diff --git a/Cargo.toml b/Cargo.toml
index 29e6d78cc3..4a891c34ba 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -270,6 +270,7 @@ redundant_type_annotations = "warn"
 result_large_err = "allow"
 todo = "warn"
 too_many_arguments = "allow"
+type_complexity = "allow"
 uninlined_format_args = "warn"
 unnested_or_patterns = "warn"
 wildcard_dependencies = "warn"
diff --git a/apps/frontend/src/assets/styles/components.scss b/apps/frontend/src/assets/styles/components.scss
index 6b91a25ffe..4458f7c307 100644
--- a/apps/frontend/src/assets/styles/components.scss
+++ b/apps/frontend/src/assets/styles/components.scss
@@ -756,16 +756,16 @@ svg.inline-svg {
 	padding: var(--gap-16);
 
 	h2 {
+		@apply font-semibold;
 		font-size: var(--text-18);
-		font-weight: var(--weight-extrabold);
 		color: var(--color-contrast);
 		line-height: initial;
 		margin: 0;
 	}
 
 	h3 {
+		@apply font-semibold;
 		font-size: var(--text-16);
-		font-weight: var(--weight-bold);
 		color: var(--color-base);
 		margin: 0;
 	}
@@ -812,6 +812,7 @@ svg.inline-svg {
 }
 
 .details-list__item {
+	@apply font-normal;
 	@extend .iconified-list-item;
 
 	.details-list__item__text--style-secondary {
diff --git a/apps/frontend/src/components/ui/moderation/ModerationProjectNags.vue b/apps/frontend/src/components/ui/moderation/ModerationProjectNags.vue
index 44a50f083d..33a7dbf92e 100644
--- a/apps/frontend/src/components/ui/moderation/ModerationProjectNags.vue
+++ b/apps/frontend/src/components/ui/moderation/ModerationProjectNags.vue
@@ -24,7 +24,7 @@
 			</div>
 			<div class="input-group">
 				<ButtonStyled circular>
-					<button :class="!collapsed && '[&>svg]:rotate-180'" @click="$emit('toggleCollapsed')">
+					<button :class="{ '[&>svg]:rotate-180': !collapsed }" @click="$emit('toggleCollapsed')">
 						<DropdownIcon class="duration-250 transition-transform ease-in-out" />
 					</button>
 				</ButtonStyled>
diff --git a/apps/frontend/src/components/ui/thread/ThreadView.vue b/apps/frontend/src/components/ui/thread/ThreadView.vue
index a753014aac..0e487bc68d 100644
--- a/apps/frontend/src/components/ui/thread/ThreadView.vue
+++ b/apps/frontend/src/components/ui/thread/ThreadView.vue
@@ -59,7 +59,7 @@
 					</ButtonStyled>
 					<ButtonStyled v-if="visibleQuickReplies.length > 0">
 						<OverflowMenu :options="visibleQuickReplies">
-							Quick Reply
+							Quick reply
 							<ChevronDownIcon />
 						</OverflowMenu>
 					</ButtonStyled>
diff --git a/apps/frontend/src/composables/featureFlags.ts b/apps/frontend/src/composables/featureFlags.ts
index ba6538ee81..ed8e142016 100644
--- a/apps/frontend/src/composables/featureFlags.ts
+++ b/apps/frontend/src/composables/featureFlags.ts
@@ -48,7 +48,6 @@ export const DEFAULT_FEATURE_FLAGS = validateValues({
 	useV1ContentTabAPI: true,
 	labrinthApiCanary: false,
 	dismissedExternalProjectsInfo: false,
-	modpackPermissionsPage: false,
 	showAllBanners: false,
 	alwaysIgnoreErrorBanner: false,
 	showViewProdRouteBanner: false,
@@ -56,6 +55,8 @@ export const DEFAULT_FEATURE_FLAGS = validateValues({
 	showModeratorPrivateMessageHighlight: true,
 	archonApiStaging: false,
 	showHostingAccessInstanceAuditLog: false,
+	versionDevInfoCollapsed: true,
+	alwaysShowVersionDevInfo: false,
 } as const)
 
