="`execution-details-${temporaryExecution.id}`"
 				:show-gap="true"
+				:workflow-permissions="workflowPermissions"
 				@retry-execution="onRetryExecution"
 			/>
 			<TransitionGroup name="executions-list">
 				<WorkflowExecutionsCard
 					v-for="execution in executions"
 					:key="execution.id"
-					:ref="`execution-${execution.id}`"
+					:ref="(el) => addCurrentWorkflowExecutionsCardRef(el, execution.id)"
 					:execution="execution"
+					:workflow-permissions="workflowPermissions"
 					:data-test-id="`execution-details-${execution.id}`"
 					@retry-execution="onRetryExecution"
 					@mounted="onItemMounted"
@@ -66,178 +232,6 @@
 	</div>
 </template>
 
-<script lang="ts">
-import WorkflowExecutionsCard from '@/components/executions/workflow/WorkflowExecutionsCard.vue';
-import WorkflowExecutionsInfoAccordion from '@/components/executions/workflow/WorkflowExecutionsInfoAccordion.vue';
-import ExecutionsFilter from '@/components/executions/ExecutionsFilter.vue';
-import { VIEWS } from '@/constants';
-import type { ExecutionSummary } from 'n8n-workflow';
-import type { RouteRecord } from 'vue-router';
-import { defineComponent } from 'vue';
-import type { PropType } from 'vue';
-import { mapStores } from 'pinia';
-import { useExecutionsStore } from '@/stores/executions.store';
-import { useWorkflowsStore } from '@/stores/workflows.store';
-import type { ExecutionFilterType } from '@/Interface';
-
-type WorkflowExecutionsCardRef = InstanceType<typeof WorkflowExecutionsCard>;
-type AutoScrollDeps = { activeExecutionSet: boolean; cardsMounted: boolean; scroll: boolean };
-
-export default defineComponent({
-	name: 'WorkflowExecutionsSidebar',
-	components: {
-		WorkflowExecutionsCard,
-		WorkflowExecutionsInfoAccordion,
-		ExecutionsFilter,
-	},
-	props: {
-		executions: {
-			type: Array as PropType<ExecutionSummary[]>,
-			required: true,
-		},
-		loading: {
-			type: Boolean,
-			default: true,
-		},
-		loadingMore: {
-			type: Boolean,
-			default: false,
-		},
-		temporaryExecution: {
-			type: Object as PropType<ExecutionSummary>,
-			default: null,
-		},
-	},
-	emits: {
-		retryExecution: null,
-		loadMore: null,
-		refresh: null,
-		filterUpdated: null,
-		reloadExecutions: null,
-		'update:autoRefresh': null,
-	},
-	data() {
-		return {
-			filter: {} as ExecutionFilterType,
-			mountedItems: [] as string[],
-			autoScrollDeps: {
-				activeExecutionSet: false,
-				cardsMounted: false,
-				scroll: true,
-			} as AutoScrollDeps,
-		};
-	},
-	computed: {
-		...mapStores(useExecutionsStore, useWorkflowsStore),
-	},
-	watch: {
-		$route(to: RouteRecord, from: RouteRecord) {
-			if (from.name === VIEWS.EXECUTION_PREVIEW && to.name === VIEWS.EXECUTION_HOME) {
-				// Skip parent route when navigating through executions with back button
-				this.$router.go(-1);
-			}
-		},
-		'executionsStore.activeExecution'(
-			newValue: ExecutionSummary | null,
-			oldValue: ExecutionSummary | null,
-		) {
-			if (newValue && newValue.id !== oldValue?.id) {
-				this.autoScrollDeps.activeExecutionSet = true;
-			}
-		},
-		autoScrollDeps: {
-			handler(updatedDeps: AutoScrollDeps) {
-				if (Object.values(updatedDeps).every(Boolean)) {
-					this.scrollToActiveCard();
-				}
-			},
-			deep: true,
-		},
-	},
-	methods: {
-		onItemMounted(id: string): void {
-			this.mountedItems.push(id);
-			if (this.mountedItems.length === this.executions.length) {
-				this.autoScrollDeps.cardsMounted = true;
-				this.checkListSize();
-			}
-
-			if (this.executionsStore.activeExecution?.id === id) {
-				this.autoScrollDeps.activeExecutionSet = true;
-			}
-		},
-		loadMore(limit = 20): void {
-			if (!this.loading) {
-				const executionsListRef = this.$refs.executionList as HTMLElement | undefined;
-				if (executionsListRef) {
-					const diff =
-						executionsListRef.offsetHeight -
-						(executionsListRef.scrollHeight - executionsListRef.scrollTop);
-					if (diff > -10 && diff < 10) {
-						this.$emit('loadMore', limit);
-					}
-				}
-			}
-		},
-		onRetryExecution(payload: object) {
-			this.$emit('retryExecution', payload);
-		},
-		onRefresh(): void {
-			this.$emit('refresh');
-		},
-		onFilterChanged(filter: ExecutionFilterType) {
-			this.autoScrollDeps.activeExecutionSet = false;
-			this.autoScrollDeps.scroll = true;
-			this.mountedItems = [];
-			this.$emit('filterUpdated', filter);
-		},
-		reloadExecutions(): void {
-			this.$emit('reloadExecutions');
-		},
-		checkListSize(): void {
-			const sidebarContainerRef = this.$refs.container as HTMLElement | undefined;
-			const currentWorkflowExecutionsCardRefs = this.$refs[
-				`execution-${this.mountedItems[this.mountedItems.length - 1]}`
-			] as WorkflowExecutionsCardRef[] | undefined;
-
-			// Find out how many execution card can fit into list
-			// and load more if needed
-			if (sidebarContainerRef && currentWorkflowExecutionsCardRefs?.length) {
-				const cardElement = currentWorkflowExecutionsCardRefs[0].$el as HTMLElement;
-				const listCapacity = Math.ceil(sidebarContainerRef.clientHeight / cardElement.clientHeight);
-
-				if (listCapacity > this.executions.length) {
-					this.$emit('loadMore', listCapacity - this.executions.length);
-				}
-			}
-		},
-		scrollToActiveCard(): void {
-			const executionsListRef = this.$refs.executionList as HTMLElement | undefined;
-			const currentWorkflowExecutionsCardRefs = this.$refs[
-				`execution-${this.executionsStore.activeExecution?.id}`
-			] as WorkflowExecutionsCardRef[] | undefined;
-
-			if (
-				executionsListRef &&
-				currentWorkflowExecutionsCardRefs?.length &&
-				this.executionsStore.activeExecution
-			) {
-				const cardElement = currentWorkflowExecutionsCardRefs[0].$el as HTMLElement;
-				const cardRect = cardElement.getBoundingClientRect();
-				const LIST_HEADER_OFFSET = 200;
-				if (cardRect.top > executionsListRef.offsetHeight) {
-					this.autoScrollDeps.scroll = false;
-					executionsListRef.scrollTo({
-						top: cardRect.top - LIST_HEADER_OFFSET,
-						behavior: 'smooth',
-					});
-				}
-			}
-		},
-	},
-});
-</script>
-
 <style module lang="scss">
 .container {
 	flex: 310px 0 0;
diff --git a/packages/editor-ui/src/components/layouts/ResourcesListLayout.vue b/packages/editor-ui/src/components/layouts/ResourcesListLayout.vue
index f242d6a9f9820..648b1d5eddd46 100644
--- a/packages/editor-ui/src/components/layouts/ResourcesListLayout.vue
+++ b/packages/editor-ui/src/components/layouts/ResourcesListLayout.vue
@@ -23,8 +23,13 @@
 						:description="i18n.baseText(`${resourceKey}.empty.description` as BaseTextKey)"
 						:button-text="i18n.baseText(`${resourceKey}.empty.button` as BaseTextKey)"
 						button-type="secondary"
+						:button-disabled="disabled"
 						@click:button="onAddButtonClick"
-					/>
+					>
+						<template #disabledButtonTooltip>
+							{{ i18n.baseText(`${resourceKey}.empty.button.disabled.tooltip` as BaseTextKey) }}
+						</template>
+					</n8n-action-box>
 				</slot>
 			</div>
 			<PageViewLayoutList v-else :overflow="type !== 'list'">
diff --git a/packages/editor-ui/src/composables/__tests__/useContextMenu.test.ts b/packages/editor-ui/src/composables/__tests__/useContextMenu.test.ts
index d37594c4881f3..74acb63ac73b7 100644
--- a/packages/editor-ui/src/composables/__tests__/useContextMenu.test.ts
+++ b/packages/editor-ui/src/composables/__tests__/useContextMenu.test.ts
@@ -38,6 +38,7 @@ describe('useContextMenu', () => {
 
 		workflowsStore = useWorkflowsStore();
 		workflowsStore.workflow.nodes = nodes;
+		workflowsStore.workflow.scopes = ['workflow:update'];
 		vi.spyOn(workflowsStore, 'getCurrentWorkflow').mockReturnValue({
 			nodes,
 			getNode: (_: string) => {
@@ -127,6 +128,7 @@ describe('useContextMenu', () => {
 	describe('Read-only mode', () => {
 		it('should return the correct actions when right clicking a sticky', () => {
 			vi.spyOn(uiStore, 'isReadOnlyView', 'get').mockReturnValue(true);
+			workflowsStore.workflow.scopes = ['workflow:read'];
 			const { open, isOpen, actions, targetNodeIds } = useContextMenu();
 			const sticky = nodeFactory({ type: STICKY_NODE_TYPE });
 			vi.spyOn(workflowsStore, 'getNodeById').mockReturnValue(sticky);
diff --git a/packages/editor-ui/src/composables/__tests__/useExecutionHelpers.test.ts b/packages/editor-ui/src/composables/__tests__/useExecutionHelpers.test.ts
index 29bd64ea4243e..465abeb173fbf 100644
--- a/packages/editor-ui/src/composables/__tests__/useExecutionHelpers.test.ts
+++ b/packages/editor-ui/src/composables/__tests__/useExecutionHelpers.test.ts
@@ -47,4 +47,25 @@ describe('useExecutionHelpers()', () => {
 			);
 		});
 	});
+
+	describe('isExecutionRetriable', () => {
+		const { isExecutionRetriable } = useExecutionHelpers();
+
+		it.each(['crashed', 'error'])('returns true when execution status is %s', (status) => {
+			expect(isExecutionRetriable({ status } as ExecutionSummary)).toEqual(true);
+		});
+
+		it.each(['canceled', 'new', 'running', 'success', 'unknown', 'waiting'])(
+			'returns false when execution status is %s',
+			(status) => {
+				expect(isExecutionRetriable({ status } as ExecutionSummary)).toEqual(false);
+			},
+		);
+
+		it('should return false if retrySuccessId is set', () => {
+			expect(
+				isExecutionRetriable({ status: 'crashed', retrySuccessId: '123' } as ExecutionSummary),
+			).toEqual(false);
+		});
+	});
 });
diff --git a/packages/editor-ui/src/composables/useContextMenu.ts b/packages/editor-ui/src/composables/useContextMenu.ts
index 6f80d6a2e4164..21322cc910d6b 100644
--- a/packages/editor-ui/src/composables/useContextMenu.ts
+++ b/packages/editor-ui/src/composables/useContextMenu.ts
@@ -10,6 +10,7 @@ import { getMousePosition } from '../utils/nodeViewUtils';
 import { useI18n } from './useI18n';
 import { usePinnedData } from './usePinnedData';
 import { isPresent } from '../utils/typesUtils';
+import { getResourcePermissions } from '@/permissions';
 
 export type ContextMenuTarget =
 	| { source: 'canvas'; nodeIds: string[] }
@@ -46,8 +47,15 @@ export const useContextMenu = (onAction: ContextMenuActionCallback = () => {}) =
 
 	const i18n = useI18n();
 
+	const workflowPermissions = computed(
+		() => getResourcePermissions(workflowsStore.workflow.scopes).workflow,
+	);
+
 	const isReadOnly = computed(
-		() => sourceControlStore.preferences.branchReadOnly || uiStore.isReadOnlyView,
+		() =>
+			sourceControlStore.preferences.branchReadOnly ||
+			uiStore.isReadOnlyView ||
+			!workflowPermissions.value.update,
 	);
 
 	const targetNodeIds = computed(() => {
diff --git a/packages/editor-ui/src/composables/useExecutionDebugging.ts b/packages/editor-ui/src/composables/useExecutionDebugging.ts
index 05d7144fef369..b13a22dfa020a 100644
--- a/packages/editor-ui/src/composables/useExecutionDebugging.ts
+++ b/packages/editor-ui/src/composables/useExecutionDebugging.ts
@@ -16,6 +16,7 @@ import { useUIStore } from '@/stores/ui.store';
 import { useTelemetry } from './useTelemetry';
 import { useRootStore } from '@/stores/root.store';
 import { isFullExecutionResponse } from '@/utils/typeGuards';
+import { sanitizeHtml } from '@/utils/htmlUtils';
 
 export const useExecutionDebugging = () => {
 	const telemetry = useTelemetry();
@@ -61,7 +62,7 @@ export const useExecutionDebugging = () => {
 				h(
 					'ul',
 					{ class: 'mt-l ml-l' },
-					matchingPinnedNodeNames.map((name) => h('li', name)),
+					matchingPinnedNodeNames.map((name) => h('li', sanitizeHtml(name))),
 				),
 			]);
 
diff --git a/packages/editor-ui/src/composables/useExecutionHelpers.ts b/packages/editor-ui/src/composables/useExecutionHelpers.ts
index a00f5b639a1fa..9740f8dc06639 100644
--- a/packages/editor-ui/src/composables/useExecutionHelpers.ts
+++ b/packages/editor-ui/src/composables/useExecutionHelpers.ts
@@ -62,11 +62,7 @@ export function useExecutionHelpers() {
 	}
 
 	function isExecutionRetriable(execution: ExecutionSummary): boolean {
-		return (
-			['crashed', 'error'].includes(execution.status) &&
-			!execution.retryOf &&
-			!execution.retrySuccessId
-		);
+		return ['crashed', 'error'].includes(execution.status) && !execution.retrySuccessId;
 	}
 
 	return {
diff --git a/packages/editor-ui/src/composables/usePushConnection.ts b/packages/editor-ui/src/composables/usePushConnection.ts
index 18449197253d4..8018f1bfed7da 100644
--- a/packages/editor-ui/src/composables/usePushConnection.ts
+++ b/packages/editor-ui/src/composables/usePushConnection.ts
@@ -328,6 +328,7 @@ export function usePushConnection({ router }: { router: ReturnType<typeof useRou
 					message: `${action} <a href="https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.wait/" target="_blank">More info</a>`,
 					type: 'success',
 					duration: 0,
+					dangerouslyUseHTMLString: true,
 				});
 			} else if (runDataExecuted.finished !== true) {
 				titleChange.titleSet(workflow.name as string, 'ERROR');
@@ -438,7 +439,6 @@ export function usePushConnection({ router }: { router: ReturnType<typeof useRou
 							message: runDataExecutedErrorMessage,
 							type: 'error',
 							duration: 0,
-							dangerouslyUseHTMLString: true,
 						});
 					}
 				}
diff --git a/packages/editor-ui/src/composables/useToast.ts b/packages/editor-ui/src/composables/useToast.ts
index 657fec955c0a4..f7b6df0f80575 100644
--- a/packages/editor-ui/src/composables/useToast.ts
+++ b/packages/editor-ui/src/composables/useToast.ts
@@ -18,7 +18,7 @@ export interface NotificationErrorWithNodeAndDescription extends ApplicationErro
 }
 
 const messageDefaults: Partial<Omit<NotificationOptions, 'message'>> = {
-	dangerouslyUseHTMLString: true,
+	dangerouslyUseHTMLString: false,
 	position: 'bottom-right',
 };
 
@@ -32,28 +32,28 @@ export function useToast() {
 	const i18n = useI18n();
 
 	function showMessage(messageData: Partial<NotificationOptions>, track = true) {
-		messageData = { ...messageDefaults, ...messageData };
-
-		Object.defineProperty(messageData, 'message', {
-			value:
-				typeof messageData.message === 'string'
-					? sanitizeHtml(messageData.message)
-					: messageData.message,
-			writable: true,
-			enumerable: true,
-		});
+		const { message, title } = messageData;
+		const params = { ...messageDefaults, ...messageData };
+
+		if (typeof message === 'string') {
+			params.message = sanitizeHtml(message);
+		}
+
+		if (typeof title === 'string') {
+			params.title = sanitizeHtml(title);
+		}
 
-		const notification = Notification(messageData);
+		const notification = Notification(params);
 
-		if (messageData.duration === 0) {
+		if (params.duration === 0) {
 			stickyNotificationQueue.push(notification);
 		}
 
-		if (messageData.type === 'error' && track) {
+		if (params.type === 'error' && track) {
 			telemetry.track('Instance FE emitted error', {
-				error_title: messageData.title,
-				error_message: messageData.message,
-				caused_by_credential: causedByCredential(messageData.message as string),
+				error_title: params.title,
+				error_message: params.message,
+				caused_by_credential: causedByCredential(params.message as string),
 				workflow_id: workflowsStore.workflowId,
 			});
 		}
@@ -133,6 +133,7 @@ export function useToast() {
 					${collapsableDetails(error)}`,
 				type: 'error',
 				duration: 0,
+				dangerouslyUseHTMLString: true,
 			},
 			false,
 		);
diff --git a/packages/editor-ui/src/constants.ts b/packages/editor-ui/src/constants.ts
index 8b30c972c8af0..1878e7e89dec6 100644
--- a/packages/editor-ui/src/constants.ts
+++ b/packages/editor-ui/src/constants.ts
@@ -60,6 +60,7 @@ export const SOURCE_CONTROL_PUSH_MODAL_KEY = 'sourceControlPush';
 export const SOURCE_CONTROL_PULL_MODAL_KEY = 'sourceControlPull';
 export const DEBUG_PAYWALL_MODAL_KEY = 'debugPaywall';
 export const MFA_SETUP_MODAL_KEY = 'mfaSetup';
+export const PROMPT_MFA_CODE_MODAL_KEY = 'promptMfaCode';
 export const WORKFLOW_HISTORY_VERSION_RESTORE = 'workflowHistoryVersionRestore';
 export const SETUP_CREDENTIALS_MODAL_KEY = 'setupCredentials';
 export const PROJECT_MOVE_RESOURCE_MODAL = 'projectMoveResourceModal';
@@ -92,7 +93,6 @@ export const NPM_KEYWORD_SEARCH_URL =
 	'https://www.npmjs.com/search?q=keywords%3An8n-community-node-package';
 export const N8N_QUEUE_MODE_DOCS_URL = `https://${DOCS_DOMAIN}/hosting/scaling/queue-mode/`;
 export const COMMUNITY_NODES_INSTALLATION_DOCS_URL = `https://${DOCS_DOMAIN}/integrations/community-nodes/installation/gui-install/`;
-export const COMMUNITY_NODES_MANUAL_INSTALLATION_DOCS_URL = `https://${DOCS_DOMAIN}/integrations/community-nodes/installation/manual-install/`;
 export const COMMUNITY_NODES_NPM_INSTALLATION_URL =
 	'https://docs.npmjs.com/downloading-and-installing-node-js-and-npm';
 export const COMMUNITY_NODES_RISKS_DOCS_URL = `https://${DOCS_DOMAIN}/integrations/community-nodes/risks/`;
@@ -191,6 +191,7 @@ export const CHAIN_SUMMARIZATION_LANGCHAIN_NODE_TYPE =
 	'@n8n/n8n-nodes-langchain.chainSummarization';
 export const SIMULATE_NODE_TYPE = 'n8n-nodes-base.simulate';
 export const SIMULATE_TRIGGER_NODE_TYPE = 'n8n-nodes-base.simulateTrigger';
+export const AI_TRANSFORM_NODE_TYPE = 'n8n-nodes-base.aiTransform';
 
 export const CREDENTIAL_ONLY_NODE_PREFIX = 'n8n-creds-base';
 export const CREDENTIAL_ONLY_HTTP_NODE_VERSION = 4.1;
@@ -210,7 +211,11 @@ export const NON_ACTIVATABLE_TRIGGER_NODE_TYPES = [
 	MANUAL_CHAT_TRIGGER_NODE_TYPE,
 ];
 
-export const NODES_USING_CODE_NODE_EDITOR = [CODE_NODE_TYPE, AI_CODE_NODE_TYPE];
+export const NODES_USING_CODE_NODE_EDITOR = [
+	CODE_NODE_TYPE,
+	AI_CODE_NODE_TYPE,
+	AI_TRANSFORM_NODE_TYPE,
+];
 
 export const PIN_DATA_NODE_TYPES_DENYLIST = [SPLIT_IN_BATCHES_NODE_TYPE, STICKY_NODE_TYPE];
 
diff --git a/packages/editor-ui/src/event-bus/mfa.ts b/packages/editor-ui/src/event-bus/mfa.ts
index dbd264ff4c22a..a50b6512b7630 100644
--- a/packages/editor-ui/src/event-bus/mfa.ts
+++ b/packages/editor-ui/src/event-bus/mfa.ts
@@ -1,3 +1,18 @@
 import { createEventBus } from 'n8n-design-system/utils';
 
 export const mfaEventBus = createEventBus();
+
+export interface MfaModalClosedEventPayload {
+	mfaCode: string;
+}
+
+export interface MfaModalEvents {
+	close: MfaModalClosedEventPayload | undefined;
+
+	closed: MfaModalClosedEventPayload | undefined;
+}
+
+/**
+ * Event bus for transmitting the MFA code from a modal back to the view
+ */
+export const promptMfaCodeBus = createEventBus<MfaModalEvents>();
diff --git a/packages/editor-ui/src/permissions.spec.ts b/packages/editor-ui/src/permissions.spec.ts
index 3e5a22123a7cc..bef37aa9a8e2f 100644
--- a/packages/editor-ui/src/permissions.spec.ts
+++ b/packages/editor-ui/src/permissions.spec.ts
@@ -1,120 +1,118 @@
-import {
-	getVariablesPermissions,
-	getProjectPermissions,
-	getCredentialPermissions,
-	getWorkflowPermissions,
-} from '@/permissions';
-import type { ICredentialsResponse, IUser, IWorkflowDb } from '@/Interface';
-import type { Project } from '@/types/projects.types';
+import type { PermissionsRecord } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
+import type { Scope } from '@n8n/permissions';
 
 describe('permissions', () => {
-	it('getVariablesPermissions', () => {
-		expect(getVariablesPermissions(null)).toEqual({
-			create: false,
-			read: false,
-			update: false,
-			delete: false,
-			list: false,
-		});
-
-		expect(
-			getVariablesPermissions({
-				globalScopes: [
-					'variable:create',
-					'variable:read',
-					'variable:update',
-					'variable:delete',
-					'variable:list',
-				],
-			} as IUser),
-		).toEqual({
-			create: true,
-			read: true,
-			update: true,
-			delete: true,
-			list: true,
-		});
-
-		expect(
-			getVariablesPermissions({
-				globalScopes: ['variable:read', 'variable:list'],
-			} as IUser),
-		).toEqual({
-			create: false,
-			read: true,
-			update: false,
-			delete: false,
-			list: true,
-		});
-	});
-
-	it('getProjectPermissions', () => {
-		expect(
-			getProjectPermissions({
-				scopes: [
-					'project:create',
-					'project:read',
-					'project:update',
-					'project:delete',
-					'project:list',
-				],
-			} as Project),
-		).toEqual({
-			create: true,
-			read: true,
-			update: true,
-			delete: true,
-			list: true,
+	it('getResourcePermissions for empty scopes', () => {
+		expect(getResourcePermissions()).toEqual({
+			auditLogs: {},
+			banner: {},
+			communityPackage: {},
+			credential: {},
+			externalSecretsProvider: {},
+			externalSecret: {},
+			eventBusDestination: {},
+			ldap: {},
+			license: {},
+			logStreaming: {},
+			orchestration: {},
+			project: {},
+			saml: {},
+			securityAudit: {},
+			sourceControl: {},
+			tag: {},
+			user: {},
+			variable: {},
+			workersView: {},
+			workflow: {},
 		});
 	});
+	it('getResourcePermissions', () => {
+		const scopes: Scope[] = [
+			'credential:create',
+			'credential:delete',
+			'credential:list',
+			'credential:move',
+			'credential:read',
+			'credential:share',
+			'credential:update',
+			'eventBusDestination:list',
+			'eventBusDestination:test',
+			'project:list',
+			'project:read',
+			'tag:create',
+			'tag:list',
+			'tag:read',
+			'tag:update',
+			'user:list',
+			'variable:list',
+			'variable:read',
+			'workflow:create',
+			'workflow:delete',
+			'workflow:execute',
+			'workflow:list',
+			'workflow:move',
+			'workflow:read',
+			'workflow:share',
+			'workflow:update',
+		];
 
-	it('getCredentialPermissions', () => {
-		expect(
-			getCredentialPermissions({
-				scopes: [
-					'credential:create',
-					'credential:read',
-					'credential:update',
-					'credential:delete',
-					'credential:list',
-					'credential:share',
-					'credential:move',
-				],
-			} as ICredentialsResponse),
-		).toEqual({
-			create: true,
-			read: true,
-			update: true,
-			delete: true,
-			list: true,
-			share: true,
-			move: true,
-		});
-	});
+		const permissionRecord: PermissionsRecord = {
+			auditLogs: {},
+			banner: {},
+			communityPackage: {},
+			credential: {
+				create: true,
+				delete: true,
+				list: true,
+				move: true,
+				read: true,
+				share: true,
+				update: true,
+			},
+			eventBusDestination: {
+				list: true,
+				test: true,
+			},
+			externalSecret: {},
+			externalSecretsProvider: {},
+			ldap: {},
+			license: {},
+			logStreaming: {},
+			orchestration: {},
+			project: {
+				list: true,
+				read: true,
+			},
+			saml: {},
+			securityAudit: {},
+			sourceControl: {},
+			tag: {
+				create: true,
+				list: true,
+				read: true,
+				update: true,
+			},
+			user: {
+				list: true,
+			},
+			variable: {
+				list: true,
+				read: true,
+			},
+			workersView: {},
+			workflow: {
+				create: true,
+				delete: true,
+				execute: true,
+				list: true,
+				move: true,
+				read: true,
+				share: true,
+				update: true,
+			},
+		};
 
-	it('getWorkflowPermissions', () => {
-		expect(
-			getWorkflowPermissions({
-				scopes: [
-					'workflow:create',
-					'workflow:read',
-					'workflow:update',
-					'workflow:delete',
-					'workflow:list',
-					'workflow:share',
-					'workflow:execute',
-					'workflow:move',
-				],
-			} as IWorkflowDb),
-		).toEqual({
-			create: true,
-			read: true,
-			update: true,
-			delete: true,
-			list: true,
-			share: true,
-			execute: true,
-			move: true,
-		});
+		expect(getResourcePermissions(scopes)).toEqual(permissionRecord);
 	});
 });
diff --git a/packages/editor-ui/src/permissions.ts b/packages/editor-ui/src/permissions.ts
index 38e27fa33f73d..b26c3b51df932 100644
--- a/packages/editor-ui/src/permissions.ts
+++ b/packages/editor-ui/src/permissions.ts
@@ -1,66 +1,32 @@
-import type { IUser, ICredentialsResponse, IWorkflowDb } from '@/Interface';
-import type {
-	CredentialScope,
-	ProjectScope,
-	Scope,
-	WorkflowScope,
-	VariableScope,
-} from '@n8n/permissions';
-import type { Project } from '@/types/projects.types';
+import type { Scope } from '@n8n/permissions';
+import { RESOURCES } from '@n8n/permissions';
 
-type ExtractAfterColon<T> = T extends `${infer _Prefix}:${infer Suffix}` ? Suffix : never;
-export type PermissionsMap<T> = {
-	[K in ExtractAfterColon<T>]: boolean;
+type ExtractScopePrefixSuffix<T> = T extends `${infer Prefix}:${infer Suffix}`
+	? [Prefix, Suffix]
+	: never;
+type ActionBooleans<T extends readonly string[]> = {
+	[K in T[number]]?: boolean;
+};
+export type PermissionsRecord = {
+	[K in keyof typeof RESOURCES]: ActionBooleans<(typeof RESOURCES)[K]>;
 };
 
-const mapScopesToPermissions = <T extends Scope>(scopes: T[], scopeSet: Set<T>) =>
-	scopes.reduce(
-		(permissions, scope) => ({
+export const getResourcePermissions = (resourceScopes: Scope[] = []): PermissionsRecord =>
+	Object.keys(RESOURCES).reduce(
+		(permissions, key) => ({
 			...permissions,
-			[scope.split(':')[1]]: scopeSet.has(scope),
-		}),
-		{} as PermissionsMap<T>,
-	);
+			[key]: resourceScopes.reduce((resourcePermissions, scope) => {
+				const [prefix, suffix] = scope.split(':') as ExtractScopePrefixSuffix<Scope>;
 
-export const getCredentialPermissions = (
-	credential: ICredentialsResponse,
-): PermissionsMap<CredentialScope> =>
-	mapScopesToPermissions(
-		[
-			'credential:create',
-			'credential:read',
-			'credential:update',
-			'credential:delete',
-			'credential:list',
-			'credential:share',
-			'credential:move',
-		],
-		new Set(credential?.scopes ?? []),
-	);
+				if (prefix === key) {
+					return {
+						...resourcePermissions,
+						[suffix]: true,
+					};
+				}
 
-export const getWorkflowPermissions = (workflow: IWorkflowDb): PermissionsMap<WorkflowScope> =>
-	mapScopesToPermissions(
-		[
-			'workflow:create',
-			'workflow:read',
-			'workflow:update',
-			'workflow:delete',
-			'workflow:list',
-			'workflow:share',
-			'workflow:execute',
-			'workflow:move',
-		],
-		new Set(workflow?.scopes ?? []),
-	);
-
-export const getProjectPermissions = (project: Project | null): PermissionsMap<ProjectScope> =>
-	mapScopesToPermissions(
-		['project:create', 'project:read', 'project:update', 'project:delete', 'project:list'],
-		new Set(project?.scopes ?? []),
-	);
-
-export const getVariablesPermissions = (user: IUser | null): PermissionsMap<VariableScope> =>
-	mapScopesToPermissions(
-		['variable:create', 'variable:read', 'variable:update', 'variable:delete', 'variable:list'],
-		new Set(user?.globalScopes ?? []),
+				return resourcePermissions;
+			}, {}),
+		}),
+		{} as PermissionsRecord,
 	);
diff --git a/packages/editor-ui/src/plugins/codemirror/__tests__/dragAndDrop.test.ts b/packages/editor-ui/src/plugins/codemirror/__tests__/dragAndDrop.test.ts
new file mode 100644
index 0000000000000..512cc49109840
--- /dev/null
+++ b/packages/editor-ui/src/plugins/codemirror/__tests__/dragAndDrop.test.ts
@@ -0,0 +1,68 @@
+import { useNDVStore } from '@/stores/ndv.store';
+import { EditorState } from '@codemirror/state';
+import { EditorView } from '@codemirror/view';
+import { createTestingPinia } from '@pinia/testing';
+import { fireEvent } from '@testing-library/dom';
+import { setActivePinia } from 'pinia';
+import { mappingDropCursor } from '../dragAndDrop';
+import { n8nLang } from '../n8nLang';
+
+describe('CodeMirror drag and drop', () => {
+	beforeEach(() => {
+		const pinia = createTestingPinia({ stubActions: false });
+		setActivePinia(pinia);
+	});
+
+	describe('mappingDropCursor', () => {
+		const createEditor = () => {
+			const parent = document.createElement('div');
+			document.body.appendChild(parent);
+			const state = EditorState.create({
+				doc: 'test {{ $json.foo }} \n\nnewline',
+				extensions: [mappingDropCursor(), n8nLang()],
+			});
+			const editor = new EditorView({ parent, state });
+			return editor;
+		};
+
+		it('should render a drop cursor when dragging', async () => {
+			useNDVStore().draggableStartDragging({
+				type: 'mapping',
+				data: '{{ $json.bar }}',
+				dimensions: null,
+			});
+
+			const editor = createEditor();
+			const rect = editor.contentDOM.getBoundingClientRect();
+			fireEvent(
+				editor.contentDOM,
+				new MouseEvent('mousemove', {
+					clientX: rect.left,
+					clientY: rect.top,
+					bubbles: true,
+				}),
+			);
+
+			const cursor = editor.dom.querySelector('.cm-dropCursor');
+
+			expect(cursor).toBeInTheDocument();
+		});
+
+		it('should not render a drop cursor when not dragging', async () => {
+			const editor = createEditor();
+			const rect = editor.contentDOM.getBoundingClientRect();
+			fireEvent(
+				editor.contentDOM,
+				new MouseEvent('mousemove', {
+					clientX: rect.left,
+					clientY: rect.top,
+					bubbles: true,
+				}),
+			);
+
+			const cursor = editor.dom.querySelector('.cm-dropCursor');
+
+			expect(cursor).not.toBeInTheDocument();
+		});
+	});
+});
diff --git a/packages/editor-ui/src/plugins/codemirror/dragAndDrop.ts b/packages/editor-ui/src/plugins/codemirror/dragAndDrop.ts
new file mode 100644
index 0000000000000..20940add7c81d
--- /dev/null
+++ b/packages/editor-ui/src/plugins/codemirror/dragAndDrop.ts
@@ -0,0 +1,153 @@
+import { EditorSelection, StateEffect, StateField, type Extension } from '@codemirror/state';
+import { ViewPlugin, type EditorView, type ViewUpdate } from '@codemirror/view';
+import { syntaxTree } from '@codemirror/language';
+import { useNDVStore } from '@/stores/ndv.store';
+import { unwrapExpression } from '@/utils/expressions';
+
+const setDropCursorPos = StateEffect.define<number | null>({
+	map(pos, mapping) {
+		return pos === null ? null : mapping.mapPos(pos);
+	},
+});
+
+const dropCursorPos = StateField.define<number | null>({
+	create() {
+		return null;
+	},
+	update(pos, tr) {
+		if (pos !== null) pos = tr.changes.mapPos(pos);
+		return tr.effects.reduce((p, e) => (e.is(setDropCursorPos) ? e.value : p), pos);
+	},
+});
+
+interface MeasureRequest<T> {
+	read(view: EditorView): T;
+	write?(measure: T, view: EditorView): void;
+	key?: unknown;
+}
+
+// This is a modification of the CodeMirror dropCursor
+// This version hooks into the state of the NDV drag-n-drop
+//
+// We can't use CodeMirror's dropCursor because it depends on HTML drag events while our drag-and-drop uses mouse events
+// We could switch to drag events later but some features of the current drag-n-drop might not be possible with drag events
+const drawDropCursor = ViewPlugin.fromClass(
+	class {
+		cursor: HTMLElement | null = null;
+
+		measureReq: MeasureRequest<{ left: number; top: number; height: number } | null>;
+
+		ndvStore: ReturnType<typeof useNDVStore>;
+
+		constructor(readonly view: EditorView) {
+			this.measureReq = { read: this.readPos.bind(this), write: this.drawCursor.bind(this) };
+			this.ndvStore = useNDVStore();
+		}
+
+		update(update: ViewUpdate) {
+			const cursorPos = update.state.field(dropCursorPos);
+			if (cursorPos === null) {
+				if (this.cursor !== null) {
+					this.cursor?.remove();
+					this.cursor = null;
+				}
+			} else {
+				if (!this.cursor) {
+					this.cursor = this.view.scrollDOM.appendChild(document.createElement('div'));
+					this.cursor.className = 'cm-dropCursor';
+				}
+				if (
+					update.startState.field(dropCursorPos) !== cursorPos ||
+					update.docChanged ||
+					update.geometryChanged
+				)
+					this.view.requestMeasure(this.measureReq);
+			}
+		}
+
+		readPos(): { left: number; top: number; height: number } | null {
+			const { view } = this;
+			const pos = view.state.field(dropCursorPos);
+			const rect = pos !== null && view.coordsAtPos(pos);
+			if (!rect) return null;
+			const outer = view.scrollDOM.getBoundingClientRect();
+			return {
+				left: rect.left - outer.left + view.scrollDOM.scrollLeft * view.scaleX,
+				top: rect.top - outer.top + view.scrollDOM.scrollTop * view.scaleY,
+				height: rect.bottom - rect.top,
+			};
+		}
+
+		drawCursor(pos: { left: number; top: number; height: number } | null) {
+			if (this.cursor) {
+				const { scaleX, scaleY } = this.view;
+				if (pos) {
+					this.cursor.style.left = pos.left / scaleX + 'px';
+					this.cursor.style.top = pos.top / scaleY + 'px';
+					this.cursor.style.height = pos.height / scaleY + 'px';
+				} else {
+					this.cursor.style.left = '-100000px';
+				}
+			}
+		}
+
+		destroy() {
+			if (this.cursor) this.cursor.remove();
+		}
+
+		setDropPos(pos: number | null) {
+			if (this.view.state.field(dropCursorPos) !== pos)
+				this.view.dispatch({ effects: setDropCursorPos.of(pos) });
+		}
+	},
+	{
+		eventObservers: {
+			mousemove(event) {
+				if (!this.ndvStore.isDraggableDragging || this.ndvStore.draggableType !== 'mapping') return;
+				const pos = this.view.posAtCoords(eventToCoord(event), false);
+				this.setDropPos(pos);
+			},
+			mouseleave() {
+				this.setDropPos(null);
+			},
+			mouseup() {
+				this.setDropPos(null);
+			},
+		},
+	},
+);
+
+function eventToCoord(event: MouseEvent): { x: number; y: number } {
+	return { x: event.clientX, y: event.clientY };
+}
+
+export async function dropInEditor(view: EditorView, event: MouseEvent, value: string) {
+	const dropPos = view.posAtCoords(eventToCoord(event), false);
+
+	const node = syntaxTree(view.state).resolve(dropPos);
+	let valueToInsert = value;
+
+	// We are already in an expression, do not insert brackets
+	if (node.name === 'Resolvable') {
+		valueToInsert = unwrapExpression(value);
+	}
+
+	const changes = view.state.changes({ from: dropPos, insert: valueToInsert });
+	const anchor = changes.mapPos(dropPos, -1);
+	const head = changes.mapPos(dropPos, 1);
+	const selection = EditorSelection.single(anchor, head);
+
+	view.dispatch({
+		changes,
+		selection,
+		userEvent: 'input.drop',
+	});
+
+	setTimeout(() => view.focus());
+
+	return selection;
+}
+
+export function mappingDropCursor(): Extension {
+	return [dropCursorPos, drawDropCursor];
+}
diff --git a/packages/editor-ui/src/plugins/i18n/locales/en.json b/packages/editor-ui/src/plugins/i18n/locales/en.json
index e5ee0088590c8..2749a8b3502df 100644
--- a/packages/editor-ui/src/plugins/i18n/locales/en.json
+++ b/packages/editor-ui/src/plugins/i18n/locales/en.json
@@ -98,6 +98,7 @@
 	"activationModal.yourWorkflowWillNowRegularlyCheck": "Your workflow will now regularly check {serviceName} for events and trigger executions for them.",
 	"auth.changePassword": "Change password",
 	"auth.changePassword.currentPassword": "Current password",
+	"auth.changePassword.mfaCode": "Two-factor code",
 	"auth.changePassword.error": "Problem changing the password",
 	"auth.changePassword.missingTokenError": "Missing token",
 	"auth.changePassword.missingUserIdError": "Missing user ID",
@@ -532,7 +533,8 @@
 	"credentialEdit.oAuthButton.connectMyAccount": "Connect my account",
 	"credentialEdit.oAuthButton.signInWithGoogle": "Sign in with Google",
 	"credentialEdit.credentialSharing.info.owner": "Sharing a credential allows people to use it in their workflows. They cannot access credential details.",
-	"credentialEdit.credentialSharing.info.sharee": "Only {credentialOwnerName} can change who this credential is shared with",
+	"credentialEdit.credentialSharing.info.sharee.team": "Only users with credential sharing permission can change who this credential is shared with",
+	"credentialEdit.credentialSharing.info.sharee.personal": "Only {credentialOwnerName} or users with credential sharing permission can change who this credential is shared with",
 	"credentialEdit.credentialSharing.info.sharee.fallback": "the owner",
 	"credentialEdit.credentialSharing.list.delete": "Remove",
 	"credentialEdit.credentialSharing.list.delete.confirm.title": "Remove access?",
@@ -572,6 +574,7 @@
 	"credentials.empty.heading.userNotSetup": "Set up a credential",
 	"credentials.empty.description": "Credentials let workflows interact with your apps and services",
 	"credentials.empty.button": "Add first credential",
+	"credentials.empty.button.disabled.tooltip": "Your current role in the project does not allow you to create credentials",
 	"credentials.item.open": "Open",
 	"credentials.item.delete": "Delete",
 	"credentials.item.move": "Move",
@@ -593,8 +596,6 @@
 	"credentials.create.personal.toast.text": "This credential is currently private to you.",
 	"credentials.create.project.toast.title": "Credential successfully created in {projectName}",
 	"credentials.create.project.toast.text": "All members from {projectName} will have access to this credential.",
-	"credentials.shareModal.info.members": "This credential is owned by the {projectName} project which currently has {members} with access to this credential.",
-	"credentials.shareModal.info.members.number": "{number} member | {number} members",
 	"dataDisplay.needHelp": "Need help?",
 	"dataDisplay.nodeDocumentation": "Node Documentation",
 	"dataDisplay.openDocumentationFor": "Open {nodeTypeDisplayName} documentation",
@@ -769,7 +770,6 @@
 	"expressionEdit.editExpression": "Edit Expression",
 	"expressionEdit.expression": "Expression",
 	"expressionEdit.resultOfItem1": "Result of item 1",
-	"expressionEdit.variableSelector": "Variable Selector",
 	"expressionEditor.uncalledFunction": "[this is a function, please add ()]",
 	"expressionModalInput.empty": "[empty]",
 	"expressionModalInput.undefined": "[undefined]",
@@ -1125,6 +1125,7 @@
 	"nodeErrorView.itemIndex": "Item Index",
 	"nodeErrorView.runIndex": "Run Index",
 	"nodeErrorView.showMessage.title": "Copied to clipboard",
+	"nodeErrorView.showMessage.obfuscate": "Internal error",
 	"nodeErrorView.stack": "Stack",
 	"nodeErrorView.theErrorCauseIsTooLargeToBeDisplayed": "The error cause is too large to be displayed",
 	"nodeErrorView.time": "Time",
@@ -1562,7 +1563,6 @@
 	"settings.communityNodes.empty.description": "Install over {count} node packages contributed by our community.",
 	"settings.communityNodes.empty.description.no-packages": "Install node packages contributed by our community.",
 	"settings.communityNodes.empty.installPackageLabel": "Install a community node",
-	"settings.communityNodes.queueMode.warning": "You need to install community nodes manually because your instance is running in queue mode. <a href=\"{docURL}\" target=\"_blank\" title=\"Read the n8n docs\">More info</a>",
 	"settings.communityNodes.npmUnavailable.warning": "To use this feature, please <a href=\"{npmUrl}\" target=\"_blank\" title=\"How to install npm\">install npm</a> and restart n8n.",
 	"settings.communityNodes.notAvailableOnDesktop": "Feature unavailable on desktop. Please self-host to use community nodes.",
 	"settings.communityNodes.packageNodes.label": "{count} node | {count} nodes",
@@ -1653,9 +1653,9 @@
 	"settings.users.setupToInviteUsers": "To invite users, set up your own account",
 	"settings.users.setupToInviteUsersInfo": "Invited users won’t be able to see workflows and credentials of other users unless you upgrade. <a href=\"https://docs.n8n.io/user-management/\" target=\"_blank\">More info</a> <br /> <br />",
 	"settings.users.smtpToAddUsersWarning": "Set up SMTP before adding users (so that n8n can send them invitation emails). <a target=\"_blank\" href=\"https://docs.n8n.io/hosting/authentication/user-management-self-hosted/\">Instructions</a>",
-	"settings.users.transferWorkflowsAndCredentials": "Transfer their workflows and credentials to another user",
-	"settings.users.transferWorkflowsAndCredentials.user": "User to transfer to",
-	"settings.users.transferWorkflowsAndCredentials.placeholder": "Select user",
+	"settings.users.transferWorkflowsAndCredentials": "Transfer their workflows and credentials to another user or project",
+	"settings.users.transferWorkflowsAndCredentials.user": "User or project to transfer to",
+	"settings.users.transferWorkflowsAndCredentials.placeholder": "Select project or user",
 	"settings.users.transferredToUser": "Data transferred to {projectName}",
 	"settings.users.userDeleted": "User deleted",
 	"settings.users.userDeletedError": "Problem while deleting user",
@@ -2018,18 +2018,6 @@
 	"updatesPanel.version": "{numberOfVersions} version{howManySuffix}",
 	"updatesPanel.weVeBeenBusy": "We’ve been busy ✨",
 	"updatesPanel.youReOnVersion": "You’re on {currentVersionName}, which was released",
-	"variableSelector.context": "Context",
-	"variableSelector.currentNode": "Current Node",
-	"variableSelector.nodes": "Nodes",
-	"variableSelector.outputData": "Output Data",
-	"variableSelector.parameters": "Parameters",
-	"variableSelector.variableFilter": "Variable filter...",
-	"variableSelectorItem.binary": "Binary",
-	"variableSelectorItem.currentNode": "Current Node",
-	"variableSelectorItem.empty": "--- EMPTY ---",
-	"variableSelectorItem.inputData": "Input Data",
-	"variableSelectorItem.json": "JSON",
-	"variableSelectorItem.selectItem": "Select Item",
 	"versionCard.breakingChanges": "Breaking changes",
 	"versionCard.released": "Released",
 	"versionCard.securityUpdate": "Security update",
@@ -2202,8 +2190,10 @@
 	"workflows.empty.heading.userNotSetup": "👋 Welcome!",
 	"workflows.empty.description": "Create your first workflow",
 	"workflows.empty.description.readOnlyEnv": "No workflows here yet",
+	"workflows.empty.description.noPermission": "There are currently no workflows to view",
 	"workflows.empty.startFromScratch": "Start from scratch",
 	"workflows.empty.browseTemplates": "Browse {category} templates",
+	"workflows.empty.button.disabled.tooltip": "Your current role in the project does not allow you to create workflows",
 	"workflows.shareModal.title": "Share '{name}'",
 	"workflows.shareModal.title.static": "Shared with {projectName}",
 	"workflows.shareModal.select.placeholder": "Add users...",
@@ -2254,6 +2244,7 @@
 	"variables.empty.heading.userNotSetup": "Set up a variable",
 	"variables.empty.description": "Variables can be used to store data that can be referenced easily across multiple workflows.",
 	"variables.empty.button": "Add first variable",
+	"variables.empty.button.disabled.tooltip": "Your current role in the project does not allow you to create variables",
 	"variables.empty.notAllowedToCreate.heading": "{name}, start using variables",
 	"variables.empty.notAllowedToCreate.description": "Ask your n8n instance owner to create the variables you need. Once configured, you can utilize them in your workflows using the syntax $vars.MY_VAR.",
 	"variables.noResults": "No variables found",
@@ -2457,10 +2448,11 @@
 	"projects.settings.button.deleteProject": "Delete project",
 	"projects.settings.role.admin": "Admin",
 	"projects.settings.role.editor": "Editor",
+	"projects.settings.role.viewer": "Viewer",
 	"projects.settings.delete.title": "Delete {projectName}",
 	"projects.settings.delete.message": "What should we do with the project data?",
-	"projects.settings.delete.question.transfer.label": "Transfer its workflows and credentials to another project",
-	"projects.settings.delete.question.transfer.title": "Project to transfer to",
+	"projects.settings.delete.question.transfer.label": "Transfer its workflows and credentials to another project or user",
+	"projects.settings.delete.question.transfer.title": "Project or user to transfer to",
 	"projects.settings.delete.question.wipe.label": "Delete its workflows and credentials",
 	"projects.settings.delete.question.wipe.title": "Type \"delete all data\" to confirm",
 	"projects.settings.delete.question.wipe.placeholder": "delete all data",
@@ -2473,9 +2465,10 @@
 	"projects.settings.role.upgrade.title": "Upgrade to unlock additional roles",
 	"projects.settings.role.upgrade.message": "You're currently limited to {limit} on the {planName} plan and can only assign the admin role to users within this project. To create more projects and unlock additional roles, upgrade your plan.",
 	"projects.sharing.noMatchingProjects": "There are no available projects",
-	"projects.sharing.noMatchingUsers": "No matching users",
-	"projects.sharing.placeholder": "Add projects...",
-	"projects.sharing.placeholder.single": "Select project",
+	"projects.sharing.noMatchingUsers": "No matching users or projects",
+	"projects.sharing.select.placeholder": "Select project or user",
+	"projects.sharing.select.placeholder.user": "Share with user(s)",
+	"projects.sharing.select.placeholder.project": "Share with projects or users",
 	"projects.error.title": "Project error",
 	"projects.create.limit": "{num} project | {num} projects",
 	"projects.create.limitReached": "You have reached the {planName} plan limit of {limit}. Upgrade your plan to unlock more projects. {link}",
@@ -2492,10 +2485,11 @@
 	"projects.move.resource.success.title": "Successfully moved {resourceTypeLabel}",
 	"projects.move.resource.success.message": "{resourceName} {resourceTypeLabel} was moved to {targetProjectName} {link}",
 	"projects.move.resource.success.link": "View {targetProjectName}",
-	"projects.badge.tooltip.sharedOwned": "This {resourceTypeLabel} is owned by you and shared with one or more other users",
-	"projects.badge.tooltip.sharedPersonal": "This {resourceTypeLabel} is owned by {name} and shared with one or more other users",
+	"projects.badge.tooltip.sharedOwned": "This {resourceTypeLabel} is owned by you and shared with one or more projects or users",
+	"projects.badge.tooltip.sharedPersonal": "This {resourceTypeLabel} is owned by {name} and shared with one or more projects or users",
 	"projects.badge.tooltip.personal": "This {resourceTypeLabel} is owned by {name}",
-	"projects.badge.tooltip.team": "This {resourceTypeLabel} is owned by the {name} project. All users in this project have access to this.",
+	"projects.badge.tooltip.team": "This {resourceTypeLabel} is owned and accessible by the {name} project.",
+	"projects.badge.tooltip.sharedTeam": "This {resourceTypeLabel} is owned and accessible by the {name} project and shared with one or more projects or users",
 	"mfa.setup.invalidAuthenticatorCode": "{code} is not a valid number",
 	"mfa.setup.invalidCode": "Two-factor code failed. Please try again.",
 	"mfa.code.modal.title": "Two-factor authentication",
@@ -2532,6 +2526,7 @@
 	"mfa.setup.step2.toast.setupFinished.message": "Two-factor authentication enabled",
 	"mfa.setup.step2.toast.setupFinished.error.message": "Error enabling two-factor authentication",
 	"mfa.setup.step2.toast.tokenExpired.error.message": "MFA token expired. Close the modal and enable MFA again",
+	"mfa.prompt.code.modal.title": "Two-factor code required",
 	"settings.personal.mfa.section.title": "Two-factor authentication (2FA)",
 	"settings.personal.personalisation": "Personalisation",
 	"settings.personal.theme": "Theme",
diff --git a/packages/editor-ui/src/stores/canvas.store.ts b/packages/editor-ui/src/stores/canvas.store.ts
index 01341c36359ab..252c06859ec2a 100644
--- a/packages/editor-ui/src/stores/canvas.store.ts
+++ b/packages/editor-ui/src/stores/canvas.store.ts
@@ -74,11 +74,13 @@ export const useCanvasStore = defineStore('canvas', () => {
 		() => lastSelectedConnection.value,
 	);
 
