Bump the prod-minor-updates group across 1 directory with 4 updates

Bumps the prod-minor-updates group with 4 updates in the / directory: [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3), [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react), [posthog-node](https://github.com/PostHog/posthog-js/tree/HEAD/packages/node) and [tailwind-merge](https://github.com/dcastil/tailwind-merge).


Updates `@aws-sdk/client-s3` from 3.989.0 to 3.996.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.996.0/clients/client-s3)

Updates `lucide-react` from 0.563.0 to 0.575.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react)

Updates `posthog-node` from 5.24.15 to 5.25.0
- [Release notes](https://github.com/PostHog/posthog-js/releases)
- [Changelog](https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md)
- [Commits](https://github.com/PostHog/posthog-js/commits/posthog-node@5.25.0/packages/node)

Updates `tailwind-merge` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/dcastil/tailwind-merge/releases)
- [Commits](https://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.5.0)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.996.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
- dependency-name: lucide-react
  dependency-version: 0.575.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
- dependency-name: posthog-node
  dependency-version: 5.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
- dependency-name: tailwind-merge
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>

package.json

@@ -33,7 +33,7 @@
     },
     "dependencies": {
         "@asteasolutions/zod-to-openapi": "8.4.0",
-        "@aws-sdk/client-s3": "3.989.0",
+        "@aws-sdk/client-s3": "3.996.0",
         "@faker-js/faker": "10.3.0",
         "@headlessui/react": "2.2.9",
         "@hookform/resolvers": "5.2.2",
@@ -89,7 +89,7 @@
         "jmespath": "0.16.0",
         "js-yaml": "4.1.1",
         "jsonwebtoken": "9.0.3",
-        "lucide-react": "0.563.0",
+        "lucide-react": "0.575.0",
         "maxmind": "5.0.5",
         "moment": "2.30.1",
         "next": "15.5.12",
@@ -100,7 +100,7 @@
         "nodemailer": "8.0.1",
         "oslo": "1.2.1",
         "pg": "8.18.0",
-        "posthog-node": "5.24.15",
+        "posthog-node": "5.25.0",
         "qrcode.react": "4.2.0",
         "react": "19.2.4",
         "react-day-picker": "9.13.2",
@@ -115,7 +115,7 @@
         "sshpk": "^1.18.0",
         "stripe": "20.3.1",
         "swagger-ui-express": "5.0.1",
-        "tailwind-merge": "3.4.0",
+        "tailwind-merge": "3.5.0",
         "topojson-client": "3.1.0",
         "tw-animate-css": "1.4.0",
         "use-debounce": "^10.1.0",

server/lib/blueprints/clientResources.ts

@@ -11,7 +11,7 @@ import {
     userSiteResources
 } from "@server/db";
 import { sites } from "@server/db";
-import { eq, and, ne, inArray } from "drizzle-orm";
+import { eq, and, ne, inArray, or } from "drizzle-orm";
 import { Config } from "./types";
 import logger from "@server/logger";
 import { getNextAvailableAliasAddress } from "../ip";
@@ -142,7 +142,10 @@ export async function updateClientResources(
                     .innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
                     .where(
                         and(
-                            inArray(users.username, resourceData.users),
+                            or(
+                                inArray(users.username, resourceData.users),
+                                inArray(users.email, resourceData.users)
+                            ),
                             eq(userOrgs.orgId, orgId)
                         )
                     );
@@ -276,7 +279,10 @@ export async function updateClientResources(
                     .innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
                     .where(
                         and(
-                            inArray(users.username, resourceData.users),
+                            or(
+                                inArray(users.username, resourceData.users),
+                                inArray(users.email, resourceData.users)
+                            ),
                             eq(userOrgs.orgId, orgId)
                         )
                     );

server/lib/blueprints/proxyResources.ts

@@ -212,7 +212,10 @@ export async function updateProxyResources(
             } else {
                 // Update existing resource
 
-                const isLicensed = await isLicensedOrSubscribed(orgId, tierMatrix.maintencePage);
+                const isLicensed = await isLicensedOrSubscribed(
+                    orgId,
+                    tierMatrix.maintencePage
+                );
                 if (!isLicensed) {
                     resourceData.maintenance = undefined;
                 }
@@ -590,7 +593,10 @@ export async function updateProxyResources(
                         existingRule.action !== getRuleAction(rule.action) ||
                         existingRule.match !== rule.match.toUpperCase() ||
                         existingRule.value !==
-                        getRuleValue(rule.match.toUpperCase(), rule.value) ||
+                            getRuleValue(
+                                rule.match.toUpperCase(),
+                                rule.value
+                            ) ||
                         existingRule.priority !== intendedPriority
                     ) {
                         validateRule(rule);
@@ -648,7 +654,10 @@ export async function updateProxyResources(
                 );
             }
 
-            const isLicensed = await isLicensedOrSubscribed(orgId, tierMatrix.maintencePage);
+            const isLicensed = await isLicensedOrSubscribed(
+                orgId,
+                tierMatrix.maintencePage
+            );
             if (!isLicensed) {
                 resourceData.maintenance = undefined;
             }
@@ -935,7 +944,12 @@ async function syncUserResources(
             .select()
             .from(users)
             .innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
-            .where(and(eq(users.username, username), eq(userOrgs.orgId, orgId)))
+            .where(
+                and(
+                    or(eq(users.username, username), eq(users.email, username)),
+                    eq(userOrgs.orgId, orgId)
+                )
+            )
             .limit(1);
 
         if (!user) {

server/lib/blueprints/types.ts

@@ -69,7 +69,7 @@ export const AuthSchema = z.object({
         .refine((roles) => !roles.includes("Admin"), {
             error: "Admin role cannot be included in sso-roles"
         }),
-    "sso-users": z.array(z.email()).optional().default([]),
+    "sso-users": z.array(z.string()).optional().default([]),
     "whitelist-users": z.array(z.email()).optional().default([]),
     "auto-login-idp": z.int().positive().optional()
 });
@@ -335,7 +335,7 @@ export const ClientResourceSchema = z
             .refine((roles) => !roles.includes("Admin"), {
                 error: "Admin role cannot be included in roles"
             }),
-        users: z.array(z.email()).optional().default([]),
+        users: z.array(z.string()).optional().default([]),
         machines: z.array(z.string()).optional().default([])
     })
     .refine(