 export type FeatureFlag = keyof typeof DEFAULT_FEATURE_FLAGS
diff --git a/apps/frontend/src/composables/queries/version.ts b/apps/frontend/src/composables/queries/version.ts
index 552410fa13..cd612b2c00 100644
--- a/apps/frontend/src/composables/queries/version.ts
+++ b/apps/frontend/src/composables/queries/version.ts
@@ -8,4 +8,11 @@ export const versionQueryOptions = {
 		queryFn: () => client.labrinth.versions_v3.getVersion(versionId),
 		staleTime: STALE_TIME,
 	}),
+
+	fromProject: (projectId: string, versionIdOrNumber: string, client: AbstractModrinthClient) => ({
+		queryKey: ['project', projectId, 'version', 'v3', versionIdOrNumber] as const,
+		queryFn: () =>
+			client.labrinth.versions_v3.getVersionFromIdOrNumber(projectId, versionIdOrNumber),
+		staleTime: STALE_TIME,
+	}),
 }
diff --git a/apps/frontend/src/locales/de-CH/index.json b/apps/frontend/src/locales/de-CH/index.json
index 1486e8ae01..8a7ce5d785 100644
--- a/apps/frontend/src/locales/de-CH/index.json
+++ b/apps/frontend/src/locales/de-CH/index.json
@@ -3290,9 +3290,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Wenn du Hilfe benötigst oder weitere Fragen hast, besuche bitte das <help-center-link>Hilfezentrum von Modrinth</help-center-link> und klicke auf die blaue Sprechblase, um den Support zu kontaktieren."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Benutzer-UI anzeigen"
-  },
   "project.moderation.thread.private-description": {
     "message": "Dies ist ein privater Unterhaltungsthread mit den Modrinth-Moderatoren. Sie können dich bei Problemen bezüglich dieses Projekts kontaktieren."
   },
@@ -3422,9 +3419,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Diese Version ist} other {Diese Versionen sind}} derzeit zurückgehalten und nicht öffentlich gelistet. Bitte stelle einen Nachweis bereit, dass du die Erlaubnis hast, bestimmte Dateien weiterzuverbreiten, die in {count, plural, one {der Modpack-Version} other {den Modpack-Versionen}} enthalten sind."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Beheben"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Version {version_name}} other {Versionen}} zurückgehalten aufgrund von unbekannten eingebetteten Inhalten"
   },
diff --git a/apps/frontend/src/locales/de-DE/index.json b/apps/frontend/src/locales/de-DE/index.json
index 74b1f93c18..91e04fed83 100644
--- a/apps/frontend/src/locales/de-DE/index.json
+++ b/apps/frontend/src/locales/de-DE/index.json
@@ -3290,9 +3290,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Falls du Hilfe benötigst oder weitere Fragen hast, besuche bitte das <help-center-link>Hilfezentrum von Modrinth</help-center-link> und klicke auf die blaue Sprechblase, um den Support zu kontaktieren."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Mitglieder-UI anzeigen"
-  },
   "project.moderation.thread.private-description": {
     "message": "Dies ist eine private Konversation mit den Moderatoren von Modrinth. Diese können dir Nachrichten zu Problemen bezüglich dieses Projekts senden."
   },
@@ -3422,9 +3419,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Diese Version ist} other {Diese Versionen sind}} derzeit zurückgehalten und nicht öffentlich gelistet. Bitte stelle einen Nachweis bereit, dass du die Erlaubnis hast, bestimmte Dateien weiterzuverbreiten, die im Modpack in {count, plural, one {Version} other {Versionen}} enthalten sind."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Beheben"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Version {version_name} wurde} other {Versionen wurden}} aufgrund unbekannter eingebetteter Inhalte zurückgehalten"
   },
diff --git a/apps/frontend/src/locales/en-US/index.json b/apps/frontend/src/locales/en-US/index.json
index 3168470cb4..57e60de127 100644
--- a/apps/frontend/src/locales/en-US/index.json
+++ b/apps/frontend/src/locales/en-US/index.json
@@ -3332,9 +3332,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "If you need assistance or have additional inquiries, please visit the <help-center-link>Modrinth Help Center</help-center-link> and click the blue bubble to contact support."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Show member UI"
-  },
   "project.moderation.thread.private-description": {
     "message": "This is a private conversation thread with the Modrinth moderators. They may message you with issues concerning this project."
   },
@@ -3405,43 +3402,76 @@
     "message": "URL"
   },
   "project.settings.permissions.attention-needed.description.proj-approved": {
-    "message": "Please provide proof that you have permission to redistribute all of the following files and any withheld versions will be automatically published."
+    "message": "Please provide proof that you have permission to redistribute all of the following files. Once completed, withheld versions will be automatically published."
   },
   "project.settings.permissions.attention-needed.description.proj-draft": {
-    "message": "Please provide proof that you have permission to redistribute all of the following files before you can submit your project for review."
+    "message": "Please provide proof that you have permission to redistribute all of the following files before submitting your project for review."
   },
   "project.settings.permissions.attention-needed.title": {
-    "message": "Unknown embedded content"
+    "message": "Unknown external content"
+  },
+  "project.settings.permissions.bad-proof.description": {
+    "message": "Modrinth's moderation team has rejected the permission information you provided for some external content. Please review the rejected items below and provide acceptable proof or remove the content."
+  },
+  "project.settings.permissions.bad-proof.title": {
+    "message": "Some proofs were rejected"
+  },
+  "project.settings.permissions.collapse-all": {
+    "message": "Collapse all"
   },
   "project.settings.permissions.completed.description": {
-    "message": "All external content has attributions provided."
+    "message": "All external content has permission information and attributions have been provided."
   },
   "project.settings.permissions.completed.title": {
-    "message": "Attributions completed!"
+    "message": "Permissions completed!"
   },
   "project.settings.permissions.empty-state.description": {
-    "message": "None of your versions contain external content, so you don't need to worry about obtaining permissions."
+    "message": "None of your project's versions contain external content, so you don't need to worry about obtaining permissions."
   },
   "project.settings.permissions.empty-state.heading": {
     "message": "You're all set!"
   },
+  "project.settings.permissions.expand-all": {
+    "message": "Expand all"
+  },
   "project.settings.permissions.fail.description": {
-    "message": "You don't have permission to redistribute some of the external content you've added. In order to publish on Modrinth, remove the infringing content."
+    "message": "You may not have permission to redistribute some of the external content in your project. In order to publish on Modrinth, please remove this content or provide proof that you do have permission to use it."
   },
   "project.settings.permissions.fail.title": {
     "message": "Some content can't be included"
   },
   "project.settings.permissions.info-banner.description": {
-    "message": "If you include content that isn’t hosted on Modrinth, you need to let us know where it’s from and verify that you have permission to distribute the files. Check out <link>our guide</link> to learn about how to do this properly!"
+    "message": "If you include content that isn’t hosted on Modrinth, you need to let us know where it’s from and verify that you have permission to distribute the files. Check out <link>our announcement of this new system</link> to learn more!"
   },
   "project.settings.permissions.info-banner.title": {
-    "message": "Learn how attributions work"
+    "message": "Learn about distribution permissions"
   },
   "project.settings.permissions.learn-more": {
     "message": "Learn more"
   },
+  "project.settings.permissions.no-results": {
+    "message": "No external files match your search."
+  },
+  "project.settings.permissions.not-allowed.description": {
+    "message": "Some of the external content included cannot be distributed on Modrinth because it violates our Content Rules and must be removed."
+  },
+  "project.settings.permissions.pending-approval-count": {
+    "message": "{count, plural, =0 {No attributions need approval} one {# attribution needs approval} other {# attributions need approval}}"
+  },
   "project.settings.permissions.search-placeholder": {
-    "message": "Search {count} {count, plural, one {external project} other {external projects}}..."
+    "message": "Search {count} {count, plural, one {project} other {projects}}..."
+  },
+  "project.settings.permissions.sort.most-files": {
+    "message": "Most files"
+  },
+  "project.settings.permissions.sort.recently-edited": {
+    "message": "Recently edited"
+  },
+  "project.settings.permissions.sort.rejected": {
+    "message": "Rejected"
+  },
+  "project.settings.permissions.sort.status": {
+    "message": "Status"
   },
   "project.settings.title": {
     "message": "Settings"
@@ -3464,9 +3494,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {This version is} other {These versions are}} currently withheld and not publicly listed. Please provide proof that you have permission to redistribute certain files included in the modpack {count, plural, one {version} other {versions}}."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Resolve"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Version {version_name}} other {Versions}} withheld due to unknown embedded content"
   },
@@ -4616,6 +4643,48 @@
   "ui.newsletter-button.tooltip": {
     "message": "Subscribe to the Modrinth newsletter"
   },
+  "version.all-versions": {
+    "message": "All versions"
+  },
+  "version.confirm-delete.description": {
+    "message": "This version will be permanently deleted. This action cannot be undone."
+  },
+  "version.confirm-delete.proceed": {
+    "message": "Delete version"
+  },
+  "version.confirm-delete.title": {
+    "message": "Are you sure you want to delete this version?"
+  },
+  "version.dependency.view-project": {
+    "message": "View project"
+  },
+  "version.dependency.view-version": {
+    "message": "View version"
+  },
+  "version.download.download-dependency": {
+    "message": "Download dependency"
+  },
+  "version.download.no-primary-file": {
+    "message": "Error: No primary file found"
+  },
+  "version.download.optional-resource-pack": {
+    "message": "Optional resource pack"
+  },
+  "version.download.required-resource-pack": {
+    "message": "Required resource pack"
+  },
+  "version.edit.button": {
+    "message": "Edit"
+  },
+  "version.edit.details": {
+    "message": "Edit details"
+  },
+  "version.edit.files": {
+    "message": "Edit files"
+  },
+  "version.edit.metadata": {
+    "message": "Edit metadata"
+  },
   "version.environment.none.description": {
     "message": "The environment for this version has not been specified."
   },
@@ -4627,5 +4696,56 @@
   },
   "version.environment.unknown.title": {
     "message": "Unknown environment"
+  },
+  "version.package-as-mod.button": {
+    "message": "Package as mod"
+  },
+  "version.package-as-mod.description": {
+    "message": "This will create a new version with support for the selected mod loaders. You will be redirected to the new version and can edit it to your liking."
+  },
+  "version.package-as-mod.header": {
+    "message": "Packaging data pack as a mod"
+  },
+  "version.package-as-mod.mod-loaders": {
+    "message": "Mod loaders"
+  },
+  "version.package-as-mod.mod-loaders.description": {
+    "message": "The mod loaders you would like to package your data pack for."
+  },
+  "version.package-as-mod.mod-loaders.placeholder": {
+    "message": "Choose mod loaders..."
+  },
+  "version.package-as-mod.submit-button": {
+    "message": "Package data pack"
+  },
+  "version.section.content.dev-info": {
+    "message": "Developer information"
+  },
+  "version.section.content.dev-info.gradle-snippet": {
+    "message": "build.gradle:"
+  },
+  "version.section.content.dev-info.maven-coordinates": {
+    "message": "Maven coordinates:"
+  },
+  "version.section.content.dev-info.maven-description": {
+    "message": "Projects on Modrinth are automatically available through a Maven repository for use with JVM build tools such as <gradle-link>Gradle</gradle-link>. To learn more about the Modrinth Maven API, <article-link>click here</article-link>."
+  },
+  "version.section.content.dev-info.maven-note": {
+    "message": "Note: When available, you should use the creator's maven repo instead as it will have transitive dependency information that the Modrinth Maven API does not. You may also end up with duplicate dependencies if you use a mix of Modrinth and non-Modrinth Maven repositories for your dependencies, because the group identifier will be different when served through the Modrinth Maven API."
+  },
+  "version.section.content.dev-info.version-id": {
+    "message": "Version ID:"
+  },
+  "version.supplementary-resources.copy-hash-sha1": {
+    "message": "Copy SHA-1"
+  },
+  "version.supplementary-resources.copy-hash-sha512": {
+    "message": "Copy SHA-512"
+  },
+  "version.unknown-embedded-content.description": {
+    "message": "This version is currently withheld and not publicly listed. Please provide proof that you have permission to redistribute certain files included."
+  },
+  "version.unknown-embedded-content.title": {
+    "message": "Withheld due to unknown embedded content"
   }
 }
diff --git a/apps/frontend/src/locales/es-419/index.json b/apps/frontend/src/locales/es-419/index.json
index 5f675ef077..fddceb5a0e 100644
--- a/apps/frontend/src/locales/es-419/index.json
+++ b/apps/frontend/src/locales/es-419/index.json
@@ -3332,9 +3332,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Si necesitas ayuda o tienes consultas adicionales, por favor visita el <help-center-link>Centro de ayuda de Modrinth</help-center-link> y haz click en la burbuja azúl para contactar con soporte."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Mostrar interfaz de miembros"
-  },
   "project.moderation.thread.private-description": {
     "message": "Este es un hilo de conversación con los moderadores de Modrinth. Es posible que te envíen mensajes sobre cuestiones relacionadas con este proyecto."
   },
@@ -3464,9 +3461,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Esta versión está retenida y no listada} other {Estas versiones están retenidas y no listadas}} públicamente. Por favor, proporciona pruebas de que tienes permiso para redistribuir algunos de los archivos incluidos en {count, plural, one {la versión} other {las versiones}} del modpack."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Resolver"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Versión {version_name} retenida} other {Versiones retenidas}} debido a que incluye contenido desconocido"
   },
diff --git a/apps/frontend/src/locales/es-ES/index.json b/apps/frontend/src/locales/es-ES/index.json
index be9adb4cc6..66f60dec9d 100644
--- a/apps/frontend/src/locales/es-ES/index.json
+++ b/apps/frontend/src/locales/es-ES/index.json
@@ -3326,9 +3326,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Si necesitas ayuda o tienes consultas adicionales, por favor visita el <help-center-link>Centro de ayuda de Modrinth</help-center-link> y haz click en la burbuja azul para contactar con soporte."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Mostrar interfaz de miembros"
-  },
   "project.moderation.thread.private-description": {
     "message": "Este es un hilo de conversación privado con los moderadores de Modrinth. Es posible que te envíen mensajes sobre cuestiones relacionadas con este proyecto."
   },
@@ -3458,9 +3455,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Esta versión está retenida y no listada} other {Estas versiones están retenidas y no listadas}} públicamente. Por favor, proporciona pruebas de que tienes permiso para redistribuir algunos de los archivos incluidos en {count, plural, one {la versión} other {las versiones}} del modpack."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Resolver"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Versión {version_name} retenida} other {Versiones retenidas}} debido a que incluye contenido desconocido"
   },
diff --git a/apps/frontend/src/locales/fr-FR/index.json b/apps/frontend/src/locales/fr-FR/index.json
index cc87f61a07..86ea415b97 100644
--- a/apps/frontend/src/locales/fr-FR/index.json
+++ b/apps/frontend/src/locales/fr-FR/index.json
@@ -3332,9 +3332,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Si vous avez besoin d'aide ou si vous avez des demandes de renseignements supplémentaires, veuillez visiter le <help-center-link>Modrinth Help Center</help-center-link> et cliquez sur la bulle bleue pour contacter le support."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Montrer l'interface des membres"