-	watch(readOnlyEnv, (readOnly) => {
+	const setReadOnly = (readOnly: boolean) => {
 		if (jsPlumbInstanceRef.value) {
 			jsPlumbInstanceRef.value.elementsDraggable = !readOnly;
+			jsPlumbInstanceRef.value.setDragConstrainFunction(((pos: PointXY) =>
+				readOnly ? null : pos) as ConstrainFunction);
 		}
-	});
+	};
 
 	const setLastSelectedConnection = (connection: Connection | undefined) => {
 		lastSelectedConnection.value = connection;
@@ -255,7 +257,7 @@ export const useCanvasStore = defineStore('canvas', () => {
 					if (!nodeName) return;
 					const nodeData = workflowStore.getNodeByName(nodeName);
 					isDragging.value = false;
-					if (uiStore.isActionActive['dragActive'] && nodeData) {
+					if (uiStore.isActionActive.dragActive && nodeData) {
 						const moveNodes = uiStore.getSelectedNodes.slice();
 						const selectedNodeNames = moveNodes.map((node: INodeUi) => node.name);
 						if (!selectedNodeNames.includes(nodeData.name)) {
@@ -300,7 +302,7 @@ export const useCanvasStore = defineStore('canvas', () => {
 						if (moveNodes.length > 1) {
 							historyStore.stopRecordingUndo();
 						}
-						if (uiStore.isActionActive['dragActive']) {
+						if (uiStore.isActionActive.dragActive) {
 							uiStore.removeActiveAction('dragActive');
 						}
 					}
@@ -319,6 +321,9 @@ export const useCanvasStore = defineStore('canvas', () => {
 	}
 
 	const jsPlumbInstance = computed(() => jsPlumbInstanceRef.value as BrowserJsPlumbInstance);
+
+	watch(readOnlyEnv, setReadOnly);
+
 	return {
 		isDemo,
 		nodeViewScale,
@@ -328,6 +333,7 @@ export const useCanvasStore = defineStore('canvas', () => {
 		isLoading: loadingService.isLoading,
 		aiNodes,
 		lastSelectedConnection: lastSelectedConnectionComputed,
+		setReadOnly,
 		setLastSelectedConnection,
 		startLoading: loadingService.startLoading,
 		setLoadingText: loadingService.setLoadingText,
diff --git a/packages/editor-ui/src/stores/credentials.store.ts b/packages/editor-ui/src/stores/credentials.store.ts
index e6759466145c9..f2e209370adbf 100644
--- a/packages/editor-ui/src/stores/credentials.store.ts
+++ b/packages/editor-ui/src/stores/credentials.store.ts
@@ -185,9 +185,15 @@ export const useCredentialsStore = defineStore(STORES.CREDENTIALS, () => {
 		return (credential: ICredentialsResponse | IUsedCredential | undefined): string => {
 			const { firstName, lastName, email } = splitName(credential?.homeProject?.name ?? '');
 
-			return credential?.homeProject?.name
-				? `${firstName} ${lastName} (${email})`
-				: i18n.baseText('credentialEdit.credentialSharing.info.sharee.fallback');
+			if (credential?.homeProject?.name) {
+				if (lastName && email) {
+					return `${firstName} ${lastName} (${email})`;
+				} else {
+					return firstName;
+				}
+			} else {
+				return i18n.baseText('credentialEdit.credentialSharing.info.sharee.fallback');
+			}
 		};
 	});
 
@@ -200,7 +206,9 @@ export const useCredentialsStore = defineStore(STORES.CREDENTIALS, () => {
 	});
 
 	const httpOnlyCredentialTypes = computed(() => {
-		return allCredentialTypes.value.filter((credentialType) => credentialType.httpRequestNode);
+		return allCredentialTypes.value.filter(
+			(credentialType) => credentialType.httpRequestNode && !credentialType.httpRequestNode.hidden,
+		);
 	});
 
 	// #endregion
@@ -314,6 +322,10 @@ export const useCredentialsStore = defineStore(STORES.CREDENTIALS, () => {
 			projectId,
 		);
 
+		if (data?.homeProject && !credential.homeProject) {
+			credential.homeProject = data.homeProject as ProjectSharingData;
+		}
+
 		if (settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Sharing]) {
 			upsertCredential(credential);
 			if (data.sharedWithProjects) {
diff --git a/packages/editor-ui/src/stores/nodeTypes.store.ts b/packages/editor-ui/src/stores/nodeTypes.store.ts
index 8a5152d30deef..e8260fdedb8ae 100644
--- a/packages/editor-ui/src/stores/nodeTypes.store.ts
+++ b/packages/editor-ui/src/stores/nodeTypes.store.ts
@@ -303,6 +303,12 @@ export const useNodeTypesStore = defineStore(STORES.NODE_TYPES, () => {
 		}
 	};
 
+	const getNodeParameterActionResult = async (
+		sendData: DynamicNodeParameters.ActionResultRequest,
+	) => {
+		return await nodeTypesApi.getNodeParameterActionResult(rootStore.restApiContext, sendData);
+	};
+
 	// #endregion
 
 	return {
@@ -321,6 +327,7 @@ export const useNodeTypesStore = defineStore(STORES.NODE_TYPES, () => {
 		visibleNodeTypesByInputConnectionTypeNames,
 		isConfigurableNode,
 		getResourceMapperFields,
+		getNodeParameterActionResult,
 		getResourceLocatorResults,
 		getNodeParameterOptions,
 		getNodesInformation,
diff --git a/packages/editor-ui/src/stores/posthog.store.ts b/packages/editor-ui/src/stores/posthog.store.ts
index b3c1f228af184..6a25ca5520fd9 100644
--- a/packages/editor-ui/src/stores/posthog.store.ts
+++ b/packages/editor-ui/src/stores/posthog.store.ts
@@ -6,7 +6,11 @@ import { useUsersStore } from '@/stores/users.store';
 import { useRootStore } from '@/stores/root.store';
 import { useSettingsStore } from '@/stores/settings.store';
 import type { FeatureFlags, IDataObject } from 'n8n-workflow';
-import { EXPERIMENTS_TO_TRACK, LOCAL_STORAGE_EXPERIMENT_OVERRIDES } from '@/constants';
+import {
+	ASK_AI_EXPERIMENT,
+	EXPERIMENTS_TO_TRACK,
+	LOCAL_STORAGE_EXPERIMENT_OVERRIDES,
+} from '@/constants';
 import { useTelemetryStore } from './telemetry.store';
 import { useDebounce } from '@/composables/useDebounce';
 
@@ -38,6 +42,14 @@ export const usePostHog = defineStore('posthog', () => {
 		return overrides.value[experiment] ?? featureFlags.value?.[experiment];
 	};
 
+	const isAiEnabled = () => {
+		const isAiExperimentEnabled = [ASK_AI_EXPERIMENT.gpt3, ASK_AI_EXPERIMENT.gpt4].includes(
+			(getVariant(ASK_AI_EXPERIMENT.name) ?? '') as string,
+		);
+
+		return isAiExperimentEnabled && settingsStore.settings.ai.enabled;
+	};
+
 	const isVariantEnabled = (experiment: string, variant: string) => {
 		return getVariant(experiment) === variant;
 	};
@@ -183,6 +195,7 @@ export const usePostHog = defineStore('posthog', () => {
 
 	return {
 		init,
+		isAiEnabled,
 		isFeatureEnabled,
 		isVariantEnabled,
 		getVariant,
diff --git a/packages/editor-ui/src/stores/roles.store.test.ts b/packages/editor-ui/src/stores/roles.store.test.ts
index 6914a1e43665b..e38ef4d434997 100644
--- a/packages/editor-ui/src/stores/roles.store.test.ts
+++ b/packages/editor-ui/src/stores/roles.store.test.ts
@@ -101,6 +101,7 @@ describe('roles store', () => {
 		});
 		await rolesStore.fetchRoles();
 		expect(rolesStore.processedProjectRoles.map(({ role }) => role)).toEqual([
+			'project:viewer',
 			'project:editor',
 			'project:admin',
 		]);
diff --git a/packages/editor-ui/src/stores/roles.store.ts b/packages/editor-ui/src/stores/roles.store.ts
index b927a0d8d3966..edfa491ab080c 100644
--- a/packages/editor-ui/src/stores/roles.store.ts
+++ b/packages/editor-ui/src/stores/roles.store.ts
@@ -13,7 +13,11 @@ export const useRolesStore = defineStore('roles', () => {
 		credential: [],
 		workflow: [],
 	});
-	const projectRoleOrder = ref<ProjectRole[]>(['project:editor', 'project:admin']);
+	const projectRoleOrder = ref<ProjectRole[]>([
+		'project:viewer',
+		'project:editor',
+		'project:admin',
+	]);
 	const projectRoleOrderMap = computed<Map<ProjectRole, number>>(
 		() => new Map(projectRoleOrder.value.map((role, idx) => [role, idx])),
 	);
diff --git a/packages/editor-ui/src/stores/ui.store.ts b/packages/editor-ui/src/stores/ui.store.ts
index e8571181587a2..ec2c154257cbc 100644
--- a/packages/editor-ui/src/stores/ui.store.ts
+++ b/packages/editor-ui/src/stores/ui.store.ts
@@ -35,6 +35,7 @@ import {
 	SETUP_CREDENTIALS_MODAL_KEY,
 	PROJECT_MOVE_RESOURCE_MODAL,
 	PROJECT_MOVE_RESOURCE_CONFIRM_MODAL,
+	PROMPT_MFA_CODE_MODAL_KEY,
 } from '@/constants';
 import type {
 	CloudUpdateLinkSourceType,
@@ -114,6 +115,7 @@ export const useUIStore = defineStore(STORES.UI, () => {
 				WORKFLOW_ACTIVE_MODAL_KEY,
 				COMMUNITY_PACKAGE_INSTALL_MODAL_KEY,
 				MFA_SETUP_MODAL_KEY,
+				PROMPT_MFA_CODE_MODAL_KEY,
 				SOURCE_CONTROL_PUSH_MODAL_KEY,
 				SOURCE_CONTROL_PULL_MODAL_KEY,
 				EXTERNAL_SECRETS_PROVIDER_MODAL_KEY,
@@ -696,7 +698,7 @@ export const useUIStore = defineStore(STORES.UI, () => {
 });
 
 /**
- * Helper function for listening to credential changes in the store
+ * Helper function for listening to model opening and closings in the store
  */
 export const listenForModalChanges = (opts: {
 	store: UiStore;
diff --git a/packages/editor-ui/src/stores/users.store.ts b/packages/editor-ui/src/stores/users.store.ts
index 0c6963819c5b6..a07c40193dc5d 100644
--- a/packages/editor-ui/src/stores/users.store.ts
+++ b/packages/editor-ui/src/stores/users.store.ts
@@ -258,17 +258,8 @@ export const useUsersStore = defineStore(STORES.USERS, () => {
 		addUsers([usersById.value[userId]]);
 	};
 
-	const updateCurrentUserPassword = async ({
-		password,
-		currentPassword,
-	}: {
-		password: string;
-		currentPassword: string;
-	}) => {
-		await usersApi.updateCurrentUserPassword(rootStore.restApiContext, {
-			newPassword: password,
-			currentPassword,
-		});
+	const updateCurrentUserPassword = async (params: usersApi.UpdateUserPasswordParams) => {
+		await usersApi.updateCurrentUserPassword(rootStore.restApiContext, params);
 	};
 
 	const deleteUser = async (params: { id: string; transferId?: string }) => {
@@ -333,15 +324,11 @@ export const useUsersStore = defineStore(STORES.USERS, () => {
 		}
 	};
 
-	const disableMfa = async () => {
-		await mfaApi.disableMfa(rootStore.restApiContext);
-		if (currentUser.value) {
-			currentUser.value.mfaEnabled = false;
-		}
-	};
+	const disableMfa = async (mfaCode: string) => {
+		await mfaApi.disableMfa(rootStore.restApiContext, {
+			token: mfaCode,
+		});
 
-	const disabledMfa = async () => {
-		await mfaApi.disableMfa(rootStore.restApiContext);
 		if (currentUser.value) {
 			currentUser.value.mfaEnabled = false;
 		}
@@ -419,7 +406,6 @@ export const useUsersStore = defineStore(STORES.USERS, () => {
 		fetchUserCloudAccount,
 		confirmEmail,
 		updateGlobalRole,
-		disabledMfa,
 		reset,
 	};
 });
diff --git a/packages/editor-ui/src/types/externalHooks.ts b/packages/editor-ui/src/types/externalHooks.ts
index cffc8a8c0a94b..005762e759606 100644
--- a/packages/editor-ui/src/types/externalHooks.ts
+++ b/packages/editor-ui/src/types/externalHooks.ts
@@ -44,15 +44,7 @@ interface UpdatedWorkflowSettingsEventData {
 interface NodeTypeChangedEventData {
 	nodeSubtitle?: string;
 }
-interface InsertedItemFromExpEditorEventData {
-	parameter: {
-		displayName: string;
-	};
-	value: string;
-	selectedItem: {
-		variable: string;
-	};
-}
+
 interface ExpressionEditorEventsData {
 	dialogVisible: boolean;
 	value: string;
@@ -180,7 +172,6 @@ export interface ExternalHooks {
 		>;
 	};
 	expressionEdit: {
-		itemSelected: Array<ExternalHooksMethod<InsertedItemFromExpEditorEventData>>;
 		dialogVisibleChanged: Array<ExternalHooksMethod<ExpressionEditorEventsData>>;
 		closeDialog: Array<ExternalHooksMethod<ITelemetryTrackProperties>>;
 		mounted: Array<
@@ -231,9 +222,6 @@ export interface ExternalHooks {
 	userInfo: {
 		mounted: Array<ExternalHooksMethod<{ userInfoRef: HTMLElement }>>;
 	};
-	variableSelectorItem: {
-		mounted: Array<ExternalHooksMethod<{ variableSelectorItemRef: HTMLElement }>>;
-	};
 	mainSidebar: {
 		mounted: Array<ExternalHooksMethod<{ userRef: Element }>>;
 	};
diff --git a/packages/editor-ui/src/utils/__tests__/expressions.test.ts b/packages/editor-ui/src/utils/__tests__/expressions.test.ts
index 3c00ce842028c..a6d1c408fe1cb 100644
--- a/packages/editor-ui/src/utils/__tests__/expressions.test.ts
+++ b/packages/editor-ui/src/utils/__tests__/expressions.test.ts
@@ -1,38 +1,46 @@
 import { ExpressionError } from 'n8n-workflow';
-import { stringifyExpressionResult } from '../expressions';
+import { stringifyExpressionResult, unwrapExpression } from '../expressions';
 
-describe('stringifyExpressionResult()', () => {
-	it('should return empty string for non-critical errors', () => {
-		expect(
-			stringifyExpressionResult({
-				ok: false,
-				error: new ExpressionError('error message', { type: 'no_execution_data' }),
-			}),
-		).toEqual('');
-	});
+describe('Utils: Expressions', () => {
+	describe('stringifyExpressionResult()', () => {
+		it('should return empty string for non-critical errors', () => {
+			expect(
+				stringifyExpressionResult({
+					ok: false,
+					error: new ExpressionError('error message', { type: 'no_execution_data' }),
+				}),
+			).toEqual('');
+		});
 
-	it('should return an error message for critical errors', () => {
-		expect(
-			stringifyExpressionResult({
-				ok: false,
-				error: new ExpressionError('error message', { type: 'no_input_connection' }),
-			}),
-		).toEqual('[ERROR: No input connected]');
-	});
+		it('should return an error message for critical errors', () => {
+			expect(
+				stringifyExpressionResult({
+					ok: false,
+					error: new ExpressionError('error message', { type: 'no_input_connection' }),
+				}),
+			).toEqual('[ERROR: No input connected]');
+		});
 
-	it('should return empty string when result is null', () => {
-		expect(stringifyExpressionResult({ ok: true, result: null })).toEqual('');
-	});
+		it('should return empty string when result is null', () => {
+			expect(stringifyExpressionResult({ ok: true, result: null })).toEqual('');
+		});
 
-	it('should return NaN when result is NaN', () => {
-		expect(stringifyExpressionResult({ ok: true, result: NaN })).toEqual('NaN');
-	});
+		it('should return NaN when result is NaN', () => {
+			expect(stringifyExpressionResult({ ok: true, result: NaN })).toEqual('NaN');
+		});
+
+		it('should return [empty] message when result is empty string', () => {
+			expect(stringifyExpressionResult({ ok: true, result: '' })).toEqual('[empty]');
+		});
 
-	it('should return [empty] message when result is empty string', () => {
-		expect(stringifyExpressionResult({ ok: true, result: '' })).toEqual('[empty]');
+		it('should return the result when it is a string', () => {
+			expect(stringifyExpressionResult({ ok: true, result: 'foo' })).toEqual('foo');
+		});
 	});
 
-	it('should return the result when it is a string', () => {
-		expect(stringifyExpressionResult({ ok: true, result: 'foo' })).toEqual('foo');
+	describe('unwrapExpression', () => {
+		it('should remove the brackets around an expression', () => {
+			expect(unwrapExpression('{{ $json.foo }}')).toBe('$json.foo');
+		});
 	});
 });
diff --git a/packages/editor-ui/src/utils/expressions.ts b/packages/editor-ui/src/utils/expressions.ts
index d980b3180297b..e19af3716e7bf 100644
--- a/packages/editor-ui/src/utils/expressions.ts
+++ b/packages/editor-ui/src/utils/expressions.ts
@@ -12,6 +12,10 @@ export const isEmptyExpression = (expr: string) => {
 	return /\{\{\s*\}\}/.test(expr);
 };
 
+export const unwrapExpression = (expr: string) => {
+	return expr.replace(/\{\{(.*)\}\}/, '$1').trim();
+};
+
 export const removeExpressionPrefix = (expr: string) => {
 	return expr.startsWith('=') ? expr.slice(1) : expr;
 };
diff --git a/packages/editor-ui/src/utils/htmlUtils.ts b/packages/editor-ui/src/utils/htmlUtils.ts
index f8b8f40f90891..5da34b396526b 100644
--- a/packages/editor-ui/src/utils/htmlUtils.ts
+++ b/packages/editor-ui/src/utils/htmlUtils.ts
@@ -18,6 +18,10 @@ export function sanitizeHtml(dirtyHtml: string) {
 			}
 
 			if (ALLOWED_HTML_ATTRIBUTES.includes(name) || name.startsWith('data-')) {
+				// href is allowed but we need to sanitize certain protocols
+				if (name === 'href' && !value.match(/^https?:\/\//gm)) {
+					return '';
+				}
 				return `${name}="${friendlyAttrValue(value)}"`;
 			}
 
diff --git a/packages/editor-ui/src/utils/sortUtils.ts b/packages/editor-ui/src/utils/sortUtils.ts
index 7dbc780634ae6..3d92d7a5e1d2a 100644
--- a/packages/editor-ui/src/utils/sortUtils.ts
+++ b/packages/editor-ui/src/utils/sortUtils.ts
@@ -139,10 +139,12 @@ function fuzzyMatchRecursive(
 	if (matched) {
 		outScore = 100;
 
-		// Apply leading letter penalty
-		let penalty = LEADING_LETTER_PENALTY * matches[0];
-		penalty = penalty < MAX_LEADING_LETTER_PENALTY ? MAX_LEADING_LETTER_PENALTY : penalty;
-		outScore += penalty;
+		// Apply leading letter penalty (if not n8n-prefixed)
+		if (!target.toLowerCase().startsWith('n8n')) {
+			let penalty = LEADING_LETTER_PENALTY * matches[0];
+			penalty = penalty < MAX_LEADING_LETTER_PENALTY ? MAX_LEADING_LETTER_PENALTY : penalty;
+			outScore += penalty;
+		}
 
 		//Apply unmatched penalty
 		const unmatched = target.length - nextMatch;
diff --git a/packages/editor-ui/src/utils/typeGuards.ts b/packages/editor-ui/src/utils/typeGuards.ts
index 161c718bbae29..c7013ac3ea093 100644
--- a/packages/editor-ui/src/utils/typeGuards.ts
+++ b/packages/editor-ui/src/utils/typeGuards.ts
@@ -12,6 +12,7 @@ import type { Connection as VueFlowConnection } from '@vue-flow/core';
 import type { RouteLocationRaw } from 'vue-router';
 import type { CanvasConnectionMode } from '@/types';
 import { canvasConnectionModes } from '@/types';
+import type { ComponentPublicInstance } from 'vue';
 
 /*
 	Type guards used in editor-ui project
@@ -103,3 +104,7 @@ export function isRouteLocationRaw(value: unknown): value is RouteLocationRaw {
 		(typeof value === 'object' && value !== null && ('name' in value || 'path' in value))
 	);
 }
+
+export function isComponentPublicInstance(value: unknown): value is ComponentPublicInstance {
+	return value !== null && typeof value === 'object' && '$props' in value;
+}
diff --git a/packages/editor-ui/src/views/CredentialsView.vue b/packages/editor-ui/src/views/CredentialsView.vue
index fce0fb31257a7..fe71fcb8fff72 100644
--- a/packages/editor-ui/src/views/CredentialsView.vue
+++ b/packages/editor-ui/src/views/CredentialsView.vue
@@ -8,6 +8,7 @@
 		:additional-filters-handler="onFilter"
 		:type-props="{ itemSize: 77 }"
 		:loading="loading"
+		:disabled="readOnlyEnv || !projectPermissions.credential.create"
 		@click:add="addCredential"
 		@update:filters="filters = $event"
 	>
@@ -79,6 +80,7 @@ import { useProjectsStore } from '@/stores/projects.store';
 import ProjectTabs from '@/components/Projects/ProjectTabs.vue';
 import useEnvironmentsStore from '@/stores/environments.ee.store';
 import { useSettingsStore } from '@/stores/settings.store';
+import { getResourcePermissions } from '@/permissions';
 
 export default defineComponent({
 	name: 'CredentialsView',
@@ -131,6 +133,14 @@ export default defineComponent({
 				? this.$locale.baseText('credentials.project.add')
 				: this.$locale.baseText('credentials.add');
 		},
+		readOnlyEnv(): boolean {
+			return this.sourceControlStore.preferences.branchReadOnly;
+		},
+		projectPermissions() {
+			return getResourcePermissions(
+				this.projectsStore.currentProject?.scopes ?? this.projectsStore.personalProject?.scopes,
+			);
+		},
 	},
 	watch: {
 		'$route.params.projectId'() {
diff --git a/packages/editor-ui/src/views/NodeView.v2.vue b/packages/editor-ui/src/views/NodeView.v2.vue
index eb2928b3e898f..465505cc438d3 100644
--- a/packages/editor-ui/src/views/NodeView.v2.vue
+++ b/packages/editor-ui/src/views/NodeView.v2.vue
@@ -8,6 +8,7 @@ import {
 	onMounted,
 	ref,
 	useCssModule,
+	watch,
 } from 'vue';
 import { useRoute, useRouter } from 'vue-router';
 import WorkflowCanvas from '@/components/canvas/WorkflowCanvas.vue';
@@ -288,6 +289,7 @@ async function initializeRoute() {
 	nodeHelpers.updateNodesParameterIssues();
 
 	await loadCredentials();
+	await initializeDebugMode();
 }
 
 async function initializeWorkspaceForNewWorkflow() {
@@ -306,7 +308,6 @@ async function initializeWorkspaceForExistingWorkflow(id: string) {
 		const workflowData = await workflowsStore.fetchWorkflow(id);
 
 		await openWorkflow(workflowData);
-		await initializeDebugMode();
 
 		if (workflowData.meta?.onboardingId) {
 			trackOpenWorkflowFromOnboardingTemplate();
@@ -748,6 +749,7 @@ async function importWorkflowExact({ workflow: workflowData }: { workflow: IWork
 
 	resetWorkspace();
 
+	await initializeData();
 	await initializeWorkspace({
 		...workflowData,
 		nodes: NodeViewUtils.getFixedNodesList<INodeUi>(workflowData.nodes),
@@ -800,6 +802,7 @@ async function onAddNodesAndConnections(
 	}
 
 	await addNodes(nodes, { dragAndDrop, position, trackHistory: true });
+	await nextTick();
 
 	const offsetIndex = editableWorkflow.value.nodes.length - nodes.length;
 	const mappedConnections: CanvasConnectionCreateData[] = connections.map(({ from, to }) => {
@@ -1369,6 +1372,21 @@ function registerCustomActions() {
 	// });
 }
 
+/**
+ * Routing
+ */
+
+watch(
+	() => route.name,
+	async () => {
+		if (!checkIfEditingIsAllowed()) {
+			return;
+		}
+
+		await initializeRoute();
+	},
+);
+
 /**
  * Lifecycle
  */
diff --git a/packages/editor-ui/src/views/NodeView.vue b/packages/editor-ui/src/views/NodeView.vue
index 91ebdf1228b9f..439f39b1ebe72 100644
--- a/packages/editor-ui/src/views/NodeView.vue
+++ b/packages/editor-ui/src/views/NodeView.vue
@@ -47,7 +47,11 @@
 						v-for="nodeData in nodesToRender"
 						:key="`${nodeData.id}_node`"
 						:name="nodeData.name"
-						:is-read-only="isReadOnlyRoute || readOnlyEnv"
+						:is-read-only="
+							isReadOnlyRoute ||
+							readOnlyEnv ||
+							!(workflowPermissions.update ?? projectPermissions.workflow.update)
+						"
 						:instance="instance"
 						:is-active="!!activeNode && activeNode.name === nodeData.name"
 						:hide-actions="pullConnActive"
@@ -75,7 +79,11 @@
 						:key="`${stickyData.id}_sticky`"
 						:name="stickyData.name"
 						:workflow="currentWorkflowObject"
-						:is-read-only="isReadOnlyRoute || readOnlyEnv"
+						:is-read-only="
+							isReadOnlyRoute ||
+							readOnlyEnv ||
+							!(workflowPermissions.update ?? projectPermissions.workflow.update)
+						"
 						:instance="instance"
 						:is-active="!!activeNode && activeNode.name === stickyData.name"
 						:node-view-scale="nodeViewScale"
@@ -90,7 +98,11 @@
 			</div>
 			<NodeDetailsView
 				:workflow-object="currentWorkflowObject"
-				:read-only="isReadOnlyRoute || readOnlyEnv"
+				:read-only="
+					isReadOnlyRoute ||
+					readOnlyEnv ||
+					!(workflowPermissions.update ?? projectPermissions.workflow.update)
+				"
 				:renaming="renamingActive"
 				:is-production-execution-preview="isProductionExecutionPreview"
 				@redraw-node="redrawNode"
@@ -107,7 +119,11 @@
 			</Suspense>
 			<Suspense>
 				<LazyNodeCreation
-					v-if="!isReadOnlyRoute && !readOnlyEnv"
+					v-if="
+						!isReadOnlyRoute &&
+						!readOnlyEnv &&
+						(workflowPermissions.update ?? projectPermissions.workflow.update)
+					"
 					:create-node-active="createNodeActive"
 					:node-view-scale="nodeViewScale"
 					@toggle-node-creator="onToggleNodeCreator"
@@ -120,7 +136,14 @@
 			<Suspense>
 				<ContextMenu @action="onContextMenuAction" />
 			</Suspense>
-			<div v-if="!isReadOnlyRoute && !readOnlyEnv" class="workflow-execute-wrapper">
+			<div
+				v-if="
+					!isReadOnlyRoute &&
+					!readOnlyEnv &&
+					(workflowPermissions.update ?? projectPermissions.workflow.update)
+				"
+				class="workflow-execute-wrapper"
+			>
 				<span
 					v-if="!isManualChatOnly"
 					@mouseenter="showTriggerMissingToltip(true)"
@@ -182,13 +205,7 @@
 				/>
 
 				<n8n-icon-button
-					v-if="
-						!isReadOnlyRoute &&
-						!readOnlyEnv &&
-						workflowExecution &&
-						!workflowRunning &&
-						!allTriggersDisabled
-					"
+					v-if="workflowExecution && !workflowRunning && !allTriggersDisabled"
 					:title="$locale.baseText('nodeView.deletesTheCurrentExecutionData')"
 					icon="trash"
 					size="large"
@@ -383,6 +400,7 @@ import type { ProjectSharingData } from '@/types/projects.types';
 import { isJSPlumbEndpointElement, isJSPlumbConnection } from '@/utils/typeGuards';
 import { usePostHog } from '@/stores/posthog.store';
 import { useNpsSurveyStore } from '@/stores/npsSurvey.store';
+import { getResourcePermissions } from '@/permissions';
 
 interface AddNodeOptions {
 	position?: XYPosition;
@@ -538,7 +556,13 @@ export default defineComponent({
 			return this.$route.name === VIEWS.DEMO;
 		},
 		showCanvasAddButton(): boolean {
-			return !this.isLoading && !this.containsTrigger && !this.isDemo && !this.readOnlyEnv;
+			return (
+				!this.isLoading &&
+				!this.containsTrigger &&
+				!this.isDemo &&
+				!this.readOnlyEnv &&
+				!!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update)
+			);
 		},
 		lastSelectedNode(): INodeUi | null {
 			return this.uiStore.getLastSelectedNode;
@@ -579,7 +603,8 @@ export default defineComponent({
 			return NodeViewUtils.getBackgroundStyles(
 				this.nodeViewScale,
 				this.uiStore.nodeViewOffsetPosition,
-				this.isExecutionPreview,
+				this.isExecutionPreview ||
+					!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update),
 			);
 		},
 		workflowClasses() {
@@ -610,7 +635,7 @@ export default defineComponent({
 			return this.workflowsStore.getWorkflowExecution;
 		},
 		workflowRunning(): boolean {
-			return this.uiStore.isActionActive['workflowRunning'];
+			return this.uiStore.isActionActive.workflowRunning;
 		},
 		currentWorkflow(): string {
 			return this.$route.params.name?.toString() || this.workflowsStore.workflowId;
@@ -687,11 +712,22 @@ export default defineComponent({
 		isProductionExecutionPreview(): boolean {
 			return this.nodeHelpers.isProductionExecutionPreview.value;
 		},
+		workflowPermissions() {
+			return getResourcePermissions(
+				this.workflowsStore.getWorkflowById(this.currentWorkflow)?.scopes,
+			).workflow;
+		},
+		projectPermissions() {
+			const project = this.$route.query?.projectId
+				? this.projectsStore.myProjects.find((p) => p.id === this.$route.query.projectId)
+				: this.projectsStore.currentProject ?? this.projectsStore.personalProject;
+			return getResourcePermissions(project?.scopes);
+		},
 	},
 	watch: {
 		// Listen to route changes and load the workflow accordingly
 		async $route(to: RouteLocation, from: RouteLocation) {
-			this.readOnlyEnvRouteCheck();
+			await this.readOnlyEnvRouteCheck();
 
 			const currentTab = getNodeViewTab(to);
 			const nodeViewNotInitialized = !this.uiStore.nodeViewInitialized;
@@ -858,7 +894,7 @@ export default defineComponent({
 			},
 		});
 
-		this.readOnlyEnvRouteCheck();
+		await this.readOnlyEnvRouteCheck();
 		this.canvasStore.isDemo = this.isDemo;
 	},
 	activated() {
@@ -1005,7 +1041,8 @@ export default defineComponent({
 
 				return false;
 			}
-			return true;
+
+			return !!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update);
 		},
 		showTriggerMissingToltip(isVisible: boolean) {
 			this.showTriggerMissingTooltip = isVisible;
@@ -1405,14 +1442,17 @@ export default defineComponent({
 			const shiftModifier = e.shiftKey && !e.altKey && !this.deviceSupport.isCtrlKeyPressed(e);
 			const ctrlAltModifier = this.deviceSupport.isCtrlKeyPressed(e) && e.altKey && !e.shiftKey;
 			const noModifierKeys = !this.deviceSupport.isCtrlKeyPressed(e) && !e.shiftKey && !e.altKey;
-			const readOnly = this.isReadOnlyRoute || this.readOnlyEnv;
+			const readOnly =
+				this.isReadOnlyRoute ||
+				this.readOnlyEnv ||
+				!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update);
 
 			if (e.key === 's' && ctrlModifier && !readOnly) {
 				e.stopPropagation();
 				e.preventDefault();
 				const workflowIsSaved = !this.uiStore.stateIsDirty;
 
-				if (this.isReadOnlyRoute || this.readOnlyEnv || workflowIsSaved) {
+				if (workflowIsSaved) {
 					return;
 				}
 
@@ -1538,7 +1578,9 @@ export default defineComponent({
 				if (lastSelectedNode !== null) {
 					if (
 						lastSelectedNode.type === STICKY_NODE_TYPE &&
-						(this.isReadOnlyRoute || this.readOnlyEnv)
+						(this.isReadOnlyRoute ||
+							this.readOnlyEnv ||
+							!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update))
 					) {
 						return;
 					}
@@ -1825,7 +1867,10 @@ export default defineComponent({
 		},
 
 		cutNodes(nodes: INode[]) {
-			const deleteCopiedNodes = !this.isReadOnlyRoute && !this.readOnlyEnv;
+			const deleteCopiedNodes =
+				!this.isReadOnlyRoute &&
+				!this.readOnlyEnv &&
+				(this.workflowPermissions.update ?? this.projectPermissions.workflow.update);
 			this.copyNodes(nodes, deleteCopiedNodes);
 			if (deleteCopiedNodes) {
 				this.deleteNodes(nodes);
@@ -1959,7 +2004,11 @@ export default defineComponent({
 		 * This method gets called when data got pasted into the window
 		 */
 		async onClipboardPasteEvent(plainTextData: string): Promise<void> {
-			if (this.readOnlyEnv) {
+			if (
+				this.readOnlyEnv ||
+				this.isReadOnlyRoute ||
+				!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update)
+			) {
 				return;
 			}
 
@@ -2704,7 +2753,10 @@ export default defineComponent({
 
 					this.instance?.connect({
 						uuids: [targetEndpoint, viableConnection?.uuid || ''],
-						detachable: !this.isReadOnlyRoute && !this.readOnlyEnv,
+						detachable:
+							!this.isReadOnlyRoute &&
+							!this.readOnlyEnv &&
+							(this.workflowPermissions.update ?? this.projectPermissions.workflow.update),
 					});
 					this.historyStore.stopRecordingUndo();
 					return;
@@ -3000,7 +3052,11 @@ export default defineComponent({
 				this.dropPrevented = true;
 				this.workflowsStore.addConnection({ connection: connectionData });
 
-				if (!this.isReadOnlyRoute && !this.readOnlyEnv) {
+				if (
+					!this.isReadOnlyRoute &&
+					!this.readOnlyEnv &&
+					(this.workflowPermissions.update ?? this.projectPermissions.workflow.update)
+				) {
 					NodeViewUtils.hideOutputNameLabel(info.sourceEndpoint);
 					NodeViewUtils.addConnectionActionsOverlay(
 						info.connection,
@@ -3087,6 +3143,7 @@ export default defineComponent({
 
 				if (
 					// eslint-disable-next-line no-constant-binary-expression
+					!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update) ??
 					this.isReadOnlyRoute ??
 					this.readOnlyEnv ??
 					this.enterTimer ??
@@ -3125,6 +3182,7 @@ export default defineComponent({
 
 				if (
 					// eslint-disable-next-line no-constant-binary-expression
+					!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update) ??
 					this.isReadOnlyRoute ??
 					this.readOnlyEnv ??
 					!connection ??
@@ -3537,7 +3595,12 @@ export default defineComponent({
 				const templateId = this.$route.params.id;
 				await this.openWorkflowTemplate(templateId.toString());
 			} else {
-				if (this.uiStore.stateIsDirty && !this.readOnlyEnv) {
+				if (
+					this.uiStore.stateIsDirty &&
+					!this.readOnlyEnv &&
+					!this.isReadOnlyRoute &&
+					(this.workflowPermissions.update ?? this.projectPermissions.workflow.update)
+				) {
 					const confirmModal = await this.confirm(
 						this.$locale.baseText('generic.unsavedWork.confirmMessage.message'),
 						{
@@ -3604,6 +3667,9 @@ export default defineComponent({
 			}
 
 			this.historyStore.reset();
+			if (!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update)) {
+				this.canvasStore.setReadOnly(true);
+			}
 			this.uiStore.nodeViewInitialized = true;
 			document.addEventListener('keydown', this.keyDown);
 			document.addEventListener('keyup', this.keyUp);
@@ -4428,7 +4494,7 @@ export default defineComponent({
 					from.outputIndex ?? 0,
 					toNode.name,
 					to.inputIndex ?? 0,
-					NodeConnectionType.Main,
+					from.type ?? NodeConnectionType.Main,
 				);
 			}
 
@@ -4449,6 +4515,22 @@ export default defineComponent({
 				});
 			}
 
+			const lastNodeType = this.nodeTypesStore.getNodeType(lastAddedNode.type);
+			const isSubNode = NodeHelpers.isSubNodeType(lastNodeType);
+
+			// When adding a sub-node and there's more than one node added at the time, it must mean that it's
+			// connected to a root node, so we adjust the position of the sub-node to make it appear in the correct
+			// in relation to the root node
+			if (isSubNode && nodes.length > 1) {
+				this.onMoveNode({
+					nodeName: lastAddedNode.name,
+					position: [
+						lastAddedNode.position[0] - NodeViewUtils.NODE_SIZE * 2.5,
+						lastAddedNode.position[1] + NodeViewUtils.NODE_SIZE * 1.5,
+					],
+				});
+			}
+
 			this.nodeHelpers.addPinDataConnections(this.workflowsStore.pinnedWorkflowData);
 		},
 
@@ -4507,17 +4589,16 @@ export default defineComponent({
 				this.canvasStore.stopLoading();
 			}
 		},
-		readOnlyEnvRouteCheck() {
+		async readOnlyEnvRouteCheck() {
 			if (
-				this.readOnlyEnv &&
+				(this.readOnlyEnv || !this.projectPermissions.workflow.create) &&
 				(this.$route.name === VIEWS.NEW_WORKFLOW || this.$route.name === VIEWS.TEMPLATE_IMPORT)
 			) {
-				void this.$nextTick(async () => {
-					this.resetWorkspace();
-					this.uiStore.stateIsDirty = false;
+				await this.$nextTick();
+				this.resetWorkspace();
+				this.uiStore.stateIsDirty = false;
 
-					await this.$router.replace({ name: VIEWS.HOMEPAGE });
-				});
+				await this.$router.replace({ name: VIEWS.HOMEPAGE });
 			}
 		},
 		async checkAndInitDebugMode() {
@@ -4567,7 +4648,10 @@ export default defineComponent({
 				case 'add_node':
 					this.onToggleNodeCreator({
 						source: NODE_CREATOR_OPEN_SOURCES.CONTEXT_MENU,
-						createNodeActive: !this.isReadOnlyRoute && !this.readOnlyEnv,
+						createNodeActive:
+							!this.isReadOnlyRoute &&
+							!this.readOnlyEnv &&
+							!!(this.workflowPermissions.update ?? this.projectPermissions.workflow.update),
 					});
 					break;
 				case 'add_sticky':
diff --git a/packages/editor-ui/src/views/ProjectSettings.test.ts b/packages/editor-ui/src/views/ProjectSettings.test.ts
index 594db154d5339..13a8707109a4f 100644
--- a/packages/editor-ui/src/views/ProjectSettings.test.ts
+++ b/packages/editor-ui/src/views/ProjectSettings.test.ts
@@ -11,6 +11,7 @@ import { useUsersStore } from '@/stores/users.store';
 import { createProjectListItem } from '@/__tests__/data/projects';
 import { useSettingsStore } from '@/stores/settings.store';
 import type { IN8nUISettings } from 'n8n-workflow';
+import { ProjectTypes } from '@/types/projects.types';
 
 vi.mock('vue-router', () => {
 	const params = {};
@@ -28,7 +29,12 @@ vi.mock('vue-router', () => {
 
 const renderComponent = createComponentRenderer(ProjectSettings);
 
-const teamProjects = Array.from({ length: 3 }, () => createProjectListItem('team'));
+const projects = [
+	ProjectTypes.Personal,
+	ProjectTypes.Personal,
+	ProjectTypes.Team,
+	ProjectTypes.Team,
+].map(createProjectListItem);
 
 let router: ReturnType<typeof useRouter>;
 let projectsStore: ReturnType<typeof useProjectsStore>;
@@ -48,7 +54,7 @@ describe('ProjectSettings', () => {
 		vi.spyOn(projectsStore, 'getAllProjects').mockImplementation(
 			async () => await Promise.resolve(),
 		);
-		vi.spyOn(projectsStore, 'teamProjects', 'get').mockReturnValue(teamProjects);
+		vi.spyOn(projectsStore, 'projects', 'get').mockReturnValue(projects);
 		vi.spyOn(settingsStore, 'settings', 'get').mockReturnValue({
 			enterprise: {
 				projects: {
diff --git a/packages/editor-ui/src/views/ProjectSettings.vue b/packages/editor-ui/src/views/ProjectSettings.vue
index 31db1d66890a3..dffc077b48389 100644
--- a/packages/editor-ui/src/views/ProjectSettings.vue
+++ b/packages/editor-ui/src/views/ProjectSettings.vue
@@ -43,6 +43,7 @@ const formData = ref<Pick<Project, 'name' | 'relations'>>({
 	relations: [],
 });
 const projectRoleTranslations = ref<{ [key: string]: string }>({
+	'project:viewer': locale.baseText('projects.settings.role.viewer'),
 	'project:editor': locale.baseText('projects.settings.role.editor'),
 	'project:admin': locale.baseText('projects.settings.role.admin'),
 });
@@ -59,7 +60,7 @@ const usersList = computed(() =>
 );
 
 const projects = computed(() =>
-	projectsStore.teamProjects.filter((project) => project.id !== projectsStore.currentProjectId),
+	projectsStore.projects.filter((project) => project.id !== projectsStore.currentProjectId),
 );
 const projectRoles = computed(() =>
 	rolesStore.processedProjectRoles.map((role) => ({
@@ -302,6 +303,7 @@ onMounted(() => {
 								class="mr-2xs"
 								:model-value="user?.role || projectRoles[0].role"
 								size="small"
+								data-test-id="projects-settings-user-role-select"
 								@update:model-value="onRoleAction(user, $event)"
 							>
 								<N8nOption
diff --git a/packages/editor-ui/src/views/SettingsApiView.vue b/packages/editor-ui/src/views/SettingsApiView.vue
index 22219ef339b35..d5b8bcb5a671c 100644
--- a/packages/editor-ui/src/views/SettingsApiView.vue
+++ b/packages/editor-ui/src/views/SettingsApiView.vue
@@ -49,7 +49,7 @@
 					/>
 				</div>
 			</n8n-card>
-			<div v-if="!isRedactedApiKey" :class="$style.hint">
+			<div :class="$style.hint">
 				<n8n-text size="small">
 					{{
 						$locale.baseText(`settings.api.view.${swaggerUIEnabled ? 'tryapi' : 'more-details'}`)
diff --git a/packages/editor-ui/src/views/SettingsCommunityNodesView.vue b/packages/editor-ui/src/views/SettingsCommunityNodesView.vue
index fcfb3742383c6..194a289eb1b9b 100644
--- a/packages/editor-ui/src/views/SettingsCommunityNodesView.vue
+++ b/packages/editor-ui/src/views/SettingsCommunityNodesView.vue
@@ -3,25 +3,13 @@
 		<div :class="$style.headingContainer">
 			<n8n-heading size="2xlarge">{{ $locale.baseText('settings.communityNodes') }}</n8n-heading>
 			<n8n-button
-				v-if="
-					!settingsStore.isQueueModeEnabled &&
-					communityNodesStore.getInstalledPackages.length > 0 &&
-					!loading
-				"
+				v-if="communityNodesStore.getInstalledPackages.length > 0 && !loading"
 				:label="$locale.baseText('settings.communityNodes.installModal.installButton.label')"
 				size="large"
 				@click="openInstallModal"
 			/>
 		</div>
-		<div v-if="settingsStore.isQueueModeEnabled" :class="$style.actionBoxContainer">
-			<n8n-action-box
-				:heading="$locale.baseText('settings.communityNodes.empty.title')"
-				:description="getEmptyStateDescription"
-				:callout-text="actionBoxConfig.calloutText"
-				:callout-theme="actionBoxConfig.calloutTheme"
-			/>
-		</div>
-		<div v-else-if="loading" :class="$style.cardsContainer">
+		<div v-if="loading" :class="$style.cardsContainer">
 			<CommunityPackageCard
 				v-for="n in 2"
 				:key="'index-' + n"
@@ -55,7 +43,6 @@
 import {
 	COMMUNITY_PACKAGE_INSTALL_MODAL_KEY,
 	COMMUNITY_NODES_INSTALLATION_DOCS_URL,
-	COMMUNITY_NODES_MANUAL_INSTALLATION_DOCS_URL,
 	COMMUNITY_NODES_NPM_INSTALLATION_URL,
 } from '@/constants';
 import CommunityPackageCard from '@/components/CommunityPackageCard.vue';
@@ -144,16 +131,6 @@ export default defineComponent({
 				};
 			}
 
-			if (this.settingsStore.isQueueModeEnabled) {
-				return {
-					calloutText: this.$locale.baseText('settings.communityNodes.queueMode.warning', {
-						interpolate: { docURL: COMMUNITY_NODES_MANUAL_INSTALLATION_DOCS_URL },
-					}),
-					calloutTheme: 'warning',
-					hideButton: true,
-				};
-			}
-
 			return {
 				calloutText: '',
 				calloutTheme: '',
diff --git a/packages/editor-ui/src/views/SettingsPersonalView.vue b/packages/editor-ui/src/views/SettingsPersonalView.vue
index bbf5f7dbc7107..9f0146ef3cdfb 100644
--- a/packages/editor-ui/src/views/SettingsPersonalView.vue
+++ b/packages/editor-ui/src/views/SettingsPersonalView.vue
@@ -1,22 +1,27 @@
 <script lang="ts" setup>
+import { ref, computed, onMounted, onBeforeUnmount } from 'vue';
 import { useI18n } from '@/composables/useI18n';
 import { useToast } from '@/composables/useToast';
 import type { IFormInputs, IUser, ThemeOption } from '@/Interface';
-import { CHANGE_PASSWORD_MODAL_KEY, MFA_DOCS_URL, MFA_SETUP_MODAL_KEY } from '@/constants';
+import {
+	CHANGE_PASSWORD_MODAL_KEY,
+	MFA_DOCS_URL,
+	MFA_SETUP_MODAL_KEY,
+	PROMPT_MFA_CODE_MODAL_KEY,
+} from '@/constants';
 import { useUIStore } from '@/stores/ui.store';
 import { useUsersStore } from '@/stores/users.store';
 import { useSettingsStore } from '@/stores/settings.store';
-import { createEventBus } from 'n8n-design-system/utils';
-import { ref } from 'vue';
-import { computed } from 'vue';
-import { onMounted } from 'vue';
+import { createFormEventBus } from 'n8n-design-system/utils';
+import type { MfaModalEvents } from '@/event-bus/mfa';
+import { promptMfaCodeBus } from '@/event-bus/mfa';
 
 const i18n = useI18n();
 const { showToast, showError } = useToast();
 
 const hasAnyBasicInfoChanges = ref<boolean>(false);
 const formInputs = ref<null | IFormInputs>(null);
-const formBus = ref(createEventBus());
+const formBus = ref(createFormEventBus());
 const readyToSubmit = ref(false);
 const currentSelectedTheme = ref(useUIStore().theme);
 const themeOptions = ref<Array<{ name: ThemeOption; label: string }>>([
@@ -154,9 +159,16 @@ function openPasswordModal() {
 function onMfaEnableClick() {
 	uiStore.openModal(MFA_SETUP_MODAL_KEY);
 }
-async function onMfaDisableClick() {
+
+async function disableMfa(payload: MfaModalEvents['closed']) {
+	if (!payload) {
+		// User closed the modal without submitting the form
+		return;
+	}
+
 	try {
-		await usersStore.disabledMfa();
+		await usersStore.disableMfa(payload.mfaCode);
+
 		showToast({
 			title: i18n.baseText('settings.personal.mfa.toast.disabledMfa.title'),
 			message: i18n.baseText('settings.personal.mfa.toast.disabledMfa.message'),
@@ -167,6 +179,16 @@ async function onMfaDisableClick() {
 		showError(e, i18n.baseText('settings.personal.mfa.toast.disabledMfa.error.message'));
 	}
 }
+
+async function onMfaDisableClick() {
+	uiStore.openModal(PROMPT_MFA_CODE_MODAL_KEY);
+
+	promptMfaCodeBus.once('closed', disableMfa);
+}
+
+onBeforeUnmount(() => {
+	promptMfaCodeBus.off('closed', disableMfa);
+});
 </script>
 
 <template>
diff --git a/packages/editor-ui/src/views/__tests__/SettingsUsersView.test.ts b/packages/editor-ui/src/views/SettingsUsersView.test.ts
similarity index 95%
rename from packages/editor-ui/src/views/__tests__/SettingsUsersView.test.ts
rename to packages/editor-ui/src/views/SettingsUsersView.test.ts
index d67cd3502af7f..ac16df6e487fa 100644
--- a/packages/editor-ui/src/views/__tests__/SettingsUsersView.test.ts
+++ b/packages/editor-ui/src/views/SettingsUsersView.test.ts
@@ -15,6 +15,7 @@ import { DELETE_USER_MODAL_KEY, EnterpriseEditionFeature } from '@/constants';
 import * as usersApi from '@/api/users';
 import { useSettingsStore } from '@/stores/settings.store';
 import { defaultSettings } from '@/__tests__/defaults';
+import { ProjectTypes } from '@/types/projects.types';
 
 const wrapperComponentWithModal = {
 	components: { SettingsUsersView, ModalRoot, DeleteUserModal },
@@ -34,7 +35,12 @@ const renderComponent = createComponentRenderer(wrapperComponentWithModal);
 
 const loggedInUser = createUser();
 const users = Array.from({ length: 3 }, createUser);
-const personalProjects = Array.from({ length: 3 }, createProjectListItem);
+const projects = [
+	ProjectTypes.Personal,
+	ProjectTypes.Personal,
+	ProjectTypes.Team,
+	ProjectTypes.Team,
+].map(createProjectListItem);
 
 let pinia: ReturnType<typeof createPinia>;
 let projectsStore: ReturnType<typeof useProjectsStore>;
@@ -60,7 +66,7 @@ describe('SettingsUsersView', () => {
 		vi.spyOn(projectsStore, 'getAllProjects').mockImplementation(
 			async () => await Promise.resolve(),
 		);
-		vi.spyOn(projectsStore, 'personalProjects', 'get').mockReturnValue(personalProjects);
+		vi.spyOn(projectsStore, 'projects', 'get').mockReturnValue(projects);
 
 		usersStore.currentUserId = loggedInUser.id;
 	});
diff --git a/packages/editor-ui/src/views/VariablesView.vue b/packages/editor-ui/src/views/VariablesView.vue
index 4cd5c1a84a7c2..cd06b7e91cf6a 100644
--- a/packages/editor-ui/src/views/VariablesView.vue
+++ b/packages/editor-ui/src/views/VariablesView.vue
@@ -17,7 +17,7 @@ import VariablesRow from '@/components/VariablesRow.vue';
 import { EnterpriseEditionFeature, MODAL_CONFIRM } from '@/constants';
 import type { DatatableColumn, EnvironmentVariable } from '@/Interface';
 import { uid } from 'n8n-design-system/utils';
-import { getVariablesPermissions } from '@/permissions';
+import { getResourcePermissions } from '@/permissions';
 import type { BaseTextKey } from '@/plugins/i18n';
 
 const settingsStore = useSettingsStore();
@@ -39,7 +39,10 @@ const TEMPORARY_VARIABLE_UID_BASE = '@tmpvar';
 const allVariables = ref<EnvironmentVariable[]>([]);
 const editMode = ref<Record<string, boolean>>({});
 const loading = ref(false);
-const permissions = getVariablesPermissions(usersStore.currentUser);
+
+const permissions = computed(
+	() => getResourcePermissions(usersStore.currentUser?.globalScopes).variable,
+);
 
 const isFeatureEnabled = computed(
 	() => settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Variables],
@@ -49,7 +52,7 @@ const variablesToResources = computed((): IResource[] =>
 	allVariables.value.map((v) => ({ id: v.id, name: v.key, value: v.value })),
 );
 
-const canCreateVariables = computed(() => isFeatureEnabled.value && permissions.create);
+const canCreateVariables = computed(() => isFeatureEnabled.value && permissions.value.create);
 
 const datatableColumns = computed<DatatableColumn[]>(() => [
 	{
diff --git a/packages/editor-ui/src/views/WorkflowExecutionsView.vue b/packages/editor-ui/src/views/WorkflowExecutionsView.vue
index 86a19f603ba20..f09619fdd7434 100644
--- a/packages/editor-ui/src/views/WorkflowExecutionsView.vue
+++ b/packages/editor-ui/src/views/WorkflowExecutionsView.vue
@@ -128,7 +128,7 @@ async function fetchWorkflow() {
 			toast.showError(error, i18n.baseText('nodeView.showError.openWorkflow.title'));
 		}
 	}
-	workflow.value = workflowsStore.workflow;
+	workflow.value = workflowsStore.getWorkflowById(workflowId.value);
 }
 
 async function onAutoRefreshToggle(value: boolean) {
@@ -172,7 +172,10 @@ async function onUpdateFilters(newFilters: ExecutionFilterType) {
 	await executionsStore.initialize(workflowId.value);
 }
 
-async function onExecutionStop(id: string) {
+async function onExecutionStop(id?: string) {
+	if (!id) {
+		return;
+	}
 	try {
 		await executionsStore.stopCurrentExecution(id);
 
@@ -190,7 +193,10 @@ async function onExecutionStop(id: string) {
 	}
 }
 
-async function onExecutionDelete(id: string) {
+async function onExecutionDelete(id?: string) {
+	if (!id) {
+		return;
+	}
 	loading.value = true;
 	try {
 		const executionIndex = executions.value.findIndex((e: ExecutionSummary) => e.id === id);
diff --git a/packages/editor-ui/src/views/WorkflowHistory.vue b/packages/editor-ui/src/views/WorkflowHistory.vue
index 3bddc865dd757..567cae9a41cd6 100644
--- a/packages/editor-ui/src/views/WorkflowHistory.vue
+++ b/packages/editor-ui/src/views/WorkflowHistory.vue
@@ -19,6 +19,7 @@ import { useUIStore } from '@/stores/ui.store';
 import { useWorkflowsStore } from '@/stores/workflows.store';
 import { telemetry } from '@/plugins/telemetry';
 import { useRootStore } from '@/stores/root.store';
+import { getResourcePermissions } from '@/permissions';
 
 type WorkflowHistoryActionRecord = {
 	[K in Uppercase<WorkflowHistoryActionTypes[number]>]: Lowercase<K>;
@@ -65,10 +66,15 @@ const editorRoute = computed(() => ({
 		name: workflowId.value,
 	},
 }));
+const workflowPermissions = computed(
+	() => getResourcePermissions(workflowsStore.getWorkflowById(workflowId.value)?.scopes).workflow,
+);
 const actions = computed<UserAction[]>(() =>
 	workflowHistoryActionTypes.map((value) => ({
 		label: i18n.baseText(`workflowHistory.item.actions.${value}`),
-		disabled: false,
+		disabled:
+			(value === 'clone' && !workflowPermissions.value.create) ||
+			(value === 'restore' && !workflowPermissions.value.update),
 		value,
 	})),
 );
diff --git a/packages/editor-ui/src/views/WorkflowsView.vue b/packages/editor-ui/src/views/WorkflowsView.vue
index 252b64dda1c2d..55e61c4fb1973 100644
--- a/packages/editor-ui/src/views/WorkflowsView.vue
+++ b/packages/editor-ui/src/views/WorkflowsView.vue
@@ -8,7 +8,7 @@
 		:type-props="{ itemSize: 80 }"
 		:shareable="isShareable"
 		:initialize="initialize"
-		:disabled="readOnlyEnv"
+		:disabled="readOnlyEnv || !projectPermissions.workflow.create"
 		:loading="loading"
 		@click:add="addWorkflow"
 		@update:filters="onFiltersUpdated"
@@ -61,17 +61,12 @@
 							: $locale.baseText('workflows.empty.heading.userNotSetup')
 					}}
 				</n8n-heading>
-				<n8n-text size="large" color="text-base">
-					{{
-						$locale.baseText(
-							readOnlyEnv
-								? 'workflows.empty.description.readOnlyEnv'
-								: 'workflows.empty.description',
-						)
-					}}
-				</n8n-text>
+				<n8n-text size="large" color="text-base">{{ emptyListDescription }}</n8n-text>
 			</div>
-			<div v-if="!readOnlyEnv" :class="['text-center', 'mt-2xl', $style.actionsContainer]">
+			<div
+				v-if="!readOnlyEnv && projectPermissions.workflow.create"
+				:class="['text-center', 'mt-2xl', $style.actionsContainer]"
+			>
 				<a
 					v-if="isSalesUser"
 					:href="getTemplateRepositoryURL()"
@@ -162,6 +157,7 @@ import { useTagsStore } from '@/stores/tags.store';
 import { useProjectsStore } from '@/stores/projects.store';
 import ProjectTabs from '@/components/Projects/ProjectTabs.vue';
 import { useTemplatesStore } from '@/stores/templates.store';
+import { getResourcePermissions } from '@/permissions';
 
 interface Filters {
 	search: string;
@@ -260,6 +256,20 @@ const WorkflowsView = defineComponent({
 				? this.$locale.baseText('workflows.project.add')
 				: this.$locale.baseText('workflows.add');
 		},
+		projectPermissions() {
+			return getResourcePermissions(
+				this.projectsStore.currentProject?.scopes ?? this.projectsStore.personalProject?.scopes,
+			);
+		},
+		emptyListDescription() {
+			if (this.readOnlyEnv) {
+				return this.$locale.baseText('workflows.empty.description.readOnlyEnv');
+			} else if (!this.projectPermissions.workflow.create) {
+				return this.$locale.baseText('workflows.empty.description.noPermission');
+			} else {
+				return this.$locale.baseText('workflows.empty.description');
+			}
+		},
 	},
 	watch: {
 		filters: {
diff --git a/packages/node-dev/README.md b/packages/node-dev/README.md
index d650716a0a284..bbb999de1ba99 100644
--- a/packages/node-dev/README.md
+++ b/packages/node-dev/README.md
@@ -215,8 +215,4 @@ All properties are optional. However, most only work when the node-property is o
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/node-dev/package.json b/packages/node-dev/package.json
index d7b16155a1aa5..cd77936f1376d 100644
--- a/packages/node-dev/package.json
+++ b/packages/node-dev/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-node-dev",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "description": "CLI to simplify n8n credentials/node development",
   "main": "dist/src/index",
   "types": "dist/src/index.d.ts",
diff --git a/packages/nodes-base/README.md b/packages/nodes-base/README.md
index 3dc74130378f4..fec5cc3db06cf 100644
--- a/packages/nodes-base/README.md
+++ b/packages/nodes-base/README.md
@@ -10,8 +10,4 @@ npm install n8n-nodes-base -g
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/nodes-base/credentials/OktaApi.credentials.ts b/packages/nodes-base/credentials/OktaApi.credentials.ts
index c5b925c0718d8..2e690bfb77eac 100644
--- a/packages/nodes-base/credentials/OktaApi.credentials.ts
+++ b/packages/nodes-base/credentials/OktaApi.credentials.ts
@@ -30,12 +30,13 @@ export class OktaApi implements ICredentialType {
 			placeholder: 'https://dev-123456.okta.com',
 		},
 		{
-			displayName: 'SSWS Access Token',
+			displayName: 'Access Token',
 			name: 'accessToken',
 			type: 'string',
 			typeOptions: { password: true },
 			required: true,
 			default: '',
+			description: 'Secure Session Web Service Access Token',
 		},
 	];
 
diff --git a/packages/nodes-base/credentials/TwitterOAuth1Api.credentials.ts b/packages/nodes-base/credentials/TwitterOAuth1Api.credentials.ts
index 218e312be7be7..1fcce3028f8c6 100644
--- a/packages/nodes-base/credentials/TwitterOAuth1Api.credentials.ts
+++ b/packages/nodes-base/credentials/TwitterOAuth1Api.credentials.ts
@@ -36,8 +36,8 @@ export class TwitterOAuth1Api implements ICredentialType {
 		},
 		{
 			displayName:
-				'Some operations requires a Basic or a Pro API for more informations see <a href="https://developer.twitter.com/en/products/twitter-api" target="_blank">X API Docs</a>',
-			name: 'apiPermissioms',
+				'Some operations require a Basic or Pro API. Refer to <a href="https://developer.x.com/en/docs/twitter-api" target="_blank">X API Docs</a> for more information.',
+			name: 'apiPermissions',
 			type: 'notice',
 			default: '',
 		},
diff --git a/packages/nodes-base/credentials/TwitterOAuth2Api.credentials.ts b/packages/nodes-base/credentials/TwitterOAuth2Api.credentials.ts
index 5850d1409de13..53f1f218e06aa 100644
--- a/packages/nodes-base/credentials/TwitterOAuth2Api.credentials.ts
+++ b/packages/nodes-base/credentials/TwitterOAuth2Api.credentials.ts
@@ -28,8 +28,8 @@ export class TwitterOAuth2Api implements ICredentialType {
 	properties: INodeProperties[] = [
 		{
 			displayName:
-				'Some operations requires a Basic or a Pro API for more informations see <a href="https://developer.twitter.com/en/products/twitter-api" target="_blank">X API Docs</a>',
-			name: 'apiPermissioms',
+				'Some operations require a Basic or Pro API. Refer to <a href="https://developer.x.com/en/docs/twitter-api" target="_blank">X API Docs</a> for more information.',
+			name: 'apiPermissions',
 			type: 'notice',
 			default: '',
 		},
diff --git a/packages/nodes-base/credentials/WebflowOAuth2Api.credentials.ts b/packages/nodes-base/credentials/WebflowOAuth2Api.credentials.ts
index 09c5dd63d3d05..8c754995f8401 100644
--- a/packages/nodes-base/credentials/WebflowOAuth2Api.credentials.ts
+++ b/packages/nodes-base/credentials/WebflowOAuth2Api.credentials.ts
@@ -16,6 +16,13 @@ export class WebflowOAuth2Api implements ICredentialType {
 			type: 'hidden',
 			default: 'authorizationCode',
 		},
+		{
+			displayName: 'Legacy',
+			name: 'legacy',
+			type: 'boolean',
+			default: true,
+			description: 'If the legacy API should be used',
+		},
 		{
 			displayName: 'Authorization URL',
 			name: 'authUrl',
@@ -34,7 +41,7 @@ export class WebflowOAuth2Api implements ICredentialType {
 			displayName: 'Scope',
 			name: 'scope',
 			type: 'hidden',
-			default: '',
+			default: '={{$self["legacy"] ? "" : "cms:read cms:write sites:read"}}',
 		},
 		{
 			displayName: 'Auth URI Query Parameters',
diff --git a/packages/nodes-base/credentials/WhatsAppApi.credentials.ts b/packages/nodes-base/credentials/WhatsAppApi.credentials.ts
index 34473518b1f3f..c676c40f3df52 100644
--- a/packages/nodes-base/credentials/WhatsAppApi.credentials.ts
+++ b/packages/nodes-base/credentials/WhatsAppApi.credentials.ts
@@ -22,7 +22,7 @@ export class WhatsAppApi implements ICredentialType {
 			required: true,
 		},
 		{
-			displayName: 'Bussiness Account ID',
+			displayName: 'Business Account ID',
 			type: 'string',
 			name: 'businessAccountId',
 			default: '',
diff --git a/packages/nodes-base/credentials/WhatsAppTriggerApi.credentials.ts b/packages/nodes-base/credentials/WhatsAppTriggerApi.credentials.ts
index d339b36a2be48..09e2fca7e3a08 100644
--- a/packages/nodes-base/credentials/WhatsAppTriggerApi.credentials.ts
+++ b/packages/nodes-base/credentials/WhatsAppTriggerApi.credentials.ts
@@ -3,7 +3,7 @@ import type { ICredentialTestRequest, ICredentialType, INodeProperties } from 'n
 export class WhatsAppTriggerApi implements ICredentialType {
 	name = 'whatsAppTriggerApi';
 
-	displayName = 'WhatsApp API';
+	displayName = 'WhatsApp OAuth API';
 
 	documentationUrl = 'whatsApp';
 
diff --git a/packages/nodes-base/nodes/AiTransform/AiTransform.node.json b/packages/nodes-base/nodes/AiTransform/AiTransform.node.json
new file mode 100644
index 0000000000000..0d13c13877fc5
--- /dev/null
+++ b/packages/nodes-base/nodes/AiTransform/AiTransform.node.json
@@ -0,0 +1,18 @@
+{
+	"node": "n8n-nodes-base.aiTransform",
+	"nodeVersion": "1.0",
+	"codexVersion": "1.0",
+	"details": "Modify data by writing a prompt",
+	"categories": ["Development", "Core Nodes"],
+	"resources": {
+		"primaryDocumentation": [
+			{
+				"url": "https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.aitransform/"
+			}
+		]
+	},
+	"alias": ["code", "Javascript", "JS", "Script", "Custom Code", "Function", "AI", "LLM"],
+	"subcategories": {
+		"Core Nodes": ["Data Transformation"]
+	}
+}
diff --git a/packages/nodes-base/nodes/AiTransform/AiTransform.node.ts b/packages/nodes-base/nodes/AiTransform/AiTransform.node.ts
new file mode 100644
index 0000000000000..8c41635555ca3
--- /dev/null
+++ b/packages/nodes-base/nodes/AiTransform/AiTransform.node.ts
@@ -0,0 +1,148 @@
+/* eslint-disable n8n-nodes-base/node-dirname-against-convention */
+import {
+	NodeOperationError,
+	type IExecuteFunctions,
+	type INodeExecutionData,
+	type INodeType,
+	type INodeTypeDescription,
+} from 'n8n-workflow';
+
+import set from 'lodash/set';
+
+import { JavaScriptSandbox } from '../Code/JavaScriptSandbox';
+import { getSandboxContext } from '../Code/Sandbox';
+import { standardizeOutput } from '../Code/utils';
+
+const { CODE_ENABLE_STDOUT } = process.env;
+
+export class AiTransform implements INodeType {
+	description: INodeTypeDescription = {
+		displayName: 'AI Transform',
+		name: 'aiTransform',
+		icon: 'file:aitransform.svg',
+		group: ['transform'],
+		version: 1,
+		description: 'Modify data based on instructions written in plain english',
+		defaults: {
+			name: 'AI Transform',
+		},
+		inputs: ['main'],
+		outputs: ['main'],
+		parameterPane: 'wide',
+		properties: [
+			{
+				displayName: 'Instructions',
+				name: 'generate',
+				type: 'button',
+				default: '',
+				description:
+					"Provide instructions on how you want to transform the data, then click 'Generate code'. Use dot notation to refer to nested fields (e.g. address.street).",
+				placeholder:
+					"Example: Merge 'firstname' and 'lastname' into a field 'details.name' and sort by 'email'",
+				typeOptions: {
+					buttonConfig: {
+						label: 'Generate code',
+						hasInputField: true,
+						inputFieldMaxLength: 500,
+						action: {
+							type: 'askAiCodeGeneration',
+							target: 'jsCode',
+						},
+					},
+				},
+			},
+			{
+				displayName: 'Transformation Code',
+				name: 'jsCode',
+				type: 'string',
+				typeOptions: {
+					editor: 'jsEditor',
+					editorIsReadOnly: true,
+				},
+				default: '',
+				description:
+					'Read-only. To edit this code, adjust the prompt or copy and paste it into a Code node.',
+				noDataExpression: true,
+			},
+			{
+				displayName:
+					"Click on 'Test step' to run the transformation code. Further executions will use the generated code (and not invoke AI again).",
+				name: 'hint',
+				type: 'notice',
+				default: '',
+				displayOptions: {
+					show: {
+						jsCode: [{ _cnd: { exists: true } }],
+					},
+				},
+			},
+		],
+	};
+
+	async execute(this: IExecuteFunctions) {
+		const workflowMode = this.getMode();
+
+		const node = this.getNode();
+
+		const codeParameterName = 'jsCode';
+
+		const getSandbox = (index = 0) => {
+			let code = '';
+			try {
+				code = this.getNodeParameter(codeParameterName, index) as string;
+
+				if (!code) {
+					const instructions = this.getNodeParameter('generate', index) as string;
+					if (!instructions) {
+						throw new NodeOperationError(node, 'Missing instructions to generate code', {
+							description:
+								"Enter your prompt in the 'Instructions' parameter and click 'Generate code'",
+						});
+					}
+					throw new NodeOperationError(node, 'Missing code for data transformation', {
+						description: "Click the 'Generate code' button to create the code",
+					});
+				}
+			} catch (error) {
+				if (error instanceof NodeOperationError) throw error;
+
+				throw new NodeOperationError(node, error);
+			}
+
+			const context = getSandboxContext.call(this, index);
+
+			context.items = context.$input.all();
+
+			const Sandbox = JavaScriptSandbox;
+			const sandbox = new Sandbox(context, code, index, this.helpers);
+			sandbox.on(
+				'output',
+				workflowMode === 'manual'
+					? this.sendMessageToUI
+					: CODE_ENABLE_STDOUT === 'true'
+						? (...args) =>
+								console.log(`[Workflow "${this.getWorkflow().id}"][Node "${node.name}"]`, ...args)
+						: () => {},
+			);
+			return sandbox;
+		};
+
+		const sandbox = getSandbox();
+		let items: INodeExecutionData[];
+		try {
+			items = (await sandbox.runCodeAllItems()) as INodeExecutionData[];
+		} catch (error) {
+			if (!this.continueOnFail(error)) {
+				set(error, 'node', node);
+				throw error;
+			}
+			items = [{ json: { error: error.message } }];
+		}
+
+		for (const item of items) {
+			standardizeOutput(item.json);
+		}
+
+		return [items];
+	}
+}
diff --git a/packages/nodes-base/nodes/AiTransform/aitransform.svg b/packages/nodes-base/nodes/AiTransform/aitransform.svg
new file mode 100644
index 0000000000000..699be8f28ed8e
--- /dev/null
+++ b/packages/nodes-base/nodes/AiTransform/aitransform.svg
@@ -0,0 +1,10 @@
+<svg width="40" height="40" viewBox="0 0 40 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M39.4956 19.5195L34.8 18.006C31.7965 17.015 30.0369 14.5846 29.2111 11.5306L27.1447 1.46518C27.0908 1.2663 26.9593 1 26.5548 1C26.2144 1 26.0188 1.2663 25.9649 1.46518L23.8986 11.534C23.0693 14.588 21.3131 17.0184 18.3097 18.0094L13.6141 19.5229C12.95 19.7386 12.9399 20.6757 13.6006 20.9016L18.3299 22.5297C21.3232 23.5241 23.0693 25.9512 23.8986 28.9917L25.9683 38.9458C26.0222 39.1447 26.1335 39.502 26.5582 39.502C26.9977 39.502 27.0906 39.1585 27.1449 38.9577L27.1481 38.9458L29.2178 28.9917C30.047 25.9478 31.7931 23.5208 34.7865 22.5297L39.5158 20.9016C40.1697 20.6724 40.1596 19.7353 39.4956 19.5195ZM12.6028 28.277C9.82036 27.3584 9.54358 26.324 9.07959 24.5899L9.06681 24.5421L7.89038 20.4162C7.81959 20.1499 7.12519 20.1499 7.05103 20.4162L6.25214 24.2286C5.77684 25.9848 4.76558 27.3804 3.0397 27.9501L0.289074 29.1433C-0.0918337 29.2681 -0.0985755 29.8074 0.282332 29.9355L3.05318 30.9164C4.77233 31.4861 5.77684 32.8816 6.25551 34.6311L7.0544 38.2784C7.12856 38.5447 7.81959 38.5447 7.89038 38.2784L8.82748 34.648C9.30277 32.8884 10.0309 31.4895 12.3669 30.9164L14.9692 29.9355C15.3501 29.804 15.3467 29.2647 14.9625 29.14L12.6028 28.277ZM13.3255 2.03231C13.4169 1.65456 13.954 1.64852 14.0473 2.02833L14.0475 2.02889L15.0714 6.25591C15.2111 6.74054 15.5906 7.11618 16.0783 7.2487L18.6822 7.95026C19.0346 8.04918 19.0457 8.54279 18.7009 8.65979L18.7004 8.65996L15.97 9.57684C15.531 9.72415 15.1905 10.0756 15.0538 10.5179L14.0473 14.4327L14.0471 14.4337C13.9524 14.8153 13.4207 14.7996 13.3291 14.4333L12.3559 10.5303C12.2222 10.0878 11.8845 9.73333 11.4489 9.58314L8.72013 8.63869C8.37299 8.51471 8.40082 8.02141 8.75078 7.92932L8.75135 7.92917L11.3368 7.25837C11.8372 7.12876 12.2283 6.74382 12.3616 6.24505L13.3255 2.03231Z" fill="url(#paint0_linear_1373_20357)"/>
+<defs>
+<linearGradient id="paint0_linear_1373_20357" x1="0" y1="1" x2="47.0035" y2="13.8158" gradientUnits="userSpaceOnUse">
+<stop stop-color="#5B60E8"/>
+<stop offset="0.5" stop-color="#AA7BEC"/>
+<stop offset="1" stop-color="#EC7B8E"/>
+</linearGradient>
+</defs>
+</svg>
diff --git a/packages/nodes-base/nodes/Calendly/CalendlyTrigger.node.ts b/packages/nodes-base/nodes/Calendly/CalendlyTrigger.node.ts
index 40a10cab92cfa..e272caee9360e 100644
--- a/packages/nodes-base/nodes/Calendly/CalendlyTrigger.node.ts
+++ b/packages/nodes-base/nodes/Calendly/CalendlyTrigger.node.ts
@@ -95,12 +95,12 @@ export class CalendlyTrigger implements INodeType {
 				type: 'multiOptions',
 				options: [
 					{
-						name: 'invitee.created',
+						name: 'Event Created',
 						value: 'invitee.created',
 						description: 'Receive notifications when a new Calendly event is created',
 					},
 					{
-						name: 'invitee.canceled',
+						name: 'Event Canceled',
 						value: 'invitee.canceled',
 						description: 'Receive notifications when a Calendly event is canceled',
 					},
diff --git a/packages/nodes-base/nodes/Code/test/Code.workflow.json b/packages/nodes-base/nodes/Code/test/Code.workflow.json
index 07933b0f824a9..fbb4199956213 100644
--- a/packages/nodes-base/nodes/Code/test/Code.workflow.json
+++ b/packages/nodes-base/nodes/Code/test/Code.workflow.json
@@ -59,6 +59,34 @@
 			"type": "n8n-nodes-base.code",
 			"typeVersion": 1,
 			"position": [460, 860]
+		},
+		{
+			"parameters": {
+				"mode": "runOnceForEachItem",
+				"jsCode": "const json = $input.item.json\njson.myNewField = await (async () => json.value)();\n\nreturn $input.item;"
+			},
+			"id": "3cff4a64-c3fd-47d3-a33e-3c446846138f",
+			"name": "With Async Functions",
+			"type": "n8n-nodes-base.code",
+			"typeVersion": 1,
+			"position": [
+				460,
+				1200
+			]
+		},
+		{
+			"parameters": {
+				"mode": "runOnceForEachItem",
+				"jsCode": "const json = $input.item.json\njson.myNewField = await new Promise((resolve) => resolve(json.value));\n\nreturn $input.item;"
+			},
+			"id": "947e4e3e-2da3-40c5-97da-830c4572fc05",
+			"name": "With Promises",
+			"type": "n8n-nodes-base.code",
+			"typeVersion": 1,
+			"position": [
+				460,
+				1380
+			]
 		}
 	],
 	"pinData": {
@@ -103,6 +131,34 @@
 					"myNewField": 2
 				}
 			}
+		],
+		"With Async Functions": [
+			{
+				"json": {
+					"value": 1,
+					"myNewField": 1
+				}
+			},
+			{
+				"json": {
+					"value": 2,
+					"myNewField": 2
+				}
+			}
+		],
+		"With Promises": [
+			{
+				"json": {
+					"value": 1,
+					"myNewField": 1
+				}
+			},
+			{
+				"json": {
+					"value": 2,
+					"myNewField": 2
+				}
+			}
 		]
 	},
 	"connections": {
@@ -139,6 +195,16 @@
 						"node": "Run Once for Each Item  (Legacy Syntax)",
 						"type": "main",
 						"index": 0
+					},
+					{
+						"node": "With Async Functions",
+						"type": "main",
+						"index": 0
+					},
+					{
+						"node": "With Promises",
+						"type": "main",
+						"index": 0
 					}
 				]
 			]
diff --git a/packages/nodes-base/nodes/Elastic/Elasticsearch/Elasticsearch.node.ts b/packages/nodes-base/nodes/Elastic/Elasticsearch/Elasticsearch.node.ts
index c209b84538bff..d94ac77725464 100644
--- a/packages/nodes-base/nodes/Elastic/Elasticsearch/Elasticsearch.node.ts
+++ b/packages/nodes-base/nodes/Elastic/Elasticsearch/Elasticsearch.node.ts
@@ -4,11 +4,16 @@ import type {
 	INodeExecutionData,
 	INodeType,
 	INodeTypeDescription,
+	JsonObject,
 } from 'n8n-workflow';
-import { jsonParse } from 'n8n-workflow';
+import { jsonParse, NodeApiError } from 'n8n-workflow';
 
 import omit from 'lodash/omit';
-import { elasticsearchApiRequest, elasticsearchApiRequestAllItems } from './GenericFunctions';
+import {
+	elasticsearchApiRequest,
+	elasticsearchApiRequestAllItems,
+	elasticsearchBulkApiRequest,
+} from './GenericFunctions';
 
 import { documentFields, documentOperations, indexFields, indexOperations } from './descriptions';
 
@@ -68,12 +73,14 @@ export class Elasticsearch implements INodeType {
 
 		let responseData;
 
+		let bulkBody: IDataObject = {};
+
 		for (let i = 0; i < items.length; i++) {
+			const bulkOperation = this.getNodeParameter('options.bulkOperation', i, false);
 			if (resource === 'document') {
 				// **********************************************************************
 				//                                document
 				// **********************************************************************
-
 				if (operation === 'delete') {
 					// ----------------------------------------
 					//             document: delete
@@ -84,8 +91,17 @@ export class Elasticsearch implements INodeType {
 					const indexId = this.getNodeParameter('indexId', i);
 					const documentId = this.getNodeParameter('documentId', i);
 
-					const endpoint = `/${indexId}/_doc/${documentId}`;
-					responseData = await elasticsearchApiRequest.call(this, 'DELETE', endpoint);
+					if (bulkOperation) {
+						bulkBody[i] = JSON.stringify({
+							delete: {
+								_index: indexId,
+								_id: documentId,
+							},
+						});
+					} else {
+						const endpoint = `/${indexId}/_doc/${documentId}`;
+						responseData = await elasticsearchApiRequest.call(this, 'DELETE', endpoint);
+					}
 				} else if (operation === 'get') {
 					// ----------------------------------------
 					//              document: get
@@ -223,12 +239,22 @@ export class Elasticsearch implements INodeType {
 					const indexId = this.getNodeParameter('indexId', i);
 					const { documentId } = additionalFields;
 
-					if (documentId) {
-						const endpoint = `/${indexId}/_doc/${documentId}`;
-						responseData = await elasticsearchApiRequest.call(this, 'PUT', endpoint, body);
+					if (bulkOperation) {
+						bulkBody[i] = JSON.stringify({
+							index: {
+								_index: indexId,
+								_id: documentId,
+							},
+						});
+						bulkBody[i] += `\n${JSON.stringify(body)}`;
 					} else {
-						const endpoint = `/${indexId}/_doc`;
-						responseData = await elasticsearchApiRequest.call(this, 'POST', endpoint, body);
+						if (documentId) {
+							const endpoint = `/${indexId}/_doc/${documentId}`;
+							responseData = await elasticsearchApiRequest.call(this, 'PUT', endpoint, body);
+						} else {
+							const endpoint = `/${indexId}/_doc`;
+							responseData = await elasticsearchApiRequest.call(this, 'POST', endpoint, body);
+						}
 					}
 				} else if (operation === 'update') {
 					// ----------------------------------------
@@ -261,7 +287,17 @@ export class Elasticsearch implements INodeType {
 					const documentId = this.getNodeParameter('documentId', i);
 
 					const endpoint = `/${indexId}/_update/${documentId}`;
-					responseData = await elasticsearchApiRequest.call(this, 'POST', endpoint, body);
+					if (bulkOperation) {
+						bulkBody[i] = JSON.stringify({
+							update: {
+								_index: indexId,
+								_id: documentId,
+							},
+						});
+						bulkBody[i] += `\n${JSON.stringify(body)}`;
+					} else {
+						responseData = await elasticsearchApiRequest.call(this, 'POST', endpoint, body);
+					}
 				}
 			} else if (resource === 'index') {
 				// **********************************************************************
@@ -341,13 +377,80 @@ export class Elasticsearch implements INodeType {
 					}
 				}
 			}
-			const executionData = this.helpers.constructExecutionMetaData(
-				this.helpers.returnJsonArray(responseData as IDataObject[]),
-				{ itemData: { item: i } },
-			);
-			returnData.push(...executionData);
-		}
 
+			if (!bulkOperation) {
+				const executionData = this.helpers.constructExecutionMetaData(
+					this.helpers.returnJsonArray(responseData as IDataObject[]),
+					{ itemData: { item: i } },
+				);
+				returnData.push(...executionData);
+			}
+			if (Object.keys(bulkBody).length >= 50) {
+				responseData = (await elasticsearchBulkApiRequest.call(this, bulkBody)) as IDataObject[];
+				for (let j = 0; j < responseData.length; j++) {
+					const itemData = responseData[j];
+					if (itemData.error) {
+						const errorData = itemData.error as IDataObject;
+						const message = errorData.type as string;
+						const description = errorData.reason as string;
+						const itemIndex = parseInt(Object.keys(bulkBody)[j]);
+						if (this.continueOnFail()) {
+							returnData.push(
+								...this.helpers.constructExecutionMetaData(
+									this.helpers.returnJsonArray({ error: message, message: itemData.error }),
+									{ itemData: { item: itemIndex } },
+								),
+							);
+							continue;
+						} else {
+							throw new NodeApiError(this.getNode(), {
+								message,
+								description,
+								itemIndex,
+							} as JsonObject);
+						}
+					}
+					const executionData = this.helpers.constructExecutionMetaData(
+						this.helpers.returnJsonArray(itemData),
+						{ itemData: { item: parseInt(Object.keys(bulkBody)[j]) } },
+					);
+					returnData.push(...executionData);
+				}
+				bulkBody = {};
+			}
+		}
+		if (Object.keys(bulkBody).length) {
+			responseData = (await elasticsearchBulkApiRequest.call(this, bulkBody)) as IDataObject[];
+			for (let j = 0; j < responseData.length; j++) {
+				const itemData = responseData[j];
+				if (itemData.error) {
+					const errorData = itemData.error as IDataObject;
+					const message = errorData.type as string;
+					const description = errorData.reason as string;
+					const itemIndex = parseInt(Object.keys(bulkBody)[j]);
+					if (this.continueOnFail()) {
+						returnData.push(
+							...this.helpers.constructExecutionMetaData(
+								this.helpers.returnJsonArray({ error: message, message: itemData.error }),
+								{ itemData: { item: itemIndex } },
+							),
+						);
+						continue;
+					} else {
+						throw new NodeApiError(this.getNode(), {
+							message,
+							description,
+							itemIndex,
+						} as JsonObject);
+					}
+				}
+				const executionData = this.helpers.constructExecutionMetaData(
+					this.helpers.returnJsonArray(itemData),
+					{ itemData: { item: parseInt(Object.keys(bulkBody)[j]) } },
+				);
+				returnData.push(...executionData);
+			}
+		}
 		return [returnData];
 	}
 }
diff --git a/packages/nodes-base/nodes/Elastic/Elasticsearch/GenericFunctions.ts b/packages/nodes-base/nodes/Elastic/Elasticsearch/GenericFunctions.ts
index ed013079f8cc6..642ce1484fe4f 100644
--- a/packages/nodes-base/nodes/Elastic/Elasticsearch/GenericFunctions.ts
+++ b/packages/nodes-base/nodes/Elastic/Elasticsearch/GenericFunctions.ts
@@ -2,13 +2,55 @@ import type {
 	IExecuteFunctions,
 	IDataObject,
 	JsonObject,
-	IRequestOptions,
+	IHttpRequestOptions,
 	IHttpRequestMethods,
 } from 'n8n-workflow';
 import { NodeApiError } from 'n8n-workflow';
 
 import type { ElasticsearchApiCredentials } from './types';
 
+export async function elasticsearchBulkApiRequest(this: IExecuteFunctions, body: IDataObject) {
+	const { baseUrl, ignoreSSLIssues } = (await this.getCredentials(
+		'elasticsearchApi',
+	)) as ElasticsearchApiCredentials;
+
+	const bulkBody = Object.values(body).flat().join('\n') + '\n';
+
+	const options: IHttpRequestOptions = {
+		method: 'POST',
+		headers: { 'Content-Type': 'application/x-ndjson' },
+		body: bulkBody,
+		url: `${baseUrl}/_bulk`,
+		skipSslCertificateValidation: ignoreSSLIssues,
+		returnFullResponse: true,
+		ignoreHttpStatusErrors: true,
+	};
+
+	const response = await this.helpers.httpRequestWithAuthentication.call(
+		this,
+		'elasticsearchApi',
+		options,
+	);
+
+	if (response.statusCode > 299) {
+		if (this.continueOnFail()) {
+			return Object.values(body).map((_) => ({ error: response.body.error }));
+		} else {
+			throw new NodeApiError(this.getNode(), { error: response.body.error } as JsonObject);
+		}
+	}
+
+	return response.body.items.map((item: IDataObject) => {
+		return {
+			...(item.index as IDataObject),
+			...(item.update as IDataObject),
+			...(item.create as IDataObject),
+			...(item.delete as IDataObject),
+			...(item.error as IDataObject),
+		};
+	});
+}
+
 export async function elasticsearchApiRequest(
 	this: IExecuteFunctions,
 	method: IHttpRequestMethods,
@@ -20,13 +62,13 @@ export async function elasticsearchApiRequest(
 		'elasticsearchApi',
 	)) as ElasticsearchApiCredentials;
 
-	const options: IRequestOptions = {
+	const options: IHttpRequestOptions = {
 		method,
 		body,
 		qs,
-		uri: `${baseUrl}${endpoint}`,
+		url: `${baseUrl}${endpoint}`,
 		json: true,
-		rejectUnauthorized: !ignoreSSLIssues,
+		skipSslCertificateValidation: ignoreSSLIssues,
 	};
 
 	if (!Object.keys(body).length) {
diff --git a/packages/nodes-base/nodes/Elastic/Elasticsearch/descriptions/DocumentDescription.ts b/packages/nodes-base/nodes/Elastic/Elasticsearch/descriptions/DocumentDescription.ts
index 86cefdf4bd16a..3a446243ace73 100644
--- a/packages/nodes-base/nodes/Elastic/Elasticsearch/descriptions/DocumentDescription.ts
+++ b/packages/nodes-base/nodes/Elastic/Elasticsearch/descriptions/DocumentDescription.ts
@@ -81,6 +81,28 @@ export const documentFields: INodeProperties[] = [
 			},
 		},
 	},
+	{
+		displayName: 'Options',
+		name: 'options',
+		type: 'collection',
+		placeholder: 'Add Option',
+		default: {},
+		displayOptions: {
+			show: {
+				resource: ['document'],
+				operation: ['delete'],
+			},
+		},
+		options: [
+			{
+				displayName: 'Bulk Delete',
+				name: 'bulkOperation',
+				type: 'boolean',
+				default: false,
+				description: 'Whether to use the bulk operation to delete the document/s',
+			},
+		],
+	},
 