-  },
   "project.moderation.thread.private-description": {
     "message": "Il s'agit d'un fil de conversation privé avec les modérateurs du Modrinthe. Ils peuvent vous envoyer un message avec des problèmes concernant ce projet."
   },
@@ -3464,9 +3461,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Cette version est actuellement indisponible et n'est pas répertoriée} other {Ces versions sont actuellement indisponibles et n'ont pas été répertoriées}} publiquement. Veuillez fournir la preuve que vous avez l'autorisation de redistribuer certains fichiers inclus dans {count, plural, one {la version} other {les versions}} du modpack."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Résoudre"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Version {version_name} non disponible} other {Versions non disponibles}} en raison de contenus intégrés inconnus"
   },
diff --git a/apps/frontend/src/locales/hu-HU/index.json b/apps/frontend/src/locales/hu-HU/index.json
index 09a3e02a9f..496ef0bb63 100644
--- a/apps/frontend/src/locales/hu-HU/index.json
+++ b/apps/frontend/src/locales/hu-HU/index.json
@@ -3191,9 +3191,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Ez a verzió} other {Ezek a verziók}} jelenleg vissza van tartva, és nem érhető{count, plural, one {} other {k}} el nyilvánosan. Kérjük, igazold, hogy engedéllyel rendelkezel a modcsomag {count, plural, one {verziójában} other {verzióiban}} található bizonyos fájlok terjesztésére."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Megoldás"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {A(z) {version_name} verzió} other {A verziók}} ismeretlen beágyazott tartalom miatt vissza lett{count, plural, one {} other {ek}} tartva"
   },
diff --git a/apps/frontend/src/locales/it-IT/index.json b/apps/frontend/src/locales/it-IT/index.json
index 59eb20c037..f3249d2616 100644
--- a/apps/frontend/src/locales/it-IT/index.json
+++ b/apps/frontend/src/locales/it-IT/index.json
@@ -3323,9 +3323,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Se hai bisogno di assistenza o hai altre richieste, visita il <help-center-link>centro assistenza di Modrinth</help-center-link> e clicca sulla bolla blu nell'angolo in basso a destra."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Mostra interfaccia degli utenti"
-  },
   "project.moderation.thread.private-description": {
     "message": "Questa è una conversazione privata con i moderatori di Modrinth. Sarai contattato per eventuali problemi riguardanti questo progetto."
   },
@@ -3455,9 +3452,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Questa versione è attualmente sospesa e non elencata} other {Queste versioni sono attualmente sospese e non elencate}} pubblicamente. Devi dimostrare di avere il permesso di ridistribuire alcuni dei file presenti in {count, plural, one {questa versione} other {queste versioni}} del pacchetto."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Risolvi"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {La versione {version_name} è stata sospesa} other {Alcune versioni sono state sospese}} per attribuzioni incomplete"
   },
diff --git a/apps/frontend/src/locales/ko-KR/index.json b/apps/frontend/src/locales/ko-KR/index.json
index 59aa9e455d..f84dcc029c 100644
--- a/apps/frontend/src/locales/ko-KR/index.json
+++ b/apps/frontend/src/locales/ko-KR/index.json
@@ -2768,9 +2768,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "도움이 필요하거나 추가 문의 사항이 있다면 <help-center-link>Modrinth 도움말 센터</help-center-link>를 방문하여 파란색 말풍선을 클릭해 지원 센터에 문의해 주세요."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "멤버 UI 표시"
-  },
   "project.moderation.thread.private-description": {
     "message": "이곳은 Modrinth 운영진과의 비공개 대화 스레드입니다. 운영진이 이 프로젝트와 관련된 사항에 대해 메시지를 보낼 수 있습니다."
   },
@@ -2894,9 +2891,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, other {해당 버전은}} 현재 보류 상태이며 공개되지 않았습니다. 이 모드팩 {count, plural, other {버전에}} 포함된 특정 파일들을 재배포할 수 있는 권한이 있음을 증명하는 자료를 제출해주세요."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "해결"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "알 수 없는 내장 콘텐츠로 인해 일부 {count, plural, other {버전}}은 공개되지 않았습니다"
   },
diff --git a/apps/frontend/src/locales/ms-MY/index.json b/apps/frontend/src/locales/ms-MY/index.json
index df1b3fc14a..af66e4aab1 100644
--- a/apps/frontend/src/locales/ms-MY/index.json
+++ b/apps/frontend/src/locales/ms-MY/index.json
@@ -3143,9 +3143,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Jika anda memerlukan bantuan atau mempunyai pertanyaan tambahan, sila lawati <help-center-link>Pusat Bantuan Modrinth</help-center-link> dan klik gelembung biru untuk menghubungi sokongan."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Tunjukkan antara muka ahli"
-  },
   "project.moderation.thread.private-description": {
     "message": "Ini adalah bebenang perbualan peribadi dengan penyederhana Modrinth. Mereka mungkin akan menghantar mesej kepada anda tentang isu-isu berkaitan projek ini."
   },
@@ -3272,9 +3269,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, other {Versi ini}} kini ditahan dan tidak disenaraikan secara umum. Sila berikan bukti bahawa anda mempunyai kebenaran untuk mengedarkan semula fail tertentu yang disertakan dalam {count, plural, other {versi}} pek mod ini."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Selesaikan"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, other {Versi}} telah ditahan kerana kandungan terbenam yang tidak diketahui"
   },
diff --git a/apps/frontend/src/locales/pl-PL/index.json b/apps/frontend/src/locales/pl-PL/index.json
index c1f79399cf..d790653335 100644
--- a/apps/frontend/src/locales/pl-PL/index.json
+++ b/apps/frontend/src/locales/pl-PL/index.json
@@ -3326,9 +3326,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Jeżeli potrzebujesz pomocy lub masz więcej pytań, odwiedź <help-center-link>centrum pomocy Modrinth</help-center-link> i kliknij w niebieskie kółko, by skontaktować się z obsługą."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Pokaż UI członków"
-  },
   "project.moderation.thread.private-description": {
     "message": "Prywatny wątek konwersacji z moderatorami Modrinth. Mogą skontaktować się z Tobą w razie problemów z Twoim projektem."
   },
@@ -3458,9 +3455,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Ta wersja jest} other {Te wersje są}} obecnie wstrzymane i nie widnieją na publicznej liście. Proszę o przesłanie potwierdzenia posiadania zgody na redystrybucję określonych plików zawartych w {count, plural, one {tej wersji} other {tych wersjach}} modpacka."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Rozwiąż"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Wersja {version_name}} other {Wersje}} wstrzymane ze względu na nieznaną osadzoną zawartość"
   },
diff --git a/apps/frontend/src/locales/pt-BR/index.json b/apps/frontend/src/locales/pt-BR/index.json
index ba54c0feae..8e988766ac 100644
--- a/apps/frontend/src/locales/pt-BR/index.json
+++ b/apps/frontend/src/locales/pt-BR/index.json
@@ -3323,9 +3323,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Se precisar de ajuda ou tiver dúvidas adicionais, visite a <help-center-link>Central de Ajuda do Modrinth</help-center-link> e clique no balão azul para entrar em contato com o suporte."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Exibir interface do membro"
-  },
   "project.moderation.thread.private-description": {
     "message": "Este é um tópico de conversa privada com os moderadores do Modrinth. Eles podem entrar em contato com você para tratar de assuntos relacionados a este projeto."
   },
@@ -3455,9 +3452,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Esta versão está atualmente retida e não listada} other {Estas versões estão atualmente retidas e não listadas}} publicamente. Por favor, forneça prova de que você tem permissão para redistribuir certos arquivos incluídos {count, plural, one {na versão} other {nas versões}} do pacote de mods."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Resolver"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural,one {Versão {version_name} retida} other {Versões retidas}} por conteúdo incluso desconhecido"
   },
diff --git a/apps/frontend/src/locales/ru-RU/index.json b/apps/frontend/src/locales/ru-RU/index.json
index 1201869a4a..8d96d10f1c 100644
--- a/apps/frontend/src/locales/ru-RU/index.json
+++ b/apps/frontend/src/locales/ru-RU/index.json
@@ -3314,9 +3314,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Если вам нужна помощь или у вас есть дополнительные вопросы, посетите <help-center-link>справочный центр Modrinth</help-center-link> и нажмите на синий значок, чтобы обратиться в поддержку."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Показать интерфейс участника"
-  },
   "project.moderation.thread.private-description": {
     "message": "Это приватная переписка с модераторами Modrinth. Они могут связываться с вами по вопросам, связанным с этим проектом."
   },
@@ -3446,9 +3443,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Эта версия в настоящее время скрыта и не отображается} other {Эти версии в настоящее время скрыты и не отображаются}} в публичном списке. Пожалуйста, предоставьте доказательства того, что у вас есть разрешение на распространение определённых файлов, включённых в {count, plural, one {эту версию} other {эти версии}}."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Решить"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Версия {version_name} скрыта} other {Версии скрыты}} из-за неизвестного встроенного контента"
   },
diff --git a/apps/frontend/src/locales/tr-TR/index.json b/apps/frontend/src/locales/tr-TR/index.json
index 6565552306..b445b59b25 100644
--- a/apps/frontend/src/locales/tr-TR/index.json
+++ b/apps/frontend/src/locales/tr-TR/index.json
@@ -3281,9 +3281,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Yardıma ihtiyacınız varsa veya ek sorularınız varsa, lütfen <help-center-link>Modrinth Yardım Merkezi'ni</help-center-link> ziyaret edin ve destekle iletişime geçmek için mavi baloncuğa tıklayın."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Üye kullanıcı arayüzünü göster"
-  },
   "project.moderation.thread.private-description": {
     "message": "Bu, Modrinth moderatörleri ile özel bir konuşma başlığıdır. Bu projeyle ilgili konularda size mesaj gönderebilirler."
   },
@@ -3413,9 +3410,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Bu sürüm} other {Bu sürümler}} şu anda gizlenmiş durumda ve herkese açık olarak listelenmiyor. Lütfen {count, plural, one {sürüm} other {sürümler}} mod paketine dahil edilen belirli dosyaları yeniden dağıtma izniniz olduğuna dair kanıt sunun."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Çöz"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Sürüm {version_name}} other {Sürümler}} bilinmeyen gömülü içerik nedeniyle gizlendi"
   },
diff --git a/apps/frontend/src/locales/uk-UA/index.json b/apps/frontend/src/locales/uk-UA/index.json
index e04fc30a58..103ab80f69 100644
--- a/apps/frontend/src/locales/uk-UA/index.json
+++ b/apps/frontend/src/locales/uk-UA/index.json
@@ -3074,9 +3074,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Якщо вам потрібна допомога або у вас є додаткові запитання, відвідайте <help-center-link>довідковий центр Modrinth</help-center-link> і натисніть синю підказку, щоб зв’язатися зі службою підтримки."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Показати інтерфейс учасника"
-  },
   "project.moderation.thread.private-description": {
     "message": "Це тема приватної розмови з модераторами Modrinth. Вони можуть надіслати вам повідомлення про проблеми щодо цього проєкту."
   },
@@ -3200,9 +3197,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {Ця версія} few {Ці версії} many {Ці версії} other {Ці версії}} наразі наразі утримано та поза списком. Будь ласка, надайте підтвердження того, що ви маєте дозвіл на повторне розповсюдження певних файлів, які входять до {count, plural, one {версії} few {версій} many {версій} other {версій}} збірки."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Розв'язати"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {Версія{version_name}} other {Версії}} утримано через невідомий убудований уміст"
   },
diff --git a/apps/frontend/src/locales/vi-VN/index.json b/apps/frontend/src/locales/vi-VN/index.json
index e4912cef22..41163da011 100644
--- a/apps/frontend/src/locales/vi-VN/index.json
+++ b/apps/frontend/src/locales/vi-VN/index.json
@@ -3290,9 +3290,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "Nếu bạn cần trợ giúp hoặc có thắc mắc, vui lòng vào <help-center-link>trung tâm trợ giúp</help-center-link> và bấm vào nút tin nhắn màu xanh để liên hệ hỗ trợ."
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "Hiển thị giao diện thành viên"
-  },
   "project.moderation.thread.private-description": {
     "message": "Đây là nơi hội thoại riêng tư với bên kiểm duyệt của Modrinth. Họ có thể nhắn cho bạn về những vấn đề trong dự án này."
   },
@@ -3422,9 +3419,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, other {Những phiên bản này}} bị giữ lại và không được công khai. Vui lòng đưa ra bằng chứng rằng bạn có quyền để đăng tải một số tệp đưọc bao gồm trong {count, plural, other {các phiên bản}} modpack đó."
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "Khắc phục"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, other{Phiên bản}} bị giữ lại do chứa nội dung nhúng không xác định"
   },
diff --git a/apps/frontend/src/locales/zh-CN/index.json b/apps/frontend/src/locales/zh-CN/index.json
index e997519cba..63b52ba912 100644
--- a/apps/frontend/src/locales/zh-CN/index.json
+++ b/apps/frontend/src/locales/zh-CN/index.json
@@ -3284,9 +3284,6 @@
   "project.moderation.thread.help-center-note.2": {
     "message": "如果你需要帮助或有其他疑问，请访问 <help-center-link>Modrinth Help Center</help-center-link>，然后点击蓝色气泡以联系支持。"
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "显示成员图形界面"
-  },
   "project.moderation.thread.private-description": {
     "message": "这是与 Modrinth 管理员的私人对话消息。他们可能会就此项目的问题向你发送消息。"
   },
@@ -3416,9 +3413,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, other {此版本}}已保留且未公开列出。请提供你有权重新分发此模组包{count, plural, other {版本}}所包含的某些文件的证明。"
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "完成"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {版本 {version_name}} other {这些版本}} 因未知嵌入内容被保留"
   },
diff --git a/apps/frontend/src/locales/zh-TW/index.json b/apps/frontend/src/locales/zh-TW/index.json
index f015e154f4..cb94f9a229 100644
--- a/apps/frontend/src/locales/zh-TW/index.json
+++ b/apps/frontend/src/locales/zh-TW/index.json
@@ -3290,9 +3290,6 @@
   "project.moderation.admonition.withheld.header": {
     "message": "由工作人員設為不公開"
   },
-  "project.moderation.thread.moderator-see-user-ui-toggle": {
-    "message": "顯示成員 UI"
-  },
   "project.moderation.thread.title": {
     "message": "審核訊息"
   },
@@ -3419,9 +3416,6 @@
   "project.versions.withheld-versions-warning.description": {
     "message": "{count, plural, one {這個版本} other {這些版本}}目前被限制存取且不公開。請提供你擁有轉載該模組包{count, plural, other {版本}}版本中特定檔案的許可證明。"
   },
-  "project.versions.withheld-versions-warning.resolve-button": {
-    "message": "解決"
-  },
   "project.versions.withheld-versions-warning.title": {
     "message": "{count, plural, one {版本 {version_name}} other {版本}}因未知的嵌入內容而被限制存取"
   },
diff --git a/apps/frontend/src/pages/[type]/[project].vue b/apps/frontend/src/pages/[type]/[project].vue
index c1ad655e77..ddfc9312c2 100644
--- a/apps/frontend/src/pages/[type]/[project].vue
+++ b/apps/frontend/src/pages/[type]/[project].vue
@@ -881,7 +881,9 @@
 						class="card flex-card"
 					/>
 					<ProjectSidebarCompatibility
-						v-if="projectV3Loaded && !isServerProject"
+						v-if="
+							projectV3Loaded && !isServerProject && route.name !== 'type-project-version-version'
+						"
 						:project="project"
 						:tags="tags"
 						:project-v3="projectV3"
diff --git a/apps/frontend/src/pages/[type]/[project]/moderation.vue b/apps/frontend/src/pages/[type]/[project]/moderation.vue
index 21d8d4d1d2..23fae21ffb 100644
--- a/apps/frontend/src/pages/[type]/[project]/moderation.vue
+++ b/apps/frontend/src/pages/[type]/[project]/moderation.vue
@@ -72,11 +72,9 @@
 					<h2 id="messages" class="m-0 text-xl font-semibold text-contrast">
 						{{ formatMessage(messages.threadSectionTitle) }}
 					</h2>
-					<div v-if="currentMember?.staffOnly" class="flex items-center gap-2">
+					<div v-if="isStaff(currentMember?.user)" class="flex items-center gap-2">
 						<Toggle id="moderator-see-user-ui-toggle" v-model="moderatorSeeUserUi" small />
-						<label for="moderator-see-user-ui-toggle">
-							{{ formatMessage(messages.moderatorSeeUserUiToggle) }}
-						</label>
+						<label for="moderator-see-user-ui-toggle"> Show member UI </label>
 					</div>
 				</div>
 				<template v-if="userFacingUiVisible">
@@ -151,8 +149,9 @@ import {
 	Toggle,
 	useVIntl,
 } from '@modrinth/ui'
+import { isStaff } from '@modrinth/utils'
 import { useQuery, useQueryClient } from '@tanstack/vue-query'
-import { computed, type Ref, watch } from 'vue'
+import { computed, watch } from 'vue'
 