 	// ----------------------------------------
 	//              document: get
@@ -644,6 +666,13 @@ export const documentFields: INodeProperties[] = [
 			},
 		},
 		options: [
+			{
+				displayName: 'Bulk Create',
+				name: 'bulkOperation',
+				type: 'boolean',
+				default: false,
+				description: 'Whether to use the bulk operation to create the document/s',
+			},
 			{
 				displayName: 'Pipeline ID',
 				name: 'pipeline',
@@ -802,6 +831,13 @@ export const documentFields: INodeProperties[] = [
 			},
 		},
 		options: [
+			{
+				displayName: 'Bulk Update',
+				name: 'bulkOperation',
+				type: 'boolean',
+				default: false,
+				description: 'Whether to use the bulk operation to update the document/s',
+			},
 			{
 				displayName: 'Refresh',
 				name: 'refresh',
diff --git a/packages/nodes-base/nodes/Form/FormTrigger.node.json b/packages/nodes-base/nodes/Form/FormTrigger.node.json
index 8fb0763a34595..6531f1e8c6b4e 100644
--- a/packages/nodes-base/nodes/Form/FormTrigger.node.json
+++ b/packages/nodes-base/nodes/Form/FormTrigger.node.json
@@ -3,7 +3,7 @@
 	"nodeVersion": "1.0",
 	"codexVersion": "1.0",
 	"categories": ["Core Nodes"],
-	"alias": ["_Form", "form", "table", "submit", "post"],
+	"alias": ["table", "submit", "post"],
 	"resources": {
 		"primaryDocumentation": [
 			{
diff --git a/packages/nodes-base/nodes/Form/utils.ts b/packages/nodes-base/nodes/Form/utils.ts
index 2e79c5699ce5f..079ae4278c2d9 100644
--- a/packages/nodes-base/nodes/Form/utils.ts
+++ b/packages/nodes-base/nodes/Form/utils.ts
@@ -165,7 +165,9 @@ export async function formWebhook(
 		if (options.ignoreBots && isbot(req.headers['user-agent'])) {
 			throw new WebhookAuthorizationError(403);
 		}
-		await validateWebhookAuthentication(context, authProperty);
+		if (node.typeVersion > 1) {
+			await validateWebhookAuthentication(context, authProperty);
+		}
 	} catch (error) {
 		if (error instanceof WebhookAuthorizationError) {
 			res.writeHead(error.responseCode, { 'WWW-Authenticate': 'Basic realm="Webhook"' });
diff --git a/packages/nodes-base/nodes/InvoiceNinja/ExpenseDescription.ts b/packages/nodes-base/nodes/InvoiceNinja/ExpenseDescription.ts
index 310c66b9c18ac..729c6a8b77a4b 100644
--- a/packages/nodes-base/nodes/InvoiceNinja/ExpenseDescription.ts
+++ b/packages/nodes-base/nodes/InvoiceNinja/ExpenseDescription.ts
@@ -120,6 +120,11 @@ export const expenseFields: INodeProperties[] = [
 				displayName: 'Payment Type',
 				name: 'paymentType',
 				type: 'options',
+				displayOptions: {
+					show: {
+						apiVersion: ['v4'],
+					},
+				},
 				options: [
 					{
 						name: 'ACH',
@@ -252,6 +257,207 @@ export const expenseFields: INodeProperties[] = [
 				],
 				default: 1,
 			},
+			{
+				displayName: 'Payment Type',
+				name: 'paymentType',
+				type: 'options',
+				displayOptions: {
+					show: {
+						apiVersion: ['v5'],
+					},
+				},
+				options: [
+					{
+						name: 'Bank Transfer',
+						value: 1,
+					},
+					{
+						name: 'Cash',
+						value: 2,
+					},
+					{
+						name: 'ACH',
+						value: 4,
+					},
+					{
+						name: 'Visa',
+						value: 5,
+					},
+					{
+						name: 'Mastercard',
+						value: 6,
+					},
+					{
+						name: 'American Express',
+						value: 7,
+					},
+					{
+						name: 'Discover',
+						value: 8,
+					},
+					{
+						name: 'Diners',
+						value: 9,
+					},
+					{
+						name: 'Eurocard',
+						value: 10,
+					},
+					{
+						name: 'Nova',
+						value: 11,
+					},
+					{
+						name: 'Credit Card Other',
+						value: 12,
+					},
+					{
+						name: 'PayPal',
+						value: 13,
+					},
+					{
+						name: 'Check',
+						value: 15,
+					},
+					{
+						name: 'Carte Blanche',
+						value: 16,
+					},
+					{
+						name: 'UnionPay',
+						value: 17,
+					},
+					{
+						name: 'JCB',
+						value: 18,
+					},
+					{
+						name: 'Laser',
+						value: 19,
+					},
+					{
+						name: 'Maestro',
+						value: 20,
+					},
+					{
+						name: 'Solo',
+						value: 21,
+					},
+					{
+						name: 'Switch',
+						value: 22,
+					},
+					{
+						name: 'Venmo',
+						value: 24,
+					},
+					{
+						name: 'Alipay',
+						value: 27,
+					},
+					{
+						name: 'Sofort',
+						value: 28,
+					},
+					{
+						name: 'SEPA',
+						value: 29,
+					},
+					{
+						name: 'GoCardless',
+						value: 30,
+					},
+					{
+						name: 'Crypto',
+						value: 31,
+					},
+					{
+						name: 'Credit',
+						value: 32,
+					},
+					{
+						name: 'Zelle',
+						value: 33,
+					},
+					{
+						name: 'Mollie Bank Transfer',
+						value: 34,
+					},
+					{
+						name: 'KBC',
+						value: 35,
+					},
+					{
+						name: 'Bancontact',
+						value: 36,
+					},
+					{
+						name: 'iDEAL',
+						value: 37,
+					},
+					{
+						name: 'Hosted Page',
+						value: 38,
+					},
+					{
+						name: 'Giropay',
+						value: 39,
+					},
+					{
+						name: 'Przelewy24',
+						value: 40,
+					},
+					{
+						name: 'EPS',
+						value: 41,
+					},
+					{
+						name: 'Direct Debit',
+						value: 42,
+					},
+					{
+						name: 'BECS',
+						value: 43,
+					},
+					{
+						name: 'ACSS',
+						value: 44,
+					},
+					{
+						name: 'Instant Bank Pay',
+						value: 45,
+					},
+					{
+						name: 'FPX',
+						value: 46,
+					},
+					{
+						name: 'Klarna',
+						value: 47,
+					},
+					{
+						name: 'Interac E-Transfer',
+						value: 48,
+					},
+					{
+						name: 'BACS',
+						value: 49,
+					},
+					{
+						name: 'Stripe Bank Transfer',
+						value: 50,
+					},
+					{
+						name: 'Cash App',
+						value: 51,
+					},
+					{
+						name: 'Pay Later',
+						value: 52,
+					},
+				],
+				default: 1,
+			},
 			{
 				displayName: 'Private Notes',
 				name: 'privateNotes',
diff --git a/packages/nodes-base/nodes/InvoiceNinja/PaymentDescription.ts b/packages/nodes-base/nodes/InvoiceNinja/PaymentDescription.ts
index ff1a4562598ef..17ae0938e99c5 100644
--- a/packages/nodes-base/nodes/InvoiceNinja/PaymentDescription.ts
+++ b/packages/nodes-base/nodes/InvoiceNinja/PaymentDescription.ts
@@ -94,6 +94,11 @@ export const paymentFields: INodeProperties[] = [
 				displayName: 'Payment Type',
 				name: 'paymentType',
 				type: 'options',
+				displayOptions: {
+					show: {
+						apiVersion: ['v4'],
+					},
+				},
 				options: [
 					{
 						name: 'ACH',
@@ -226,6 +231,207 @@ export const paymentFields: INodeProperties[] = [
 				],
 				default: 1,
 			},
+			{
+				displayName: 'Payment Type',
+				name: 'paymentType',
+				type: 'options',
+				displayOptions: {
+					show: {
+						apiVersion: ['v5'],
+					},
+				},
+				options: [
+					{
+						name: 'Bank Transfer',
+						value: 1,
+					},
+					{
+						name: 'Cash',
+						value: 2,
+					},
+					{
+						name: 'ACH',
+						value: 4,
+					},
+					{
+						name: 'Visa',
+						value: 5,
+					},
+					{
+						name: 'Mastercard',
+						value: 6,
+					},
+					{
+						name: 'American Express',
+						value: 7,
+					},
+					{
+						name: 'Discover',
+						value: 8,
+					},
+					{
+						name: 'Diners',
+						value: 9,
+					},
+					{
+						name: 'Eurocard',
+						value: 10,
+					},
+					{
+						name: 'Nova',
+						value: 11,
+					},
+					{
+						name: 'Credit Card Other',
+						value: 12,
+					},
+					{
+						name: 'PayPal',
+						value: 13,
+					},
+					{
+						name: 'Check',
+						value: 15,
+					},
+					{
+						name: 'Carte Blanche',
+						value: 16,
+					},
+					{
+						name: 'UnionPay',
+						value: 17,
+					},
+					{
+						name: 'JCB',
+						value: 18,
+					},
+					{
+						name: 'Laser',
+						value: 19,
+					},
+					{
+						name: 'Maestro',
+						value: 20,
+					},
+					{
+						name: 'Solo',
+						value: 21,
+					},
+					{
+						name: 'Switch',
+						value: 22,
+					},
+					{
+						name: 'Venmo',
+						value: 24,
+					},
+					{
+						name: 'Alipay',
+						value: 27,
+					},
+					{
+						name: 'Sofort',
+						value: 28,
+					},
+					{
+						name: 'SEPA',
+						value: 29,
+					},
+					{
+						name: 'GoCardless',
+						value: 30,
+					},
+					{
+						name: 'Crypto',
+						value: 31,
+					},
+					{
+						name: 'Credit',
+						value: 32,
+					},
+					{
+						name: 'Zelle',
+						value: 33,
+					},
+					{
+						name: 'Mollie Bank Transfer',
+						value: 34,
+					},
+					{
+						name: 'KBC',
+						value: 35,
+					},
+					{
+						name: 'Bancontact',
+						value: 36,
+					},
+					{
+						name: 'iDEAL',
+						value: 37,
+					},
+					{
+						name: 'Hosted Page',
+						value: 38,
+					},
+					{
+						name: 'Giropay',
+						value: 39,
+					},
+					{
+						name: 'Przelewy24',
+						value: 40,
+					},
+					{
+						name: 'EPS',
+						value: 41,
+					},
+					{
+						name: 'Direct Debit',
+						value: 42,
+					},
+					{
+						name: 'BECS',
+						value: 43,
+					},
+					{
+						name: 'ACSS',
+						value: 44,
+					},
+					{
+						name: 'Instant Bank Pay',
+						value: 45,
+					},
+					{
+						name: 'FPX',
+						value: 46,
+					},
+					{
+						name: 'Klarna',
+						value: 47,
+					},
+					{
+						name: 'Interac E-Transfer',
+						value: 48,
+					},
+					{
+						name: 'BACS',
+						value: 49,
+					},
+					{
+						name: 'Stripe Bank Transfer',
+						value: 50,
+					},
+					{
+						name: 'Cash App',
+						value: 51,
+					},
+					{
+						name: 'Pay Later',
+						value: 52,
+					},
+				],
+				default: 1,
+			},
 			{
 				displayName: 'Transfer Reference',
 				name: 'transferReference',
diff --git a/packages/nodes-base/nodes/Lemlist/GenericFunctions.ts b/packages/nodes-base/nodes/Lemlist/GenericFunctions.ts
index 8a587a939044f..e95bebe507cde 100644
--- a/packages/nodes-base/nodes/Lemlist/GenericFunctions.ts
+++ b/packages/nodes-base/nodes/Lemlist/GenericFunctions.ts
@@ -71,16 +71,53 @@ export async function lemlistApiRequestAllItems(
 export function getEvents() {
 	const events = [
 		'*',
-		'emailsBounced',
-		'emailsClicked',
-		'emailsFailed',
-		'emailsInterested',
-		'emailsNotInterested',
+		'contacted',
+		'hooked',
+		'attracted',
+		'warmed',
+		'interested',
+		'skipped',
+		'notInterested',
+		'emailsSent',
 		'emailsOpened',
+		'emailsClicked',
 		'emailsReplied',
+		'emailsBounced',
 		'emailsSendFailed',
-		'emailsSent',
+		'emailsFailed',
 		'emailsUnsubscribed',
+		'emailsInterested',
+		'emailsNotInterested',
+		'opportunitiesDone',
+		'aircallCreated',
+		'aircallEnded',
+		'aircallDone',
+		'aircallInterested',
+		'aircallNotInterested',
+		'apiDone',
+		'apiInterested',
+		'apiNotInterested',
+		'apiFailed',
+		'linkedinVisitDone',
+		'linkedinVisitFailed',
+		'linkedinInviteDone',
+		'linkedinInviteFailed',
+		'linkedinInviteAccepted',
+		'linkedinReplied',
+		'linkedinSent',
+		'linkedinVoiceNoteDone',
+		'linkedinVoiceNoteFailed',
+		'linkedinInterested',
+		'linkedinNotInterested',
+		'linkedinSendFailed',
+		'manualInterested',
+		'manualNotInterested',
+		'paused',
+		'resumed',
+		'customDomainErrors',
+		'connectionIssue',
+		'sendLimitReached',
+		'lemwarmPaused',
 	];
 
 	return events.map((event: string) => ({
diff --git a/packages/nodes-base/nodes/Lemlist/LemlistTrigger.node.ts b/packages/nodes-base/nodes/Lemlist/LemlistTrigger.node.ts
index a9306c21c5604..bd1a20cf8fdea 100644
--- a/packages/nodes-base/nodes/Lemlist/LemlistTrigger.node.ts
+++ b/packages/nodes-base/nodes/Lemlist/LemlistTrigger.node.ts
@@ -55,7 +55,7 @@ export class LemlistTrigger implements INodeType {
 				default: {},
 				options: [
 					{
-						displayName: 'Campaing Name or ID',
+						displayName: 'Campaign Name or ID',
 						name: 'campaignId',
 						type: 'options',
 						typeOptions: {
diff --git a/packages/nodes-base/nodes/MongoDb/MongoDb.node.ts b/packages/nodes-base/nodes/MongoDb/MongoDb.node.ts
index 1a200d9bd9e1d..8d5de2ea41aa5 100644
--- a/packages/nodes-base/nodes/MongoDb/MongoDb.node.ts
+++ b/packages/nodes-base/nodes/MongoDb/MongoDb.node.ts
@@ -196,6 +196,8 @@ export class MongoDb implements INodeType {
 					const options = this.getNodeParameter('options', i);
 					const limit = options.limit as number;
 					const skip = options.skip as number;
+					const projection =
+						options.projection && (JSON.parse(options.projection as string) as Document);
 					const sort = options.sort && (JSON.parse(options.sort as string) as Sort);
 
 					if (skip > 0) {
@@ -208,6 +210,10 @@ export class MongoDb implements INodeType {
 						query = query.sort(sort);
 					}
 
+					if (projection && projection instanceof Document) {
+						query = query.project(projection);
+					}
+
 					const queryResult = await query.toArray();
 
 					for (const entry of queryResult) {
diff --git a/packages/nodes-base/nodes/MongoDb/MongoDbProperties.ts b/packages/nodes-base/nodes/MongoDb/MongoDbProperties.ts
index a831bd57fa305..95b7fb93a5db9 100644
--- a/packages/nodes-base/nodes/MongoDb/MongoDbProperties.ts
+++ b/packages/nodes-base/nodes/MongoDb/MongoDbProperties.ts
@@ -151,6 +151,18 @@ export const nodeProperties: INodeProperties[] = [
 				placeholder: '{ "field": -1 }',
 				description: 'A JSON that defines the sort order of the result set',
 			},
+			{
+				displayName: 'Projection (JSON Format)',
+				name: 'projection',
+				type: 'json',
+				typeOptions: {
+					rows: 4,
+				},
+				default: '{}',
+				placeholder: '{ "_id": 0, "field": 1 }',
+				description:
+					'A JSON that defines a selection of fields to retrieve or exclude from the result set',
+			},
 		],
 	},
 	{
@@ -248,7 +260,7 @@ export const nodeProperties: INodeProperties[] = [
 				name: 'dateFields',
 				type: 'string',
 				default: '',
-				description: 'Comma separeted list of fields that will be parsed as Mongo Date type',
+				description: 'Comma-separated list of fields that will be parsed as Mongo Date type',
 			},
 			{
 				displayName: 'Use Dot Notation',
diff --git a/packages/nodes-base/nodes/MySql/v2/actions/common.descriptions.ts b/packages/nodes-base/nodes/MySql/v2/actions/common.descriptions.ts
index 67a1eda87eb5f..12f8ffd2427ef 100644
--- a/packages/nodes-base/nodes/MySql/v2/actions/common.descriptions.ts
+++ b/packages/nodes-base/nodes/MySql/v2/actions/common.descriptions.ts
@@ -134,6 +134,16 @@ export const optionsCollection: INodeProperties = {
 				show: { '/operation': ['select', 'executeQuery'] },
 			},
 		},
+		{
+			displayName: 'Output Decimals as Numbers',
+			name: 'decimalNumbers',
+			type: 'boolean',
+			default: false,
+			description: 'Whether to output DECIMAL types as numbers instead of strings',
+			displayOptions: {
+				show: { '/operation': ['select', 'executeQuery'] },
+			},
+		},
 		{
 			displayName: 'Priority',
 			name: 'priority',
diff --git a/packages/nodes-base/nodes/MySql/v2/transport/index.ts b/packages/nodes-base/nodes/MySql/v2/transport/index.ts
index cbb373a52436e..f9e50fcb8f6e2 100644
--- a/packages/nodes-base/nodes/MySql/v2/transport/index.ts
+++ b/packages/nodes-base/nodes/MySql/v2/transport/index.ts
@@ -24,6 +24,7 @@ export async function createPool(
 		password: credentials.password,
 		multipleStatements: true,
 		supportBigNumbers: true,
+		decimalNumbers: false,
 	};
 
 	if (credentials.ssl) {
@@ -55,6 +56,10 @@ export async function createPool(
 		connectionOptions.bigNumberStrings = true;
 	}
 
+	if (options?.decimalNumbers === true) {
+		connectionOptions.decimalNumbers = true;
+	}
+
 	if (!credentials.sshTunnel) {
 		return mysql2.createPool(connectionOptions);
 	} else {
diff --git a/packages/nodes-base/nodes/Okta/Okta.dark.svg b/packages/nodes-base/nodes/Okta/Okta.dark.svg
new file mode 100644
index 0000000000000..b6f1fd7e2b477
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/Okta.dark.svg
@@ -0,0 +1,3 @@
+<svg width="40" height="40" viewBox="0 0 40 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M22.0066 0.27781L21.1838 10.411C20.7926 10.3663 20.3992 10.344 20.0054 10.3443C19.5049 10.3443 19.0157 10.3777 18.5378 10.4555L18.0706 5.54432C18.0678 5.50753 18.0727 5.47056 18.0849 5.43573C18.097 5.4009 18.1162 5.36894 18.1413 5.34185C18.1663 5.31476 18.1967 5.29312 18.2305 5.27828C18.2642 5.26344 18.3007 5.25571 18.3376 5.25557H19.1715L18.7712 0.288903C18.7601 0.13328 18.8823 0 19.027 0H21.751C21.9066 0 22.029 0.13328 22.0066 0.288903V0.27781ZM15.1355 0.777805C15.0909 0.633275 14.9353 0.54437 14.7908 0.599994L12.2335 1.53327C12.0889 1.58889 12.0222 1.75561 12.0889 1.88889L14.1681 6.42212L13.3788 6.71118C13.2341 6.76665 13.1675 6.93321 13.2341 7.06665L15.3578 11.5221C16.1362 11.0932 16.9707 10.7754 17.8372 10.5777L15.1467 0.777805H15.1355ZM8.86458 3.59996L14.7462 11.8888C14.0013 12.3777 13.3231 12.9555 12.7449 13.6221L9.22036 10.1555C9.19473 10.1297 9.17462 10.0989 9.16124 10.0651C9.14787 10.0312 9.1415 9.995 9.14254 9.95862C9.14358 9.92224 9.15199 9.88645 9.16728 9.85342C9.18256 9.82039 9.2044 9.79081 9.23146 9.76647L9.87629 9.23319L6.37398 5.68901C6.26289 5.57791 6.27398 5.4001 6.39617 5.3001L8.47537 3.55575C8.59771 3.45575 8.76443 3.47793 8.85349 3.60012L8.86458 3.59996ZM3.92791 8.39992C3.80557 8.31101 3.62776 8.35554 3.54979 8.48882L2.19356 10.8443C2.11559 10.9777 2.17121 11.1443 2.30449 11.211L6.81867 13.3442L6.39617 14.0666C6.31836 14.1999 6.37398 14.3775 6.51851 14.4331L11.0105 16.4887C11.3293 15.6615 11.7635 14.8834 12.3002 14.1777L3.92791 8.39992ZM0.603416 14.7999C0.625759 14.6442 0.781383 14.5555 0.925913 14.5888L10.7658 17.1555C10.5058 18.0061 10.3637 18.8884 10.3433 19.7776L5.41774 19.3776C5.3809 19.3752 5.34502 19.3648 5.31257 19.3472C5.28011 19.3296 5.25183 19.3052 5.22967 19.2756C5.20751 19.2461 5.19198 19.2121 5.18415 19.176C5.17632 19.1399 5.17638 19.1026 5.18431 19.0665L5.32884 18.2442L0.358887 17.7776C0.203264 17.7665 0.103108 17.622 0.125296 17.4665L0.592479 14.7888L0.603416 14.7999ZM0.236545 21.4442C0.0809212 21.4554 -0.0192341 21.5998 0.00310941 21.7554L0.48123 24.433C0.503417 24.5887 0.65904 24.6776 0.80357 24.6441L5.62899 23.3887L5.77352 24.2109C5.79586 24.3665 5.95149 24.4554 6.09602 24.4219L10.8547 23.111C10.5768 22.2887 10.3989 21.411 10.3544 20.511L0.225451 21.4442H0.236545ZM1.81559 28.4888C1.73778 28.3555 1.79325 28.1888 1.92668 28.1221L11.1107 23.7666C11.4553 24.5888 11.9224 25.3555 12.4783 26.0443L8.45303 28.9108C8.33068 28.9997 8.15287 28.9664 8.0749 28.833L7.65241 28.0997L3.54979 30.933C3.42745 31.022 3.24948 30.9775 3.17167 30.8441L1.80419 28.4886L1.81559 28.4888ZM12.9452 26.5777L5.79586 33.8106C5.68462 33.9217 5.69587 34.0995 5.81805 34.1995L7.90834 35.9439C8.03069 36.0439 8.1974 36.0217 8.28646 35.8995L11.1772 31.8328L11.8221 32.3773C11.9444 32.4773 12.1224 32.4551 12.2111 32.3217L15.0131 28.2552C14.257 27.7885 13.5566 27.2218 12.9561 26.5774L12.9452 26.5777ZM11.5332 38.1885C11.3886 38.1331 11.3219 37.9665 11.3886 37.8331L15.6248 28.5888C16.4029 28.9888 17.2481 29.2888 18.1264 29.4555L16.8811 34.2331C16.8478 34.3776 16.6811 34.4665 16.5365 34.4109L15.7472 34.122L14.4241 38.9331C14.3795 39.0776 14.2239 39.1665 14.0794 39.1109L11.5221 38.1776L11.5332 38.1885ZM18.8268 29.5777L18.0042 39.7109C17.9931 39.8665 18.1153 39.9998 18.26 39.9998H20.984C21.1396 39.9998 21.262 39.8665 21.2396 39.7109L20.8395 34.7442H21.6732C21.7101 34.744 21.7465 34.7363 21.7803 34.7214C21.8141 34.7066 21.8444 34.6849 21.8694 34.6579C21.8945 34.6308 21.9137 34.5988 21.9258 34.564C21.938 34.5292 21.9428 34.4922 21.9401 34.4554L21.4732 29.5442C20.9951 29.6221 20.5059 29.6555 20.0056 29.6555C19.6053 29.6555 19.216 29.6331 18.827 29.5777M28.6336 2.14451C28.7003 2.00014 28.6336 1.84451 28.4891 1.78904L25.9319 0.855773C25.7872 0.800148 25.6316 0.889054 25.5872 1.03343L24.2641 5.84447L23.4746 5.55573C23.3301 5.5001 23.1744 5.58901 23.1299 5.73338L21.8846 10.5111C22.7741 10.689 23.608 10.989 24.3863 11.3779L28.6336 2.14451ZM34.2151 6.17791L27.0657 13.4108C26.4602 12.7598 25.7681 12.1952 25.0086 11.733L27.8106 7.66649C27.8996 7.54414 28.0774 7.51086 28.1997 7.61086L28.8445 8.15539L31.7354 4.08871C31.8245 3.96652 32.0023 3.94418 32.1136 4.04418L34.2037 5.78869C34.3261 5.88869 34.326 6.0665 34.226 6.1776L34.2151 6.17791ZM38.0844 11.8668C38.229 11.8 38.2735 11.6333 38.1955 11.5L36.8277 9.14428C36.7499 9.011 36.572 8.97772 36.4496 9.05554L32.347 11.8888L31.9245 11.1666C31.8465 11.0332 31.6687 10.9888 31.5464 11.0888L27.5214 13.9555C28.0774 14.6442 28.5333 15.4109 28.8891 16.2331L38.073 11.8777L38.0844 11.8668ZM39.5297 15.5556L39.9969 18.2333C40.0191 18.3889 39.919 18.5223 39.7633 18.5443L29.6344 19.4889C29.5898 18.5778 29.4119 17.7111 29.1339 16.8889L33.8928 15.5778C34.0373 15.5333 34.1929 15.6333 34.2151 15.7888L34.3596 16.6111L39.1852 15.3556C39.3297 15.3222 39.4852 15.4111 39.5076 15.5666L39.5297 15.5556ZM39.074 25.3888C39.2185 25.4221 39.3741 25.3332 39.3965 25.1777L39.863 22.4998C39.8854 22.3442 39.7852 22.2109 39.6296 22.1887L34.6596 21.722L34.8042 20.8998C34.8264 20.7442 34.7264 20.6109 34.5706 20.5887L29.6452 20.1887C29.6248 21.078 29.4826 21.9602 29.2227 22.8109L39.0626 25.3776L39.074 25.3888ZM36.4496 31.4997C36.3718 31.633 36.194 31.6664 36.0717 31.5886L27.6994 25.8108C28.2361 25.1051 28.6702 24.3271 28.9891 23.4998L33.4811 25.5554C33.6256 25.6219 33.6811 25.7887 33.6034 25.9219L33.1809 26.6441L37.6949 28.7775C37.8284 28.8441 37.884 29.0108 37.8062 29.1441L36.4496 31.4997ZM25.2533 28.0886L31.135 36.3775C31.224 36.4996 31.4019 36.5218 31.5131 36.4218L33.5922 34.6775C33.7145 34.5775 33.7145 34.3997 33.6145 34.2884L30.1122 30.7441L30.757 30.2108C30.8794 30.1108 30.8794 29.933 30.768 29.8219L27.2435 26.3554C26.6543 27.0219 25.9872 27.6108 25.2422 28.0886H25.2533ZM25.1977 39.3774C25.0532 39.4329 24.8975 39.344 24.853 39.1996L22.1624 29.3997C23.0289 29.2021 23.8634 28.8842 24.6418 28.4553L26.7655 32.9108C26.8321 33.0553 26.7655 33.2219 26.6208 33.2664L25.8314 33.5553L27.9106 38.0885C27.9774 38.2329 27.9106 38.3885 27.7661 38.444L25.2088 39.3774H25.1977Z" fill="white"/>
+</svg>
diff --git a/packages/nodes-base/nodes/Okta/Okta.node.json b/packages/nodes-base/nodes/Okta/Okta.node.json
new file mode 100644
index 0000000000000..682a247192098
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/Okta.node.json
@@ -0,0 +1,20 @@
+{
+	"node": "n8n-nodes-base.okta",
+	"nodeVersion": "1.0",
+	"codexVersion": "1.0",
+	"categories": ["Development"],
+	"alias": ["authentication", "users", "Security"],
+	"resources": {
+		"credentialDocumentation": [
+			{
+				"url": "https://docs.n8n.io/integrations/builtin/credentials/okta/"
+			}
+		],
+		"primaryDocumentation": [
+			{
+				"url": "https://docs.n8n.io/integrations/builtin/app-nodes/n8n-nodes-base.okta/"
+			}
+		],
+		"generic": []
+	}
+}
diff --git a/packages/nodes-base/nodes/Okta/Okta.node.ts b/packages/nodes-base/nodes/Okta/Okta.node.ts
new file mode 100644
index 0000000000000..e9bd0185be3a7
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/Okta.node.ts
@@ -0,0 +1,56 @@
+import type { INodeType, INodeTypeDescription } from 'n8n-workflow';
+import { userFields, userOperations } from './UserDescription';
+import { getUsers } from './UserFunctions';
+
+export class Okta implements INodeType {
+	description: INodeTypeDescription = {
+		displayName: 'Okta',
+		name: 'okta',
+		icon: { light: 'file:Okta.svg', dark: 'file:Okta.dark.svg' },
+		group: ['transform'],
+		version: 1,
+		subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
+		description: 'Use the Okta API',
+		defaults: {
+			name: 'Okta',
+		},
+		inputs: ['main'],
+		outputs: ['main'],
+		credentials: [
+			{
+				name: 'oktaApi',
+				required: true,
+			},
+		],
+		requestDefaults: {
+			returnFullResponse: true,
+			baseURL: '={{$credentials.url.replace(new RegExp("/$"), "")}}',
+			headers: {},
+		},
+		properties: [
+			{
+				displayName: 'Resource',
+				name: 'resource',
+				type: 'options',
+				noDataExpression: true,
+				options: [
+					{
+						name: 'User',
+						value: 'user',
+					},
+				],
+				default: 'user',
+			},
+
+			// USER
+			...userOperations,
+			...userFields,
+		],
+	};
+
+	methods = {
+		listSearch: {
+			getUsers,
+		},
+	};
+}
diff --git a/packages/nodes-base/nodes/Okta/Okta.svg b/packages/nodes-base/nodes/Okta/Okta.svg
new file mode 100644
index 0000000000000..4ba579621f863
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/Okta.svg
@@ -0,0 +1,3 @@
+<svg width="40" height="40" viewBox="0 0 40 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M22.0066 0.27781L21.1838 10.411C20.7926 10.3663 20.3992 10.344 20.0054 10.3443C19.5049 10.3443 19.0157 10.3777 18.5378 10.4555L18.0706 5.54432C18.0678 5.50753 18.0727 5.47056 18.0849 5.43573C18.097 5.4009 18.1162 5.36894 18.1413 5.34185C18.1663 5.31476 18.1967 5.29312 18.2305 5.27828C18.2642 5.26344 18.3007 5.25571 18.3376 5.25557H19.1715L18.7712 0.288903C18.7601 0.13328 18.8823 0 19.027 0H21.751C21.9066 0 22.029 0.13328 22.0066 0.288903V0.27781ZM15.1355 0.777805C15.0909 0.633275 14.9353 0.54437 14.7908 0.599994L12.2335 1.53327C12.0889 1.58889 12.0222 1.75561 12.0889 1.88889L14.1681 6.42212L13.3788 6.71118C13.2341 6.76665 13.1675 6.93321 13.2341 7.06665L15.3578 11.5221C16.1362 11.0932 16.9707 10.7754 17.8372 10.5777L15.1467 0.777805H15.1355ZM8.86458 3.59996L14.7462 11.8888C14.0013 12.3777 13.3231 12.9555 12.7449 13.6221L9.22036 10.1555C9.19473 10.1297 9.17462 10.0989 9.16124 10.0651C9.14787 10.0312 9.1415 9.995 9.14254 9.95862C9.14358 9.92224 9.15199 9.88645 9.16728 9.85342C9.18256 9.82039 9.2044 9.79081 9.23146 9.76647L9.87629 9.23319L6.37398 5.68901C6.26289 5.57791 6.27398 5.4001 6.39617 5.3001L8.47537 3.55575C8.59771 3.45575 8.76443 3.47793 8.85349 3.60012L8.86458 3.59996ZM3.92791 8.39992C3.80557 8.31101 3.62776 8.35554 3.54979 8.48882L2.19356 10.8443C2.11559 10.9777 2.17121 11.1443 2.30449 11.211L6.81867 13.3442L6.39617 14.0666C6.31836 14.1999 6.37398 14.3775 6.51851 14.4331L11.0105 16.4887C11.3293 15.6615 11.7635 14.8834 12.3002 14.1777L3.92791 8.39992ZM0.603416 14.7999C0.625759 14.6442 0.781383 14.5555 0.925913 14.5888L10.7658 17.1555C10.5058 18.0061 10.3637 18.8884 10.3433 19.7776L5.41774 19.3776C5.3809 19.3752 5.34502 19.3648 5.31257 19.3472C5.28011 19.3296 5.25183 19.3052 5.22967 19.2756C5.20751 19.2461 5.19198 19.2121 5.18415 19.176C5.17632 19.1399 5.17638 19.1026 5.18431 19.0665L5.32884 18.2442L0.358887 17.7776C0.203264 17.7665 0.103108 17.622 0.125296 17.4665L0.592479 14.7888L0.603416 14.7999ZM0.236545 21.4442C0.0809212 21.4554 -0.0192341 21.5998 0.00310941 21.7554L0.48123 24.433C0.503417 24.5887 0.65904 24.6776 0.80357 24.6441L5.62899 23.3887L5.77352 24.2109C5.79586 24.3665 5.95149 24.4554 6.09602 24.4219L10.8547 23.111C10.5768 22.2887 10.3989 21.411 10.3544 20.511L0.225451 21.4442H0.236545ZM1.81559 28.4888C1.73778 28.3555 1.79325 28.1888 1.92668 28.1221L11.1107 23.7666C11.4553 24.5888 11.9224 25.3555 12.4783 26.0443L8.45303 28.9108C8.33068 28.9997 8.15287 28.9664 8.0749 28.833L7.65241 28.0997L3.54979 30.933C3.42745 31.022 3.24948 30.9775 3.17167 30.8441L1.80419 28.4886L1.81559 28.4888ZM12.9452 26.5777L5.79586 33.8106C5.68462 33.9217 5.69587 34.0995 5.81805 34.1995L7.90834 35.9439C8.03069 36.0439 8.1974 36.0217 8.28646 35.8995L11.1772 31.8328L11.8221 32.3773C11.9444 32.4773 12.1224 32.4551 12.2111 32.3217L15.0131 28.2552C14.257 27.7885 13.5566 27.2218 12.9561 26.5774L12.9452 26.5777ZM11.5332 38.1885C11.3886 38.1331 11.3219 37.9665 11.3886 37.8331L15.6248 28.5888C16.4029 28.9888 17.2481 29.2888 18.1264 29.4555L16.8811 34.2331C16.8478 34.3776 16.6811 34.4665 16.5365 34.4109L15.7472 34.122L14.4241 38.9331C14.3795 39.0776 14.2239 39.1665 14.0794 39.1109L11.5221 38.1776L11.5332 38.1885ZM18.8268 29.5777L18.0042 39.7109C17.9931 39.8665 18.1153 39.9998 18.26 39.9998H20.984C21.1396 39.9998 21.262 39.8665 21.2396 39.7109L20.8395 34.7442H21.6732C21.7101 34.744 21.7465 34.7363 21.7803 34.7214C21.8141 34.7066 21.8444 34.6849 21.8694 34.6579C21.8945 34.6308 21.9137 34.5988 21.9258 34.564C21.938 34.5292 21.9428 34.4922 21.9401 34.4554L21.4732 29.5442C20.9951 29.6221 20.5059 29.6555 20.0056 29.6555C19.6053 29.6555 19.216 29.6331 18.827 29.5777M28.6336 2.14451C28.7003 2.00014 28.6336 1.84451 28.4891 1.78904L25.9319 0.855773C25.7872 0.800148 25.6316 0.889054 25.5872 1.03343L24.2641 5.84447L23.4746 5.55573C23.3301 5.5001 23.1744 5.58901 23.1299 5.73338L21.8846 10.5111C22.7741 10.689 23.608 10.989 24.3863 11.3779L28.6336 2.14451ZM34.2151 6.17791L27.0657 13.4108C26.4602 12.7598 25.7681 12.1952 25.0086 11.733L27.8106 7.66649C27.8996 7.54414 28.0774 7.51086 28.1997 7.61086L28.8445 8.15539L31.7354 4.08871C31.8245 3.96652 32.0023 3.94418 32.1136 4.04418L34.2037 5.78869C34.3261 5.88869 34.326 6.0665 34.226 6.1776L34.2151 6.17791ZM38.0844 11.8668C38.229 11.8 38.2735 11.6333 38.1955 11.5L36.8277 9.14428C36.7499 9.011 36.572 8.97772 36.4496 9.05554L32.347 11.8888L31.9245 11.1666C31.8465 11.0332 31.6687 10.9888 31.5464 11.0888L27.5214 13.9555C28.0774 14.6442 28.5333 15.4109 28.8891 16.2331L38.073 11.8777L38.0844 11.8668ZM39.5297 15.5556L39.9969 18.2333C40.0191 18.3889 39.919 18.5223 39.7633 18.5443L29.6344 19.4889C29.5898 18.5778 29.4119 17.7111 29.1339 16.8889L33.8928 15.5778C34.0373 15.5333 34.1929 15.6333 34.2151 15.7888L34.3596 16.6111L39.1852 15.3556C39.3297 15.3222 39.4852 15.4111 39.5076 15.5666L39.5297 15.5556ZM39.074 25.3888C39.2185 25.4221 39.3741 25.3332 39.3965 25.1777L39.863 22.4998C39.8854 22.3442 39.7852 22.2109 39.6296 22.1887L34.6596 21.722L34.8042 20.8998C34.8264 20.7442 34.7264 20.6109 34.5706 20.5887L29.6452 20.1887C29.6248 21.078 29.4826 21.9602 29.2227 22.8109L39.0626 25.3776L39.074 25.3888ZM36.4496 31.4997C36.3718 31.633 36.194 31.6664 36.0717 31.5886L27.6994 25.8108C28.2361 25.1051 28.6702 24.3271 28.9891 23.4998L33.4811 25.5554C33.6256 25.6219 33.6811 25.7887 33.6034 25.9219L33.1809 26.6441L37.6949 28.7775C37.8284 28.8441 37.884 29.0108 37.8062 29.1441L36.4496 31.4997ZM25.2533 28.0886L31.135 36.3775C31.224 36.4996 31.4019 36.5218 31.5131 36.4218L33.5922 34.6775C33.7145 34.5775 33.7145 34.3997 33.6145 34.2884L30.1122 30.7441L30.757 30.2108C30.8794 30.1108 30.8794 29.933 30.768 29.8219L27.2435 26.3554C26.6543 27.0219 25.9872 27.6108 25.2422 28.0886H25.2533ZM25.1977 39.3774C25.0532 39.4329 24.8975 39.344 24.853 39.1996L22.1624 29.3997C23.0289 29.2021 23.8634 28.8842 24.6418 28.4553L26.7655 32.9108C26.8321 33.0553 26.7655 33.2219 26.6208 33.2664L25.8314 33.5553L27.9106 38.0885C27.9774 38.2329 27.9106 38.3885 27.7661 38.444L25.2088 39.3774H25.1977Z" fill="black"/>
+</svg>
diff --git a/packages/nodes-base/nodes/Okta/UserDescription.ts b/packages/nodes-base/nodes/Okta/UserDescription.ts
new file mode 100644
index 0000000000000..b10d580339a99
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/UserDescription.ts
@@ -0,0 +1,795 @@
+import type { INodeProperties } from 'n8n-workflow';
+import { getCursorPaginator, simplifyGetAllResponse, simplifyGetResponse } from './UserFunctions';
+const BASE_API_URL = '/api/v1/users/';
+export const userOperations: INodeProperties[] = [
+	{
+		displayName: 'Operation',
+		name: 'operation',
+		type: 'options',
+		noDataExpression: true,
+		displayOptions: {
+			show: {
+				resource: ['user'],
+			},
+		},
+		options: [
+			// Create Operation
+			{
+				name: 'Create',
+				value: 'create',
+				description: 'Create a new user',
+				routing: {
+					request: {
+						method: 'POST',
+						url: BASE_API_URL,
+						qs: { activate: '={{$parameter["activate"]}}' },
+						returnFullResponse: true,
+					},
+				},
+				action: 'Create a new user',
+			},
+			// Delete Operation
+			{
+				name: 'Delete',
+				value: 'delete',
+				description: 'Delete an existing user',
+				routing: {
+					request: {
+						method: 'DELETE',
+						url: '={{"/api/v1/users/" + $parameter["userId"]}}',
+						returnFullResponse: true,
+					},
+					output: {
+						postReceive: [
+							{
+								type: 'set',
+								properties: {
+									value: '={{ { "success": true } }}',
+								},
+							},
+						],
+					},
+				},
+				action: 'Delete a user',
+			},
+			// Get Operation
+			{
+				name: 'Get',
+				value: 'get',
+				description: 'Get details of a user',
+				routing: {
+					request: {
+						method: 'GET',
+						url: '={{"/api/v1/users/" + $parameter["userId"]}}',
+						returnFullResponse: true,
+						qs: {},
+					},
+					output: {
+						postReceive: [simplifyGetResponse],
+					},
+				},
+				action: 'Get a user',
+			},
+			// Get All Operation
+			{
+				name: 'Get Many',
+				value: 'getAll',
+				description: 'Get many users',
+				routing: {
+					request: {
+						method: 'GET',
+						url: BASE_API_URL,
+						qs: { search: '={{$parameter["searchQuery"]}}' },
+						returnFullResponse: true,
+					},
+					output: {
+						postReceive: [simplifyGetAllResponse],
+					},
+					send: {
+						paginate: true,
+					},
+					operations: {
+						pagination: getCursorPaginator(),
+					},
+				},
+				action: 'Get many users',
+			},
+			// Update Operation
+			{
+				name: 'Update',
+				value: 'update',
+				description: 'Update an existing user',
+				routing: {
+					request: {
+						method: 'POST',
+						url: '={{"/api/v1/users/" + $parameter["userId"]}}',
+						returnFullResponse: true,
+					},
+				},
+				action: 'Update a user',
+			},
+		],
+		default: 'getAll',
+	},
+];
+const mainProfileFields: INodeProperties[] = [
+	{
+		displayName: 'First Name',
+		name: 'firstName',
+		type: 'string',
+		placeholder: 'e.g. Nathan',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.firstName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Last Name',
+		name: 'lastName',
+		type: 'string',
+		placeholder: 'e.g. Smith',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.lastName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Username',
+		name: 'login',
+		type: 'string',
+		placeholder: 'e.g. nathan@example.com',
+		hint: 'Unique identifier for the user, must be an email',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.login',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Email',
+		name: 'email',
+		type: 'string',
+		placeholder: 'e.g. nathan@example.com',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.email',
+				type: 'body',
+			},
+		},
+	},
+];
+const createFields: INodeProperties[] = [
+	{
+		displayName: 'City',
+		name: 'city',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.city',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Cost Center',
+		name: 'costCenter',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.costCenter',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Country Code',
+		name: 'countryCode',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.countryCode',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Department',
+		name: 'department',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.department',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Display Name',
+		name: 'displayName',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.displayName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Division',
+		name: 'division',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.division',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Employee Number',
+		name: 'employeeNumber',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.employeeNumber',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Honorific Prefix',
+		name: 'honorificPrefix',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.honorificPrefix',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Honorific Suffix',
+		name: 'honorificSuffix',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.honorificSuffix',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Locale',
+		name: 'locale',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.locale',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Manager',
+		name: 'manager',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.manager',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'ManagerId',
+		name: 'managerId',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.managerId',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Middle Name',
+		name: 'middleName',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.middleName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Mobile Phone',
+		name: 'mobilePhone',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.mobilePhone',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Nick Name',
+		name: 'nickName',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.nickName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Password',
+		name: 'password',
+		type: 'string',
+		typeOptions: { password: true },
+		default: '',
+		routing: {
+			send: {
+				property: 'credentials.password.value',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Organization',
+		name: 'organization',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.organization',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Postal Address',
+		name: 'postalAddress',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.postalAddress',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Preferred Language',
+		name: 'preferredLanguage',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.preferredLanguage',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Primary Phone',
+		name: 'primaryPhone',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.primaryPhone',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Profile Url',
+		name: 'profileUrl',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.profileUrl',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Recovery Question Answer',
+		name: 'recoveryQuestionAnswer',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'credentials.recovery_question.answer',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Recovery Question Question',
+		name: 'recoveryQuestionQuestion',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'credentials.recovery_question.question',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Second Email',
+		name: 'secondEmail',
+		type: 'string',
+		typeOptions: { email: true },
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.secondEmail',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'State',
+		name: 'state',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.state',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Street Address',
+		name: 'streetAddress',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.streetAddress',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Timezone',
+		name: 'timezone',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.timezone',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Title',
+		name: 'title',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.title',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'User Type',
+		name: 'userType',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.userType',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Zip Code',
+		name: 'zipCode',
+		type: 'string',
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.zipCode',
+				type: 'body',
+			},
+		},
+	},
+];
+const updateFields: INodeProperties[] = createFields
+	.concat(mainProfileFields)
+	.sort((a, b) => a.displayName.localeCompare(b.displayName));
+
+export const userFields: INodeProperties[] = [
+	// Fields for 'get', 'update', and 'delete' operations
+
+	{
+		displayName: 'User',
+		name: 'userId',
+		type: 'resourceLocator',
+		default: { mode: 'list', value: '' },
+		required: true,
+		modes: [
+			{
+				displayName: 'From List',
+				name: 'list',
+				type: 'list',
+				placeholder: 'Select a user...',
+				typeOptions: {
+					searchListMethod: 'getUsers',
+					searchable: true,
+				},
+			},
+			{
+				displayName: 'By username',
+				name: 'login',
+				type: 'string',
+				placeholder: '',
+			},
+			{
+				displayName: 'ID',
+				name: 'id',
+				type: 'string',
+				placeholder: 'e.g. 00u1abcd2345EfGHIjk6',
+			},
+		],
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['get', 'update', 'delete'],
+			},
+		},
+		description: 'The user you want to operate on. Choose from the list, or specify an ID.',
+	},
+	//  Fields specific to 'create' operation
+	{
+		displayName: 'First Name',
+		name: 'firstName',
+		type: 'string',
+		required: true,
+		placeholder: 'e.g. Nathan',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['create'],
+			},
+		},
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.firstName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Last Name',
+		name: 'lastName',
+		type: 'string',
+		required: true,
+		placeholder: 'e.g. Smith',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['create'],
+			},
+		},
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.lastName',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Username',
+		name: 'login',
+		type: 'string',
+		required: true,
+		placeholder: 'e.g. nathan@example.com',
+		hint: 'Unique identifier for the user, must be an email',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['create'],
+			},
+		},
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.login',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Email',
+		name: 'email',
+		type: 'string',
+		required: true,
+		placeholder: 'e.g. nathan@example.com',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['create'],
+			},
+		},
+		default: '',
+		routing: {
+			send: {
+				property: 'profile.email',
+				type: 'body',
+			},
+		},
+	},
+	{
+		displayName: 'Activate',
+		name: 'activate',
+		type: 'boolean',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['create'],
+			},
+		},
+		default: true,
+		description: 'Whether to activate the user and allow access to all assigned applications',
+	},
+	{
+		displayName: 'Fields',
+		name: 'getCreateFields',
+		type: 'collection',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['create'],
+			},
+		},
+		default: {},
+		placeholder: 'Add field',
+		options: createFields,
+	},
+
+	// Fields for 'update' operations
+	{
+		displayName: 'Fields',
+		name: 'getUpdateFields',
+		type: 'collection',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['update'],
+			},
+		},
+		default: {},
+		placeholder: 'Add field',
+		options: updateFields,
+	},
+
+	// Fields specific to 'getAll' operation
+	{
+		displayName: 'Search Query',
+		name: 'searchQuery',
+		type: 'string',
+		placeholder: 'e.g. profile.lastName sw "Smi"',
+		hint: 'Filter users by using the allowed syntax. <a href="https://developer.okta.com/docs/reference/core-okta-api/#filter" target="_blank">More info</a>.',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['getAll'],
+			},
+		},
+		default: '',
+		routing: {
+			request: {
+				qs: {
+					prefix: '={{$value}}',
+				},
+			},
+		},
+	},
+	{
+		displayName: 'Limit',
+		name: 'limit',
+		type: 'number',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['getAll'],
+				returnAll: [false],
+			},
+		},
+		typeOptions: {
+			minValue: 1,
+			maxValue: 200,
+		},
+		default: 20,
+		routing: {
+			send: {
+				type: 'query',
+				property: 'limit',
+			},
+			output: {
+				maxResults: '={{$value}}', // Set maxResults to the value of current parameter
+			},
+		},
+		description: 'Max number of results to return',
+	},
+	{
+		displayName: 'Return All',
+		name: 'returnAll',
+		type: 'boolean',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['getAll'],
+			},
+		},
+		default: false,
+		description: 'Whether to return all results or only up to a given limit',
+	},
+	// Fields for 'get' and 'getAll' operations
+	{
+		displayName: 'Simplify',
+		name: 'simplify',
+		type: 'boolean',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['get', 'getAll'],
+			},
+		},
+		default: true,
+		description: 'Whether to return a simplified version of the response instead of the raw data',
+	},
+	// Fields specific to 'delete' operation
+	{
+		displayName: 'Send Email',
+		name: 'sendEmail',
+		type: 'boolean',
+		displayOptions: {
+			show: {
+				resource: ['user'],
+				operation: ['delete'],
+			},
+		},
+		default: false,
+		description: 'Whether to send a deactivation email to the administrator',
+	},
+];
diff --git a/packages/nodes-base/nodes/Okta/UserFunctions.ts b/packages/nodes-base/nodes/Okta/UserFunctions.ts
new file mode 100644
index 0000000000000..6def8ea296ae9
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/UserFunctions.ts
@@ -0,0 +1,170 @@
+import type {
+	DeclarativeRestApiSettings,
+	IDataObject,
+	IExecuteFunctions,
+	IExecutePaginationFunctions,
+	IExecuteSingleFunctions,
+	IHookFunctions,
+	IHttpRequestMethods,
+	IHttpRequestOptions,
+	ILoadOptionsFunctions,
+	IN8nHttpFullResponse,
+	INodeExecutionData,
+	INodeListSearchResult,
+	INodePropertyOptions,
+} from 'n8n-workflow';
+
+type OktaUser = {
+	status: string;
+	created: string;
+	activated: string;
+	lastLogin: string;
+	lastUpdated: string;
+	passwordChanged: string;
+	profile: {
+		login: string;
+		email: string;
+		firstName: string;
+		lastName: string;
+	};
+	id: string;
+};
+
+export async function oktaApiRequest(
+	this: IExecuteFunctions | IExecuteSingleFunctions | IHookFunctions | ILoadOptionsFunctions,
+	method: IHttpRequestMethods,
+	resource: string,
+	body: IDataObject = {},
+	qs: IDataObject = {},
+	url?: string,
+	option: IDataObject = {},
+): Promise<OktaUser[]> {
+	const credentials = await this.getCredentials('oktaApi');
+	const baseUrl = `${credentials.url as string}/api/v1/${resource}`;
+	const options: IHttpRequestOptions = {
+		headers: {
+			'Content-Type': 'application/json',
+		},
+		method,
+		body: Object.keys(body).length ? body : undefined,
+		qs: Object.keys(qs).length ? qs : undefined,
+		url: url ?? baseUrl,
+		json: true,
+		...option,
+	};
+	return await (this.helpers.httpRequestWithAuthentication.call(
+		this,
+		'oktaApi',
+		options,
+	) as Promise<OktaUser[]>);
+}
+
+export async function getUsers(
+	this: ILoadOptionsFunctions,
+	filter?: string,
+): Promise<INodeListSearchResult> {
+	const responseData: OktaUser[] = await oktaApiRequest.call(this, 'GET', '/users/');
+	const filteredUsers = responseData.filter((user) => {
+		if (!filter) return true;
+		const username = `${user.profile.login}`.toLowerCase();
+		return username.includes(filter.toLowerCase());
+	});
+	const users: INodePropertyOptions[] = filteredUsers.map((user) => ({
+		name: `${user.profile.login}`,
+		value: user.id,
+	}));
+	return {
+		results: users,
+	};
+}
+
+function simplifyOktaUser(item: OktaUser): IDataObject {
+	return {
+		id: item.id,
+		status: item.status,
+		created: item.created,
+		activated: item.activated,
+		lastLogin: item.lastLogin,
+		lastUpdated: item.lastUpdated,
+		passwordChanged: item.passwordChanged,
+		profile: {
+			firstName: item.profile.firstName,
+			lastName: item.profile.lastName,
+			login: item.profile.login,
+			email: item.profile.email,
+		},
+	};
+}
+
+export async function simplifyGetAllResponse(
+	this: IExecuteSingleFunctions,
+	items: INodeExecutionData[],
+	_response: IN8nHttpFullResponse,
+): Promise<INodeExecutionData[]> {
+	if (items.length === 0) return items;
+	const simplify = this.getNodeParameter('simplify');
+	if (!simplify)
+		return ((items[0].json as unknown as IDataObject[]) ?? []).map((item: IDataObject) => ({
+			json: item,
+			headers: _response.headers,
+		})) as INodeExecutionData[];
+	let simplifiedItems: INodeExecutionData[] = [];
+	if (items[0].json) {
+		const jsonArray = items[0].json as unknown;
+		simplifiedItems = (jsonArray as OktaUser[]).map((item: OktaUser) => {
+			const simplifiedItem = simplifyOktaUser(item);
+			return {
+				json: simplifiedItem,
+				headers: _response.headers,
+			};
+		});
+	}
+
+	return simplifiedItems;
+}
+
+export async function simplifyGetResponse(
+	this: IExecuteSingleFunctions,
+	items: INodeExecutionData[],
+	_response: IN8nHttpFullResponse,
+): Promise<INodeExecutionData[]> {
+	const simplify = this.getNodeParameter('simplify');
+	if (!simplify) return items;
+	const item = items[0].json as OktaUser;
+	const simplifiedItem = simplifyOktaUser(item);
+
+	return [
+		{
+			json: simplifiedItem,
+		},
+	] as INodeExecutionData[];
+}
+
+export const getCursorPaginator = () => {
+	return async function cursorPagination(
+		this: IExecutePaginationFunctions,
+		requestOptions: DeclarativeRestApiSettings.ResultOptions,
+	): Promise<INodeExecutionData[]> {
+		if (!requestOptions.options.qs) {
+			requestOptions.options.qs = {};
+		}
+
+		let items: INodeExecutionData[] = [];
+		let responseData: INodeExecutionData[];
+		let nextCursor: string | undefined = undefined;
+		const returnAll = this.getNodeParameter('returnAll', true) as boolean;
+		do {
+			requestOptions.options.qs.limit = 200;
+			requestOptions.options.qs.after = nextCursor;
+			responseData = await this.makeRoutingRequest(requestOptions);
+			if (responseData.length > 0) {
+				const headers = responseData[responseData.length - 1].headers;
+				const headersLink = (headers as IDataObject)?.link as string | undefined;
+				nextCursor = headersLink?.split('after=')[1]?.split('&')[0]?.split('>')[0];
+			}
+			items = items.concat(responseData);
+		} while (returnAll && nextCursor);
+
+		return items;
+	};
+};
diff --git a/packages/nodes-base/nodes/Okta/test/UserFunctions.test.ts b/packages/nodes-base/nodes/Okta/test/UserFunctions.test.ts
new file mode 100644
index 0000000000000..9e5262db67a51
--- /dev/null
+++ b/packages/nodes-base/nodes/Okta/test/UserFunctions.test.ts
@@ -0,0 +1,375 @@
+import type {
+	DeclarativeRestApiSettings,
+	IDataObject,
+	IExecuteFunctions,
+	IExecutePaginationFunctions,
+	IExecuteSingleFunctions,
+	ILoadOptionsFunctions,
+	IN8nHttpFullResponse,
+	INodeExecutionData,
+} from 'n8n-workflow';
+import {
+	getCursorPaginator,
+	getUsers,
+	oktaApiRequest,
+	simplifyGetAllResponse,
+	simplifyGetResponse,
+} from '../UserFunctions';
+
+describe('oktaApiRequest', () => {
+	const mockGetCredentials = jest.fn();
+	const mockHttpRequestWithAuthentication = jest.fn();
+
+	const mockContext = {
+		getCredentials: mockGetCredentials,
+		helpers: {
+			httpRequestWithAuthentication: mockHttpRequestWithAuthentication,
+		},
+	} as unknown as IExecuteFunctions;
+
+	beforeEach(() => {
+		mockGetCredentials.mockClear();
+		mockHttpRequestWithAuthentication.mockClear();
+	});
+
+	it('should make a GET request and return data', async () => {
+		mockGetCredentials.mockResolvedValue({ url: 'https://okta.example.com' });
+		mockHttpRequestWithAuthentication.mockResolvedValue([
+			{ profile: { firstName: 'John', lastName: 'Doe' }, id: '1' },
+		]);
+
+		const response = await oktaApiRequest.call(mockContext, 'GET', 'users');
+
+		expect(mockGetCredentials).toHaveBeenCalledWith('oktaApi');
+		expect(mockHttpRequestWithAuthentication).toHaveBeenCalledWith('oktaApi', {
+			headers: { 'Content-Type': 'application/json' },
+			method: 'GET',
+			body: undefined,
+			qs: undefined,
+			url: 'https://okta.example.com/api/v1/users',
+			json: true,
+		});
+		expect(response).toEqual([{ profile: { firstName: 'John', lastName: 'Doe' }, id: '1' }]);
+	});
+
+	// Tests for error handling
+	it('should handle errors from oktaApiRequest', async () => {
+		mockHttpRequestWithAuthentication.mockRejectedValue(new Error('Network error'));
+
+		await expect(oktaApiRequest.call(mockContext, 'GET', 'users')).rejects.toThrow('Network error');
+	});
+});
+
+describe('getUsers', () => {
+	const mockOktaApiRequest = jest.fn();
+	const mockContext = {
+		getCredentials: jest.fn().mockResolvedValue({ url: 'https://okta.example.com' }),
+		helpers: {
+			httpRequestWithAuthentication: mockOktaApiRequest,
+		},
+	} as unknown as ILoadOptionsFunctions;
+
+	beforeEach(() => {
+		mockOktaApiRequest.mockClear();
+	});
+
+	it('should return users with filtering', async () => {
+		mockOktaApiRequest.mockResolvedValue([
+			{ profile: { login: 'John@example.com' }, id: '1' },
+			{ profile: { login: 'Jane@example.com' }, id: '2' },
+		]);
+
+		const response = await getUsers.call(mockContext, 'john');
+
+		expect(response).toEqual({
+			results: [{ name: 'John@example.com', value: '1' }],
+		});
+	});
+
+	it('should return all users when no filter is applied', async () => {
+		mockOktaApiRequest.mockResolvedValue([
+			{ profile: { login: 'John@example.com' }, id: '1' },
+			{ profile: { login: 'Jane@example.com' }, id: '2' },
+		]);
+
+		const response = await getUsers.call(mockContext);
+
+		expect(response).toEqual({
+			results: [
+				{ name: 'John@example.com', value: '1' },
+				{ name: 'Jane@example.com', value: '2' },
+			],
+		});
+	});
+
+	// Tests for empty results
+	it('should handle empty results from oktaApiRequest', async () => {
+		mockOktaApiRequest.mockResolvedValue([]);
+
+		const response = await getUsers.call(mockContext);
+
+		expect(response).toEqual({
+			results: [],
+		});
+	});
+});
+
+describe('simplifyGetAllResponse', () => {
+	const mockGetNodeParameter = jest.fn();
+	const mockContext = {
+		getNodeParameter: mockGetNodeParameter,
+	} as unknown as IExecuteSingleFunctions;
+	const mockResponse = jest.fn() as unknown as IN8nHttpFullResponse;
+
+	const items: INodeExecutionData[] = [
+		{
+			json: [
+				{
+					id: '01',
+					status: 'ACTIVE',
+					created: '2023-01-01T00:00:00.000Z',
+					activated: '2023-01-01T00:00:01.000Z',
+					lastLogin: null,
+					lastUpdated: '2023-01-01T00:00:01.000Z',
+					passwordChanged: null,
+					some_item: 'some_value',
+					profile: {
+						firstName: 'John',
+						lastName: 'Doe',
+						login: 'john.doe@example.com',
+						email: 'john.doe@example.com',
+						some_profile_item: 'some_profile_value',
+					},
+				},
+			] as unknown as IDataObject,
+		},
+	];
+
+	beforeEach(() => {
+		mockGetNodeParameter.mockClear();
+	});
+
+	it('should return items unchanged when simplify parameter is not set', async () => {
+		mockGetNodeParameter.mockReturnValueOnce(false);
+
+		const expectedResult: INodeExecutionData[] = [
+			{
+				json: {
+					id: '01',
+					status: 'ACTIVE',
+					created: '2023-01-01T00:00:00.000Z',
+					activated: '2023-01-01T00:00:01.000Z',
+					lastLogin: null,
+					lastUpdated: '2023-01-01T00:00:01.000Z',
+					passwordChanged: null,
+					some_item: 'some_value',
+					profile: {
+						firstName: 'John',
+						lastName: 'Doe',
+						login: 'john.doe@example.com',
+						email: 'john.doe@example.com',
+						some_profile_item: 'some_profile_value',
+					},
+				},
+			},
+		];
+
+		const result = await simplifyGetAllResponse.call(mockContext, items, mockResponse);
+		expect(result).toEqual(expectedResult);
+	});
+
+	it('should simplify items correctly', async () => {
+		mockGetNodeParameter.mockReturnValueOnce(true);
+
+		const expectedResult: INodeExecutionData[] = [
+			{
+				json: {
+					id: '01',
+					status: 'ACTIVE',
+					created: '2023-01-01T00:00:00.000Z',
+					activated: '2023-01-01T00:00:01.000Z',
+					lastLogin: null,
+					lastUpdated: '2023-01-01T00:00:01.000Z',
+					passwordChanged: null,
+					profile: {
+						firstName: 'John',
+						lastName: 'Doe',
+						login: 'john.doe@example.com',
+						email: 'john.doe@example.com',
+					},
+				},
+			},
+		];
+
+		const result = await simplifyGetAllResponse.call(mockContext, items, mockResponse);
+		expect(result).toEqual(expectedResult);
+	});
+
+	it('should return an empty array when items is an empty array', async () => {
+		mockGetNodeParameter.mockReturnValueOnce(false);
+
+		const emptyArrayItems: INodeExecutionData[] = [];
+
+		const result = await simplifyGetAllResponse.call(mockContext, emptyArrayItems, mockResponse);
+		expect(result).toEqual([]);
+	});
+});
+
+describe('simplifyGetResponse', () => {
+	const mockGetNodeParameter = jest.fn();
+	const mockContext = {
+		getNodeParameter: mockGetNodeParameter,
+	} as unknown as IExecuteSingleFunctions;
+	const mockResponse = jest.fn() as unknown as IN8nHttpFullResponse;
+
+	const items: INodeExecutionData[] = [
+		{
+			json: {
+				id: '01',
+				status: 'ACTIVE',
+				created: '2023-01-01T00:00:00.000Z',
+				activated: '2023-01-01T00:00:01.000Z',
+				lastLogin: null,
+				lastUpdated: '2023-01-01T00:00:01.000Z',
+				passwordChanged: null,
+				some_item: 'some_value',
+				profile: {
+					firstName: 'John',
+					lastName: 'Doe',
+					login: 'john.doe@example.com',
+					email: 'john.doe@example.com',
+					some_profile_item: 'some_profile_value',
+				},
+			} as unknown as IDataObject,
+		},
+	];
+	beforeEach(() => {
+		mockGetNodeParameter.mockClear();
+	});
+
+	it('should return the item unchanged when simplify parameter is not set', async () => {
+		mockGetNodeParameter.mockReturnValueOnce(false);
+
+		const expectedResult: INodeExecutionData[] = [
+			{
+				json: {
+					id: '01',
+					status: 'ACTIVE',
+					created: '2023-01-01T00:00:00.000Z',
+					activated: '2023-01-01T00:00:01.000Z',
+					lastLogin: null,
+					lastUpdated: '2023-01-01T00:00:01.000Z',
+					passwordChanged: null,
+					some_item: 'some_value',
+					profile: {
+						firstName: 'John',
+						lastName: 'Doe',
+						login: 'john.doe@example.com',
+						email: 'john.doe@example.com',
+						some_profile_item: 'some_profile_value',
+					},
+				},
+			},
+		];
+
+		const result = await simplifyGetResponse.call(mockContext, items, mockResponse);
+		expect(result).toEqual(expectedResult);
+	});
+
+	it('should simplify the item correctly', async () => {
+		mockGetNodeParameter.mockReturnValueOnce(true);
+
+		const expectedResult: INodeExecutionData[] = [
+			{
+				json: {
+					id: '01',
+					status: 'ACTIVE',
+					created: '2023-01-01T00:00:00.000Z',
+					activated: '2023-01-01T00:00:01.000Z',
+					lastLogin: null,
+					lastUpdated: '2023-01-01T00:00:01.000Z',
+					passwordChanged: null,
+					profile: {
+						firstName: 'John',
+						lastName: 'Doe',
+						login: 'john.doe@example.com',
+						email: 'john.doe@example.com',
+					},
+				},
+			},
+		];
+
+		const result = await simplifyGetResponse.call(mockContext, items, mockResponse);
+		expect(result).toEqual(expectedResult);
+	});
+});
+describe('getCursorPaginator', () => {
+	let mockContext: IExecutePaginationFunctions;
+	let mockRequestOptions: DeclarativeRestApiSettings.ResultOptions;
+	const baseUrl = 'https://api.example.com';
+
+	beforeEach(() => {
+		mockContext = {
+			getNodeParameter: jest.fn(),
+			makeRoutingRequest: jest.fn(),
+		} as unknown as IExecutePaginationFunctions;
+
+		mockRequestOptions = {
+			options: {
+				qs: {},
+			},
+		} as DeclarativeRestApiSettings.ResultOptions;
+	});
+
+	it('should return all items when returnAll is true', async () => {
+		const mockResponseData: INodeExecutionData[] = [
+			{ json: { id: 1 }, headers: { link: `<${baseUrl}?after=cursor1>` } },
+			{ json: { id: 2 }, headers: { link: `<${baseUrl}?after=cursor2>` } },
+			{ json: { id: 3 }, headers: { link: `<${baseUrl}>` } },
+		];
+
+		(mockContext.getNodeParameter as jest.Mock).mockReturnValue(true);
+		(mockContext.makeRoutingRequest as jest.Mock)
+			.mockResolvedValueOnce([mockResponseData[0]])
+			.mockResolvedValueOnce([mockResponseData[1]])
+			.mockResolvedValueOnce([mockResponseData[2]]);
+
+		const paginator = getCursorPaginator().bind(mockContext);
+		const result = await paginator(mockRequestOptions);
+
+		expect(result).toEqual(mockResponseData);
+		expect(mockContext.getNodeParameter).toHaveBeenCalledWith('returnAll', true);
+		expect(mockContext.makeRoutingRequest).toHaveBeenCalledTimes(3);
+	});
+
+	it('should return items until nextCursor is undefined', async () => {
+		const mockResponseData: INodeExecutionData[] = [
+			{ json: { id: 1 }, headers: { link: `<${baseUrl}?after=cursor1>` } },
+			{ json: { id: 2 }, headers: { link: `<${baseUrl}>` } },
+		];
+
+		(mockContext.getNodeParameter as jest.Mock).mockReturnValue(true);
+		(mockContext.makeRoutingRequest as jest.Mock)
+			.mockResolvedValueOnce([mockResponseData[0]])
+			.mockResolvedValueOnce([mockResponseData[1]]);
+
+		const paginator = getCursorPaginator().bind(mockContext);
+		const result = await paginator(mockRequestOptions);
+
+		expect(result).toEqual(mockResponseData);
+		expect(mockContext.getNodeParameter).toHaveBeenCalledWith('returnAll', true);
+		expect(mockContext.makeRoutingRequest).toHaveBeenCalledTimes(2);
+	});
+
+	it('should handle empty response data', async () => {
+		(mockContext.getNodeParameter as jest.Mock).mockReturnValue(true);
+		(mockContext.makeRoutingRequest as jest.Mock).mockResolvedValue([]);
+
+		const paginator = getCursorPaginator().bind(mockContext);
+		const result = await paginator(mockRequestOptions);
+
+		expect(result).toEqual([]);
+		expect(mockContext.getNodeParameter).toHaveBeenCalledWith('returnAll', true);
+		expect(mockContext.makeRoutingRequest).toHaveBeenCalledTimes(1);
+	});
+});
diff --git a/packages/nodes-base/nodes/Slack/V2/UserDescription.ts b/packages/nodes-base/nodes/Slack/V2/UserDescription.ts
index fc69e0eeb2fe0..bda7c46dac01e 100644
--- a/packages/nodes-base/nodes/Slack/V2/UserDescription.ts
+++ b/packages/nodes-base/nodes/Slack/V2/UserDescription.ts
@@ -27,7 +27,7 @@ export const userOperations: INodeProperties[] = [
 			{
 				name: "Get User's Profile",
 				value: 'getProfile',
-				description: "Get a user's",
+				description: "Get a user's profile",
 				action: "Get a user's profile",
 			},
 			{
diff --git a/packages/nodes-base/nodes/Stripe/StripeTrigger.node.ts b/packages/nodes-base/nodes/Stripe/StripeTrigger.node.ts
index 6d2837237e4fb..fb9b3fb563b8d 100644
--- a/packages/nodes-base/nodes/Stripe/StripeTrigger.node.ts
+++ b/packages/nodes-base/nodes/Stripe/StripeTrigger.node.ts
@@ -865,12 +865,15 @@ export class StripeTrigger implements INodeType {
 			async create(this: IHookFunctions): Promise<boolean> {
 				const webhookUrl = this.getNodeWebhookUrl('default');
 
+				const webhookDescription = `Created by n8n for workflow ID: ${this.getWorkflow().id}`;
+
 				const events = this.getNodeParameter('events', []);
 
 				const endpoint = '/webhook_endpoints';
 
 				const body = {
 					url: webhookUrl,
+					description: webhookDescription,
 					enabled_events: events,
 				};
 
diff --git a/packages/nodes-base/nodes/Webflow/GenericFunctions.ts b/packages/nodes-base/nodes/Webflow/GenericFunctions.ts
index 4cbf8c277520b..49d02bcf04da6 100644
--- a/packages/nodes-base/nodes/Webflow/GenericFunctions.ts
+++ b/packages/nodes-base/nodes/Webflow/GenericFunctions.ts
@@ -6,6 +6,7 @@ import type {
 	IWebhookFunctions,
 	IHttpRequestMethods,
 	IRequestOptions,
+	INodePropertyOptions,
 } from 'n8n-workflow';
 
 export async function webflowApiRequest(
@@ -17,21 +18,9 @@ export async function webflowApiRequest(
 	uri?: string,
 	option: IDataObject = {},
 ) {
-	const authenticationMethod = this.getNodeParameter('authentication', 0, 'accessToken');
-	let credentialsType = '';
-
-	if (authenticationMethod === 'accessToken') {
-		credentialsType = 'webflowApi';
-	}
-
-	if (authenticationMethod === 'oAuth2') {
-		credentialsType = 'webflowOAuth2Api';
-	}
+	let credentialsType = 'webflowOAuth2Api';
 
 	let options: IRequestOptions = {
-		headers: {
-			'accept-version': '1.0.0',
-		},
 		method,
 		qs,
 		body,
@@ -40,6 +29,19 @@ export async function webflowApiRequest(
 	};
 	options = Object.assign({}, options, option);
 
+	// Keep support for v1 node
+	if (this.getNode().typeVersion === 1) {
+		console.log('v1');
+		const authenticationMethod = this.getNodeParameter('authentication', 0, 'accessToken');
+		if (authenticationMethod === 'accessToken') {
+			credentialsType = 'webflowApi';
+		}
+		options.headers = { 'accept-version': '1.0.0' };
+	} else {
+		options.resolveWithFullResponse = true;
+		options.uri = `https://api.webflow.com/v2${resource}`;
+	}
+
 	if (Object.keys(options.qs as IDataObject).length === 0) {
 		delete options.qs;
 	}
@@ -74,3 +76,50 @@ export async function webflowApiRequestAllItems(
 