 import ConversationThread from '~/components/ui/thread/ConversationThread.vue'
 import { getProjectLink, isApproved, isRejected, isUnderReview } from '~/helpers/projects.js'
@@ -160,7 +159,6 @@ import { getProjectLink, isApproved, isRejected, isUnderReview } from '~/helpers
 const { formatMessage } = useVIntl()
 const flags = useFeatureFlags()
 
-type ProjectPageMember = Labrinth.Projects.v3.TeamMember & { staffOnly?: boolean }
 type ModerationAdmonitionSection =
 	| {
 			type: 'paragraph'
@@ -181,10 +179,6 @@ const messages = defineMessages({
 		id: 'project.moderation.thread.title',
 		defaultMessage: 'Moderation messages',
 	},
-	moderatorSeeUserUiToggle: {
-		id: 'project.moderation.thread.moderator-see-user-ui-toggle',
-		defaultMessage: 'Show member UI',
-	},
 	threadPrivateDescription: {
 		id: 'project.moderation.thread.private-description',
 		defaultMessage:
@@ -213,18 +207,10 @@ const messages = defineMessages({
 })
 
 const { addNotification } = injectNotificationManager()
-const {
-	projectV2: project,
-	currentMember: currentMemberRaw,
-	invalidate,
-	allMembers,
-} = injectProjectPageContext()
-const currentMember = currentMemberRaw as Ref<ProjectPageMember | null>
+const { projectV2: project, currentMember, invalidate, allMembers } = injectProjectPageContext()
 
 const canAccess = computed(() => !!currentMember.value)
-const userFacingUiVisible = computed(
-	() => !!currentMember.value && (!currentMember.value.staffOnly || moderatorSeeUserUi.value),
-)
+const userFacingUiVisible = computed(() => !!currentMember.value && moderatorSeeUserUi.value)
 
 const approvedAdmonitionMessage = computed<MessageDescriptor | null>(() => {
 	switch (project.value?.status) {
diff --git a/apps/frontend/src/pages/[type]/[project]/settings.vue b/apps/frontend/src/pages/[type]/[project]/settings.vue
index 45ea37ca34..96b7886fd9 100644
--- a/apps/frontend/src/pages/[type]/[project]/settings.vue
+++ b/apps/frontend/src/pages/[type]/[project]/settings.vue
@@ -17,6 +17,7 @@ import {
 	commonMessages,
 	commonProjectSettingsMessages,
 	injectProjectPageContext,
+	Toggle,
 	useVIntl,
 } from '@modrinth/ui'
 import { isStaff } from '@modrinth/utils'
@@ -47,10 +48,8 @@ const navItems = computed(() => {
 		projectV3.value?.project_types?.some((type) => ['mod', 'modpack'].includes(type)) &&
 		isStaff(currentMember.value?.user)
 
-	const hasPermissionsPage = computed(
-		() =>
-			flags.value.modpackPermissionsPage &&
-			projectV3.value?.project_types?.some((type) => ['modpack'].includes(type)),
+	const hasPermissionsPage = computed(() =>
+		projectV3.value?.project_types?.some((type) => ['modpack'].includes(type)),
 	)
 
 	const items = [
@@ -82,16 +81,16 @@ const navItems = computed(() => {
 			label: formatMessage(commonProjectSettingsMessages.description),
 			icon: AlignLeftIcon,
 		},
-		hasPermissionsPage.value && {
-			link: `/${base}/settings/permissions`,
-			label: formatMessage(commonProjectSettingsMessages.permissions),
-			icon: SignatureIcon,
-		},
 		!isServerProject.value && {
 			link: `/${base}/settings/versions`,
 			label: formatMessage(commonProjectSettingsMessages.versions),
 			icon: VersionIcon,
 		},
+		hasPermissionsPage.value && {
+			link: `/${base}/settings/permissions`,
+			label: formatMessage(commonProjectSettingsMessages.permissions),
+			icon: SignatureIcon,
+		},
 		!isServerProject.value && {
 			link: `/${base}/settings/license`,
 			label: formatMessage(commonProjectSettingsMessages.license),
@@ -144,6 +143,16 @@ watch(route, () => {
 	const scrollY = scroll.y.value
 	setTimeout(() => window.scrollTo(0, scrollY), 10)
 })
+
+const moderatorSeeUserUi = computed<boolean>({
+	get() {
+		return flags.value.showModeratorProjectMemberUi
+	},
+	set(value: boolean) {
+		flags.value.showModeratorProjectMemberUi = value
+		saveFeatureFlags()
+	},
+})
 </script>
 