 	return returnData;
 }
+// Load Options
+export async function getSites(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
+	const returnData: INodePropertyOptions[] = [];
+	const response = await webflowApiRequest.call(this, 'GET', '/sites');
+
+	console.log(response);
+
+	const sites = response.body?.sites || response;
+
+	for (const site of sites) {
+		returnData.push({
+			name: site.displayName || site.name,
+			value: site.id || site._id,
+		});
+	}
+	return returnData;
+}
+export async function getCollections(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
+	const returnData: INodePropertyOptions[] = [];
+	const siteId = this.getCurrentNodeParameter('siteId');
+	const response = await webflowApiRequest.call(this, 'GET', `/sites/${siteId}/collections`);
+
+	const collections = response.body?.collections || response;
+
+	for (const collection of collections) {
+		returnData.push({
+			name: collection.displayName || collection.name,
+			value: collection.id || collection._id,
+		});
+	}
+	return returnData;
+}
+export async function getFields(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
+	const returnData: INodePropertyOptions[] = [];
+	const collectionId = this.getCurrentNodeParameter('collectionId');
+	const response = await webflowApiRequest.call(this, 'GET', `/collections/${collectionId}`);
+
+	const fields = response.body?.fields || response;
+
+	for (const field of fields) {
+		returnData.push({
+			name: `${field.displayName || field.name} (${field.type}) ${field.isRequired || field.required ? ' (required)' : ''}`,
+			value: field.slug,
+		});
+	}
+	return returnData;
+}
diff --git a/packages/nodes-base/nodes/Webflow/ItemDescription.ts b/packages/nodes-base/nodes/Webflow/V1/ItemDescription.ts
similarity index 100%
rename from packages/nodes-base/nodes/Webflow/ItemDescription.ts
rename to packages/nodes-base/nodes/Webflow/V1/ItemDescription.ts
diff --git a/packages/nodes-base/nodes/Webflow/V1/WebflowTriggerV1.node.ts b/packages/nodes-base/nodes/Webflow/V1/WebflowTriggerV1.node.ts
new file mode 100644
index 0000000000000..9163fd495e5c3
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V1/WebflowTriggerV1.node.ts
@@ -0,0 +1,209 @@
+/* eslint-disable n8n-nodes-base/node-filename-against-convention */
+import type {
+	IHookFunctions,
+	IWebhookFunctions,
+	IDataObject,
+	INodeType,
+	INodeTypeDescription,
+	IWebhookResponseData,
+	INodeTypeBaseDescription,
+} from 'n8n-workflow';
+
+import { getSites, webflowApiRequest } from '../GenericFunctions';
+
+export class WebflowTriggerV1 implements INodeType {
+	description: INodeTypeDescription;
+
+	constructor(baseDescription: INodeTypeBaseDescription) {
+		this.description = {
+			...baseDescription,
+			displayName: 'Webflow Trigger',
+			name: 'webflowTrigger',
+			icon: 'file:webflow.svg',
+			group: ['trigger'],
+			version: 1,
+			description: 'Handle Webflow events via webhooks',
+			defaults: {
+				name: 'Webflow Trigger',
+			},
+			// eslint-disable-next-line n8n-nodes-base/node-class-description-inputs-wrong-regular-node
+			inputs: [],
+			outputs: ['main'],
+			credentials: [
+				{
+					name: 'webflowApi',
+					required: true,
+					displayOptions: {
+						show: {
+							authentication: ['accessToken'],
+						},
+					},
+				},
+				{
+					name: 'webflowOAuth2Api',
+					required: true,
+					displayOptions: {
+						show: {
+							authentication: ['oAuth2'],
+						},
+					},
+				},
+			],
+			webhooks: [
+				{
+					name: 'default',
+					httpMethod: 'POST',
+					responseMode: 'onReceived',
+					path: 'webhook',
+				},
+			],
+			properties: [
+				{
+					displayName: 'Authentication',
+					name: 'authentication',
+					type: 'options',
+					options: [
+						{
+							name: 'Access Token',
+							value: 'accessToken',
+						},
+						{
+							name: 'OAuth2',
+							value: 'oAuth2',
+						},
+					],
+					default: 'accessToken',
+				},
+				{
+					displayName: 'Site Name or ID',
+					name: 'site',
+					type: 'options',
+					required: true,
+					default: '',
+					typeOptions: {
+						loadOptionsMethod: 'getSites',
+					},
+					description:
+						'Site that will trigger the events. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+				},
+				{
+					displayName: 'Event',
+					name: 'event',
+					type: 'options',
+					required: true,
+					options: [
+						{
+							name: 'Collection Item Created',
+							value: 'collection_item_created',
+						},
+						{
+							name: 'Collection Item Deleted',
+							value: 'collection_item_deleted',
+						},
+						{
+							name: 'Collection Item Updated',
+							value: 'collection_item_changed',
+						},
+						{
+							name: 'Ecomm Inventory Changed',
+							value: 'ecomm_inventory_changed',
+						},
+						{
+							name: 'Ecomm New Order',
+							value: 'ecomm_new_order',
+						},
+						{
+							name: 'Ecomm Order Changed',
+							value: 'ecomm_order_changed',
+						},
+						{
+							name: 'Form Submission',
+							value: 'form_submission',
+						},
+						{
+							name: 'Site Publish',
+							value: 'site_publish',
+						},
+					],
+					default: 'form_submission',
+				},
+			],
+		};
+	}
+
+	methods = {
+		loadOptions: {
+			getSites,
+		},
+	};
+
+	webhookMethods = {
+		default: {
+			async checkExists(this: IHookFunctions): Promise<boolean> {
+				const webhookData = this.getWorkflowStaticData('node');
+				const webhookUrl = this.getNodeWebhookUrl('default');
+				const siteId = this.getNodeParameter('site') as string;
+
+				const event = this.getNodeParameter('event') as string;
+				const registeredWebhooks = await webflowApiRequest.call(
+					this,
+					'GET',
+					`/sites/${siteId}/webhooks`,
+				);
+
+				const webhooks = registeredWebhooks.body?.webhooks || registeredWebhooks;
+
+				for (const webhook of webhooks) {
+					if (webhook.url === webhookUrl && webhook.triggerType === event) {
+						webhookData.webhookId = webhook._id;
+						return true;
+					}
+				}
+
+				return false;
+			},
+
+			async create(this: IHookFunctions): Promise<boolean> {
+				const webhookUrl = this.getNodeWebhookUrl('default');
+				const webhookData = this.getWorkflowStaticData('node');
+				const siteId = this.getNodeParameter('site') as string;
+				const event = this.getNodeParameter('event') as string;
+				const endpoint = `/sites/${siteId}/webhooks`;
+				const body: IDataObject = {
+					site_id: siteId,
+					triggerType: event,
+					url: webhookUrl,
+				};
+
+				const response = await webflowApiRequest.call(this, 'POST', endpoint, body);
+				const _id = response.body?._id || response._id;
+				webhookData.webhookId = _id;
+				return true;
+			},
+			async delete(this: IHookFunctions): Promise<boolean> {
+				let responseData;
+				const webhookData = this.getWorkflowStaticData('node');
+				const siteId = this.getNodeParameter('site') as string;
+				const endpoint = `/sites/${siteId}/webhooks/${webhookData.webhookId}`;
+				try {
+					responseData = await webflowApiRequest.call(this, 'DELETE', endpoint);
+				} catch (error) {
+					return false;
+				}
+				const deleted = responseData.body?.deleted || responseData.deleted;
+				if (!deleted) {
+					return false;
+				}
+				delete webhookData.webhookId;
+				return true;
+			},
+		},
+	};
+
+	async webhook(this: IWebhookFunctions): Promise<IWebhookResponseData> {
+		const req = this.getRequestObject();
+		return {
+			workflowData: [this.helpers.returnJsonArray(req.body as IDataObject[])],
+		};
+	}
+}
diff --git a/packages/nodes-base/nodes/Webflow/V1/WebflowV1.node.ts b/packages/nodes-base/nodes/Webflow/V1/WebflowV1.node.ts
new file mode 100644
index 0000000000000..d4392c2174839
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V1/WebflowV1.node.ts
@@ -0,0 +1,258 @@
+import type {
+	IExecuteFunctions,
+	IDataObject,
+	INodeTypeBaseDescription,
+	INodeExecutionData,
+	INodeType,
+	INodeTypeDescription,
+} from 'n8n-workflow';
+
+import {
+	webflowApiRequest,
+	webflowApiRequestAllItems,
+	getSites,
+	getCollections,
+	getFields,
+} from '../GenericFunctions';
+
+import { itemFields, itemOperations } from './ItemDescription';
+
+export class WebflowV1 implements INodeType {
+	description: INodeTypeDescription;
+
+	constructor(baseDescription: INodeTypeBaseDescription) {
+		this.description = {
+			...baseDescription,
+			version: 1,
+			description: 'Consume the Webflow API',
+			subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
+			defaults: {
+				name: 'Webflow',
+			},
+			inputs: ['main'],
+			outputs: ['main'],
+			credentials: [
+				{
+					name: 'webflowApi',
+					required: true,
+					displayOptions: {
+						show: {
+							authentication: ['accessToken'],
+						},
+					},
+				},
+				{
+					name: 'webflowOAuth2Api',
+					required: true,
+					displayOptions: {
+						show: {
+							authentication: ['oAuth2'],
+						},
+					},
+				},
+			],
+			properties: [
+				{
+					displayName: 'Authentication',
+					name: 'authentication',
+					type: 'options',
+					options: [
+						{
+							name: 'Access Token',
+							value: 'accessToken',
+						},
+						{
+							name: 'OAuth2',
+							value: 'oAuth2',
+						},
+					],
+					default: 'accessToken',
+				},
+				{
+					displayName: 'Resource',
+					name: 'resource',
+					type: 'options',
+					noDataExpression: true,
+					options: [
+						{
+							name: 'Item',
+							value: 'item',
+						},
+					],
+					default: 'item',
+				},
+				...itemOperations,
+				...itemFields,
+			],
+		};
+	}
+
+	methods = {
+		loadOptions: {
+			getSites,
+			getCollections,
+			getFields,
+		},
+	};
+
+	async execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
+		const items = this.getInputData();
+
+		const resource = this.getNodeParameter('resource', 0);
+		const operation = this.getNodeParameter('operation', 0);
+		let responseData;
+		const returnData: INodeExecutionData[] = [];
+
+		for (let i = 0; i < items.length; i++) {
+			try {
+				if (resource === 'item') {
+					// *********************************************************************
+					//                             item
+					// *********************************************************************
+
+					// https://developers.webflow.com/#item-model
+
+					if (operation === 'create') {
+						// ----------------------------------
+						//         item: create
+						// ----------------------------------
+
+						// https://developers.webflow.com/#create-new-collection-item
+
+						const collectionId = this.getNodeParameter('collectionId', i) as string;
+
+						const properties = this.getNodeParameter(
+							'fieldsUi.fieldValues',
+							i,
+							[],
+						) as IDataObject[];
+
+						const live = this.getNodeParameter('live', i) as boolean;
+
+						const fields = {} as IDataObject;
+
+						properties.forEach((data) => (fields[data.fieldId as string] = data.fieldValue));
+
+						const body: IDataObject = {
+							fields,
+						};
+
+						responseData = await webflowApiRequest.call(
+							this,
+							'POST',
+							`/collections/${collectionId}/items`,
+							body,
+							{ live },
+						);
+					} else if (operation === 'delete') {
+						// ----------------------------------
+						//         item: delete
+						// ----------------------------------
+
+						// https://developers.webflow.com/#remove-collection-item
+
+						const collectionId = this.getNodeParameter('collectionId', i) as string;
+						const itemId = this.getNodeParameter('itemId', i) as string;
+						responseData = await webflowApiRequest.call(
+							this,
+							'DELETE',
+							`/collections/${collectionId}/items/${itemId}`,
+						);
+					} else if (operation === 'get') {
+						// ----------------------------------
+						//         item: get
+						// ----------------------------------
+
+						// https://developers.webflow.com/#get-single-item
+
+						const collectionId = this.getNodeParameter('collectionId', i) as string;
+						const itemId = this.getNodeParameter('itemId', i) as string;
+						responseData = await webflowApiRequest.call(
+							this,
+							'GET',
+							`/collections/${collectionId}/items/${itemId}`,
+						);
+						responseData = responseData.items;
+					} else if (operation === 'getAll') {
+						// ----------------------------------
+						//         item: getAll
+						// ----------------------------------
+
+						// https://developers.webflow.com/#get-all-items-for-a-collection
+
+						const returnAll = this.getNodeParameter('returnAll', 0);
+						const collectionId = this.getNodeParameter('collectionId', i) as string;
+						const qs: IDataObject = {};
+
+						if (returnAll) {
+							responseData = await webflowApiRequestAllItems.call(
+								this,
+								'GET',
+								`/collections/${collectionId}/items`,
+								{},
+								qs,
+							);
+						} else {
+							qs.limit = this.getNodeParameter('limit', 0);
+							responseData = await webflowApiRequest.call(
+								this,
+								'GET',
+								`/collections/${collectionId}/items`,
+								{},
+								qs,
+							);
+							responseData = responseData.items;
+						}
+					} else if (operation === 'update') {
+						// ----------------------------------
+						//         item: update
+						// ----------------------------------
+
+						// https://developers.webflow.com/#update-collection-item
+
+						const collectionId = this.getNodeParameter('collectionId', i) as string;
+
+						const itemId = this.getNodeParameter('itemId', i) as string;
+
+						const properties = this.getNodeParameter(
+							'fieldsUi.fieldValues',
+							i,
+							[],
+						) as IDataObject[];
+
+						const live = this.getNodeParameter('live', i) as boolean;
+
+						const fields = {} as IDataObject;
+
+						properties.forEach((data) => (fields[data.fieldId as string] = data.fieldValue));
+
+						const body: IDataObject = {
+							fields,
+						};
+
+						responseData = await webflowApiRequest.call(
+							this,
+							'PUT',
+							`/collections/${collectionId}/items/${itemId}`,
+							body,
+							{ live },
+						);
+					}
+				}
+				const executionData = this.helpers.constructExecutionMetaData(
+					this.helpers.returnJsonArray(responseData as IDataObject[]),
+					{ itemData: { item: i } },
+				);
+				returnData.push(...executionData);
+			} catch (error) {
+				if (this.continueOnFail()) {
+					returnData.push({ json: { error: error.message } });
+					continue;
+				}
+				throw error;
+			}
+		}
+
+		return [returnData];
+	}
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/WebflowTriggerV2.node.ts b/packages/nodes-base/nodes/Webflow/V2/WebflowTriggerV2.node.ts
new file mode 100644
index 0000000000000..560f7390abf8d
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/WebflowTriggerV2.node.ts
@@ -0,0 +1,179 @@
+/* eslint-disable n8n-nodes-base/node-filename-against-convention */
+import type {
+	IHookFunctions,
+	IDataObject,
+	INodeType,
+	INodeTypeDescription,
+	INodeTypeBaseDescription,
+	IWebhookFunctions,
+	IWebhookResponseData,
+} from 'n8n-workflow';
+
+import { getSites, webflowApiRequest } from '../GenericFunctions';
+
+export class WebflowTriggerV2 implements INodeType {
+	description: INodeTypeDescription;
+
+	constructor(baseDescription: INodeTypeBaseDescription) {
+		this.description = {
+			...baseDescription,
+			displayName: 'Webflow Trigger',
+			name: 'webflowTrigger',
+			icon: 'file:webflow.svg',
+			group: ['trigger'],
+			version: 2,
+			description: 'Handle Webflow events via webhooks',
+			defaults: {
+				name: 'Webflow Trigger',
+			},
+			// eslint-disable-next-line n8n-nodes-base/node-class-description-inputs-wrong-regular-node
+			inputs: [],
+			outputs: ['main'],
+			credentials: [
+				{
+					name: 'webflowOAuth2Api',
+					required: true,
+				},
+			],
+			webhooks: [
+				{
+					name: 'default',
+					httpMethod: 'POST',
+					responseMode: 'onReceived',
+					path: 'webhook',
+				},
+			],
+			properties: [
+				{
+					displayName: 'Site Name or ID',
+					name: 'site',
+					type: 'options',
+					required: true,
+					default: '',
+					typeOptions: {
+						loadOptionsMethod: 'getSites',
+					},
+					description:
+						'Site that will trigger the events. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+				},
+				{
+					displayName: 'Event',
+					name: 'event',
+					type: 'options',
+					required: true,
+					options: [
+						{
+							name: 'Collection Item Created',
+							value: 'collection_item_created',
+						},
+						{
+							name: 'Collection Item Deleted',
+							value: 'collection_item_deleted',
+						},
+						{
+							name: 'Collection Item Updated',
+							value: 'collection_item_changed',
+						},
+						{
+							name: 'Ecomm Inventory Changed',
+							value: 'ecomm_inventory_changed',
+						},
+						{
+							name: 'Ecomm New Order',
+							value: 'ecomm_new_order',
+						},
+						{
+							name: 'Ecomm Order Changed',
+							value: 'ecomm_order_changed',
+						},
+						{
+							name: 'Form Submission',
+							value: 'form_submission',
+						},
+						{
+							name: 'Site Publish',
+							value: 'site_publish',
+						},
+					],
+					default: 'form_submission',
+				},
+			],
+		};
+	}
+
+	methods = {
+		loadOptions: {
+			getSites,
+		},
+	};
+
+	webhookMethods = {
+		default: {
+			async checkExists(this: IHookFunctions): Promise<boolean> {
+				const webhookData = this.getWorkflowStaticData('node');
+				const webhookUrl = this.getNodeWebhookUrl('default');
+				const siteId = this.getNodeParameter('site') as string;
+
+				const event = this.getNodeParameter('event') as string;
+				const registeredWebhooks = await webflowApiRequest.call(
+					this,
+					'GET',
+					`/sites/${siteId}/webhooks`,
+				);
+
+				const webhooks = registeredWebhooks.body?.webhooks || registeredWebhooks;
+
+				for (const webhook of webhooks) {
+					if (webhook.url === webhookUrl && webhook.triggerType === event) {
+						webhookData.webhookId = webhook._id;
+						return true;
+					}
+				}
+
+				return false;
+			},
+
+			async create(this: IHookFunctions): Promise<boolean> {
+				const webhookUrl = this.getNodeWebhookUrl('default');
+				const webhookData = this.getWorkflowStaticData('node');
+				const siteId = this.getNodeParameter('site') as string;
+				const event = this.getNodeParameter('event') as string;
+				const endpoint = `/sites/${siteId}/webhooks`;
+				const body: IDataObject = {
+					site_id: siteId,
+					triggerType: event,
+					url: webhookUrl,
+				};
+
+				const response = await webflowApiRequest.call(this, 'POST', endpoint, body);
+				const _id = response.body?._id || response._id;
+				webhookData.webhookId = _id;
+				return true;
+			},
+			async delete(this: IHookFunctions): Promise<boolean> {
+				let responseData;
+				const webhookData = this.getWorkflowStaticData('node');
+				const siteId = this.getNodeParameter('site') as string;
+				const endpoint = `/sites/${siteId}/webhooks/${webhookData.webhookId}`;
+				try {
+					responseData = await webflowApiRequest.call(this, 'DELETE', endpoint);
+				} catch (error) {
+					return false;
+				}
+				const deleted = responseData.body?.deleted || responseData.deleted;
+				if (!deleted) {
+					return false;
+				}
+				delete webhookData.webhookId;
+				return true;
+			},
+		},
+	};
+
+	async webhook(this: IWebhookFunctions): Promise<IWebhookResponseData> {
+		const req = this.getRequestObject();
+		return {
+			workflowData: [this.helpers.returnJsonArray(req.body as IDataObject[])],
+		};
+	}
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/WebflowV2.node.ts b/packages/nodes-base/nodes/Webflow/V2/WebflowV2.node.ts
new file mode 100644
index 0000000000000..ad17ff9e05e13
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/WebflowV2.node.ts
@@ -0,0 +1,32 @@
+import type {
+	IExecuteFunctions,
+	INodeType,
+	INodeTypeBaseDescription,
+	INodeTypeDescription,
+} from 'n8n-workflow';
+import { getSites, getCollections, getFields } from '../GenericFunctions';
+import { versionDescription } from './actions/versionDescription';
+import { router } from './actions/router';
+
+export class WebflowV2 implements INodeType {
+	description: INodeTypeDescription;
+
+	constructor(baseDescription: INodeTypeBaseDescription) {
+		this.description = {
+			...baseDescription,
+			...versionDescription,
+		};
+	}
+
+	methods = {
+		loadOptions: {
+			getSites,
+			getCollections,
+			getFields,
+		},
+	};
+
+	async execute(this: IExecuteFunctions) {
+		return await router.call(this);
+	}
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/Item/Item.resource.ts b/packages/nodes-base/nodes/Webflow/V2/actions/Item/Item.resource.ts
new file mode 100644
index 0000000000000..420d2d8490327
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/Item/Item.resource.ts
@@ -0,0 +1,56 @@
+import type { INodeProperties } from 'n8n-workflow';
+
+import * as create from './create.operation';
+import * as deleteItem from './delete.operation';
+import * as get from './get.operation';
+import * as getAll from './getAll.operation';
+import * as update from './update.operation';
+
+export { create, deleteItem, get, getAll, update };
+
+export const description: INodeProperties[] = [
+	{
+		displayName: 'Operation',
+		name: 'operation',
+		type: 'options',
+		noDataExpression: true,
+		default: 'get',
+		options: [
+			{
+				name: 'Create',
+				value: 'create',
+				action: 'Create an item',
+			},
+			{
+				name: 'Delete',
+				value: 'deleteItem',
+				action: 'Delete an item',
+			},
+			{
+				name: 'Get',
+				value: 'get',
+				action: 'Get an item',
+			},
+			{
+				name: 'Get Many',
+				value: 'getAll',
+				action: 'Get many items',
+			},
+			{
+				name: 'Update',
+				value: 'update',
+				action: 'Update an item',
+			},
+		],
+		displayOptions: {
+			show: {
+				resource: ['item'],
+			},
+		},
+	},
+	...create.description,
+	...deleteItem.description,
+	...get.description,
+	...getAll.description,
+	...update.description,
+];
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/Item/create.operation.ts b/packages/nodes-base/nodes/Webflow/V2/actions/Item/create.operation.ts
new file mode 100644
index 0000000000000..8eeeb9cb6646a
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/Item/create.operation.ts
@@ -0,0 +1,139 @@
+import type {
+	IDataObject,
+	INodeExecutionData,
+	INodeProperties,
+	IExecuteFunctions,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '../../../../../utils/utilities';
+import { webflowApiRequest } from '../../../GenericFunctions';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Site Name or ID',
+		name: 'siteId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getSites',
+		},
+		default: '',
+		description:
+			'ID of the site containing the collection whose items to add to. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Collection Name or ID',
+		name: 'collectionId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getCollections',
+			loadOptionsDependsOn: ['siteId'],
+		},
+		default: '',
+		description:
+			'ID of the collection to add an item to. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Live',
+		name: 'live',
+		type: 'boolean',
+		required: true,
+		default: false,
+		description: 'Whether the item should be published on the live site',
+	},
+	{
+		displayName: 'Fields',
+		name: 'fieldsUi',
+		placeholder: 'Add Field',
+		type: 'fixedCollection',
+		typeOptions: {
+			multipleValues: true,
+		},
+		default: {},
+		options: [
+			{
+				displayName: 'Field',
+				name: 'fieldValues',
+				values: [
+					{
+						displayName: 'Field Name or ID',
+						name: 'fieldId',
+						type: 'options',
+						typeOptions: {
+							loadOptionsMethod: 'getFields',
+							loadOptionsDependsOn: ['collectionId'],
+						},
+						default: '',
+						description:
+							'Field to set for the item to create. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+					},
+					{
+						displayName: 'Field Value',
+						name: 'fieldValue',
+						type: 'string',
+						default: '',
+						description: 'Value to set for the item to create',
+					},
+				],
+			},
+		],
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['item'],
+		operation: ['create'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	items: INodeExecutionData[],
+): Promise<INodeExecutionData[]> {
+	const returnData: INodeExecutionData[] = [];
+	let responseData;
+	for (let i = 0; i < items.length; i++) {
+		try {
+			const collectionId = this.getNodeParameter('collectionId', i) as string;
+
+			const uiFields = this.getNodeParameter('fieldsUi.fieldValues', i, []) as IDataObject[];
+
+			const live = this.getNodeParameter('live', i) as boolean;
+
+			const fieldData = {} as IDataObject;
+
+			uiFields.forEach((data) => (fieldData[data.fieldId as string] = data.fieldValue));
+
+			const body: IDataObject = {
+				fieldData,
+			};
+
+			responseData = await webflowApiRequest.call(
+				this,
+				'POST',
+				`/collections/${collectionId}/items`,
+				body,
+				{ live },
+			);
+
+			const executionData = this.helpers.constructExecutionMetaData(
+				wrapData(responseData.body as IDataObject[]),
+				{ itemData: { item: i } },
+			);
+
+			returnData.push(...executionData);
+		} catch (error) {
+			if (this.continueOnFail()) {
+				returnData.push({ json: { message: error.message, error } });
+				continue;
+			}
+			throw error;
+		}
+	}
+
+	return returnData;
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/Item/delete.operation.ts b/packages/nodes-base/nodes/Webflow/V2/actions/Item/delete.operation.ts
new file mode 100644
index 0000000000000..632a8e6e93d43
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/Item/delete.operation.ts
@@ -0,0 +1,94 @@
+import type {
+	IDataObject,
+	INodeExecutionData,
+	INodeProperties,
+	IExecuteFunctions,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '../../../../../utils/utilities';
+import { webflowApiRequest } from '../../../GenericFunctions';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Site Name or ID',
+		name: 'siteId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getSites',
+		},
+		default: '',
+		description:
+			'ID of the site containing the collection whose items to operate on. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Collection Name or ID',
+		name: 'collectionId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getCollections',
+			loadOptionsDependsOn: ['siteId'],
+		},
+		default: '',
+		description:
+			'ID of the collection whose items to operate on. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Item ID',
+		name: 'itemId',
+		type: 'string',
+		required: true,
+		default: '',
+		description: 'ID of the item to operate on',
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['item'],
+		operation: ['deleteItem'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	items: INodeExecutionData[],
+): Promise<INodeExecutionData[]> {
+	const returnData: INodeExecutionData[] = [];
+
+	for (let i = 0; i < items.length; i++) {
+		try {
+			const collectionId = this.getNodeParameter('collectionId', i) as string;
+			const itemId = this.getNodeParameter('itemId', i) as string;
+			let responseData = await webflowApiRequest.call(
+				this,
+				'DELETE',
+				`/collections/${collectionId}/items/${itemId}`,
+			);
+
+			if (responseData.statusCode === 204) {
+				responseData = { success: true };
+			} else {
+				responseData = { success: false };
+			}
+
+			const executionData = this.helpers.constructExecutionMetaData(
+				wrapData(responseData as IDataObject[]),
+				{ itemData: { item: i } },
+			);
+
+			returnData.push(...executionData);
+		} catch (error) {
+			if (this.continueOnFail()) {
+				returnData.push({ json: { message: error.message, error } });
+				continue;
+			}
+			throw error;
+		}
+	}
+
+	return returnData;
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/Item/get.operation.ts b/packages/nodes-base/nodes/Webflow/V2/actions/Item/get.operation.ts
new file mode 100644
index 0000000000000..c02b3fc26e7ff
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/Item/get.operation.ts
@@ -0,0 +1,88 @@
+import type {
+	IDataObject,
+	INodeExecutionData,
+	INodeProperties,
+	IExecuteFunctions,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '../../../../../utils/utilities';
+import { webflowApiRequest } from '../../../GenericFunctions';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Site Name or ID',
+		name: 'siteId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getSites',
+		},
+		default: '',
+		description:
+			'ID of the site containing the collection whose items to operate on. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Collection Name or ID',
+		name: 'collectionId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getCollections',
+			loadOptionsDependsOn: ['siteId'],
+		},
+		default: '',
+		description:
+			'ID of the collection whose items to operate on. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Item ID',
+		name: 'itemId',
+		type: 'string',
+		required: true,
+		default: '',
+		description: 'ID of the item to operate on',
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['item'],
+		operation: ['get'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	items: INodeExecutionData[],
+): Promise<INodeExecutionData[]> {
+	const returnData: INodeExecutionData[] = [];
+	let responseData;
+	for (let i = 0; i < items.length; i++) {
+		try {
+			const collectionId = this.getNodeParameter('collectionId', i) as string;
+			const itemId = this.getNodeParameter('itemId', i) as string;
+			responseData = await webflowApiRequest.call(
+				this,
+				'GET',
+				`/collections/${collectionId}/items/${itemId}`,
+			);
+
+			const executionData = this.helpers.constructExecutionMetaData(
+				wrapData(responseData.body as IDataObject[]),
+				{ itemData: { item: i } },
+			);
+
+			returnData.push(...executionData);
+		} catch (error) {
+			if (this.continueOnFail()) {
+				returnData.push({ json: { message: error.message, error } });
+				continue;
+			}
+			throw error;
+		}
+	}
+
+	return returnData;
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/Item/getAll.operation.ts b/packages/nodes-base/nodes/Webflow/V2/actions/Item/getAll.operation.ts
new file mode 100644
index 0000000000000..6f9bd0f5b1949
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/Item/getAll.operation.ts
@@ -0,0 +1,118 @@
+import type {
+	IDataObject,
+	INodeExecutionData,
+	INodeProperties,
+	IExecuteFunctions,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '../../../../../utils/utilities';
+import { webflowApiRequest, webflowApiRequestAllItems } from '../../../GenericFunctions';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Site Name or ID',
+		name: 'siteId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getSites',
+		},
+		default: '',
+		description:
+			'ID of the site containing the collection whose items to operate on. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Collection Name or ID',
+		name: 'collectionId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getCollections',
+			loadOptionsDependsOn: ['siteId'],
+		},
+		default: '',
+		description:
+			'ID of the collection whose items to operate on. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Return All',
+		name: 'returnAll',
+		type: 'boolean',
+		default: false,
+		description: 'Whether to return all results or only up to a given limit',
+	},
+	{
+		displayName: 'Limit',
+		name: 'limit',
+		type: 'number',
+		typeOptions: {
+			minValue: 1,
+			maxValue: 100,
+		},
+		displayOptions: {
+			show: {
+				returnAll: [false],
+			},
+		},
+		default: 100,
+		description: 'Max number of results to return',
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['item'],
+		operation: ['getAll'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	items: INodeExecutionData[],
+): Promise<INodeExecutionData[]> {
+	const returnData: INodeExecutionData[] = [];
+	let responseData;
+	for (let i = 0; i < items.length; i++) {
+		try {
+			const returnAll = this.getNodeParameter('returnAll', i) as boolean;
+			const collectionId = this.getNodeParameter('collectionId', i) as string;
+			const qs: IDataObject = {};
+
+			if (returnAll) {
+				responseData = await webflowApiRequestAllItems.call(
+					this,
+					'GET',
+					`/collections/${collectionId}/items`,
+					{},
+				);
+			} else {
+				qs.limit = this.getNodeParameter('limit', i);
+				responseData = await webflowApiRequest.call(
+					this,
+					'GET',
+					`/collections/${collectionId}/items`,
+					{},
+					qs,
+				);
+				responseData = responseData.body.items;
+			}
+
+			const executionData = this.helpers.constructExecutionMetaData(
+				wrapData(responseData as IDataObject[]),
+				{ itemData: { item: i } },
+			);
+
+			returnData.push(...executionData);
+		} catch (error) {
+			if (this.continueOnFail()) {
+				returnData.push({ json: { message: error.message, error } });
+				continue;
+			}
+			throw error;
+		}
+	}
+
+	return returnData;
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/Item/update.operation.ts b/packages/nodes-base/nodes/Webflow/V2/actions/Item/update.operation.ts
new file mode 100644
index 0000000000000..e4f94ad17d83f
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/Item/update.operation.ts
@@ -0,0 +1,148 @@
+import type {
+	IDataObject,
+	INodeExecutionData,
+	INodeProperties,
+	IExecuteFunctions,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '../../../../../utils/utilities';
+import { webflowApiRequest } from '../../../GenericFunctions';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Site Name or ID',
+		name: 'siteId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getSites',
+		},
+		default: '',
+		description:
+			'ID of the site containing the collection whose items to add to. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Collection Name or ID',
+		name: 'collectionId',
+		type: 'options',
+		required: true,
+		typeOptions: {
+			loadOptionsMethod: 'getCollections',
+			loadOptionsDependsOn: ['siteId'],
+		},
+		default: '',
+		description:
+			'ID of the collection to add an item to. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+	},
+	{
+		displayName: 'Item ID',
+		name: 'itemId',
+		type: 'string',
+		required: true,
+		default: '',
+		description: 'ID of the item to update',
+	},
+	{
+		displayName: 'Live',
+		name: 'live',
+		type: 'boolean',
+		required: true,
+		default: false,
+		description: 'Whether the item should be published on the live site',
+	},
+	{
+		displayName: 'Fields',
+		name: 'fieldsUi',
+		placeholder: 'Add Field',
+		type: 'fixedCollection',
+		typeOptions: {
+			multipleValues: true,
+		},
+		default: {},
+		options: [
+			{
+				displayName: 'Field',
+				name: 'fieldValues',
+				values: [
+					{
+						displayName: 'Field Name or ID',
+						name: 'fieldId',
+						type: 'options',
+						typeOptions: {
+							loadOptionsMethod: 'getFields',
+							loadOptionsDependsOn: ['collectionId'],
+						},
+						default: '',
+						description:
+							'Field to set for the item to create. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
+					},
+					{
+						displayName: 'Field Value',
+						name: 'fieldValue',
+						type: 'string',
+						default: '',
+						description: 'Value to set for the item to create',
+					},
+				],
+			},
+		],
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['item'],
+		operation: ['update'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	items: INodeExecutionData[],
+): Promise<INodeExecutionData[]> {
+	const returnData: INodeExecutionData[] = [];
+	let responseData;
+	for (let i = 0; i < items.length; i++) {
+		try {
+			const collectionId = this.getNodeParameter('collectionId', i) as string;
+			const itemId = this.getNodeParameter('itemId', i) as string;
+
+			const uiFields = this.getNodeParameter('fieldsUi.fieldValues', i, []) as IDataObject[];
+
+			const live = this.getNodeParameter('live', i) as boolean;
+
+			const fieldData = {} as IDataObject;
+
+			uiFields.forEach((data) => (fieldData[data.fieldId as string] = data.fieldValue));
+
+			const body: IDataObject = {
+				fieldData,
+			};
+
+			responseData = await webflowApiRequest.call(
+				this,
+				'PATCH',
+				`/collections/${collectionId}/items/${itemId}`,
+				body,
+				{ live },
+			);
+
+			const executionData = this.helpers.constructExecutionMetaData(
+				wrapData(responseData.body as IDataObject[]),
+				{ itemData: { item: i } },
+			);
+
+			returnData.push(...executionData);
+		} catch (error) {
+			if (this.continueOnFail()) {
+				returnData.push({ json: { message: error.message, error } });
+				continue;
+			}
+			throw error;
+		}
+	}
+
+	return returnData;
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/node.type.ts b/packages/nodes-base/nodes/Webflow/V2/actions/node.type.ts
new file mode 100644
index 0000000000000..150a5684b6d52
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/node.type.ts
@@ -0,0 +1,7 @@
+import type { AllEntities } from 'n8n-workflow';
+
+type NodeMap = {
+	item: 'create' | 'deleteItem' | 'get' | 'getAll' | 'update';
+};
+
+export type WebflowType = AllEntities<NodeMap>;
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/router.ts b/packages/nodes-base/nodes/Webflow/V2/actions/router.ts
new file mode 100644
index 0000000000000..371a9df3c6df7
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/router.ts
@@ -0,0 +1,35 @@
+import type { IExecuteFunctions, INodeExecutionData } from 'n8n-workflow';
+import { NodeOperationError } from 'n8n-workflow';
+import type { WebflowType } from './node.type';
+
+import * as item from './Item/Item.resource';
+
+export async function router(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
+	let returnData: INodeExecutionData[] = [];
+
+	const items = this.getInputData();
+	const resource = this.getNodeParameter<WebflowType>('resource', 0);
+	const operation = this.getNodeParameter('operation', 0);
+
+	const webflowNodeData = {
+		resource,
+		operation,
+	} as WebflowType;
+
+	try {
+		switch (webflowNodeData.resource) {
+			case 'item':
+				returnData = await item[webflowNodeData.operation].execute.call(this, items);
+				break;
+			default:
+				throw new NodeOperationError(
+					this.getNode(),
+					`The operation "${operation}" is not supported!`,
+				);
+		}
+	} catch (error) {
+		throw error;
+	}
+
+	return [returnData];
+}
diff --git a/packages/nodes-base/nodes/Webflow/V2/actions/versionDescription.ts b/packages/nodes-base/nodes/Webflow/V2/actions/versionDescription.ts
new file mode 100644
index 0000000000000..1f93d9493ddee
--- /dev/null
+++ b/packages/nodes-base/nodes/Webflow/V2/actions/versionDescription.ts
@@ -0,0 +1,41 @@
+/* eslint-disable n8n-nodes-base/node-filename-against-convention */
+import type { INodeTypeDescription } from 'n8n-workflow';
+
+import * as item from './Item/Item.resource';
+
+export const versionDescription: INodeTypeDescription = {
+	displayName: 'Webflow',
+	name: 'webflow',
+	icon: 'file:webflow.svg',
+	group: ['transform'],
+	subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
+	description: 'Consume the Webflow API',
+	version: [2],
+	defaults: {
+		name: 'Webflow',
+	},
+	inputs: ['main'],
+	outputs: ['main'],
+	credentials: [
+		{
+			name: 'webflowOAuth2Api',
+			required: true,
+		},
+	],
+	properties: [
+		{
+			displayName: 'Resource',
+			name: 'resource',
+			type: 'options',
+			noDataExpression: true,
+			options: [
+				{
+					name: 'Item',
+					value: 'item',
+				},
+			],
+			default: 'item',
+		},
+		...item.description,
+	],
+};
diff --git a/packages/nodes-base/nodes/Webflow/Webflow.node.ts b/packages/nodes-base/nodes/Webflow/Webflow.node.ts
index 3f799cbf09eaa..4239c8c810abb 100644
--- a/packages/nodes-base/nodes/Webflow/Webflow.node.ts
+++ b/packages/nodes-base/nodes/Webflow/Webflow.node.ts
@@ -1,292 +1,26 @@
-import type {
-	IExecuteFunctions,
-	IDataObject,
-	ILoadOptionsFunctions,
-	INodeExecutionData,
-	INodePropertyOptions,
-	INodeType,
-	INodeTypeDescription,
-} from 'n8n-workflow';
-
-import { webflowApiRequest, webflowApiRequestAllItems } from './GenericFunctions';
-
-import { itemFields, itemOperations } from './ItemDescription';
-
-export class Webflow implements INodeType {
-	description: INodeTypeDescription = {
-		displayName: 'Webflow',
-		name: 'webflow',
-		icon: 'file:webflow.svg',
-		group: ['transform'],
-		version: 1,
-		subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
-		description: 'Consume the Webflow API',
-		defaults: {
-			name: 'Webflow',
-		},
-		inputs: ['main'],
-		outputs: ['main'],
-		credentials: [
-			{
-				name: 'webflowApi',
-				required: true,
-				displayOptions: {
-					show: {
-						authentication: ['accessToken'],
-					},
-				},
-			},
-			{
-				name: 'webflowOAuth2Api',
-				required: true,
-				displayOptions: {
-					show: {
-						authentication: ['oAuth2'],
-					},
-				},
-			},
-		],
-		properties: [
-			{
-				displayName: 'Authentication',
-				name: 'authentication',
-				type: 'options',
-				options: [
-					{
-						name: 'Access Token',
-						value: 'accessToken',
-					},
-					{
-						name: 'OAuth2',
-						value: 'oAuth2',
-					},
-				],
-				default: 'accessToken',
-			},
-			{
-				displayName: 'Resource',
-				name: 'resource',
-				type: 'options',
-				noDataExpression: true,
-				options: [
-					{
-						name: 'Item',
-						value: 'item',
-					},
-				],
-				default: 'item',
-			},
-			...itemOperations,
-			...itemFields,
-		],
-	};
-
-	methods = {
-		loadOptions: {
-			async getSites(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
-				const returnData: INodePropertyOptions[] = [];
-				const sites = await webflowApiRequest.call(this, 'GET', '/sites');
-				for (const site of sites) {
-					returnData.push({
-						name: site.name,
-						value: site._id,
-					});
-				}
-				return returnData;
-			},
-			async getCollections(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
-				const returnData: INodePropertyOptions[] = [];
-				const siteId = this.getCurrentNodeParameter('siteId');
-				const collections = await webflowApiRequest.call(
-					this,
-					'GET',
-					`/sites/${siteId}/collections`,
-				);
-				for (const collection of collections) {
-					returnData.push({
-						name: collection.name,
-						value: collection._id,
-					});
-				}
-				return returnData;
-			},
-			async getFields(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
-				const returnData: INodePropertyOptions[] = [];
-				const collectionId = this.getCurrentNodeParameter('collectionId');
-				const { fields } = await webflowApiRequest.call(
-					this,
-					'GET',
-					`/collections/${collectionId}`,
-				);
-				for (const field of fields) {
-					returnData.push({
-						name: `${field.name} (${field.type}) ${field.required ? ' (required)' : ''}`,
-						value: field.slug,
-					});
-				}
-				return returnData;
-			},
-		},
-	};
-
-	async execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
-		const items = this.getInputData();
-
-		const resource = this.getNodeParameter('resource', 0);
-		const operation = this.getNodeParameter('operation', 0);
-		let responseData;
-		const returnData: INodeExecutionData[] = [];
-
-		for (let i = 0; i < items.length; i++) {
-			try {
-				if (resource === 'item') {
-					// *********************************************************************
-					//                             item
-					// *********************************************************************
-
-					// https://developers.webflow.com/#item-model
-
-					if (operation === 'create') {
-						// ----------------------------------
-						//         item: create
-						// ----------------------------------
-
-						// https://developers.webflow.com/#create-new-collection-item
-
-						const collectionId = this.getNodeParameter('collectionId', i) as string;
-
-						const properties = this.getNodeParameter(
-							'fieldsUi.fieldValues',
-							i,
-							[],
-						) as IDataObject[];
-
-						const live = this.getNodeParameter('live', i) as boolean;
-
-						const fields = {} as IDataObject;
-
-						properties.forEach((data) => (fields[data.fieldId as string] = data.fieldValue));
-
-						const body: IDataObject = {
-							fields,
-						};
-
-						responseData = await webflowApiRequest.call(
-							this,
-							'POST',
-							`/collections/${collectionId}/items`,
-							body,
-							{ live },
-						);
-					} else if (operation === 'delete') {
-						// ----------------------------------
-						//         item: delete
-						// ----------------------------------
-
-						// https://developers.webflow.com/#remove-collection-item
-
-						const collectionId = this.getNodeParameter('collectionId', i) as string;
-						const itemId = this.getNodeParameter('itemId', i) as string;
-						responseData = await webflowApiRequest.call(
-							this,
-							'DELETE',
-							`/collections/${collectionId}/items/${itemId}`,
-						);
-					} else if (operation === 'get') {
-						// ----------------------------------
-						//         item: get
-						// ----------------------------------
-
-						// https://developers.webflow.com/#get-single-item
-
-						const collectionId = this.getNodeParameter('collectionId', i) as string;
-						const itemId = this.getNodeParameter('itemId', i) as string;
-						responseData = await webflowApiRequest.call(
-							this,
-							'GET',
-							`/collections/${collectionId}/items/${itemId}`,
-						);
-						responseData = responseData.items;
-					} else if (operation === 'getAll') {
-						// ----------------------------------
-						//         item: getAll
-						// ----------------------------------
-
-						// https://developers.webflow.com/#get-all-items-for-a-collection
-
-						const returnAll = this.getNodeParameter('returnAll', 0);
-						const collectionId = this.getNodeParameter('collectionId', i) as string;
-						const qs: IDataObject = {};
-
-						if (returnAll) {
-							responseData = await webflowApiRequestAllItems.call(
-								this,
-								'GET',
-								`/collections/${collectionId}/items`,
-								{},
-								qs,
-							);
-						} else {
-							qs.limit = this.getNodeParameter('limit', 0);
-							responseData = await webflowApiRequest.call(
-								this,
-								'GET',
-								`/collections/${collectionId}/items`,
-								{},
-								qs,
-							);
-							responseData = responseData.items;
-						}
-					} else if (operation === 'update') {
-						// ----------------------------------
-						//         item: update
-						// ----------------------------------
-
-						// https://developers.webflow.com/#update-collection-item
-
-						const collectionId = this.getNodeParameter('collectionId', i) as string;
-
-						const itemId = this.getNodeParameter('itemId', i) as string;
-
-						const properties = this.getNodeParameter(
-							'fieldsUi.fieldValues',
-							i,
-							[],
-						) as IDataObject[];
-
-						const live = this.getNodeParameter('live', i) as boolean;
-
-						const fields = {} as IDataObject;
-
-						properties.forEach((data) => (fields[data.fieldId as string] = data.fieldValue));
-
-						const body: IDataObject = {
-							fields,
-						};
-
-						responseData = await webflowApiRequest.call(
-							this,
-							'PUT',
-							`/collections/${collectionId}/items/${itemId}`,
-							body,
-							{ live },
-						);
-					}
-				}
-				const executionData = this.helpers.constructExecutionMetaData(
-					this.helpers.returnJsonArray(responseData as IDataObject[]),
-					{ itemData: { item: i } },
-				);
-				returnData.push(...executionData);
-			} catch (error) {
-				if (this.continueOnFail(error)) {
-					returnData.push({ json: { error: error.message } });
-					continue;
-				}
-				throw error;
-			}
-		}
-
-		return [returnData];
+import type { INodeTypeBaseDescription, IVersionedNodeType } from 'n8n-workflow';
+import { VersionedNodeType } from 'n8n-workflow';
+
+import { WebflowV1 } from './V1/WebflowV1.node';
+import { WebflowV2 } from './V2/WebflowV2.node';
+
+export class Webflow extends VersionedNodeType {
+	constructor() {
+		const baseDescription: INodeTypeBaseDescription = {
+			displayName: 'Webflow',
+			name: 'webflow',
+			icon: 'file:webflow.svg',
+			group: ['transform'],
+			subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
+			description: 'Consume the Webflow API',
+			defaultVersion: 2,
+		};
+
+		const nodeVersions: IVersionedNodeType['nodeVersions'] = {
+			1: new WebflowV1(baseDescription),
+			2: new WebflowV2(baseDescription),
+		};
+
+		super(nodeVersions, baseDescription);
 	}
 }
diff --git a/packages/nodes-base/nodes/Webflow/WebflowTrigger.node.ts b/packages/nodes-base/nodes/Webflow/WebflowTrigger.node.ts
index 632bfb9534bd4..cdd2ee3814626 100644
--- a/packages/nodes-base/nodes/Webflow/WebflowTrigger.node.ts
+++ b/packages/nodes-base/nodes/Webflow/WebflowTrigger.node.ts
@@ -1,273 +1,24 @@
-import type {
-	IHookFunctions,
-	IWebhookFunctions,
-	IDataObject,
-	ILoadOptionsFunctions,
-	INodePropertyOptions,
-	INodeType,
-	INodeTypeDescription,
-	IWebhookResponseData,
-} from 'n8n-workflow';
-
-import { webflowApiRequest } from './GenericFunctions';
-
-export class WebflowTrigger implements INodeType {
-	description: INodeTypeDescription = {
-		displayName: 'Webflow Trigger',
-		name: 'webflowTrigger',
-		icon: 'file:webflow.svg',
-		group: ['trigger'],
-		version: 1,
-		description: 'Handle Webflow events via webhooks',
-		defaults: {
-			name: 'Webflow Trigger',
-		},
-		inputs: [],
-		outputs: ['main'],
-		credentials: [
-			{
-				name: 'webflowApi',
-				required: true,
-				displayOptions: {
-					show: {
-						authentication: ['accessToken'],
-					},
-				},
-			},
-			{
-				name: 'webflowOAuth2Api',
-				required: true,
-				displayOptions: {
-					show: {
-						authentication: ['oAuth2'],
-					},
-				},
-			},
-		],
-		webhooks: [
-			{
-				name: 'default',
-				httpMethod: 'POST',
-				responseMode: 'onReceived',
-				path: 'webhook',
-			},
-		],
-		properties: [
-			{
-				displayName: 'Authentication',
-				name: 'authentication',
-				type: 'options',
-				options: [
-					{
-						name: 'Access Token',
-						value: 'accessToken',
-					},
-					{
-						name: 'OAuth2',
-						value: 'oAuth2',
-					},
-				],
-				default: 'accessToken',
-			},
-			{
-				displayName: 'Site Name or ID',
-				name: 'site',
-				type: 'options',
-				required: true,
-				default: '',
-				typeOptions: {
-					loadOptionsMethod: 'getSites',
-				},
-				description:
-					'Site that will trigger the events. Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code-examples/expressions/">expression</a>.',
-			},
-			{
-				displayName: 'Event',
-				name: 'event',
-				type: 'options',
-				required: true,
-				options: [
-					{
-						name: 'Collection Item Created',
-						value: 'collection_item_created',
-					},
-					{
-						name: 'Collection Item Deleted',
-						value: 'collection_item_deleted',
-					},
-					{
-						name: 'Collection Item Updated',
-						value: 'collection_item_changed',
-					},
-					{
-						name: 'Ecomm Inventory Changed',
-						value: 'ecomm_inventory_changed',
-					},
-					{
-						name: 'Ecomm New Order',
-						value: 'ecomm_new_order',
-					},
-					{
-						name: 'Ecomm Order Changed',
-						value: 'ecomm_order_changed',
-					},
-					{
-						name: 'Form Submission',
-						value: 'form_submission',
-					},
-					{
-						name: 'Site Publish',
-						value: 'site_publish',
-					},
-				],
-				default: 'form_submission',
-			},
-			// {
-			// 	displayName: 'All collections',
-			// 	name: 'allCollections',
-			// 	type: 'boolean',
-			// 	displayOptions: {
-			// 		show: {
-			// 			event: [
-			// 				'collection_item_created',
-			// 				'collection_item_changed',
-			// 				'collection_item_deleted',
-			// 			],
-			// 		},
-			// 	},
-			// 	required: false,
-			// 	default: true,
-			// 	description: 'Receive events from all collections',
-			// },
-			// {
-			// 	displayName: 'Collection',
-			// 	name: 'collection',
-			// 	type: 'options',
-			// 	required: false,
-			// 	default: '',
-			// 	typeOptions: {
-			// 		loadOptionsMethod: 'getCollections',
-			// 		loadOptionsDependsOn: [
-			// 			'site',
-			// 		],
-			// 	},
-			// 	description: 'Collection that will trigger the events',
-			// 	displayOptions: {
-			// 		show: {
-			// 			allCollections: [
-			// 				false,
-			// 			],
-			// 		},
-			// 	},
-			// },
-		],
-	};
-
-	methods = {
-		loadOptions: {
-			// Get all the sites to display them to user so that they can
-			// select them easily
-			async getSites(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
-				const returnData: INodePropertyOptions[] = [];
-				const sites = await webflowApiRequest.call(this, 'GET', '/sites');
-				for (const site of sites) {
-					const siteName = site.name;
-					const siteId = site._id;
-					returnData.push({
-						name: siteName,
-						value: siteId,
-					});
-				}
-				return returnData;
-			},
-			// async getCollections(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {
-			// 	const returnData: INodePropertyOptions[] = [];
-			// 	const siteId = this.getCurrentNodeParameter('site');
-			// 	const collections = await webflowApiRequest.call(this, 'GET', `/sites/${siteId}/collections`);
-			// 	for (const collection of collections) {
-			// 		returnData.push({
-			// 			name: collection.name,
-			// 			value: collection._id,
-			// 		});
-			// 	}
-			// 	return returnData;
-			// },
-		},
-	};
-
-	webhookMethods = {
-		default: {
-			async checkExists(this: IHookFunctions): Promise<boolean> {
-				const webhookData = this.getWorkflowStaticData('node');
-				const webhookUrl = this.getNodeWebhookUrl('default');
-				const siteId = this.getNodeParameter('site') as string;
-
-				const event = this.getNodeParameter('event') as string;
-				const registeredWebhooks = (await webflowApiRequest.call(
-					this,
-					'GET',
-					`/sites/${siteId}/webhooks`,
-				)) as IDataObject[];
-
-				for (const webhook of registeredWebhooks) {
-					if (webhook.url === webhookUrl && webhook.triggerType === event) {
-						webhookData.webhookId = webhook._id;
-						return true;
-					}
-				}
-
-				return false;
-			},
-
-			async create(this: IHookFunctions): Promise<boolean> {
-				const webhookUrl = this.getNodeWebhookUrl('default');
-				const webhookData = this.getWorkflowStaticData('node');
-				const siteId = this.getNodeParameter('site') as string;
-				const event = this.getNodeParameter('event') as string;
-				const endpoint = `/sites/${siteId}/webhooks`;
-				const body: IDataObject = {
-					site_id: siteId,
-					triggerType: event,
-					url: webhookUrl,
-				};
-
-				// if (event.startsWith('collection')) {
-				// 	const allCollections = this.getNodeParameter('allCollections') as boolean;
-
-				// 	if (allCollections === false) {
-				// 		body.filter = {
-				// 			'cid': this.getNodeParameter('collection') as string,
-				// 		};
-				// 	}
-				// }
-
-				const { _id } = await webflowApiRequest.call(this, 'POST', endpoint, body);
-				webhookData.webhookId = _id;
-				return true;
-			},
-			async delete(this: IHookFunctions): Promise<boolean> {
-				let responseData;
-				const webhookData = this.getWorkflowStaticData('node');
-				const siteId = this.getNodeParameter('site') as string;
-				const endpoint = `/sites/${siteId}/webhooks/${webhookData.webhookId}`;
-				try {
-					responseData = await webflowApiRequest.call(this, 'DELETE', endpoint);
-				} catch (error) {
-					return false;
-				}
-				if (!responseData.deleted) {
-					return false;
-				}
-				delete webhookData.webhookId;
-				return true;
-			},
-		},
-	};
+import type { INodeTypeBaseDescription, IVersionedNodeType } from 'n8n-workflow';
+import { VersionedNodeType } from 'n8n-workflow';
+import { WebflowTriggerV1 } from './V1/WebflowTriggerV1.node';
+import { WebflowTriggerV2 } from './V2/WebflowTriggerV2.node';
+
+export class WebflowTrigger extends VersionedNodeType {
+	constructor() {
+		const baseDescription: INodeTypeBaseDescription = {
+			displayName: 'Webflow Trigger',
+			name: 'webflowTrigger',
+			icon: 'file:webflow.svg',
+			group: ['trigger'],
+			description: 'Handle Webflow events via webhooks',
+			defaultVersion: 2,
+		};
 
-	async webhook(this: IWebhookFunctions): Promise<IWebhookResponseData> {
-		const req = this.getRequestObject();
-		return {
-			workflowData: [this.helpers.returnJsonArray(req.body as IDataObject[])],
+		const nodeVersions: IVersionedNodeType['nodeVersions'] = {
+			1: new WebflowTriggerV1(baseDescription),
+			2: new WebflowTriggerV2(baseDescription),
 		};
+
+		super(nodeVersions, baseDescription);
 	}
 }
diff --git a/packages/nodes-base/package.json b/packages/nodes-base/package.json
index e9da85e9faf47..a0d1fef217b68 100644
--- a/packages/nodes-base/package.json
+++ b/packages/nodes-base/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-nodes-base",
-  "version": "1.53.0",
+  "version": "1.54.0",
   "description": "Base nodes of n8n",
   "main": "index.js",
   "scripts": {
@@ -390,6 +390,7 @@
       "dist/nodes/AgileCrm/AgileCrm.node.js",
       "dist/nodes/Airtable/Airtable.node.js",
       "dist/nodes/Airtable/AirtableTrigger.node.js",
+      "dist/nodes/AiTransform/AiTransform.node.js",
       "dist/nodes/Amqp/Amqp.node.js",
       "dist/nodes/Amqp/AmqpTrigger.node.js",
       "dist/nodes/ApiTemplateIo/ApiTemplateIo.node.js",
@@ -647,6 +648,7 @@
       "dist/nodes/Notion/NotionTrigger.node.js",
       "dist/nodes/Npm/Npm.node.js",
       "dist/nodes/Odoo/Odoo.node.js",
+      "dist/nodes/Okta/Okta.node.js",
       "dist/nodes/OneSimpleApi/OneSimpleApi.node.js",
       "dist/nodes/OpenAi/OpenAi.node.js",
       "dist/nodes/OpenThesaurus/OpenThesaurus.node.js",
@@ -830,7 +832,7 @@
   "dependencies": {
     "@kafkajs/confluent-schema-registry": "1.0.6",
     "@n8n/imap": "workspace:*",
-    "@n8n/vm2": "3.9.24",
+    "@n8n/vm2": "3.9.25",
     "amqplib": "0.10.3",
     "alasql": "^4.4.0",
     "aws4": "1.11.0",
@@ -864,15 +866,15 @@
     "mongodb": "6.3.0",
     "mqtt": "5.7.2",
     "mssql": "10.0.2",
-    "mysql2": "3.10.0",
+    "mysql2": "3.11.0",
     "n8n-workflow": "workspace:*",
     "node-html-markdown": "1.2.0",
     "node-ssh": "13.2.0",
     "nodemailer": "6.9.9",
     "otpauth": "9.1.1",
     "pdfjs-dist": "2.16.105",
-    "pg": "8.11.3",
-    "pg-promise": "10.15.4",
+    "pg": "8.12.0",
+    "pg-promise": "11.9.1",
     "promise-ftp": "1.3.5",
     "pyodide": "0.23.4",
     "redis": "4.6.14",
diff --git a/packages/workflow/README.md b/packages/workflow/README.md
index da80c579206e4..e76b4283e91e1 100644
--- a/packages/workflow/README.md
+++ b/packages/workflow/README.md
@@ -10,8 +10,4 @@ npm install n8n-workflow
 
 ## License
 
-n8n is [fair-code](https://faircode.io) distributed under the [**Sustainable Use License**](https://github.com/n8n-io/n8n/blob/master/packages/cli/LICENSE.md).
-
-Proprietary licenses are available for enterprise customers. [Get in touch](mailto:license@n8n.io)
-
-Additional information about the license can be found in the [docs](https://docs.n8n.io/reference/license/).
+You can find the license information [here](https://github.com/n8n-io/n8n/blob/master/README.md#license)
diff --git a/packages/workflow/package.json b/packages/workflow/package.json
index 77348f2a945e1..6bbdc59a1c96d 100644
--- a/packages/workflow/package.json
+++ b/packages/workflow/package.json
@@ -1,6 +1,6 @@
 {
   "name": "n8n-workflow",
-  "version": "1.52.0",
+  "version": "1.53.0",
   "description": "Workflow base code of n8n",
   "main": "dist/index.js",
   "module": "src/index.ts",
@@ -39,7 +39,8 @@
     "@types/xml2js": "catalog:"
   },
   "dependencies": {
-    "@n8n/tournament": "1.0.3",
+    "@n8n/permissions": "workspace:*",
+    "@n8n/tournament": "1.0.5",
     "@n8n_io/riot-tmpl": "4.0.0",
     "ast-types": "0.15.2",
     "axios": "catalog:",
diff --git a/packages/workflow/src/Expression.ts b/packages/workflow/src/Expression.ts
index ace4774c8fe43..018a8e9e2439e 100644
--- a/packages/workflow/src/Expression.ts
+++ b/packages/workflow/src/Expression.ts
@@ -26,6 +26,7 @@ import { extendSyntax } from './Extensions/ExpressionExtension';
 import { evaluateExpression, setErrorHandler } from './ExpressionEvaluatorProxy';
 import { getGlobalState } from './GlobalState';
 import { ApplicationError } from './errors/application.error';
+import { sanitizer, sanitizerName } from './ExpressionSandboxing';
 
 const IS_FRONTEND_IN_DEV_MODE =
 	typeof process === 'object' &&
@@ -306,6 +307,8 @@ export class Expression {
 		data.extend = extend;
 		data.extendOptional = extendOptional;
 
+		data[sanitizerName] = sanitizer;
+
 		Object.assign(data, extendedFunctions);
 
 		const constructorValidation = new RegExp(/\.\s*constructor/gm);
diff --git a/packages/workflow/src/ExpressionEvaluatorProxy.ts b/packages/workflow/src/ExpressionEvaluatorProxy.ts
index 60e33e5a7d15c..74d5c46e8f49b 100644
--- a/packages/workflow/src/ExpressionEvaluatorProxy.ts
+++ b/packages/workflow/src/ExpressionEvaluatorProxy.ts
@@ -3,6 +3,7 @@ import type { ReturnValue, TmplDifference } from '@n8n/tournament';
 import { Tournament } from '@n8n/tournament';
 import type { ExpressionEvaluatorType } from './Interfaces';
 import * as LoggerProxy from './LoggerProxy';
+import { PrototypeSanitizer } from './ExpressionSandboxing';
 
 type Evaluator = (expr: string, data: unknown) => tmpl.ReturnValue;
 type ErrorHandler = (error: Error) => void;
@@ -18,6 +19,7 @@ const differenceChecker = (diff: TmplDifference) => {
 		if (diff.same) {
 			return;
 		}
+		// eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
 		if (diff.has?.function || diff.has?.templateString) {
 			return;
 		}
@@ -30,7 +32,10 @@ const differenceChecker = (diff: TmplDifference) => {
 		LoggerProxy.error('Expression evaluator difference checker failed');
 	}
 };
-const tournamentEvaluator = new Tournament(errorHandler, undefined);
+const tournamentEvaluator = new Tournament(errorHandler, undefined, undefined, {
+	before: [],
+	after: [PrototypeSanitizer],
+});
 let evaluator: Evaluator = tmpl.tmpl;
 let currentEvaluatorType: ExpressionEvaluatorType = 'tmpl';
 let diffExpressions = false;
diff --git a/packages/workflow/src/ExpressionSandboxing.ts b/packages/workflow/src/ExpressionSandboxing.ts
new file mode 100644
index 0000000000000..8240f8babbd46
--- /dev/null
+++ b/packages/workflow/src/ExpressionSandboxing.ts
@@ -0,0 +1,58 @@
+import { type ASTAfterHook, astBuilders as b, astVisit } from '@n8n/tournament';
+import { ExpressionError } from './errors';
+
+const forbiddenMembers = ['__proto__', 'prototype', 'constructor', 'getPrototypeOf'];
+export const sanitizerName = '__sanitize';
+const sanitizerIdentifier = b.identifier(sanitizerName);
+
+export const PrototypeSanitizer: ASTAfterHook = (ast, dataNode) => {
+	astVisit(ast, {
+		visitMemberExpression(path) {
+			this.traverse(path);
+			const node = path.node;
+			if (!node.computed) {
+				// This is static, so we're safe to error here
+				if (node.property.type !== 'Identifier') {
+					// eslint-disable-next-line n8n-local-rules/no-plain-errors
+					throw new ExpressionError(
+						`Unknown property type ${node.property.type} while sanitising expression`,
+					);
+				}
+
+				if (forbiddenMembers.includes(node.property.name)) {
+					throw new ExpressionError(
+						`Cannot access "${node.property.name}" due to security concerns`,
+					);
+				}
+			} else if (node.property.type === 'StringLiteral' || node.property.type === 'Literal') {
+				// Check any static strings against our forbidden list
+				if (forbiddenMembers.includes(node.property.value as string)) {
+					throw new ExpressionError(
+						`Cannot access "${node.property.value as string}" due to security concerns`,
+					);
+				}
+			} else if (!node.property.type.endsWith('Literal')) {
+				// This isn't a literal value, so we need to wrap it
+				path.replace(
+					b.memberExpression(
+						// eslint-disable-next-line @typescript-eslint/no-unsafe-argument, @typescript-eslint/no-explicit-any
+						node.object as any,
+						// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
+						b.callExpression(b.memberExpression(dataNode, sanitizerIdentifier), [
+							// eslint-disable-next-line @typescript-eslint/no-explicit-any
+							node.property as any,
+						]),
+						true,
+					),
+				);
+			}
+		},
+	});
+};
+
+export const sanitizer = (value: unknown): unknown => {
+	if (forbiddenMembers.includes(value as string)) {
+		throw new ExpressionError(`Cannot access "${value as string}" due to security concerns`);
+	}
+	return value;
+};
diff --git a/packages/workflow/src/Interfaces.ts b/packages/workflow/src/Interfaces.ts
index 39b4d06b47d98..1e6e5872ffbe9 100644
--- a/packages/workflow/src/Interfaces.ts
+++ b/packages/workflow/src/Interfaces.ts
@@ -10,6 +10,7 @@ import type { URLSearchParams } from 'url';
 import type { RequestBodyMatcher } from 'nock';
 import type { Client as SSHClient } from 'ssh2';
 
+import type { Scope } from '@n8n/permissions';
 import type { AuthenticationMethod } from './Authentication';
 import type { CODE_EXECUTION_MODES, CODE_LANGUAGES, LOG_LEVELS } from './Constants';
 import type { IDeferredPromise } from './DeferredPromise';
@@ -308,6 +309,7 @@ export interface ICredentialTestRequestData {
 type ICredentialHttpRequestNode = {
 	name: string;
 	docsUrl: string;
+	hidden?: boolean;
 } & ({ apiBaseUrl: string } | { apiBaseUrlPlaceholder: string });
 
 export interface ICredentialType {
@@ -1228,12 +1230,25 @@ export interface ILoadOptions {
 	};
 }
 
+export type NodePropertyAction = {
+	type: 'askAiCodeGeneration';
+	handler?: string;
+	target?: string;
+};
+
 export interface INodePropertyTypeOptions {
-	action?: string; // Supported by: button
+	// Supported by: button
+	buttonConfig?: {
+		action?: string | NodePropertyAction;
+		label?: string; // otherwise "displayName" is used
+		hasInputField?: boolean;
+		inputFieldMaxLength?: number; // Supported if hasInputField is true
+	};
 	containerClass?: string; // Supported by: notice
 	alwaysOpenEditWindow?: boolean; // Supported by: json
 	codeAutocomplete?: CodeAutocompleteTypes; // Supported by: string
 	editor?: EditorType; // Supported by: string
+	editorIsReadOnly?: boolean; // Supported by: string
 	sqlDialect?: SQLDialect; // Supported by: sqlEditor
 	loadOptionsDependsOn?: string[]; // Supported by: options
 	loadOptionsMethod?: string; // Supported by: options
@@ -1525,6 +1540,12 @@ export interface INodeType {
 		resourceMapping?: {
 			[functionName: string]: (this: ILoadOptionsFunctions) => Promise<ResourceMapperFields>;
 		};
+		actionHandler?: {
+			[functionName: string]: (
+				this: ILoadOptionsFunctions,
+				payload: IDataObject | string | undefined,
+			) => Promise<NodeParameterValueType>;
+		};
 	};
 	webhookMethods?: {
 		[name in IWebhookDescription['name']]?: {
@@ -2443,6 +2464,7 @@ export interface ExecutionSummary {
 	nodeExecutionStatus?: {
 		[key: string]: IExecutionSummaryNodeExecutionResult;
 	};
+	scopes?: Scope[];
 }
 
 export interface IExecutionSummaryNodeExecutionResult {
diff --git a/packages/workflow/src/errors/abstract/node.error.ts b/packages/workflow/src/errors/abstract/node.error.ts
index 460538fc0eb28..5d679507c7186 100644
--- a/packages/workflow/src/errors/abstract/node.error.ts
+++ b/packages/workflow/src/errors/abstract/node.error.ts
@@ -167,7 +167,7 @@ export abstract class NodeError extends ExecutionBaseError {
 		}
 
 		// if code is provided and it is in the list of common errors set the message and return early
-		if (code && COMMON_ERRORS[code.toUpperCase()]) {
+		if (code && typeof code === 'string' && COMMON_ERRORS[code.toUpperCase()]) {
 			newMessage = COMMON_ERRORS[code] as string;
 			messages.push(message);
 			return [newMessage, messages];
diff --git a/packages/workflow/src/errors/node-operation.error.ts b/packages/workflow/src/errors/node-operation.error.ts
index b0167250dcbef..8f6cd7a028cc1 100644
--- a/packages/workflow/src/errors/node-operation.error.ts
+++ b/packages/workflow/src/errors/node-operation.error.ts
@@ -2,7 +2,6 @@ import type { INode, JsonObject } from '@/Interfaces';
 import type { NodeOperationErrorOptions } from './node-api.error';
 import { NodeError } from './abstract/node.error';
 import { ApplicationError } from './application.error';
-import { OBFUSCATED_ERROR_MESSAGE } from '../Constants';
 
 /**
  * Class for instantiating an operational error, e.g. an invalid credentials error.
@@ -10,6 +9,8 @@ import { OBFUSCATED_ERROR_MESSAGE } from '../Constants';
 export class NodeOperationError extends NodeError {
 	type: string | undefined;
 
+	obfuscate: boolean = false;
+
 	constructor(
 		node: INode,
 		error: Error | string | JsonObject,
@@ -22,7 +23,7 @@ export class NodeOperationError extends NodeError {
 		let obfuscateErrorMessage = false;
 
 		if (typeof error === 'string') {
-			error = new Error(error);
+			error = new ApplicationError(error);
 		} else if (!(error instanceof ApplicationError)) {
 			// this error was no processed by n8n, obfuscate error message
 			obfuscateErrorMessage = true;
@@ -37,7 +38,7 @@ export class NodeOperationError extends NodeError {
 		if (obfuscateErrorMessage && !options.description) {
 			const originalMessage = typeof error === 'string' ? error : (error.message as string);
 			this.addToMessages(originalMessage);
-			this.message = OBFUSCATED_ERROR_MESSAGE;
+			this.obfuscate = true;
 		}
 		if (options.message) this.message = options.message;
 		if (options.level) this.level = options.level;
diff --git a/packages/workflow/test/Expression.test.ts b/packages/workflow/test/Expression.test.ts
index 2cd1632df7093..42cd682dbc023 100644
--- a/packages/workflow/test/Expression.test.ts
+++ b/packages/workflow/test/Expression.test.ts
@@ -74,7 +74,9 @@ for (const evaluator of ['tmpl', 'tournament'] as const) {
 				expect(evaluate('={{Reflect}}')).toEqual({});
 				expect(evaluate('={{Proxy}}')).toEqual({});
 
-				expect(evaluate('={{constructor}}')).toEqual({});
+				expect(() => evaluate('={{constructor}}')).toThrowError(
+					new ExpressionError('Cannot access "constructor" due to security concerns'),
+				);
 
 				expect(evaluate('={{escape}}')).toEqual({});
 				expect(evaluate('={{unescape}}')).toEqual({});
@@ -166,7 +168,7 @@ for (const evaluator of ['tmpl', 'tournament'] as const) {
 				const testFn = jest.fn();
 				Object.assign(global, { testFn });
 				expect(() => evaluate("={{ Date['constructor']('testFn()')()}}")).toThrowError(
-					new ExpressionError('Arbitrary code execution detected'),
+					new ExpressionError('Cannot access "constructor" due to security concerns'),
 				);
 				expect(testFn).not.toHaveBeenCalled();
 			});
diff --git a/packages/workflow/test/ExpressionSandboxing.test.ts b/packages/workflow/test/ExpressionSandboxing.test.ts
new file mode 100644
index 0000000000000..f2ba200f8eaf9
--- /dev/null
+++ b/packages/workflow/test/ExpressionSandboxing.test.ts
@@ -0,0 +1,84 @@
+import { PrototypeSanitizer, sanitizer } from '@/ExpressionSandboxing';
+import { Tournament } from '@n8n/tournament';
+
+const tournament = new Tournament(
+	(e) => {
+		throw e;
+	},
+	undefined,
+	undefined,
+	{
+		before: [],
+		after: [PrototypeSanitizer],
+	},
+);
+
+const errorRegex = /^Cannot access ".*" due to security concerns$/;
+
+describe('PrototypeSanitizer', () => {
+	describe('Static analysis', () => {
+		it('should not allow access to __proto__', () => {
+			expect(() => {
+				tournament.execute('{{ ({}).__proto__.__proto__ }}', {});
+			}).toThrowError(errorRegex);
+
+			expect(() => {
+				tournament.execute('{{ ({})["__proto__"]["__proto__"] }}', {});
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to prototype', () => {
+			expect(() => {
+				tournament.execute('{{ Number.prototype }}', { Number });
+			}).toThrowError(errorRegex);
+
+			expect(() => {
+				tournament.execute('{{ Number["prototype"] }}', { Number });
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to constructor', () => {
+			expect(() => {
+				tournament.execute('{{ Number.constructor }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+
+			expect(() => {
+				tournament.execute('{{ Number["constructor"] }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+		});
+	});
+
+	describe('Runtime', () => {
+		it('should not allow access to __proto__', () => {
+			expect(() => {
+				tournament.execute('{{ ({})["__" + (() => "proto")() + "__"] }}', {
+					__sanitize: sanitizer,
+				});
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to prototype', () => {
+			expect(() => {
+				tournament.execute('{{ Number["pro" + (() => "toty")() + "pe"] }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to constructor', () => {
+			expect(() => {
+				tournament.execute('{{ Number["cons" + (() => "truc")() + "tor"] }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+		});
+	});
+});
diff --git a/packages/workflow/test/NodeErrors.test.ts b/packages/workflow/test/NodeErrors.test.ts
index 405c5919325a3..12033fd28d720 100644
--- a/packages/workflow/test/NodeErrors.test.ts
+++ b/packages/workflow/test/NodeErrors.test.ts
@@ -1,4 +1,4 @@
-import type { INode } from '@/Interfaces';
+import type { INode, JsonObject } from '@/Interfaces';
 import { NodeOperationError } from '@/errors';
 import { NodeApiError } from '@/errors/node-api.error';
 import { UNKNOWN_ERROR_DESCRIPTION, UNKNOWN_ERROR_MESSAGE } from '../src/Constants';
@@ -260,4 +260,22 @@ describe('NodeApiError message and description logic', () => {
 		expect(nodeApiError.message).toEqual(UNKNOWN_ERROR_MESSAGE);
 		expect(nodeApiError.description).toEqual(UNKNOWN_ERROR_DESCRIPTION);
 	});
+
+	it('case: Error code sent as "any"', () => {
+		const error = {
+			code: 400,
+			message: "Invalid value 'test' for viewId parameter.",
+			status: 'INVALID_ARGUMENT',
+		};
+		const [message, ...rest] = error.message.split('\n');
+		const description = rest.join('\n');
+		const httpCode = error.code as any;
+		const nodeApiError = new NodeApiError(node, error as JsonObject, {
+			message,
+			description,
+			httpCode,
+		});
+
+		expect(nodeApiError.message).toEqual(error.message);
+	});
 });
diff --git a/packages/workflow/test/errors/node.error.test.ts b/packages/workflow/test/errors/node.error.test.ts
index 357314c347bb3..4ec8c1d611c2a 100644
--- a/packages/workflow/test/errors/node.error.test.ts
+++ b/packages/workflow/test/errors/node.error.test.ts
@@ -3,7 +3,6 @@ import type { INode } from '@/Interfaces';
 import { NodeApiError } from '@/errors/node-api.error';
 import { NodeOperationError } from '@/errors/node-operation.error';
 import { ApplicationError } from '@/errors/application.error';
-import { OBFUSCATED_ERROR_MESSAGE } from '@/Constants';
 
 describe('NodeError', () => {
 	const node = mock<INode>();
@@ -22,7 +21,8 @@ describe('NodeError', () => {
 		const error = new Error('Original error message');
 		const nodeOpError = new NodeOperationError(node, error);
 
-		expect(nodeOpError.message).toBe(OBFUSCATED_ERROR_MESSAGE);
+		expect(nodeOpError.obfuscate).toBe(true);
+		expect(nodeOpError.message).toBe('Original error message');
 		expect(nodeOpError.messages).toContain('Original error message');
 	});
 
@@ -30,6 +30,7 @@ describe('NodeError', () => {
 		const appError = new ApplicationError('Processed error message');
 		const nodeOpError = new NodeOperationError(node, appError);
 
+		expect(nodeOpError.obfuscate).toBe(false);
 		expect(nodeOpError.message).toBe('Processed error message');
 		expect(nodeOpError.messages).not.toContain('Processed error message');
 	});
@@ -38,6 +39,7 @@ describe('NodeError', () => {
 		const errorMessage = 'String error message';
 		const nodeOpError = new NodeOperationError(node, errorMessage);
 
+		expect(nodeOpError.obfuscate).toBe(false);
 		expect(nodeOpError.message).toBe(errorMessage);
 		expect(nodeOpError.messages).toHaveLength(0);
 	});
@@ -47,6 +49,7 @@ describe('NodeError', () => {
 		const options = { description: 'Error description' };
 		const nodeOpError = new NodeOperationError(node, error, options);
 
+		expect(nodeOpError.obfuscate).toBe(false);
 		expect(nodeOpError.message).toBe('Initial error message');
 	});
 
@@ -55,6 +58,7 @@ describe('NodeError', () => {
 		const options = { message: 'Overridden message', description: 'Error description' };
 		const nodeOpError = new NodeOperationError(node, error, options);
 
+		expect(nodeOpError.obfuscate).toBe(false);
 		expect(nodeOpError.message).toBe('Overridden message');
 		expect(nodeOpError.description).toBe('Error description');
 	});
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 8108343521df7..3329dfe57a190 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -64,13 +64,16 @@ catalogs:
     vue:
       specifier: ^3.4.21
       version: 3.4.21
+    vue-markdown-render:
+      specifier: ^2.2.1
+      version: 2.2.1
     vue-tsc:
       specifier: ^2.0.19
       version: 2.0.19
 
 overrides:
   '@types/node': ^18.16.16
-  axios: 1.6.7
+  axios: 1.7.3
   chokidar: 3.5.2
   esbuild: ^0.20.2
   formidable: 3.5.1
@@ -222,8 +225,8 @@ importers:
         specifier: catalog:frontend
         version: 3.4.21(typescript@5.5.2)
       vue-markdown-render:
-        specifier: ^2.1.1
-        version: 2.1.1(vue@3.4.21(typescript@5.5.2))
+        specifier: catalog:frontend
+        version: 2.2.1(vue@3.4.21(typescript@5.5.2))
     devDependencies:
       '@iconify-json/mdi':
         specifier: ^1.1.54
@@ -231,9 +234,6 @@ importers:
       '@n8n/storybook':
         specifier: workspace:*
         version: link:../storybook
-      '@types/markdown-it':
-        specifier: ^12.2.3
-        version: 12.2.3
       '@vitest/coverage-v8':
         specifier: catalog:frontend
         version: 1.6.0(vitest@1.6.0(@types/node@18.16.16)(jsdom@23.0.1)(sass@1.64.1)(terser@5.16.1))
@@ -256,8 +256,8 @@ importers:
   packages/@n8n/client-oauth2:
     dependencies:
       axios:
-        specifier: 1.6.7
-        version: 1.6.7(debug@3.2.7)
+        specifier: 1.7.3
+        version: 1.7.3(debug@3.2.7)
 
   packages/@n8n/codemirror-lang:
     dependencies:
@@ -349,10 +349,10 @@ importers:
         version: 0.0.10(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))
       '@langchain/community':
         specifier: 0.2.20
-        version: 0.2.20(bl2awxa6z6ereahlcpz2dlbf6q)
+        version: 0.2.20(32xju6nqoe2wrsbntqq2x5vcke)
       '@langchain/core':
         specifier: 0.2.18
-        version: 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+        version: 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@langchain/google-genai':
         specifier: 0.0.23
         version: 0.0.23(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
@@ -370,28 +370,28 @@ importers:
         version: 0.0.2(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))
       '@langchain/openai':
         specifier: 0.2.5
-        version: 0.2.5(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))
+        version: 0.2.5(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))
       '@langchain/pinecone':
         specifier: 0.0.8
-        version: 0.0.8(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+        version: 0.0.8(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@langchain/qdrant':
         specifier: ^0.0.5
-        version: 0.0.5(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))(typescript@5.5.2)
+        version: 0.0.5(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))(typescript@5.5.2)
       '@langchain/redis':
         specifier: 0.0.5
-        version: 0.0.5(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+        version: 0.0.5(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@langchain/textsplitters':
         specifier: 0.0.3
-        version: 0.0.3(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+        version: 0.0.3(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@mozilla/readability':
         specifier: ^0.5.0
         version: 0.5.0
       '@n8n/typeorm':
         specifier: 0.3.20-10
-        version: 0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.10.0)(pg@8.11.3)(redis@4.6.12)(sqlite3@5.1.7)
+        version: 0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.11.0)(pg@8.12.0)(redis@4.6.12)(sqlite3@5.1.7)
       '@n8n/vm2':
-        specifier: 3.9.24
-        version: 3.9.24
+        specifier: 3.9.25
+        version: 3.9.25
       '@pinecone-database/pinecone':
         specifier: 3.0.0
         version: 3.0.0
@@ -402,7 +402,7 @@ importers:
         specifier: 2.43.4
         version: 2.43.4
       '@types/pg':
-        specifier: ^8.11.3
+        specifier: ^8.11.6
         version: 8.11.6
       '@xata.io/client':
         specifier: 0.28.4
@@ -439,7 +439,7 @@ importers:
         version: 2.1.0
       langchain:
         specifier: 0.2.11
-        version: 0.2.11(3eonfu4fvxvjb5zdrprnb3pokq)
+        version: 0.2.11(6hdkxymucpmkiknmt5geracdu4)
       lodash:
         specifier: 'catalog:'
         version: 4.17.21
@@ -459,8 +459,8 @@ importers:
         specifier: 1.1.1
         version: 1.1.1
       pg:
-        specifier: 8.11.3
-        version: 8.11.3
+        specifier: 8.12.0
+        version: 8.12.0
       redis:
         specifier: 4.6.12
         version: 4.6.12
@@ -618,8 +618,8 @@ importers:
         specifier: workspace:*
         version: link:../@n8n/config
       '@n8n/localtunnel':
-        specifier: 2.1.0
-        version: 2.1.0
+        specifier: 3.0.0
+        version: 3.0.0
       '@n8n/n8n-nodes-langchain':
         specifier: workspace:*
         version: link:../@n8n/nodes-langchain
@@ -628,7 +628,7 @@ importers:
         version: link:../@n8n/permissions
       '@n8n/typeorm':
         specifier: 0.3.20-10
-        version: 0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.10.0)(pg@8.11.3)(redis@4.6.14)(sqlite3@5.1.7)
+        version: 0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.11.0)(pg@8.12.0)(redis@4.6.14)(sqlite3@5.1.7)
       '@n8n_io/license-sdk':
         specifier: 2.13.0
         version: 2.13.0
@@ -648,8 +648,8 @@ importers:
         specifier: 1.11.0
         version: 1.11.0
       axios:
-        specifier: 1.6.7
-        version: 1.6.7(debug@3.2.7)
+        specifier: 1.7.3
+        version: 1.7.3(debug@3.2.7)
       bcryptjs:
         specifier: 2.4.3
         version: 2.4.3
@@ -699,8 +699,8 @@ importers:
         specifier: 7.1.2
         version: 7.1.2
       express-openapi-validator:
-        specifier: 5.1.6
-        version: 5.1.6
+        specifier: 5.3.1
+        version: 5.3.1(express@4.19.2)
       express-prom-bundle:
         specifier: 6.6.0
         version: 6.6.0(prom-client@13.2.0)
@@ -753,8 +753,8 @@ importers:
         specifier: 'catalog:'
         version: 3.4.4
       mysql2:
-        specifier: 3.10.0
-        version: 3.10.0
+        specifier: 3.11.0
+        version: 3.11.0
       n8n-core:
         specifier: workspace:*
         version: link:../core
@@ -792,11 +792,11 @@ importers:
         specifier: 3.1.0
         version: 3.1.0
       pg:
-        specifier: 8.11.3
-        version: 8.11.3
+        specifier: 8.12.0
+        version: 8.12.0
       picocolors:
-        specifier: 1.0.0
-        version: 1.0.0
+        specifier: 1.0.1
+        version: 1.0.1
       pkce-challenge:
         specifier: 3.0.0
         version: 3.0.0(patch_hash=dypouzb3lve7vncq25i5fuanki)
@@ -973,8 +973,8 @@ importers:
         specifier: 1.11.0
         version: 1.11.0
       axios:
-        specifier: 1.6.7
-        version: 1.6.7(debug@3.2.7)
+        specifier: 1.7.3
+        version: 1.7.3(debug@3.2.7)
       concat-stream:
         specifier: 2.0.0
         version: 2.0.0
@@ -1064,8 +1064,8 @@ importers:
         specifier: 2.4.3
         version: 2.4.3(vue@3.4.21(typescript@5.5.2))
       markdown-it:
-        specifier: ^13.0.1
-        version: 13.0.1
+        specifier: ^13.0.2
+        version: 13.0.2
       markdown-it-emoji:
         specifier: ^2.0.2
         version: 2.0.2
@@ -1104,14 +1104,14 @@ importers:
         specifier: ^8.0.1
         version: 8.0.1(@vue/compiler-sfc@3.4.21)(@vue/server-renderer@3.4.21(vue@3.4.21(typescript@5.5.2)))(vue@3.4.21(typescript@5.5.2))
       '@types/markdown-it':
-        specifier: ^12.2.3
-        version: 12.2.3
+        specifier: ^13.0.9
+        version: 13.0.9
       '@types/markdown-it-emoji':
         specifier: ^2.0.2
-        version: 2.0.2
+        version: 2.0.5
       '@types/markdown-it-link-attributes':
-        specifier: ^3.0.1
-        version: 3.0.1
+        specifier: ^3.0.5
+        version: 3.0.5
       '@types/sanitize-html':
         specifier: ^2.11.0
         version: 2.11.0
@@ -1251,8 +1251,8 @@ importers:
         specifier: ^10.11.0
         version: 10.11.0(vue@3.4.21(typescript@5.5.2))
       axios:
-        specifier: 1.6.7
-        version: 1.6.7(debug@3.2.7)
+        specifier: 1.7.3
+        version: 1.7.3(debug@3.2.7)
       chart.js:
         specifier: ^4.4.0
         version: 4.4.0
@@ -1332,8 +1332,8 @@ importers:
         specifier: 2.2.4
         version: 2.2.4(vue@3.4.21(typescript@5.5.2))
       vue-markdown-render:
-        specifier: ^2.0.1
-        version: 2.0.1(typescript@5.5.2)
+        specifier: catalog:frontend
+        version: 2.2.1(vue@3.4.21(typescript@5.5.2))
       vue-router:
         specifier: ^4.2.2
         version: 4.2.2(vue@3.4.21(typescript@5.5.2))
@@ -1448,8 +1448,8 @@ importers:
         specifier: workspace:*
         version: link:../@n8n/imap
       '@n8n/vm2':
-        specifier: 3.9.24
-        version: 3.9.24
+        specifier: 3.9.25
+        version: 3.9.25
       alasql:
         specifier: ^4.4.0
         version: 4.4.0(encoding@0.1.13)
@@ -1550,8 +1550,8 @@ importers:
         specifier: 10.0.2
         version: 10.0.2
       mysql2:
-        specifier: 3.10.0
-        version: 3.10.0
+        specifier: 3.11.0
+        version: 3.11.0
       n8n-workflow:
         specifier: workspace:*
         version: link:../workflow
@@ -1571,11 +1571,11 @@ importers:
         specifier: 2.16.105
         version: 2.16.105
       pg:
-        specifier: 8.11.3
-        version: 8.11.3
+        specifier: 8.12.0
+        version: 8.12.0
       pg-promise:
-        specifier: 10.15.4
-        version: 10.15.4
+        specifier: 11.9.1
+        version: 11.9.1
       promise-ftp:
         specifier: 1.3.5
         version: 1.3.5(promise-ftp-common@1.1.5)
@@ -1709,9 +1709,12 @@ importers:
 
   packages/workflow:
     dependencies:
+      '@n8n/permissions':
+        specifier: workspace:*
+        version: link:../@n8n/permissions
       '@n8n/tournament':
-        specifier: 1.0.3
-        version: 1.0.3
+        specifier: 1.0.5
+        version: 1.0.5
       '@n8n_io/riot-tmpl':
         specifier: 4.0.0
         version: 4.0.0
@@ -1719,8 +1722,8 @@ importers:
         specifier: 0.15.2
         version: 0.15.2
       axios:
-        specifier: 1.6.7
-        version: 1.6.7(debug@3.2.7)
+        specifier: 1.7.3
+        version: 1.7.3(debug@3.2.7)
       callsites:
         specifier: 3.1.0
         version: 3.1.0
@@ -1766,7 +1769,7 @@ importers:
     devDependencies:
       '@langchain/core':
         specifier: ^0.2.18
-        version: 0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
+        version: 0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
       '@types/deep-equal':
         specifier: ^1.0.1
         version: 1.0.1
@@ -1822,8 +1825,9 @@ packages:
   '@anthropic-ai/sdk@0.22.0':
     resolution: {integrity: sha512-dv4BCC6FZJw3w66WNLsHlUFjhu19fS1L/5jMPApwhZLa/Oy1j0A2i3RypmDtHEPp4Wwg3aZkSHksp7VzYWjzmw==}
 
-  '@apidevtools/json-schema-ref-parser@9.1.2':
-    resolution: {integrity: sha512-r1w81DpR+KyRWd3f+rk6TNqMgedmAxZP5v5KWlXQWlgMUUtyEJch0DKEci1SorPMiSeM8XPl7MZ3miJ60JIpQg==}
+  '@apidevtools/json-schema-ref-parser@11.7.0':
+    resolution: {integrity: sha512-pRrmXMCwnmrkS3MLgAIW5dXRzeTv6GLjkjb4HmxNnvAKXN1Nfzp4KmGADBQvlVUcqi+a5D+hfGDLLnd5NnYxog==}
+    engines: {node: '>= 16'}
 
   '@authenio/xml-encryption@2.0.2':
     resolution: {integrity: sha512-cTlrKttbrRHEw3W+0/I609A2Matj5JQaRvfLtEIGZvlN0RaPi+3ANsMeqAyCAVlH/lUIW2tmtBlSMni74lcXeg==}
@@ -4134,18 +4138,17 @@ packages:
   '@n8n/codemirror-lang-sql@1.0.2':
     resolution: {integrity: sha512-sOf/KyewSu3Ikij0CkRtzJJDhRDZcwNCEYl8UdH4U/riL0/XZGcBD7MYofCCcKszanJZiEWRZ2KU1sRp234iMg==}
 
-  '@n8n/localtunnel@2.1.0':
-    resolution: {integrity: sha512-k5mb+Aeb3+4cRfWaEsMSiTsF1oARFvAuI3EOvxitrgVmiWk592h4nCI7vtjq1nsVT+PWKmB6dBoTQ0+6HHIpug==}
+  '@n8n/localtunnel@3.0.0':
+    resolution: {integrity: sha512-0t/AUiZ8Oqo7AqYp2q2qmEC2p2lPP4CEdrGRB0J6nSC7ivOtr0p46Pw739UvUfJMU1bIKvzHIc5M9wCjH5Byjg==}
     engines: {node: '>=18.0.0'}
-    hasBin: true
 
   '@n8n/p-retry@6.2.0-2':
     resolution: {integrity: sha512-rbnMnSdEwq2yuYMgzOQ4jTXm+oH7yjN/0ISfB/7O6pUcEPsZt9UW60BYfQ1WWHkKa/evI8vgER2zV5/RC1BupQ==}
     engines: {node: '>=18.10'}
 
-  '@n8n/tournament@1.0.3':
-    resolution: {integrity: sha512-GnmDD5wKAxKfxnSzhENHPn5n91/1c3/psnuT7D+jHHVQdMe8qaCcSq15rcGRfDfTf2v+BZBT0yeyK8Cfexr9yw==}
-    engines: {node: '>=18.10', pnpm: '>=8.6'}
+  '@n8n/tournament@1.0.5':
+    resolution: {integrity: sha512-IPBHa7gC0wwHVct/dnBquHz+uMCDZaZ05cor1D/rjlwaOe/PVu5mtoZaPHYuR98R3W1/IyxC5PuBd0JizDP9gg==}
+    engines: {node: '>=20.15', pnpm: '>=9.5'}
 
   '@n8n/typeorm@0.3.20-10':
     resolution: {integrity: sha512-YYQKkafEGqNAG+VgtGbJOWpcyF4ZsRJ+Q7qXigTXZFQb4xpL/+t0BXEMhy8Gw0OEjnZI5cbLGHcQtj7Xlfg7dw==}
@@ -4211,8 +4214,8 @@ packages:
       typeorm-aurora-data-api-driver:
         optional: true
 
-  '@n8n/vm2@3.9.24':
-    resolution: {integrity: sha512-O4z67yVgUs2FHkcw3vbGnxdC1EglpzOj966kPkK4gtW+ZmTTFRfEB+2Ehq6PMthgg/Ou5JCLSR3wvQIZFFt4Pg==}
+  '@n8n/vm2@3.9.25':
+    resolution: {integrity: sha512-qoGLFzyHBW7HKpwXkl05QKsIh3GkDw6lOiTOWYlUDnOIQ1b7EgM+O5EMjrMGy7r+kz52+Q7o6GLxBIcxVI8rEg==}
     engines: {node: '>=18.10', pnpm: '>=9.6'}
     hasBin: true
 
@@ -5427,8 +5430,8 @@ packages:
   '@types/jsonwebtoken@9.0.6':
     resolution: {integrity: sha512-/5hndP5dCjloafCXns6SZyESp3Ldq7YjH3zwzwczYnjxIT0Fqzk5ROSYVGfFyczIue7IUEj8hkvLbPoLQ18vQw==}
 
-  '@types/linkify-it@3.0.2':
-    resolution: {integrity: sha512-HZQYqbiFVWufzCwexrvh694SOim8z2d+xJl5UNamcvQFejLY/2YUtzXHYi3cHdI7PMlS8ejH2slRAOJQ32aNbA==}
+  '@types/linkify-it@3.0.5':
+    resolution: {integrity: sha512-yg6E+u0/+Zjva+buc3EIb+29XEg4wltq7cSmd4Uc2EE/1nUVmxyzpX6gUXD0V8jIrG0r7YeOGVIbYRkxeooCtw==}
 
   '@types/lodash-es@4.17.6':
     resolution: {integrity: sha512-R+zTeVUKDdfoRxpAryaQNRKk3105Rrgx2CFRClIgRGaqDTdjsm8h6IYA8ir584W3ePzkZfst5xIgDwYrlh9HLg==}
@@ -5451,20 +5454,20 @@ packages:
   '@types/mailparser@3.4.4':
     resolution: {integrity: sha512-C6Znp2QVS25JqtuPyxj38Qh+QoFcLycdxsvcc6IZCGekhaMBzbdTXzwGzhGoYb3TfKu8IRCNV0sV1o3Od97cEQ==}
 
-  '@types/markdown-it-emoji@2.0.2':
-    resolution: {integrity: sha512-2ln8Wjbcj/0oRi/6VnuMeWEHHuK8uapFttvcLmDIe1GKCsFBLOLBX+D+xhDa9oWOQV0IpvxwrSfKKssAqqroog==}
+  '@types/markdown-it-emoji@2.0.5':
+    resolution: {integrity: sha512-iJLsmCNpSWKtV6Ia3mLSjcXJPEt7ubGG342z+hGvYx++TpM19oTUrJcI7XjbOqRQ+W2UQ323E7B0eCLwlgT/9g==}
 
-  '@types/markdown-it-link-attributes@3.0.1':
-    resolution: {integrity: sha512-K8RnNb1q8j7rDOJbMF7AnlhCC/45BjrQ8z3WZWOrvkBIl8u9RXvmBdG/hfpnmK1JhhEZcmFEKWt+ilW1Mly+2Q==}
+  '@types/markdown-it-link-attributes@3.0.5':
+    resolution: {integrity: sha512-VZ2BGN3ywUg7mBD8W6PwR8ChpOxaQSBDbLqPgvNI+uIra3zY2af1eG/3XzWTKjEraTWskMKnZqZd6m1fDF67Bg==}
 
-  '@types/markdown-it@12.2.3':
-    resolution: {integrity: sha512-GKMHFfv3458yYy+v/N8gjufHO6MSZKCOXpZc5GXIWWy8uldwfmPn98vp81gZ5f9SVw8YYBctgfJ22a2d7AOMeQ==}
+  '@types/markdown-it@13.0.9':
+    resolution: {integrity: sha512-1XPwR0+MgXLWfTn9gCsZ55AHOKW1WN+P9vr0PaQh5aerR9LLQXUbjfEAFhjmEmyoYFWAyuN2Mqkn40MZ4ukjBw==}
 
   '@types/md5@2.3.5':
     resolution: {integrity: sha512-/i42wjYNgE6wf0j2bcTX6kuowmdL/6PE4IVitMpm2eYKBUuYCprdcWVK+xEF0gcV6ufMCRhtxmReGfc6hIK7Jw==}
 
-  '@types/mdurl@1.0.2':
-    resolution: {integrity: sha512-eC4U9MlIcu2q0KQmXszyn5Akca/0jrQmwDRgpAMJai7qBWq4amIQhZyNau4VYGtCeALvW1/NtjzJJ567aZxfKA==}
+  '@types/mdurl@1.0.5':
+    resolution: {integrity: sha512-6L6VymKTzYSrEf4Nev4Xa1LCHKrlTlYCBMTlQKFuddo1CvQcE52I0mwfOJayueUC7MJuXOeHTcIU683lzd0cUA==}
 
   '@types/mdx@2.0.3':
     resolution: {integrity: sha512-IgHxcT3RC8LzFLhKwP3gbMPeaK7BM9eBH46OdapPA7yvuIUJ8H6zHZV53J8hGZcTSnt95jANt+rTBNUUc22ACQ==}
@@ -5487,8 +5490,8 @@ packages:
   '@types/mssql@9.1.5':
     resolution: {integrity: sha512-Q9EsgXwuRoX5wvUSu24YfbKMbFChv7pZ/jeCzPkj47ehcuXYsBcfogwrtVFosSjinD4Q/MY2YPGk9Yy1cM2Ywg==}
 
-  '@types/multer@1.4.7':
-    resolution: {integrity: sha512-/SNsDidUFCvqqcWDwxv2feww/yqhNeTRL5CVoL3jU4Goc4kKEL10T7Eye65ZqPNi4HRx8sAEX59pV1aEH7drNA==}
+  '@types/multer@1.4.11':
+    resolution: {integrity: sha512-svK240gr6LVWvv3YGyhLlA+6LRRWA4mnGIU7RcNmgjBYFl6665wcXrRfxGp5tEPVHUNm5FMcmq7too9bxCwX/w==}
 
   '@types/node-fetch@2.6.4':
     resolution: {integrity: sha512-1ZX9fcN4Rvkvgv4E6PAY5WXUFWFcRWxZa3EW83UjycOB9ljJCedb2CupIP4RZMEwF/M3eTcCihbBRgwtGbg5Rg==}
@@ -6008,11 +6011,6 @@ packages:
     engines: {node: '>=0.4.0'}
     hasBin: true
 
-  acorn@8.11.2:
-    resolution: {integrity: sha512-nc0Axzp/0FILLEVsm4fNwLCwMttvhEI263QtVPQcbpfZZ3ts0hLsZGOpE6czNlid7CJ9MlyH8reXkpsf3YUY4w==}
-    engines: {node: '>=0.4.0'}
-    hasBin: true
-
   acorn@8.12.1:
     resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==}
     engines: {node: '>=0.4.0'}
@@ -6061,8 +6059,8 @@ packages:
   ajv@6.12.6:
     resolution: {integrity: sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==}
 
-  ajv@8.12.0:
-    resolution: {integrity: sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==}
+  ajv@8.17.1:
+    resolution: {integrity: sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==}
 
   alasql@4.4.0:
     resolution: {integrity: sha512-EQOk3NEvKcQxoYeY0d4ePF0VHAcljx3pn5ZkEowMPRThjWXyDc/VHYqC8Sg+6BH2ZhKZBdeRqlvlgZmhfGBtDA==}
@@ -6223,8 +6221,8 @@ packages:
   assert-never@1.2.1:
     resolution: {integrity: sha512-TaTivMB6pYI1kXwrFlEhLeGfOqoDNdTxjCdwRfFFkEA30Eu+k48W34nlok2EYWJfFFzqaEmichdNM7th6M5HNw==}
 
-  assert-options@0.8.0:
-    resolution: {integrity: sha512-qSELrEaEz4sGwTs4Qh+swQkjiHAysC4rot21+jzXU86dJzNG+FDqBzyS3ohSoTRf4ZLA3FSwxQdiuNl5NXUtvA==}
+  assert-options@0.8.1:
+    resolution: {integrity: sha512-5lNGRB5g5i2bGIzb+J1QQE1iKU/WEMVBReFIc5pPDWjcPj23otPL0eI6PB2v7QPi0qU6Mhym5D3y0ZiSIOf3GA==}
     engines: {node: '>=10.0.0'}
 
   assert-plus@1.0.0:
@@ -6290,6 +6288,10 @@ packages:
   aws-sign2@0.7.0:
     resolution: {integrity: sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==}
 
+  aws-ssl-profiles@1.1.1:
+    resolution: {integrity: sha512-+H+kuK34PfMaI9PNU/NSjBKL5hh/KDM9J72kwYeYEm0A8B1AC4fuCy3qsjnA7lxklgyXsB68yn8Z2xoZEjgwCQ==}
+    engines: {node: '>= 6.0.0'}
+
   aws4@1.11.0:
     resolution: {integrity: sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==}
 
@@ -6300,8 +6302,8 @@ packages:
   axios-retry@3.7.0:
     resolution: {integrity: sha512-ZTnCkJbRtfScvwiRnoVskFAfvU0UG3xNcsjwTR0mawSbIJoothxn67gKsMaNAFHRXJ1RmuLhmZBzvyXi3+9WyQ==}
 
-  axios@1.6.7:
-    resolution: {integrity: sha512-/hDJGff6/c7u0hDkvkGxR/oy6CbCs8ziCsC7SqmhjfozqiJGc8Z11wrv9z9lYfY4K8l+H9TpjcMDX0xOZmx+RA==}
+  axios@1.7.3:
+    resolution: {integrity: sha512-Ar7ND9pU99eJ9GpoGQKhKf58GpUOgnzuaB7ueNQ5BMi0p+LZ5oaEnfF999fAArcTIBwXTCHAmGcHOZJaWPq9Nw==}
 
   babel-core@7.0.0-bridge.0:
     resolution: {integrity: sha512-poPX9mZH/5CSanm50Q+1toVci6pv5KSRv/5TWCwtzQS5XEwn40BcCrgIeMFWP9CKKIniKXNxoIOnOq4VVlGXhg==}
@@ -6487,10 +6489,6 @@ packages:
   buffer-more-ints@1.0.0:
     resolution: {integrity: sha512-EMetuGFz5SLsT0QTnXzINh4Ksr+oo4i+UGTXEshiGCQWnsgSs7ZhJ8fzlwQ+OzEMs0MpDAMr1hxnblp5a4vcHg==}
 
-  buffer-writer@2.0.0:
-    resolution: {integrity: sha512-a7ZpuTZU1TRtnwyCNW3I5dc0wWNC3VR9S++Ewyk2HHZdrO3CQJqSpd+95Us590V6AL7JqUAH2IwZ/398PmNFgw==}
-    engines: {node: '>=4'}
-
   buffer@5.7.1:
     resolution: {integrity: sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==}
 
@@ -7165,6 +7163,15 @@ packages:
       supports-color:
         optional: true
 
+  debug@4.3.6:
+    resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==}
+    engines: {node: '>=6.0'}
+    peerDependencies:
+      supports-color: '*'
+    peerDependenciesMeta:
+      supports-color:
+        optional: true
+
   decamelize@1.2.0:
     resolution: {integrity: sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA==}
     engines: {node: '>=0.10.0'}
@@ -7474,9 +7481,6 @@ packages:
   ent@2.2.0:
     resolution: {integrity: sha512-GHrMyVZQWvTIdDtpiEXdHZnFQKzeO09apj8Cbl4pKWy4i0Oprcq17usfDt5aO63swf0JOeMWjWQE/LzgSRuWpA==}
 
-  entities@2.1.0:
-    resolution: {integrity: sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==}
-
   entities@2.2.0:
     resolution: {integrity: sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==}
 
@@ -7852,8 +7856,10 @@ packages:
     resolution: {integrity: sha512-ss9d3mBChOLTEtyfzXCsxlItUxpgS3i4cb/F70G6Q5ohQzmD12XB4x/Y9U6YboeeYBJZt7WQ5yUNu7ZSQ/EGyQ==}
     engines: {node: '>=v16'}
 
-  express-openapi-validator@5.1.6:
-    resolution: {integrity: sha512-CF24Pef5uThjdsCbjo1UP2mYx2YCkQl1HFoikCFFafFpZBCZ0YErD/RbqlcnKbKM9tMwXZsjAuuO84b2hmdF4g==}
+  express-openapi-validator@5.3.1:
+    resolution: {integrity: sha512-Mlo3N1yvaZJlIs/nX0ig4xSu4g1CmLK/InRuqrXPmiqijfHa5qx/5ng92kq2dfTKd77XE7e9sPJqkI79asqNlQ==}
+    peerDependencies:
+      express: '*'
 
   express-prom-bundle@6.6.0:
     resolution: {integrity: sha512-tZh2P2p5a8/yxQ5VbRav011Poa4R0mHqdFwn9Swe/obXDe5F0jY9wtRAfNYnqk4LXY7akyvR/nrvAHxQPWUjsQ==}
@@ -7920,6 +7926,9 @@ packages:
     resolution: {integrity: sha512-7OnTFAVPefgw2eBJ1xj2PGGR9FwYzSUso9decayHgCDX4sJkHLdcsYTytTg+tYv+wKF3U8gJuSBz2jJpQV4u/g==}
     engines: {node: '>=16.1.0'}
 
+  fast-uri@3.0.1:
+    resolution: {integrity: sha512-MWipKbbYiYI0UC7cl8m/i/IWTqfC8YXsqjzybjddLsFjStroQzsHXkc73JutMvBiXmOvapk+axIl79ig5t55Bw==}
+
   fast-xml-parser@4.2.5:
     resolution: {integrity: sha512-B9/wizE4WngqQftFPmdaMYlXoJlJOYxGQOanC77fq9k8+Z0v5dDSVh+3glErdIROP//s/jgb7ZuxKfB8nVyo0g==}
     hasBin: true
@@ -9340,7 +9349,7 @@ packages:
       '@xata.io/client': ^0.28.0
       apify-client: ^2.7.1
       assemblyai: ^4.6.0
-      axios: 1.6.7
+      axios: 1.7.3
       cheerio: ^1.0.0-rc.12
       chromadb: '*'
       convex: ^1.3.1
@@ -9589,9 +9598,6 @@ packages:
   lines-and-columns@1.2.4:
     resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==}
 
-  linkify-it@3.0.3:
-    resolution: {integrity: sha512-ynTsyrFSdE5oZ/O9GEf00kPngmOfVwazR5GKDq6EYfhlpFug3J2zybX56a2PRRpc9P+FuSoGNAwjlbDs9jJBPQ==}
-
   linkify-it@4.0.1:
     resolution: {integrity: sha512-C7bfi1UZmoj8+PQx22XyeXCuBlokoyWQL5pWSP+EI6nzRylyThouddufc2c1NDIcP9k5agmN9fLpA7VNJfIiqw==}
 
@@ -9819,8 +9825,8 @@ packages:
   map-stream@0.1.0:
     resolution: {integrity: sha512-CkYQrPYZfWnu/DAmVCpTSX/xHpKZ80eKh2lAkyA6AJTef6bW+6JpbQZN5rofum7da+SyN1bi5ctTm+lTfcCW3g==}
 
-  mappersmith@2.40.0:
-    resolution: {integrity: sha512-Es99fy0E52fxmhRvCyed7WVlSyuz6ME/wOsRpSmi0GcbMEZ6y5D2GL4+qNGPCc2P270J5yw8L2zg+K4BWACcHg==}
+  mappersmith@2.43.4:
+    resolution: {integrity: sha512-IyUw53aE3/SPH3eOkqSuD+Hcstpcl4dpxDDgZsPz65R2SlOikq0VHxo3kMPzUVvw7cCHunTmlpNXl5n/KzPcpg==}
 
   mark.js@8.11.1:
     resolution: {integrity: sha512-1I+1qpDt4idfgLQG+BNWmrqku+7/2bi5nLf4YwF8y8zXvmfiTBY3PV3ZibfrjBueCByROpuBjLLFCajqkgYoLQ==}
@@ -9834,12 +9840,8 @@ packages:
   markdown-it-task-lists@2.1.1:
     resolution: {integrity: sha512-TxFAc76Jnhb2OUu+n3yz9RMu4CwGfaT788br6HhEDlvWfdeJcLUsxk1Hgw2yJio0OXsxv7pyIPmvECY7bMbluA==}
 
-  markdown-it@12.3.2:
-    resolution: {integrity: sha512-TchMembfxfNVpHkbtriWltGWc+m3xszaRD0CZup7GFFhzIgQqxIfn3eGj1yZpfuflzPvfkt611B2Q/Bsk1YnGg==}
-    hasBin: true
-
-  markdown-it@13.0.1:
-    resolution: {integrity: sha512-lTlxriVoy2criHP0JKRhO2VDG9c2ypWCsT237eDiLqi09rmbKoUetyGHq2uOIRoRS//kfoJckS0eUzzkDR+k2Q==}
+  markdown-it@13.0.2:
+    resolution: {integrity: sha512-FtwnEuuK+2yVU7goGn/MJ0WBZMM9ZPgU9spqlFs7/A/pDIUNSOQZhUgOqYCficIuR2QaFnrt8LHqBWsbTAoI5w==}
     hasBin: true
 
   markdown-to-jsx@7.3.2:
@@ -10173,8 +10175,8 @@ packages:
     resolution: {integrity: sha512-+MrqnJRtxdF+xngFfUUkIMQrUUL0KsxbADUkn23Z/4ibGg192Q+z+CQyiYwvWTsYjJygmMR8+w3ZDa98Zh6ESg==}
     engines: {node: '>=12.0.0'}
 
-  mysql2@3.10.0:
-    resolution: {integrity: sha512-qx0mfWYt1DpTPkw8mAcHW/OwqqyNqBLBHvY5IjN8+icIYTjt6znrgYJ+gxqNNRpVknb5Wc/gcCM4XjbCR0j5tw==}
+  mysql2@3.11.0:
+    resolution: {integrity: sha512-J9phbsXGvTOcRVPR95YedzVSxJecpW5A5+cQ57rhHIFXteTP10HCs+VBjS7DHIKfEaI1zQ5tlVrquCd64A6YvA==}
     engines: {node: '>= 8.0'}
 
   mz@2.7.0:
@@ -10503,9 +10505,6 @@ packages:
   openapi-types@12.1.3:
     resolution: {integrity: sha512-N4YtSYJqghVu4iek2ZUvcN/0aqH1kRDuNqzcycDxhOUpg7GdvLa2F3DgS6yBNhInhv2r/6I0Flkn7CqL8+nIcw==}
 
-  openurl@1.1.1:
-    resolution: {integrity: sha512-d/gTkTb1i1GKz5k3XE3XFV/PxQ1k45zDqGP2OA7YhgsaLoqm6qRvARAZOFer1fcXritWlGBRCu/UgeS4HAnXAA==}
-
   option@0.2.4:
     resolution: {integrity: sha512-pkEqbDyl8ou5cpq+VsnQbe/WlEy5qS7xPzMS1U55OCG9KPvwFD46zDbxQIj3egJSFc3D+XhYOPUzz49zQAVy7A==}
 
@@ -10590,9 +10589,6 @@ packages:
     resolution: {integrity: sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==}
     engines: {node: '>=6'}
 
-  packet-reader@1.0.0:
-    resolution: {integrity: sha512-HAKu/fG3HpHFO0AA8WE8q2g+gBJaZ9MG7fcKk+IJPLTGAD6Psw4443l+9DGRbOIh3/aXr7Phy0TjilYivJo5XQ==}
-
   pako@0.2.9:
     resolution: {integrity: sha512-NUcwaKxUxWrZLpDG+z/xZaCgQITkA/Dv4V/T6bw7VON6l1Xz/VnrBqrYjZQ12TamKHzITTfOEIYUj48y2KXImA==}
 
@@ -10675,8 +10671,8 @@ packages:
   path-to-regexp@0.1.7:
     resolution: {integrity: sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==}
 
-  path-to-regexp@6.2.1:
-    resolution: {integrity: sha512-JLyh7xT1kizaEvcaXOQwOc2/Yhw6KZOvPf1S8401UyLk86CU79LN3vl7ztXGm/pZ+YjoyAJ4rxmHwbkBXJX+yw==}
+  path-to-regexp@6.2.2:
+    resolution: {integrity: sha512-GQX3SSMokngb36+whdpRXE+3f9V8UzyAorlYvOGx87ufGHehNTn5lCxrKtLyZ4Yl/wEKnNnr98ZzOwwDZV5ogw==}
 
   path-type@4.0.0:
     resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==}
@@ -10729,32 +10725,32 @@ packages:
   pg-cloudflare@1.1.1:
     resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==}
 