 <template>
@@ -167,6 +176,10 @@ watch(route, () => {
 		<div class="grid gap-4 lg:grid-cols-[1fr_3fr]">
 			<div>
 				<NavStack :items="navItems" />
+				<div v-if="isStaff(currentMember?.user)" class="mt-4 flex items-center gap-2">
+					<Toggle id="moderator-see-user-ui-toggle" v-model="moderatorSeeUserUi" small />
+					<label for="moderator-see-user-ui-toggle"> Show member UI </label>
+				</div>
 			</div>
 			<div class="min-w-0">
 				<NuxtPage />
diff --git a/apps/frontend/src/pages/[type]/[project]/settings/permissions.vue b/apps/frontend/src/pages/[type]/[project]/settings/permissions.vue
index 2d50a45c5d..aeb1acdb88 100644
--- a/apps/frontend/src/pages/[type]/[project]/settings/permissions.vue
+++ b/apps/frontend/src/pages/[type]/[project]/settings/permissions.vue
@@ -1,51 +1,303 @@
 <script setup lang="ts">
-import { RightArrowIcon, SearchIcon, SortAscIcon, SortDescIcon } from '@modrinth/assets'
+import type { Labrinth } from '@modrinth/api-client'
+import {
+	ArrowDown10Icon,
+	ArrowDownWideNarrowIcon,
+	ClockArrowDownIcon,
+	FoldVerticalIcon,
+	PauseIcon,
+	RightArrowIcon,
+	ScaleIcon,
+	SearchIcon,
+	UnfoldVerticalIcon,
+	XCircleIcon,
+} from '@modrinth/assets'
 import {
 	Admonition,
 	ButtonStyled,
 	Combobox,
 	type ComboboxOption,
 	commonMessages,
+	createAttributionGroupTitle,
+	defineMessage,
 	defineMessages,
 	EmptyState,
+	ExternalProjectPermissionsCard,
+	injectModrinthClient,
+	injectProjectPageContext,
 	IntlFormatted,
 	StyledInput,
 	useVIntl,
 } from '@modrinth/ui'
-import ExternalProjectPermissionsCard from '@modrinth/ui/src/components/external_files/ExternalProjectPermissionsCard.vue'
-import { ref } from 'vue'
+import { isStaff } from '@modrinth/utils'
+import { useQuery } from '@tanstack/vue-query'
+import { computed, ref, watch } from 'vue'
 
-const { formatMessage } = useVIntl()
+import { setupAttributionModerationProvider } from '~/providers/setup/attribution-moderation'
+
+setupAttributionModerationProvider()
+
+const auth = await useAuth()
 const flags = useFeatureFlags()
 
-if (!flags.value.modpackPermissionsPage) {
-	throw createError({
-		fatal: true,
-		statusCode: 404,
-	})
-}
+const isModerator = computed(() => {
+	return isStaff(auth.value?.user) && !flags.value.showModeratorProjectMemberUi
+})
+
+const { formatMessage } = useVIntl()
+const { projectV2: project } = injectProjectPageContext()
+const { labrinth } = injectModrinthClient()
+
+type SortType = 'status' | 'most_files' | 'recently_edited' | 'rejected'
 
-const externalFiles = ref([{}])
 const searchQuery = ref('')
-const currentSortType = ref('Oldest')
+const currentSortType = ref<SortType>('status')
+const cardCollapsedById = ref<Record<string, boolean>>({})
+
+const {
+	data: attributionData,
+	error: attributionError,
+	isPending: pending,
+} = useQuery<Labrinth.Attribution.Internal.AttributionGroup[]>({
+	queryKey: ['project-attribution', project.value.id],
+	queryFn: () => labrinth.attribution_internal.listProjectAttribution(project.value.id),
+})
+
+const sortRejectedLabel = defineMessage({
+	id: 'project.settings.permissions.sort.rejected',
+	defaultMessage: 'Rejected',
+})
+
+const sortTypes = computed<ComboboxOption<SortType>[]>(() => {
+	const options: ComboboxOption<SortType>[] = [
+		{
+			value: 'status',
+			label: formatMessage(
+				defineMessage({
+					id: 'project.settings.permissions.sort.status',
+					defaultMessage: 'Status',
+				}),
+			),
+		},
+		{
+			value: 'most_files',
+			label: formatMessage(
+				defineMessage({
+					id: 'project.settings.permissions.sort.most-files',
+					defaultMessage: 'Most files',
+				}),
+			),
+		},
+		{
+			value: 'recently_edited',
+			label: formatMessage(
+				defineMessage({
+					id: 'project.settings.permissions.sort.recently-edited',
+					defaultMessage: 'Recently edited',
+				}),
+			),
+		},
+	]
+	if (hasMixedModerationStatus.value) {
+		options.push({
+			value: 'rejected',
+			label: formatMessage(sortRejectedLabel),
+		})
+	}
+	return options
+})
+
+const currentSortLabel = computed(() => {
+	return sortTypes.value.find((option) => option.value === currentSortType.value)?.label ?? ''
+})
+
+function isAttributed(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	return !!group.attribution && !isNoPermission(group)
+}
+
+function isNoPermission(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	return group.attribution?.kind === 'no_permission'
+}
+
+function isModerationRejected(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	const kind = group.attribution?.moderation_status?.kind
+	return kind === 'bad_proof' || kind === 'not_allowed'
+}
+
+function isNotAllowed(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	return group.attribution?.moderation_status?.kind === 'not_allowed'
+}
+
+function isBadProof(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	return group.attribution?.moderation_status?.kind === 'bad_proof'
+}
+
+function needsModerationApproval(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	const attribution = group.attribution
+	if (!attribution || attribution.kind === 'globally_allowed') {
+		return false
+	}
+	return !attribution.moderation_status
+}
+
+function rejectedSortRank(group: Labrinth.Attribution.Internal.AttributionGroup): number {
+	if (isModerationRejected(group)) {
+		return 0
+	}
+	if (group.attribution?.moderation_status?.kind === 'approved') {
+		return 1
+	}
+	return 2
+}
+
+const hasMixedModerationStatus = computed(() => {
+	const groups = attributionData.value ?? []
+	let hasRejected = false
+	let hasNonRejected = false
+	for (const group of groups) {
+		if (isModerationRejected(group)) {
+			hasRejected = true
+		} else {
+			hasNonRejected = true
+		}
+		if (hasRejected && hasNonRejected) {
+			return true
+		}
+	}
+	return false
+})
+
+watch(hasMixedModerationStatus, (mixed) => {
+	if (!mixed && currentSortType.value === 'rejected') {
+		currentSortType.value = 'status'
+	}
+})
+
+function statusSortRank(group: Labrinth.Attribution.Internal.AttributionGroup): number {
+	if (isNoPermission(group)) {
+		return 0
+	} else if (!group.attribution) {
+		return 1
+	} else if (group.attribution?.kind === 'globally_allowed') {
+		return 3
+	} else {
+		return 2
+	}
+}
+
+function alphabetSortKey(group: Labrinth.Attribution.Internal.AttributionGroup): string {
+	return createAttributionGroupTitle(group, formatMessage)
+}
+
+function compareAlphabetical(
+	a: Labrinth.Attribution.Internal.AttributionGroup,
+	b: Labrinth.Attribution.Internal.AttributionGroup,
+): number {
+	return alphabetSortKey(a).localeCompare(alphabetSortKey(b), undefined, { sensitivity: 'base' })
+}
+
+function attributedTimestamp(group: Labrinth.Attribution.Internal.AttributionGroup): number {
+	if (!group.attributed_at) return Number.NEGATIVE_INFINITY
+	const t = Date.parse(group.attributed_at)
+	return Number.isNaN(t) ? Number.NEGATIVE_INFINITY : t
+}
+
+function groupMatchesPermissionsSearch(
+	group: Labrinth.Attribution.Internal.AttributionGroup,
+	queryTrimmed: string,
+): boolean {
+	const query = queryTrimmed.toLowerCase()
+	if (group.flame_project?.title?.toLowerCase().includes(query)) {
+		return true
+	}
+	return (group.files ?? []).some((file) => file.name.toLowerCase().includes(query))
+}
+
+const filteredGroups = computed(() => {
+	const groups = attributionData.value ?? []
+	const queryTrimmed = searchQuery.value.trim()
+	const filtered = queryTrimmed
+		? groups.filter((group) => groupMatchesPermissionsSearch(group, queryTrimmed))
+		: [...groups]
+	const sortMode = currentSortType.value
+	filtered.sort(compareAlphabetical)
+	filtered.sort((a, b) => {
+		if (sortMode === 'status') {
+			return statusSortRank(a) - statusSortRank(b)
+		}
+		if (sortMode === 'most_files') {
+			const ac = a.files?.length ?? 0
+			const bc = b.files?.length ?? 0
+			return bc - ac
+		}
+		if (sortMode === 'rejected') {
+			return rejectedSortRank(a) - rejectedSortRank(b)
+		}
+		const at = attributedTimestamp(a)
+		const bt = attributedTimestamp(b)
+		return bt - at
+	})
+	return filtered
+})
+
+const totalGroups = computed(() => attributionData.value?.length ?? 0)
+
+const stats = computed(() => {
+	const groups = attributionData.value ?? []
+	let attributed = 0
+	let pending = 0
+	let noPermission = 0
+	for (const group of groups) {
+		if (isNoPermission(group)) {
+			noPermission++
+		} else if (isAttributed(group)) {
+			attributed++
+		} else {
+			pending++
+		}
+	}
+	return { total: groups.length, attributed, pending, noPermission }
+})
+
+const pendingApprovalCount = computed(() => {
+	const groups = attributionData.value ?? []
+	return groups.filter(needsModerationApproval).length
+})
+
+const noPermissionCount = computed(() => {
+	const groups = attributionData.value ?? []
+	return groups.filter((group) => group.attribution?.kind === 'no_permission').length
+})
+
+const notAllowedCount = computed(() => {
+	const groups = attributionData.value ?? []
+	return groups.filter(isNotAllowed).length
+})
+
+const badProofCount = computed(() => {
+	const groups = attributionData.value ?? []
+	return groups.filter(isBadProof).length
+})
+
+const pendingCount = computed(() => {
+	const groups = attributionData.value ?? []
+	return groups.filter((group) => !group.attribution || isModerationRejected(group)).length
+})
+
+const projectIsApproved = computed(() => project.value.status === 'approved')
 
-const sortTypes: ComboboxOption<string>[] = [
-	{ value: 'Oldest', label: 'Oldest' },
-	{ value: 'Newest', label: 'Newest' },
-]
 const messages = defineMessages({
 	searchPlaceholder: {
 		id: 'project.settings.permissions.search-placeholder',
-		defaultMessage:
-			'Search {count} {count, plural, one {external project} other {external projects}}...',
+		defaultMessage: 'Search {count} {count, plural, one {project} other {projects}}...',
 	},
 	infoBannerTitle: {
 		id: 'project.settings.permissions.info-banner.title',
-		defaultMessage: 'Learn how attributions work',
+		defaultMessage: 'Learn about distribution permissions',
 	},
 	infoBannerDescription: {
 		id: 'project.settings.permissions.info-banner.description',
-		defaultMessage: `If you include content that isn’t hosted on Modrinth, you need to let us know where it’s from and verify that you have permission to distribute the files. Check out <link>our guide</link> to learn about how to do this properly!`,
+		defaultMessage: `If you include content that isn’t hosted on Modrinth, you need to let us know where it’s from and verify that you have permission to distribute the files. Check out <link>our announcement of this new system</link> to learn more!`,
 	},
 	learnMore: {
 		id: 'project.settings.permissions.learn-more',
@@ -57,15 +309,16 @@ const messages = defineMessages({
 	},
 	emptyStateDescription: {
 		id: 'project.settings.permissions.empty-state.description',
-		defaultMessage: `None of your versions contain external content, so you don't need to worry about obtaining permissions.`,
+		defaultMessage: `None of your project's versions contain external content, so you don't need to worry about obtaining permissions.`,
 	},
 	completedTitle: {
 		id: 'project.settings.permissions.completed.title',
-		defaultMessage: `Attributions completed!`,
+		defaultMessage: `Permissions completed!`,
 	},
 	completedDescription: {
 		id: 'project.settings.permissions.completed.description',
-		defaultMessage: 'All external content has attributions provided.',
+		defaultMessage:
+			'All external content has permission information and attributions have been provided.',
 	},
 	failTitle: {
 		id: 'project.settings.permissions.fail.title',
@@ -73,107 +326,280 @@ const messages = defineMessages({
 	},
 	failDescription: {
 		id: 'project.settings.permissions.fail.description',
-		defaultMessage: `You don't have permission to redistribute some of the external content you've added. In order to publish on Modrinth, remove the infringing content.`,
+		defaultMessage: `You may not have permission to redistribute some of the external content in your project. In order to publish on Modrinth, please remove this content or provide proof that you do have permission to use it.`,
+	},
+	notAllowedDescription: {
+		id: 'project.settings.permissions.not-allowed.description',
+		defaultMessage: `Some of the external content included cannot be distributed on Modrinth because it violates our Content Rules and must be removed.`,
+	},
+	badProofTitle: {
+		id: 'project.settings.permissions.bad-proof.title',
+		defaultMessage: `Some proofs were rejected`,
+	},
+	badProofDescription: {
+		id: 'project.settings.permissions.bad-proof.description',
+		defaultMessage: `Modrinth's moderation team has rejected the permission information you provided for some external content. Please review the rejected items below and provide acceptable proof or remove the content.`,
 	},
 	attentionNeededTitle: {
 		id: 'project.settings.permissions.attention-needed.title',
-		defaultMessage: `Unknown embedded content`,
+		defaultMessage: `Unknown external content`,
 	},
 	attentionNeededDescriptionApproved: {
 		id: 'project.settings.permissions.attention-needed.description.proj-approved',
-		defaultMessage: `Please provide proof that you have permission to redistribute all of the following files and any withheld versions will be automatically published.`,
+		defaultMessage: `Please provide proof that you have permission to redistribute all of the following files. Once completed, withheld versions will be automatically published.`,
 	},
 	attentionNeededDescriptionDraft: {
 		id: 'project.settings.permissions.attention-needed.description.proj-draft',
-		defaultMessage: `Please provide proof that you have permission to redistribute all of the following files before you can submit your project for review.`,
+		defaultMessage: `Please provide proof that you have permission to redistribute all of the following files before submitting your project for review.`,
+	},
+	noResults: {
+		id: 'project.settings.permissions.no-results',
+		defaultMessage: 'No external files match your search.',
+	},
+	collapseAll: {
+		id: 'project.settings.permissions.collapse-all',
+		defaultMessage: 'Collapse all',
+	},
+	expandAll: {
+		id: 'project.settings.permissions.expand-all',
+		defaultMessage: 'Expand all',
+	},
+	pendingApprovalCount: {
+		id: 'project.settings.permissions.pending-approval-count',
+		defaultMessage:
+			'{count, plural, =0 {No attributions need approval} one {# attribution needs approval} other {# attributions need approval}}',
 	},
 })
 