-  pg-connection-string@2.6.2:
-    resolution: {integrity: sha512-ch6OwaeaPYcova4kKZ15sbJ2hKb/VP48ZD2gE7i1J+L4MspCtBMAx8nMgz7bksc7IojCIIWuEhHibSMFH8m8oA==}
+  pg-connection-string@2.6.4:
+    resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==}
 
   pg-int8@1.0.1:
     resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==}
     engines: {node: '>=4.0.0'}
 
-  pg-minify@1.6.2:
-    resolution: {integrity: sha512-1KdmFGGTP6jplJoI8MfvRlfvMiyBivMRP7/ffh4a11RUFJ7kC2J0ZHlipoKiH/1hz+DVgceon9U2qbaHpPeyPg==}
-    engines: {node: '>=8.0'}
+  pg-minify@1.6.5:
+    resolution: {integrity: sha512-u0UE8veaCnMfJmoklqneeBBopOAPG3/6DHqGVHYAhz8DkJXh9dnjPlz25fRxn4e+6XVzdOp7kau63Rp52fZ3WQ==}
+    engines: {node: '>=14.0.0'}
 
   pg-numeric@1.0.2:
     resolution: {integrity: sha512-BM/Thnrw5jm2kKLE5uJkXqqExRUY/toLHda65XgFTBTFYZyopbKjBe29Ii3RbkvlsMoFwD+tHeGaCjjv0gHlyw==}
     engines: {node: '>=4'}
 
-  pg-pool@3.6.1:
-    resolution: {integrity: sha512-jizsIzhkIitxCGfPRzJn1ZdcosIt3pz9Sh3V01fm1vZnbnCMgmGl5wvGGdNN2EL9Rmb0EcFoCkixH4Pu+sP9Og==}
+  pg-pool@3.6.2:
+    resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==}
     peerDependencies:
       pg: '>=8.0'
 
-  pg-promise@10.15.4:
-    resolution: {integrity: sha512-BKlHCMCdNUmF6gagVbehRWSEiVcZzPVltEx14OJExR9Iz9/1R6KETDWLLGv2l6yRqYFnEZZy1VDjRhArzeIGrw==}
-    engines: {node: '>=12.0'}
+  pg-promise@11.9.1:
+    resolution: {integrity: sha512-qvMmyDvWd64X0a25hCuWV40GLMbgeYf4z7ZmzxQqGHtUIlzMtxcMtaBHAMr7XVOL62wFv2ZVKW5pFruD/4ZAOg==}
+    engines: {node: '>=14.0'}
 
-  pg-protocol@1.6.0:
-    resolution: {integrity: sha512-M+PDm637OY5WM307051+bsDia5Xej6d9IR4GwJse1qA1DIhiKlksvrneZOYQq42OM+spubpcNYEo2FcKQrDk+Q==}
+  pg-protocol@1.6.1:
+    resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==}
 
   pg-types@2.2.0:
     resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==}
@@ -10764,17 +10760,8 @@ packages:
     resolution: {integrity: sha512-cRL3JpS3lKMGsKaWndugWQoLOCoP+Cic8oseVcbr0qhPzYD5DWXK+RZ9LY9wxRf7RQia4SCwQlXk0q6FCPrVng==}
     engines: {node: '>=10'}
 
-  pg@8.11.3:
-    resolution: {integrity: sha512-+9iuvG8QfaaUrrph+kpF24cXkH1YOOUeArRNYIxq1viYHZagBxrTno7cecY1Fa44tJeZvaoG+Djpkc3JwehN5g==}
-    engines: {node: '>= 8.0.0'}
-    peerDependencies:
-      pg-native: '>=3.0.1'
-    peerDependenciesMeta:
-      pg-native:
-        optional: true
-
-  pg@8.8.0:
-    resolution: {integrity: sha512-UXYN0ziKj+AeNNP7VDMwrehpACThH7LUl/p8TDFpEUuSejCUIwGSfxpHsPvtM6/WXFy6SU4E5RG4IJV/TZAGjw==}
+  pg@8.12.0:
+    resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==}
     engines: {node: '>= 8.0.0'}
     peerDependencies:
       pg-native: '>=3.0.1'
@@ -10785,8 +10772,8 @@ packages:
   pgpass@1.0.5:
     resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==}
 
-  picocolors@1.0.0:
-    resolution: {integrity: sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==}
+  picocolors@1.0.1:
+    resolution: {integrity: sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew==}
 
   picomatch@2.3.1:
     resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==}
@@ -11815,9 +11802,9 @@ packages:
   spdx-license-ids@3.0.12:
     resolution: {integrity: sha512-rr+VVSXtRhO4OHbXUiAF7xW3Bo9DuuF6C5jH+q/x15j2jniycgKbxU09Hr0WqlSLUs4i4ltHGXqTe7VHclYWyA==}
 
-  spex@3.2.0:
-    resolution: {integrity: sha512-9srjJM7NaymrpwMHvSmpDeIK5GoRMX/Tq0E8aOlDPS54dDnDUIp30DrP9SphMPEETDLzEM9+4qo+KipmbtPecg==}
-    engines: {node: '>=4.5'}
+  spex@3.3.0:
+    resolution: {integrity: sha512-VNiXjFp6R4ldPbVRYbpxlD35yRHceecVXlct1J4/X80KuuPnW2AXMq3sGwhnJOhKkUsOxAT6nRGfGE5pocVw5w==}
+    engines: {node: '>=10.0.0'}
 
   split-on-first@1.1.0:
     resolution: {integrity: sha512-43ZssAJaMusuKWL8sKUBQXHWOpq8d6CfN/u1p4gUzfJkM05C8rxTmYrkIPTXapZpORA6LkkzcUulJ8FqA7Uudw==}
@@ -12517,8 +12504,8 @@ packages:
   uc.micro@1.0.6:
     resolution: {integrity: sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==}
 
-  uc.micro@2.0.0:
-    resolution: {integrity: sha512-DffL94LsNOccVn4hyfRe5rdKa273swqeA5DJpMOeFmEn1wCDc7nAbbB0gXlgBCL7TNzeTv6G7XVWzan7iJtfig==}
+  uc.micro@2.1.0:
+    resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==}
 
   ufo@1.3.2:
     resolution: {integrity: sha512-o+ORpgGwaYQXgqGDwd+hkS4PuZ3QnmqMMxRuajK/a38L6fTpcE5GPIfrf+L/KemFzfUpeUQc1rRS1iDBozvnFA==}
@@ -12920,11 +12907,8 @@ packages:
     peerDependencies:
       vue: '>=3.0.0'
 
-  vue-markdown-render@2.0.1:
-    resolution: {integrity: sha512-/UBCu0OrZ9zzEDtiZVwlV/CQ+CgcwViServGis3TRXSVc6+6lJxcaOcD43vRoQzYfPa9r9WDt0Q7GyupOmpEWA==}
-
-  vue-markdown-render@2.1.1:
-    resolution: {integrity: sha512-szuJVbCwgIpVsggd8IHGB2lLo8BH8Ojd+wakaOTASNxdYcccKxoMcvDqUsLoGwgKDY8yJf0U/+ppffEYxsEHkA==}
+  vue-markdown-render@2.2.1:
+    resolution: {integrity: sha512-XkYnC0PMdbs6Vy6j/gZXSvCuOS0787Se5COwXlepRqiqPiunyCIeTPQAO2XnB4Yl04EOHXwLx5y6IuszMWSgyQ==}
     peerDependencies:
       vue: ^3.3.4
 
@@ -13330,11 +13314,10 @@ snapshots:
       - encoding
       - supports-color
 
-  '@apidevtools/json-schema-ref-parser@9.1.2':
+  '@apidevtools/json-schema-ref-parser@11.7.0':
     dependencies:
       '@jsdevtools/ono': 7.1.3
       '@types/json-schema': 7.0.15
-      call-me-maybe: 1.0.1
       js-yaml: 4.1.0
 
   '@authenio/xml-encryption@2.0.2':
@@ -14390,7 +14373,7 @@ snapshots:
   '@babel/code-frame@7.24.6':
     dependencies:
       '@babel/highlight': 7.24.6
-      picocolors: 1.0.0
+      picocolors: 1.0.1
 
   '@babel/compat-data@7.23.5': {}
 
@@ -14429,7 +14412,7 @@ snapshots:
       '@babel/traverse': 7.24.6
       '@babel/types': 7.24.6
       convert-source-map: 2.0.0
-      debug: 4.3.4(supports-color@8.1.1)
+      debug: 4.3.5(supports-color@8.1.1)
       gensync: 1.0.0-beta.2
       json5: 2.2.3
       semver: 7.6.0
@@ -14719,7 +14702,7 @@ snapshots:
       '@babel/helper-validator-identifier': 7.24.6
       chalk: 2.4.2
       js-tokens: 4.0.0
-      picocolors: 1.0.0
+      picocolors: 1.0.1
 
   '@babel/parser@7.24.0':
     dependencies:
@@ -15722,7 +15705,7 @@ snapshots:
   '@eslint/eslintrc@2.1.4':
     dependencies:
       ajv: 6.12.6
-      debug: 4.3.4(supports-color@8.1.1)
+      debug: 4.3.5(supports-color@8.1.1)
       espree: 9.6.1
       globals: 13.20.0
       ignore: 5.2.4
@@ -15787,8 +15770,8 @@ snapshots:
       url-join: 4.0.1
       zod: 3.23.8
     optionalDependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      langchain: 0.2.11(3eonfu4fvxvjb5zdrprnb3pokq)
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      langchain: 0.2.11(6hdkxymucpmkiknmt5geracdu4)
     transitivePeerDependencies:
       - encoding
 
@@ -15882,7 +15865,7 @@ snapshots:
   '@humanwhocodes/config-array@0.11.14':
     dependencies:
       '@humanwhocodes/object-schema': 2.0.2
-      debug: 4.3.4(supports-color@8.1.1)
+      debug: 4.3.5(supports-color@8.1.1)
       minimatch: 3.1.2
     transitivePeerDependencies:
       - supports-color
@@ -16200,7 +16183,7 @@ snapshots:
   '@kafkajs/confluent-schema-registry@1.0.6':
     dependencies:
       avsc: 5.7.6
-      mappersmith: 2.40.0
+      mappersmith: 2.43.4
 
   '@kurkle/color@0.3.2': {}
 
@@ -16215,7 +16198,7 @@ snapshots:
   '@langchain/anthropic@0.2.9(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))':
     dependencies:
       '@anthropic-ai/sdk': 0.22.0(encoding@0.1.13)
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       fast-xml-parser: 4.3.5
       zod: 3.23.8
       zod-to-json-schema: 3.23.0(zod@3.23.8)
@@ -16227,23 +16210,23 @@ snapshots:
 
   '@langchain/cohere@0.0.10(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       cohere-ai: 7.10.1(encoding@0.1.13)
     transitivePeerDependencies:
       - encoding
       - langchain
       - openai
 
-  '@langchain/community@0.2.20(bl2awxa6z6ereahlcpz2dlbf6q)':
+  '@langchain/community@0.2.20(32xju6nqoe2wrsbntqq2x5vcke)':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      '@langchain/openai': 0.2.5(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/openai': 0.2.5(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))
       binary-extensions: 2.2.0
       expr-eval: 2.0.2
       flat: 5.0.2
       js-yaml: 4.1.0
-      langchain: 0.2.11(3eonfu4fvxvjb5zdrprnb3pokq)
-      langsmith: 0.1.34(@langchain/core@0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      langchain: 0.2.11(6hdkxymucpmkiknmt5geracdu4)
+      langsmith: 0.1.34(@langchain/core@0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       uuid: 10.0.0
       zod: 3.23.8
       zod-to-json-schema: 3.23.0(zod@3.23.8)
@@ -16279,9 +16262,9 @@ snapshots:
       jsonwebtoken: 9.0.2
       lodash: 4.17.21
       mammoth: 1.7.2
-      mysql2: 3.10.0
+      mysql2: 3.11.0
       pdf-parse: 1.1.1
-      pg: 8.11.3
+      pg: 8.12.0
       redis: 4.6.12
       ws: 8.17.1
     transitivePeerDependencies:
@@ -16304,13 +16287,13 @@ snapshots:
       - pyodide
       - supports-color
 
-  '@langchain/core@0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))':
+  '@langchain/core@0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))':
     dependencies:
       ansi-styles: 5.2.0
       camelcase: 6.3.0
       decamelize: 1.2.0
       js-tiktoken: 1.0.12
-      langsmith: 0.1.39(@langchain/core@0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      langsmith: 0.1.39(@langchain/core@0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       ml-distance: 4.0.1
       mustache: 4.2.0
       p-queue: 6.6.2
@@ -16322,13 +16305,13 @@ snapshots:
       - langchain
       - openai
 
-  '@langchain/core@0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)':
+  '@langchain/core@0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)':
     dependencies:
       ansi-styles: 5.2.0
       camelcase: 6.3.0
       decamelize: 1.2.0
       js-tiktoken: 1.0.12
-      langsmith: 0.1.39(@langchain/core@0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
+      langsmith: 0.1.39(@langchain/core@0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
       ml-distance: 4.0.1
       mustache: 4.2.0
       p-queue: 6.6.2
@@ -16340,9 +16323,9 @@ snapshots:
       - langchain
       - openai
 
-  '@langchain/google-common@0.0.22(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)':
+  '@langchain/google-common@0.0.22(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       uuid: 10.0.0
       zod-to-json-schema: 3.23.0(zod@3.23.8)
     transitivePeerDependencies:
@@ -16350,10 +16333,10 @@ snapshots:
       - openai
       - zod
 
-  '@langchain/google-gauth@0.0.21(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)':
+  '@langchain/google-gauth@0.0.21(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      '@langchain/google-common': 0.0.22(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/google-common': 0.0.22(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
       google-auth-library: 8.9.0(encoding@0.1.13)
     transitivePeerDependencies:
       - encoding
@@ -16365,7 +16348,7 @@ snapshots:
   '@langchain/google-genai@0.0.23(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)':
     dependencies:
       '@google/generative-ai': 0.7.1
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       zod-to-json-schema: 3.23.0(zod@3.23.8)
     transitivePeerDependencies:
       - langchain
@@ -16374,8 +16357,8 @@ snapshots:
 
   '@langchain/google-vertexai@0.0.21(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      '@langchain/google-gauth': 0.0.21(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/google-gauth': 0.0.21(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
     transitivePeerDependencies:
       - encoding
       - langchain
@@ -16385,8 +16368,8 @@ snapshots:
 
   '@langchain/groq@0.0.15(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      '@langchain/openai': 0.2.5(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/openai': 0.2.5(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))
       groq-sdk: 0.3.2(encoding@0.1.13)
       zod: 3.23.8
       zod-to-json-schema: 3.23.0(zod@3.23.8)
@@ -16398,7 +16381,7 @@ snapshots:
 
   '@langchain/mistralai@0.0.27(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@mistralai/mistralai': 0.4.0(encoding@0.1.13)
       uuid: 10.0.0
       zod: 3.23.8
@@ -16410,16 +16393,16 @@ snapshots:
 
   '@langchain/ollama@0.0.2(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       ollama: 0.5.6
       uuid: 10.0.0
     transitivePeerDependencies:
       - langchain
       - openai
 
-  '@langchain/openai@0.2.5(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))':
+  '@langchain/openai@0.2.5(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       js-tiktoken: 1.0.12
       openai: 4.53.0(encoding@0.1.13)
       zod: 3.23.8
@@ -16429,9 +16412,9 @@ snapshots:
       - langchain
       - supports-color
 
-  '@langchain/openai@0.2.5(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))':
+  '@langchain/openai@0.2.5(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
+      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
       js-tiktoken: 1.0.12
       openai: 4.53.0(encoding@0.1.13)
       zod: 3.23.8
@@ -16442,9 +16425,9 @@ snapshots:
       - supports-color
     optional: true
 
-  '@langchain/pinecone@0.0.8(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))':
+  '@langchain/pinecone@0.0.8(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@pinecone-database/pinecone': 3.0.0
       flat: 5.0.2
       uuid: 10.0.0
@@ -16452,9 +16435,9 @@ snapshots:
       - langchain
       - openai
 
-  '@langchain/qdrant@0.0.5(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))(typescript@5.5.2)':
+  '@langchain/qdrant@0.0.5(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))(typescript@5.5.2)':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       '@qdrant/js-client-rest': 1.9.0(typescript@5.5.2)
       uuid: 9.0.1
     transitivePeerDependencies:
@@ -16462,25 +16445,25 @@ snapshots:
       - openai
       - typescript
 
-  '@langchain/redis@0.0.5(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))':
+  '@langchain/redis@0.0.5(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       redis: 4.6.13
     transitivePeerDependencies:
       - langchain
       - openai
 
-  '@langchain/textsplitters@0.0.3(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))':
+  '@langchain/textsplitters@0.0.3(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       js-tiktoken: 1.0.12
     transitivePeerDependencies:
       - langchain
       - openai
 
-  '@langchain/textsplitters@0.0.3(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)':
+  '@langchain/textsplitters@0.0.3(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)':
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
+      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
       js-tiktoken: 1.0.12
     transitivePeerDependencies:
       - langchain
@@ -16614,12 +16597,10 @@ snapshots:
       - '@codemirror/view'
       - '@lezer/common'
 
-  '@n8n/localtunnel@2.1.0':
+  '@n8n/localtunnel@3.0.0':
     dependencies:
-      axios: 1.6.7(debug@4.3.4)
-      debug: 4.3.4(supports-color@8.1.1)
-      openurl: 1.1.1
-      yargs: 17.7.2
+      axios: 1.7.3(debug@4.3.6)
+      debug: 4.3.6
     transitivePeerDependencies:
       - supports-color
 
@@ -16629,14 +16610,14 @@ snapshots:
       '@types/retry': 0.12.5
       retry: 0.13.1
 
-  '@n8n/tournament@1.0.3':
+  '@n8n/tournament@1.0.5':
     dependencies:
       '@n8n_io/riot-tmpl': 4.0.1
       ast-types: 0.16.1
       esprima-next: 5.8.4
       recast: 0.22.0
 
-  '@n8n/typeorm@0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.10.0)(pg@8.11.3)(redis@4.6.12)(sqlite3@5.1.7)':
+  '@n8n/typeorm@0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.11.0)(pg@8.12.0)(redis@4.6.12)(sqlite3@5.1.7)':
     dependencies:
       '@n8n/p-retry': 6.2.0-2
       '@sqltools/formatter': 1.2.5
@@ -16659,14 +16640,14 @@ snapshots:
       '@sentry/node': 7.87.0
       ioredis: 5.3.2
       mssql: 10.0.2
-      mysql2: 3.10.0
-      pg: 8.11.3
+      mysql2: 3.11.0
+      pg: 8.12.0
       redis: 4.6.12
       sqlite3: 5.1.7
     transitivePeerDependencies:
       - supports-color
 
-  '@n8n/typeorm@0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.10.0)(pg@8.11.3)(redis@4.6.14)(sqlite3@5.1.7)':
+  '@n8n/typeorm@0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mssql@10.0.2)(mysql2@3.11.0)(pg@8.12.0)(redis@4.6.14)(sqlite3@5.1.7)':
     dependencies:
       '@n8n/p-retry': 6.2.0-2
       '@sqltools/formatter': 1.2.5
@@ -16689,14 +16670,14 @@ snapshots:
       '@sentry/node': 7.87.0
       ioredis: 5.3.2
       mssql: 10.0.2
-      mysql2: 3.10.0
-      pg: 8.11.3
+      mysql2: 3.11.0
+      pg: 8.12.0
       redis: 4.6.14
       sqlite3: 5.1.7
     transitivePeerDependencies:
       - supports-color
 
-  '@n8n/vm2@3.9.24':
+  '@n8n/vm2@3.9.25':
     dependencies:
       acorn: 8.12.1
       acorn-walk: 8.3.2
@@ -16801,7 +16782,7 @@ snapshots:
   '@pinecone-database/pinecone@3.0.0':
     dependencies:
       '@sinclair/typebox': 0.29.6
-      ajv: 8.12.0
+      ajv: 8.17.1
       cross-fetch: 3.1.8(encoding@0.1.13)
       encoding: 0.1.13
 
@@ -17178,7 +17159,7 @@ snapshots:
 
   '@rudderstack/rudder-sdk-node@2.0.7(tslib@2.6.2)':
     dependencies:
-      axios: 1.6.7(debug@3.2.7)
+      axios: 1.7.3(debug@3.2.7)
       axios-retry: 3.7.0
       component-type: 1.2.1
       join-component: 1.1.0
@@ -18618,7 +18599,7 @@ snapshots:
     dependencies:
       '@types/node': 18.16.16
 
-  '@types/linkify-it@3.0.2': {}
+  '@types/linkify-it@3.0.5': {}
 
   '@types/lodash-es@4.17.6':
     dependencies:
@@ -18639,22 +18620,22 @@ snapshots:
       '@types/node': 18.16.16
       iconv-lite: 0.6.3
 
-  '@types/markdown-it-emoji@2.0.2':
+  '@types/markdown-it-emoji@2.0.5':
     dependencies:
-      '@types/markdown-it': 12.2.3
+      '@types/markdown-it': 13.0.9
 
-  '@types/markdown-it-link-attributes@3.0.1':
+  '@types/markdown-it-link-attributes@3.0.5':
     dependencies:
-      '@types/markdown-it': 12.2.3
+      '@types/markdown-it': 13.0.9
 
-  '@types/markdown-it@12.2.3':
+  '@types/markdown-it@13.0.9':
     dependencies:
-      '@types/linkify-it': 3.0.2
-      '@types/mdurl': 1.0.2
+      '@types/linkify-it': 3.0.5
+      '@types/mdurl': 1.0.5
 
   '@types/md5@2.3.5': {}
 
-  '@types/mdurl@1.0.2': {}
+  '@types/mdurl@1.0.5': {}
 
   '@types/mdx@2.0.3': {}
 
@@ -18674,7 +18655,7 @@ snapshots:
       '@types/tedious': 4.0.9
       tarn: 3.0.2
 
-  '@types/multer@1.4.7':
+  '@types/multer@1.4.11':
     dependencies:
       '@types/express': 4.17.21
 
@@ -18694,7 +18675,7 @@ snapshots:
   '@types/pg@8.11.6':
     dependencies:
       '@types/node': 18.16.16
-      pg-protocol: 1.6.0
+      pg-protocol: 1.6.1
       pg-types: 4.0.2
 
   '@types/phoenix@1.6.4': {}
@@ -18933,7 +18914,7 @@ snapshots:
     dependencies:
       '@typescript-eslint/typescript-estree': 7.2.0(typescript@5.5.2)
       '@typescript-eslint/utils': 7.2.0(eslint@8.57.0)(typescript@5.5.2)
-      debug: 4.3.4(supports-color@8.1.1)
+      debug: 4.3.5(supports-color@8.1.1)
       eslint: 8.57.0
       ts-api-utils: 1.0.1(typescript@5.5.2)
     optionalDependencies:
@@ -18963,7 +18944,7 @@ snapshots:
     dependencies:
       '@typescript-eslint/types': 7.2.0
       '@typescript-eslint/visitor-keys': 7.2.0
-      debug: 4.3.4(supports-color@8.1.1)
+      debug: 4.3.5(supports-color@8.1.1)
       globby: 11.1.0
       is-glob: 4.0.3
       minimatch: 9.0.3
@@ -19030,7 +19011,7 @@ snapshots:
       istanbul-reports: 3.1.6
       magic-string: 0.30.10
       magicast: 0.3.3
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       std-env: 3.6.0
       strip-literal: 2.0.0
       test-exclude: 6.0.0
@@ -19346,16 +19327,14 @@ snapshots:
       acorn: 8.12.1
       acorn-walk: 8.3.2
 
-  acorn-jsx@5.3.2(acorn@8.11.2):
+  acorn-jsx@5.3.2(acorn@8.12.1):
     dependencies:
-      acorn: 8.11.2
+      acorn: 8.12.1
 
   acorn-walk@8.3.2: {}
 
   acorn@7.4.1: {}
 
-  acorn@8.11.2: {}
-
   acorn@8.12.1: {}
 
   address@1.2.2: {}
@@ -19387,13 +19366,13 @@ snapshots:
       clean-stack: 2.2.0
       indent-string: 4.0.0
 
-  ajv-draft-04@1.0.0(ajv@8.12.0):
+  ajv-draft-04@1.0.0(ajv@8.17.1):
     optionalDependencies:
-      ajv: 8.12.0
+      ajv: 8.17.1
 
-  ajv-formats@2.1.1(ajv@8.12.0):
+  ajv-formats@2.1.1(ajv@8.17.1):
     optionalDependencies:
-      ajv: 8.12.0
+      ajv: 8.17.1
 
   ajv@6.12.6:
     dependencies:
@@ -19402,12 +19381,12 @@ snapshots:
       json-schema-traverse: 0.4.1
       uri-js: 4.4.1
 
-  ajv@8.12.0:
+  ajv@8.17.1:
     dependencies:
       fast-deep-equal: 3.1.3
+      fast-uri: 3.0.1
       json-schema-traverse: 1.0.0
       require-from-string: 2.0.2
-      uri-js: 4.4.1
 
   alasql@4.4.0(encoding@0.1.13):
     dependencies:
@@ -19588,7 +19567,7 @@ snapshots:
 
   assert-never@1.2.1: {}
 
-  assert-options@0.8.0: {}
+  assert-options@0.8.1: {}
 
   assert-plus@1.0.0: {}
 
@@ -19634,7 +19613,7 @@ snapshots:
       caniuse-lite: 1.0.30001617
       fraction.js: 4.3.7
       normalize-range: 0.1.2
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       postcss: 8.4.38
       postcss-value-parser: 4.2.0
 
@@ -19648,6 +19627,8 @@ snapshots:
 
   aws-sign2@0.7.0: {}
 
+  aws-ssl-profiles@1.1.1: {}
+
   aws4@1.11.0: {}
 
   axe-core@4.7.2: {}
@@ -19657,7 +19638,7 @@ snapshots:
       '@babel/runtime': 7.23.6
       is-retry-allowed: 2.2.0
 
-  axios@1.6.7(debug@3.2.7):
+  axios@1.7.3(debug@3.2.7):
     dependencies:
       follow-redirects: 1.15.6(debug@3.2.7)
       form-data: 4.0.0
@@ -19665,7 +19646,7 @@ snapshots:
     transitivePeerDependencies:
       - debug
 
-  axios@1.6.7(debug@4.3.4):
+  axios@1.7.3(debug@4.3.4):
     dependencies:
       follow-redirects: 1.15.6(debug@4.3.4)
       form-data: 4.0.0
@@ -19673,6 +19654,14 @@ snapshots:
     transitivePeerDependencies:
       - debug
 
+  axios@1.7.3(debug@4.3.6):
+    dependencies:
+      follow-redirects: 1.15.6(debug@4.3.6)
+      form-data: 4.0.0
+      proxy-from-env: 1.1.0
+    transitivePeerDependencies:
+      - debug
+
   babel-core@7.0.0-bridge.0(@babel/core@7.24.6):
     dependencies:
       '@babel/core': 7.24.6
@@ -19891,8 +19880,6 @@ snapshots:
 
   buffer-more-ints@1.0.0: {}
 
-  buffer-writer@2.0.0: {}
-
   buffer@5.7.1:
     dependencies:
       base64-js: 1.5.1
@@ -20690,6 +20677,10 @@ snapshots:
     optionalDependencies:
       supports-color: 8.1.1
 
+  debug@4.3.6:
+    dependencies:
+      ms: 2.1.2
+
   decamelize@1.2.0: {}
 
   decimal.js@10.4.3: {}
@@ -21008,8 +20999,6 @@ snapshots:
 
   ent@2.2.0: {}
 
-  entities@2.1.0: {}
-
   entities@2.2.0: {}
 
   entities@3.0.1: {}
@@ -21465,8 +21454,8 @@ snapshots:
 
   espree@9.6.1:
     dependencies:
-      acorn: 8.11.2
-      acorn-jsx: 5.3.2(acorn@8.11.2)
+      acorn: 8.12.1
+      acorn-jsx: 5.3.2(acorn@8.12.1)
       eslint-visitor-keys: 3.4.3
 
   esprima-next@5.8.4: {}
@@ -21594,21 +21583,22 @@ snapshots:
       graceful-fs: 4.2.11
       handlebars: 4.7.8
 
-  express-openapi-validator@5.1.6:
+  express-openapi-validator@5.3.1(express@4.19.2):
     dependencies:
-      '@apidevtools/json-schema-ref-parser': 9.1.2
-      '@types/multer': 1.4.7
-      ajv: 8.12.0
-      ajv-draft-04: 1.0.0(ajv@8.12.0)
-      ajv-formats: 2.1.1(ajv@8.12.0)
+      '@apidevtools/json-schema-ref-parser': 11.7.0
+      '@types/multer': 1.4.11
+      ajv: 8.17.1
+      ajv-draft-04: 1.0.0(ajv@8.17.1)
+      ajv-formats: 2.1.1(ajv@8.17.1)
       content-type: 1.0.5
+      express: 4.19.2
       json-schema-traverse: 1.0.0
       lodash.clonedeep: 4.5.0
       lodash.get: 4.4.2
       media-typer: 1.1.0
       multer: 1.4.5-lts.1
       ono: 7.1.3
-      path-to-regexp: 6.2.1
+      path-to-regexp: 6.2.2
 
   express-prom-bundle@6.6.0(prom-client@13.2.0):
     dependencies:
@@ -21711,6 +21701,8 @@ snapshots:
       '@babel/runtime': 7.24.7
       tslib: 2.6.2
 
+  fast-uri@3.0.1: {}
+
   fast-xml-parser@4.2.5:
     dependencies:
       strnum: 1.0.5
@@ -21851,6 +21843,10 @@ snapshots:
     optionalDependencies:
       debug: 4.3.4(supports-color@8.1.1)
 
+  follow-redirects@1.15.6(debug@4.3.6):
+    optionalDependencies:
+      debug: 4.3.6
+
   for-each@0.3.3:
     dependencies:
       is-callable: 1.2.7
@@ -22529,7 +22525,7 @@ snapshots:
 
   infisical-node@1.3.0:
     dependencies:
-      axios: 1.6.7(debug@3.2.7)
+      axios: 1.7.3(debug@3.2.7)
       dotenv: 16.3.1
       tweetnacl: 1.0.3
       tweetnacl-util: 0.15.1
@@ -23500,17 +23496,17 @@ snapshots:
 
   kuler@2.0.0: {}
 
-  langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq):
+  langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4):
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      '@langchain/openai': 0.2.5(encoding@0.1.13)(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))
-      '@langchain/textsplitters': 0.0.3(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      '@langchain/openai': 0.2.5(encoding@0.1.13)(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))
+      '@langchain/textsplitters': 0.0.3(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       binary-extensions: 2.2.0
       js-tiktoken: 1.0.12
       js-yaml: 4.1.0
       jsonpointer: 5.0.1
       langchainhub: 0.0.8
-      langsmith: 0.1.34(@langchain/core@0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
+      langsmith: 0.1.34(@langchain/core@0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
       ml-distance: 4.0.1
       openapi-types: 12.1.3
       p-retry: 4.6.2
@@ -23523,7 +23519,7 @@ snapshots:
       '@aws-sdk/credential-provider-node': 3.535.0
       '@langchain/anthropic': 0.2.9(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))
       '@langchain/cohere': 0.0.10(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))
-      '@langchain/community': 0.2.20(bl2awxa6z6ereahlcpz2dlbf6q)
+      '@langchain/community': 0.2.20(32xju6nqoe2wrsbntqq2x5vcke)
       '@langchain/google-genai': 0.0.23(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
       '@langchain/google-vertexai': 0.0.21(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))(zod@3.23.8)
       '@langchain/groq': 0.0.15(encoding@0.1.13)(langchain@0.2.11)(openai@4.53.0(encoding@0.1.13))
@@ -23532,7 +23528,7 @@ snapshots:
       '@pinecone-database/pinecone': 3.0.0
       '@supabase/supabase-js': 2.43.4
       '@xata.io/client': 0.28.4(typescript@5.5.2)
-      axios: 1.6.7(debug@3.2.7)
+      axios: 1.7.3(debug@3.2.7)
       cheerio: 1.0.0-rc.12
       d3-dsv: 2.0.0
       epub2: 3.0.2(ts-toolbelt@9.6.0)
@@ -23551,17 +23547,17 @@ snapshots:
       - openai
       - supports-color
 
-  langchain@0.2.11(axios@1.6.7)(openai@4.53.0):
+  langchain@0.2.11(axios@1.7.3)(openai@4.53.0):
     dependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
-      '@langchain/openai': 0.2.5(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))
-      '@langchain/textsplitters': 0.0.3(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
+      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
+      '@langchain/openai': 0.2.5(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))
+      '@langchain/textsplitters': 0.0.3(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
       binary-extensions: 2.2.0
       js-tiktoken: 1.0.12
       js-yaml: 4.1.0
       jsonpointer: 5.0.1
       langchainhub: 0.0.8
-      langsmith: 0.1.34(@langchain/core@0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
+      langsmith: 0.1.34(@langchain/core@0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
       ml-distance: 4.0.1
       openapi-types: 12.1.3
       p-retry: 4.6.2
@@ -23570,7 +23566,7 @@ snapshots:
       zod: 3.23.8
       zod-to-json-schema: 3.23.0(zod@3.23.8)
     optionalDependencies:
-      axios: 1.6.7(debug@3.2.7)
+      axios: 1.7.3(debug@3.2.7)
     transitivePeerDependencies:
       - encoding
       - openai
@@ -23579,7 +23575,7 @@ snapshots:
 
   langchainhub@0.0.8: {}
 
-  langsmith@0.1.34(@langchain/core@0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)):
+  langsmith@0.1.34(@langchain/core@0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)):
     dependencies:
       '@types/uuid': 9.0.7
       commander: 10.0.1
@@ -23588,11 +23584,11 @@ snapshots:
       p-retry: 4.6.2
       uuid: 9.0.1
     optionalDependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      langchain: 0.2.11(3eonfu4fvxvjb5zdrprnb3pokq)
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      langchain: 0.2.11(6hdkxymucpmkiknmt5geracdu4)
       openai: 4.53.0(encoding@0.1.13)
 
-  langsmith@0.1.34(@langchain/core@0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0):
+  langsmith@0.1.34(@langchain/core@0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0):
     dependencies:
       '@types/uuid': 9.0.7
       commander: 10.0.1
@@ -23601,12 +23597,12 @@ snapshots:
       p-retry: 4.6.2
       uuid: 9.0.1
     optionalDependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
-      langchain: 0.2.11(axios@1.6.7)(openai@4.53.0)
+      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
+      langchain: 0.2.11(axios@1.7.3)(openai@4.53.0)
       openai: 4.53.0(encoding@0.1.13)
     optional: true
 
-  langsmith@0.1.39(@langchain/core@0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13)):
+  langsmith@0.1.39(@langchain/core@0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)))(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13)):
     dependencies:
       '@types/uuid': 9.0.7
       commander: 10.0.1
@@ -23614,11 +23610,11 @@ snapshots:
       p-retry: 4.6.2
       uuid: 9.0.1
     optionalDependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(3eonfu4fvxvjb5zdrprnb3pokq))(openai@4.53.0(encoding@0.1.13))
-      langchain: 0.2.11(3eonfu4fvxvjb5zdrprnb3pokq)
+      '@langchain/core': 0.2.18(langchain@0.2.11(6hdkxymucpmkiknmt5geracdu4))(openai@4.53.0(encoding@0.1.13))
+      langchain: 0.2.11(6hdkxymucpmkiknmt5geracdu4)
       openai: 4.53.0(encoding@0.1.13)
 
-  langsmith@0.1.39(@langchain/core@0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0):
+  langsmith@0.1.39(@langchain/core@0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0))(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0):
     dependencies:
       '@types/uuid': 9.0.7
       commander: 10.0.1
@@ -23626,8 +23622,8 @@ snapshots:
       p-retry: 4.6.2
       uuid: 9.0.1
     optionalDependencies:
-      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.6.7)(openai@4.53.0))(openai@4.53.0)
-      langchain: 0.2.11(axios@1.6.7)(openai@4.53.0)
+      '@langchain/core': 0.2.18(langchain@0.2.11(axios@1.7.3)(openai@4.53.0))(openai@4.53.0)
+      langchain: 0.2.11(axios@1.7.3)(openai@4.53.0)
       openai: 4.53.0(encoding@0.1.13)
 
   lazy-ass@1.6.0: {}
@@ -23700,17 +23696,13 @@ snapshots:
 
   lines-and-columns@1.2.4: {}
 
-  linkify-it@3.0.3:
-    dependencies:
-      uc.micro: 1.0.6
-
   linkify-it@4.0.1:
     dependencies:
       uc.micro: 1.0.6
 
   linkify-it@5.0.0:
     dependencies:
-      uc.micro: 2.0.0
+      uc.micro: 2.1.0
 
   listr2@3.14.0(enquirer@2.3.6):
     dependencies:
@@ -23961,7 +23953,7 @@ snapshots:
 
   map-stream@0.1.0: {}
 
-  mappersmith@2.40.0: {}
+  mappersmith@2.43.4: {}
 
   mark.js@8.11.1: {}
 
@@ -23971,15 +23963,7 @@ snapshots:
 
   markdown-it-task-lists@2.1.1: {}
 
-  markdown-it@12.3.2:
-    dependencies:
-      argparse: 2.0.1
-      entities: 2.1.0
-      linkify-it: 3.0.3
-      mdurl: 1.0.1
-      uc.micro: 1.0.6
-
-  markdown-it@13.0.1:
+  markdown-it@13.0.2:
     dependencies:
       argparse: 2.0.1
       entities: 3.0.1
@@ -24307,8 +24291,9 @@ snapshots:
 
   mylas@2.1.13: {}
 
-  mysql2@3.10.0:
+  mysql2@3.11.0:
     dependencies:
+      aws-ssl-profiles: 1.1.1
       denque: 2.1.0
       generate-function: 2.3.1
       iconv-lite: 0.6.3
@@ -24686,8 +24671,6 @@ snapshots:
 
   openapi-types@12.1.3: {}
 
-  openurl@1.1.1: {}
-
   option@0.2.4: {}
 
   optionator@0.8.3:
@@ -24784,8 +24767,6 @@ snapshots:
 
   p-try@2.2.0: {}
 
-  packet-reader@1.0.0: {}
-
   pako@0.2.9: {}
 
   pako@1.0.11: {}
@@ -24858,12 +24839,12 @@ snapshots:
 
   path-scurry@1.10.1:
     dependencies:
-      lru-cache: 9.1.2
+      lru-cache: 10.2.2
       minipass: 7.0.2
 
   path-to-regexp@0.1.7: {}
 
-  path-to-regexp@6.2.1: {}
+  path-to-regexp@6.2.2: {}
 
   path-type@4.0.0: {}
 
@@ -24908,32 +24889,28 @@ snapshots:
   pg-cloudflare@1.1.1:
     optional: true
 
-  pg-connection-string@2.6.2: {}
+  pg-connection-string@2.6.4: {}
 
   pg-int8@1.0.1: {}
 
-  pg-minify@1.6.2: {}
+  pg-minify@1.6.5: {}
 
   pg-numeric@1.0.2: {}
 
-  pg-pool@3.6.1(pg@8.11.3):
+  pg-pool@3.6.2(pg@8.12.0):
     dependencies:
-      pg: 8.11.3
+      pg: 8.12.0
 
-  pg-pool@3.6.1(pg@8.8.0):
+  pg-promise@11.9.1:
     dependencies:
-      pg: 8.8.0
-
-  pg-promise@10.15.4:
-    dependencies:
-      assert-options: 0.8.0
-      pg: 8.8.0
-      pg-minify: 1.6.2
-      spex: 3.2.0
+      assert-options: 0.8.1
+      pg: 8.12.0
+      pg-minify: 1.6.5
+      spex: 3.3.0
     transitivePeerDependencies:
       - pg-native
 
-  pg-protocol@1.6.0: {}
+  pg-protocol@1.6.1: {}
 
   pg-types@2.2.0:
     dependencies:
@@ -24953,33 +24930,21 @@ snapshots:
       postgres-interval: 3.0.0
       postgres-range: 1.1.4
 
-  pg@8.11.3:
+  pg@8.12.0:
     dependencies:
-      buffer-writer: 2.0.0
-      packet-reader: 1.0.0
-      pg-connection-string: 2.6.2
-      pg-pool: 3.6.1(pg@8.11.3)
-      pg-protocol: 1.6.0
+      pg-connection-string: 2.6.4
+      pg-pool: 3.6.2(pg@8.12.0)
+      pg-protocol: 1.6.1
       pg-types: 2.2.0
       pgpass: 1.0.5
     optionalDependencies:
       pg-cloudflare: 1.1.1
 
-  pg@8.8.0:
-    dependencies:
-      buffer-writer: 2.0.0
-      packet-reader: 1.0.0
-      pg-connection-string: 2.6.2
-      pg-pool: 3.6.1(pg@8.8.0)
-      pg-protocol: 1.6.0
-      pg-types: 2.2.0
-      pgpass: 1.0.5
-
   pgpass@1.0.5:
     dependencies:
       split2: 4.2.0
 
-  picocolors@1.0.0: {}
+  picocolors@1.0.1: {}
 
   picomatch@2.3.1: {}
 
@@ -25071,13 +25036,13 @@ snapshots:
   postcss@8.4.31:
     dependencies:
       nanoid: 3.3.7
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       source-map-js: 1.2.0
 
   postcss@8.4.38:
     dependencies:
       nanoid: 3.3.7
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       source-map-js: 1.2.0
 
   postgres-array@2.0.0: {}
@@ -25104,7 +25069,7 @@ snapshots:
 
   posthog-node@3.2.1:
     dependencies:
-      axios: 1.6.7(debug@3.2.7)
+      axios: 1.7.3(debug@3.2.7)
       rusha: 0.8.14
     transitivePeerDependencies:
       - debug
@@ -26159,7 +26124,7 @@ snapshots:
       asn1.js: 5.4.1
       asn1.js-rfc2560: 5.0.1(asn1.js@5.4.1)
       asn1.js-rfc5280: 3.0.0
-      axios: 1.6.7(debug@3.2.7)
+      axios: 1.7.3(debug@3.2.7)
       big-integer: 1.6.51
       bignumber.js: 9.1.2
       binascii: 0.0.2
@@ -26242,7 +26207,7 @@ snapshots:
 
   spdx-license-ids@3.0.12: {}
 
-  spex@3.2.0: {}
+  spex@3.3.0: {}
 
   split-on-first@1.1.0: {}
 
@@ -26594,7 +26559,7 @@ snapshots:
       micromatch: 4.0.5
       normalize-path: 3.0.0
       object-hash: 3.0.0
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       postcss: 8.4.38
       postcss-import: 15.1.0(postcss@8.4.38)
       postcss-js: 4.0.1(postcss@8.4.38)
@@ -27035,7 +27000,7 @@ snapshots:
 
   uc.micro@1.0.6: {}
 
-  uc.micro@2.0.0: {}
+  uc.micro@2.1.0: {}
 
   ufo@1.3.2: {}
 
@@ -27178,7 +27143,7 @@ snapshots:
     dependencies:
       browserslist: 4.23.0
       escalade: 3.1.1
-      picocolors: 1.0.0
+      picocolors: 1.0.1
 
   upper-case-first@2.0.2:
     dependencies:
@@ -27274,7 +27239,7 @@ snapshots:
       cac: 6.7.14
       debug: 4.3.5(supports-color@8.1.1)
       pathe: 1.1.2
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       vite: 5.2.12(@types/node@18.16.16)(sass@1.64.1)(terser@5.16.1)
     transitivePeerDependencies:
       - '@types/node'
@@ -27334,7 +27299,7 @@ snapshots:
       local-pkg: 0.5.0
       magic-string: 0.30.10
       pathe: 1.1.2
-      picocolors: 1.0.0
+      picocolors: 1.0.1
       std-env: 3.6.0
       strip-literal: 2.0.0
       tinybench: 2.5.1
@@ -27438,16 +27403,9 @@ snapshots:
     dependencies:
       vue: 3.4.21(typescript@5.5.2)
 
-  vue-markdown-render@2.0.1(typescript@5.5.2):
-    dependencies:
-      markdown-it: 12.3.2
-      vue: 3.4.21(typescript@5.5.2)
-    transitivePeerDependencies:
-      - typescript
-
-  vue-markdown-render@2.1.1(vue@3.4.21(typescript@5.5.2)):
+  vue-markdown-render@2.2.1(vue@3.4.21(typescript@5.5.2)):
     dependencies:
-      markdown-it: 12.3.2
+      markdown-it: 13.0.2
       vue: 3.4.21(typescript@5.5.2)
 
   vue-router@4.2.2(vue@3.4.21(typescript@5.5.2)):
@@ -27498,7 +27456,7 @@ snapshots:
 
   wait-on@7.2.0(debug@4.3.4):
     dependencies:
-      axios: 1.6.7(debug@4.3.4)
+      axios: 1.7.3(debug@4.3.4)
       joi: 17.11.0
       lodash: 4.17.21
       minimist: 1.2.8
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
index 2ce2d3d7dfeec..cff49d01723b5 100644
--- a/pnpm-workspace.yaml
+++ b/pnpm-workspace.yaml
@@ -10,7 +10,7 @@ catalog:
   '@types/lodash': ^4.14.195
   '@types/uuid': ^8.3.2
   '@types/xml2js': ^0.4.14
-  axios: 1.6.7
+  axios: 1.7.3
   basic-auth: 2.0.1
   fast-glob: 3.2.12
   form-data: 4.0.0
@@ -29,3 +29,4 @@ catalogs:
     vitest-mock-extended: ^1.3.1
     vue: ^3.4.21
     vue-tsc: ^2.0.19
+    vue-markdown-render: ^2.2.1
diff --git a/turbo.json b/turbo.json
index 0da2b6e54d873..49fc3c4ff5012 100644
--- a/turbo.json
+++ b/turbo.json
@@ -1,6 +1,7 @@
 {
 	"$schema": "https://turbo.build/schema.json",
 	"ui": "stream",
+	"globalEnv": ["CI", "COVERAGE_ENABLED"],
 	"tasks": {
 		"clean": {
 			"cache": false