+function defaultCardCollapsed(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	if (group?.attribution?.kind === 'globally_allowed') {
+		return true
+	}
+	if (!isModerator.value) {
+		const hasAttribution = !!group.attribution
+		const rejectedProof = group.attribution?.moderation_status?.kind === 'bad_proof'
+		return hasAttribution && !rejectedProof
+	}
+	return false
+}
+
+function getCardCollapsed(group: Labrinth.Attribution.Internal.AttributionGroup): boolean {
+	return cardCollapsedById.value[group.id] ?? defaultCardCollapsed(group)
+}
+
+function setCardCollapsed(groupId: string, collapsed: boolean) {
+	cardCollapsedById.value = { ...cardCollapsedById.value, [groupId]: collapsed }
+}
+
+const allCardsCollapsed = computed(() => {
+	const groups = filteredGroups.value
+	if (groups.length === 0) {
+		return true
+	}
+	return groups.every((group) => getCardCollapsed(group))
+})
+
+const expandCollapseAllLabel = computed(() =>
+	formatMessage(allCardsCollapsed.value ? messages.expandAll : messages.collapseAll),
+)
+
+function toggleAllCardsCollapsed() {
+	const collapsed = !allCardsCollapsed.value
+	const next = { ...cardCollapsedById.value }
+	for (const group of filteredGroups.value) {
+		next[group.id] = collapsed
+	}
+	cardCollapsedById.value = next
+}
+
 function dismissInfoBanner() {
 	flags.value.dismissedExternalProjectsInfo = true
 	saveFeatureFlags()
 }
 </script>
 <template>
-	<template v-if="externalFiles.length > 0">
-		<Admonition
-			v-if="!flags.dismissedExternalProjectsInfo"
-			type="info"
-			class="mb-4"
-			:header="formatMessage(messages.infoBannerTitle)"
-			dismissible
-			@dismiss="dismissInfoBanner"
-		>
-			<IntlFormatted :message-id="messages.infoBannerDescription">
-				<template #link="{ children }">
-					<a class="text-link" target="_blank"> <component :is="() => children" /> </a>
-				</template>
-			</IntlFormatted>
-			<template #actions>
-				<div class="flex">
-					<ButtonStyled color="blue">
-						<a> {{ formatMessage(messages.learnMore) }} <RightArrowIcon /> </a>
-					</ButtonStyled>
-				</div>
+	<Admonition
+		v-if="!flags.dismissedExternalProjectsInfo && !isModerator"
+		type="info"
+		class="mb-4"
+		:header="formatMessage(messages.infoBannerTitle)"
+		dismissible
+		@dismiss="dismissInfoBanner"
+	>
+		<IntlFormatted :message-id="messages.infoBannerDescription">
+			<template #link="{ children }">
+				<nuxt-link class="text-link" to="/news/article/modpack-permissions/" target="_blank">
+					<component :is="() => children" />
+				</nuxt-link>
 			</template>
-		</Admonition>
-		<Admonition
-			v-if="true"
-			type="success"
-			class="mb-4"
-			:header="formatMessage(messages.completedTitle)"
-			:body="formatMessage(messages.completedDescription)"
-		/>
-		<Admonition
-			v-if="true"
-			type="warning"
-			class="mb-4"
-			:header="formatMessage(messages.attentionNeededTitle)"
-			:body="formatMessage(messages.attentionNeededDescriptionDraft)"
-		/>
-		<Admonition
-			v-if="true"
-			type="critical"
-			class="mb-4"
-			:header="formatMessage(messages.failTitle)"
-			:body="formatMessage(messages.failDescription)"
-		/>
-		<div class="grid grid-cols-[1fr_auto] gap-2">
-			<StyledInput
-				v-model="searchQuery"
-				type="search"
-				:placeholder="
-					formatMessage(messages.searchPlaceholder, {
-						count: externalFiles.length,
-					})
+		</IntlFormatted>
+		<template #actions>
+			<div class="flex">
+				<ButtonStyled color="blue">
+					<a> {{ formatMessage(messages.learnMore) }} <RightArrowIcon /> </a>
+				</ButtonStyled>
+			</div>
+		</template>
+	</Admonition>
+	<template v-if="pending">
+		<div class="flex flex-col gap-3">
+			<div
+				v-for="i in 3"
+				:key="i"
+				class="h-[56px] w-full animate-pulse rounded-2xl bg-surface-3"
+			></div>
+		</div>
+	</template>
+	<template v-else-if="totalGroups > 0">
+		<template v-if="!isModerator">
+			<Admonition
+				v-if="
+					stats.pending === 0 &&
+					stats.noPermission === 0 &&
+					notAllowedCount === 0 &&
+					badProofCount === 0
+				"
+				type="success"
+				class="mb-4"
+				:header="formatMessage(messages.completedTitle)"
+				:body="formatMessage(messages.completedDescription)"
+			/>
+			<Admonition
+				v-else-if="notAllowedCount > 0"
+				type="critical"
+				class="mb-4"
+				:header="formatMessage(messages.failTitle)"
+				:body="formatMessage(messages.notAllowedDescription)"
+			/>
+			<Admonition
+				v-else-if="stats.noPermission > 0"
+				type="critical"
+				class="mb-4"
+				:header="formatMessage(messages.failTitle)"
+				:body="formatMessage(messages.failDescription)"
+			/>
+			<Admonition
+				v-else-if="badProofCount > 0"
+				type="critical"
+				class="mb-4"
+				:header="formatMessage(messages.badProofTitle)"
+				:body="formatMessage(messages.badProofDescription)"
+			/>
+			<Admonition
+				v-else-if="stats.pending > 0"
+				type="warning"
+				class="mb-4"
+				:header="formatMessage(messages.attentionNeededTitle)"
+				:body="
+					formatMessage(
+						projectIsApproved
+							? messages.attentionNeededDescriptionApproved
+							: messages.attentionNeededDescriptionDraft,
+					)
 				"
-				:icon="SearchIcon"
-				input-class="h-[40px]"
 			/>
-			<div>
-				<Combobox
-					v-model="currentSortType"
-					class="!w-full flex-grow sm:!w-[150px] sm:flex-grow-0 lg:!w-[150px]"
-					:options="sortTypes"
-					:placeholder="formatMessage(commonMessages.sortByLabel)"
-				>
-					<template #selected>
-						<span class="flex flex-row gap-2 align-middle font-semibold">
-							<SortAscIcon
-								v-if="currentSortType === 'Oldest'"
-								class="size-5 flex-shrink-0 text-secondary"
-							/>
-							<SortDescIcon v-else class="size-5 flex-shrink-0 text-secondary" />
-							<span class="truncate text-contrast">{{ currentSortType }}</span>
-						</span>
-					</template>
-				</Combobox>
+		</template>
+		<div class="flex flex-col gap-2">
+			<div class="grid grid-cols-[1fr_auto_auto] gap-2">
+				<StyledInput
+					v-model="searchQuery"
+					type="text"
+					autocomplete="off"
+					clearable
+					:placeholder="
+						formatMessage(messages.searchPlaceholder, {
+							count: totalGroups,
+						})
+					"
+					:icon="SearchIcon"
+					input-class="h-[40px]"
+				/>
+				<div>
+					<Combobox
+						v-model="currentSortType"
+						class="!w-full flex-grow sm:!w-[220px] sm:flex-grow-0 [&>span]:h-[40px]"
+						:options="sortTypes"
+						:placeholder="formatMessage(commonMessages.sortByLabel)"
+					>
+						<template #selected>
+							<span class="flex flex-row gap-2 align-middle font-semibold">
+								<ArrowDownWideNarrowIcon
+									v-if="currentSortType === 'status'"
+									class="size-5 flex-shrink-0 text-secondary"
+								/>
+								<ArrowDown10Icon
+									v-else-if="currentSortType === 'most_files'"
+									class="size-5 flex-shrink-0 text-secondary"
+								/>
+								<ClockArrowDownIcon
+									v-else-if="currentSortType === 'recently_edited'"
+									class="size-5 flex-shrink-0 text-secondary"
+								/>
+								<ArrowDownWideNarrowIcon
+									v-else-if="currentSortType === 'rejected'"
+									class="size-5 flex-shrink-0 text-secondary"
+								/>
+								<span class="truncate text-contrast">{{ currentSortLabel }}</span>
+							</span>
+						</template>
+					</Combobox>
+				</div>
+				<ButtonStyled>
+					<button type="button" class="!h-[40px]" @click="toggleAllCardsCollapsed">
+						<UnfoldVerticalIcon
+							v-if="allCardsCollapsed"
+							class="size-5 flex-shrink-0 text-secondary"
+						/>
+						<FoldVerticalIcon v-else class="size-5 flex-shrink-0 text-secondary" />
+						{{ expandCollapseAllLabel }}
+					</button>
+				</ButtonStyled>
 			</div>
 		</div>
+		<div v-if="isModerator" class="mt-4 flex flex-wrap items-center gap-3">
+			<template v-if="noPermissionCount > 0">
+				<span class="flex items-center gap-1 text-red">
+					<XCircleIcon class="size-4 shrink-0" /> {{ noPermissionCount }} with no permission
+				</span>
+				<span class="text-surface-5">•</span>
+			</template>
+			<template v-if="pendingCount > 0">
+				<span class="flex items-center gap-1 text-orange">
+					<PauseIcon class="size-4 shrink-0" /> {{ pendingCount }} need user action
+				</span>
+				<span class="text-surface-5">•</span>
+			</template>
+			<span v-if="pendingApprovalCount > 0" class="flex items-center gap-1 text-contrast">
+				<ScaleIcon class="size-4 shrink-0" /> {{ pendingApprovalCount }} awaiting review
+			</span>
+			<span v-else class="flex items-center gap-1 text-secondary">
+				<ScaleIcon class="size-4 shrink-0" /> None awaiting review
+			</span>
+		</div>
 		<div class="mt-4 flex flex-col gap-3">
-			<ExternalProjectPermissionsCard title="FTB Library" />
+			<TransitionGroup name="list">
+				<ExternalProjectPermissionsCard
+					v-for="group in filteredGroups"
+					:key="group.id"
+					:collapsed="getCardCollapsed(group)"
+					:project-id="project.id"
+					:group="group"
+					:is-moderator="isModerator"
+					@update:collapsed="setCardCollapsed(group.id, $event)"
+				/>
+				<EmptyState
+					v-if="filteredGroups.length === 0"
+					:heading="formatMessage(messages.noResults)"
+					type="no-search-result"
+				/>
+			</TransitionGroup>
 		</div>
 	</template>
+	<div v-else-if="attributionError">
+		<p v-if="attributionError" class="my-12 text-center text-red">
+			{{ attributionError }}
+		</p>
+	</div>
 	<template v-else>
 		<EmptyState
 			:heading="formatMessage(messages.emptyStateHeading)"
@@ -182,3 +608,18 @@ function dismissInfoBanner() {
 		/>
 	</template>
 </template>
+<style scoped>
+.list-enter-from {
+	opacity: 0;
+	transform: translateY(-10px);
+}
+
+.list-leave-to {
+	opacity: 0;
+	transform: translateY(10px);
+}
+
+.list-move {
+	transition: transform 200ms ease-in-out;
+}
+</style>
diff --git a/apps/frontend/src/pages/[type]/[project]/settings/versions.vue b/apps/frontend/src/pages/[type]/[project]/settings/versions.vue
index 25b29c2e5d..b64ee956a5 100644
--- a/apps/frontend/src/pages/[type]/[project]/settings/versions.vue
+++ b/apps/frontend/src/pages/[type]/[project]/settings/versions.vue
@@ -14,21 +14,22 @@
 			proceed-label="Delete"
 			@proceed="deleteVersion()"
 		/>
-
 		<Admonition
-			v-if="flags.modpackPermissionsPage && withheldVersions.length > 0"
-			type="warning"
+			v-if="withheldVersions.length > 0"
+			type="circle-warning"
 			class="mb-4"
 			:header="
 				formatMessage(messages.withheldVersionsWarningTitle, {
 					count: withheldVersions.length,
-					version_name: withheldVersions.length === 1 ? withheldVersions[0] : undefined,
+					version_name:
+						withheldVersions.length === 1 ? withheldVersions[0].version_number : undefined,
 				})
 			"
 			:body="
 				formatMessage(messages.withheldVersionsWarningDescription, {
 					count: withheldVersions.length,
-					version_name: withheldVersions.length === 1 ? withheldVersions[0] : undefined,
+					version_name:
+						withheldVersions.length === 1 ? withheldVersions[0].version_number : undefined,
 				})
 			"
 		>
@@ -40,7 +41,8 @@
 								project.slug ? project.slug : project.id
 							}/settings/permissions`"
 						>
-							{{ formatMessage(messages.withheldVersionsWarningResolve) }} <RightArrowIcon />
+							{{ formatMessage(commonProjectSettingsMessages.withheldVersionsWarningResolve) }}
+							<RightArrowIcon />
 						</nuxt-link>
 					</ButtonStyled>
 				</div>
@@ -333,6 +335,7 @@ import {
 import {
 	Admonition,
 	ButtonStyled,
+	commonProjectSettingsMessages,
 	ConfirmModal,
 	defineMessages,
 	injectModrinthClient,
@@ -458,7 +461,9 @@ async function deleteVersion() {
 	stopLoading()
 }
 
-const withheldVersions = computed(() => ['4.0.0'])
+const withheldVersions = computed(() =>
+	versions.value.filter((x) => x.files_missing_attribution?.length > 0),
+)
 
 const messages = defineMessages({
 	withheldVersionsWarningTitle: {
@@ -471,9 +476,5 @@ const messages = defineMessages({
 		defaultMessage:
 			'{count, plural, one {This version is} other {These versions are}} currently withheld and not publicly listed. Please provide proof that you have permission to redistribute certain files included in the modpack {count, plural, one {version} other {versions}}.',
 	},
-	withheldVersionsWarningResolve: {
-		id: 'project.versions.withheld-versions-warning.resolve-button',
-		defaultMessage: 'Resolve',
-	},
 })
 </script>
diff --git a/apps/frontend/src/pages/[type]/[project]/version/[version].vue b/apps/frontend/src/pages/[type]/[project]/version/[version].vue
index 20a4737f86..ada828c445 100644
--- a/apps/frontend/src/pages/[type]/[project]/version/[version].vue
+++ b/apps/frontend/src/pages/[type]/[project]/version/[version].vue
@@ -1,789 +1,592 @@
 <template>
-	<div v-if="version" class="version-page">
-		<CreateProjectVersionModal v-if="currentMember" ref="createProjectVersionModal" />
+	<div>
+		<CreateProjectVersionModal v-if="currentMember" ref="editModal" @save="handleVersionSaved" />
 		<ConfirmModal
 			v-if="currentMember"
-			ref="modal_confirm"
-			title="Are you sure you want to delete this version?"
-			description="This will remove this version forever (like really forever)."
+			ref="confirmModal"
+			:title="formatMessage(messages.confirmTitle)"
+			:description="formatMessage(messages.confirmDescription)"
 			:has-to-type="false"
-			proceed-label="Delete"
+			:proceed-label="formatMessage(messages.proceedDeletion)"
 			@proceed="deleteVersion()"
 		/>
-		<Modal v-if="auth.user && currentMember" ref="modal_package_mod" header="Package data pack">
-			<div class="modal-package-mod universal-labels">
-				<div class="markdown-body">
-					<p>
-						Package your data pack as a mod. This will create a new version with support for the
-						selected mod loaders. You will be redirected to the new version and can edit it to your
-						liking.
-					</p>
-				</div>
-				<label for="package-mod-loaders">
-					<span class="label__title">Mod loaders</span>
-					<span class="label__description">
-						The mod loaders you would like to package your data pack for.
-					</span>
+		<NewModal
+			v-if="auth.user && currentMember"
+			ref="packageModal"
+			:header="formatMessage(messages.packageDataPackHeader)"
+		>
+			<div class="flex max-w-[35rem] flex-col">
+				<p class="m-0 mb-4">
+					{{ formatMessage(messages.packageDataPackDescription) }}
+				</p>
+				<label for="package-mod-loaders" class="mb-2 flex flex-col gap-1">
+					<span class="text-lg font-semibold text-contrast">{{
+						formatMessage(messages.modLoadersLabel)
+					}}</span>
+					<span>{{ formatMessage(messages.modLoadersDescription) }}</span>
 				</label>
 				<MultiSelect
 					id="package-mod-loaders"
 					v-model="packageLoaders"
-					class="package-loader-select"
+					class="max-w-[20rem]"
 					:options="packageLoaderOptions"
 					:searchable="false"
-					placeholder="Choose loaders..."
-					force-direction="up"
+					:placeholder="formatMessage(messages.modLoadersPlaceholder)"
 				/>
-				<div class="button-group">
-					<ButtonStyled>
-						<button @click="modal_package_mod?.hide()">
+				<div class="ml-auto mt-4 flex items-center gap-2">
+					<ButtonStyled type="outlined">
+						<button @click="packageModal?.hide()">
 							<XIcon aria-hidden="true" />
-							Cancel
+							{{ formatMessage(commonMessages.cancelButton) }}
 						</button>
 					</ButtonStyled>
 					<ButtonStyled color="brand">
-						<button @click="createDataPackVersionHandler">
+						<button :disabled="packageLoaders.length === 0" @click="createDataPackVersionHandler">
+							{{ formatMessage(messages.packageDataPack) }}
 							<RightArrowIcon aria-hidden="true" />
-							Begin packaging data pack
 						</button>
 					</ButtonStyled>
 				</div>
 			</div>
-		</Modal>
-		<div class="version-page__title universal-card">
-			<Breadcrumbs
-				:current-title="version.name"
-				:link-stack="[
-					{
-						href: getPreviousLink(),
-						label: getPreviousLabel(),
-					},
-				]"
-			/>
-			<div class="version-header">
-				<template v-if="isEditing">
-					<StyledInput
-						v-model="version.name"
-						placeholder="Enter a version title..."
-						:maxlength="256"
-					/>
-				</template>
-				<h2 :class="{ 'sr-only': isEditing }">
-					{{ version.name }}
-				</h2>
-			</div>
-			<div v-if="fieldErrors && showKnownErrors" class="known-errors">
-				<ul>
-					<li v-if="version.version_number === ''">Your version must have a version number.</li>
-					<li v-if="version.game_versions.length === 0">
-						Your version must have the supported Minecraft versions selected.
-					</li>
-					<li v-if="newFiles.length === 0 && version.files.length === 0 && !replaceFile">
-						Your version must have a file uploaded.
-					</li>
-					<li v-if="version.loaders.length === 0 && project.project_type !== 'resourcepack'">
-						Your version must have the supported mod loaders selected.
-					</li>
-				</ul>
-			</div>
-			<div v-if="isCreating" class="input-group">
-				<ButtonStyled color="brand">
-					<button :disabled="shouldPreventActions" @click="createVersion">
-						<PlusIcon aria-hidden="true" />
-						Create
-					</button>
-				</ButtonStyled>
-				<ButtonStyled>
-					<nuxt-link
-						v-if="auth.user"
-						:to="`/${project.project_type}/${project.slug ? project.slug : project.id}/versions`"
-					>
-						<XIcon aria-hidden="true" />
-						Cancel
-					</nuxt-link>
-				</ButtonStyled>
-			</div>
-			<div v-else-if="isEditing" class="input-group">
-				<ButtonStyled color="brand">
-					<button :disabled="shouldPreventActions" @click="saveEditedVersion">
-						<SaveIcon aria-hidden="true" />
-						Save
-					</button>
-				</ButtonStyled>
-				<ButtonStyled v-if="usesFeaturedVersions">
-					<button
-						v-tooltip="
-							`Featured versions are being phased out. If you're still using this for something in the API, seek an alternative soon.`
-						"
-						@click="version.featured = !version.featured"
-					>
-						<StarIcon aria-hidden="true" />
-						<template v-if="!version.featured"> Feature version (deprecated)</template>
-						<template v-else> Unfeature version (deprecated)</template>
-					</button>
-				</ButtonStyled>
-				<ButtonStyled>
-					<nuxt-link
-						v-if="currentMember"
-						class="action"
-						:to="`/${project.project_type}/${
-							project.slug ? project.slug : project.id
-						}/version/${encodeURI(version.displayUrlEnding ? version.displayUrlEnding : version.id)}`"
-					>
-						<XIcon aria-hidden="true" />
-						Discard changes
-					</nuxt-link>
-				</ButtonStyled>
-			</div>
-			<div v-else class="input-group mt-2">
-				<ButtonStyled v-if="primaryFile?.url && !currentMember" color="brand">
-					<a
-						v-tooltip="primaryFile.filename + ' (' + formatBytes(primaryFile.size) + ')'"
-						:href="decoratedPrimaryFileUrl"
-						:download="primaryFile.filename"
-						@click="emit('onDownload')"
-					>
-						<DownloadIcon aria-hidden="true" />
-						Download
-					</a>
-				</ButtonStyled>
-				<ButtonStyled v-if="!auth.user">
-					<nuxt-link :to="signInRouteObj">
-						<ReportIcon aria-hidden="true" />
-						Report
-					</nuxt-link>
-				</ButtonStyled>
-				<ButtonStyled v-else-if="!currentMember">
-					<button @click="() => reportVersion(version.id)">
-						<ReportIcon aria-hidden="true" />
-						Report
-					</button>
-				</ButtonStyled>
-				<ButtonStyled v-if="currentMember">
-					<button @click="handleOpenEditVersionModal(version.id, project.id, 'metadata')">
-						<BoxIcon aria-hidden="true" />
-						Edit metadata
-					</button>
-				</ButtonStyled>
-				<ButtonStyled v-if="currentMember">
-					<button @click="handleOpenEditVersionModal(version.id, project.id, 'add-details')">
-						<InfoIcon aria-hidden="true" />
-						Edit details
-					</button>
-				</ButtonStyled>
-				<ButtonStyled v-if="currentMember">
-					<button @click="handleOpenEditVersionModal(version.id, project.id, 'add-files')">
-						<FileIcon aria-hidden="true" />
-						Edit files
-					</button>
-				</ButtonStyled>
-				<ButtonStyled>
-					<button
-						v-if="
-							currentMember &&
-							version.loaders.some((x: string) => tags.loaderData.dataPackLoaders.includes(x))
-						"
-						@click="modal_package_mod?.show()"
-					>
-						<BoxIcon aria-hidden="true" />
-						Package as mod
-					</button>
-				</ButtonStyled>
-			</div>
-		</div>
-		<div class="version-page__changelog universal-card">
-			<h3>Changelog</h3>
-			<div
-				class="markdown-body"
-				v-html="
-					version.changelog ? renderHighlightedString(version.changelog) : 'No changelog specified.'
-				"
-			/>
-		</div>
-		<div
-			v-if="sortedDeps.length > 0 || (isEditing && project.project_type !== 'modpack')"
-			class="version-page__dependencies universal-card"
-		>
-			<h3>Dependencies</h3>
-
-			<div v-if="dependenciesLoading"><SpinnerIcon /> Loading dependencies...</div>
-
-			<template v-if="!dependenciesLoading">
-				<div
-					v-for="(dependency, index) in sortedDeps.filter((x) => !x.file_name)"
-					:key="index"
-					class="dependency"
-					:class="{ 'button-transparent': !isEditing }"
-					@click="!isEditing ? navigateToDependency(dependency) : {}"
+		</NewModal>
+		<div class="flex flex-col">
+			<nuxt-link
+				class="mb-4 flex w-fit items-center gap-2 rounded-lg px-2 py-0.5 pl-0 text-link"
+				:to="`/${project.project_type}/${project.slug ? project.slug : project.id}/versions`"
+			>
+				<ChevronLeftIcon class="shrink-0" /> {{ formatMessage(messages.allVersions) }}
+			</nuxt-link>
+			<template v-if="version">
+				<Admonition
+					v-if="version.files_missing_attribution?.length"
+					type="circle-warning"
+					:header="formatMessage(messages.unknownEmbeddedContent)"
+					:body="formatMessage(messages.unknownEmbeddedContentDescription)"
+					class="mb-4"
 				>
-					<Avatar
-						:src="dependency.project ? dependency.project.icon_url : null"
-						alt="dependency-icon"
-						size="sm"
-					/>
-					<nuxt-link
-						v-if="!isEditing"
-						:to="{ path: dependency.link, query: PROJECT_DEP_MARKER_QUERY }"
-						class="info"
-						@click.stop
-					>
-						<span class="project-title">
-							{{ dependency.project ? dependency.project.title : 'Unknown Project' }}
-						</span>
-						<span v-if="dependency.version" class="dep-type" :class="dependency.dependency_type">
-							Version {{ dependency.version.version_number }} is
-							{{ dependency.dependency_type }}
-						</span>
-						<span v-else class="dep-type" :class="dependency.dependency_type">
-							{{ dependency.dependency_type }}
-						</span>
-					</nuxt-link>
-					<div v-else class="info">
-						<span class="project-title">
-							{{ dependency.project ? dependency.project.title : 'Unknown Project' }}
-						</span>
-						<span v-if="dependency.version" class="dep-type" :class="dependency.dependency_type">
-							Version {{ dependency.version.version_number }} is
-							{{ dependency.dependency_type }}
-						</span>
-						<span v-else class="dep-type" :class="dependency.dependency_type">
-							{{ dependency.dependency_type }}
-						</span>
-					</div>
-					<ButtonStyled v-if="isEditing && project.project_type !== 'modpack'">
-						<button @click="version.dependencies.splice(index, 1)">
-							<TrashIcon aria-hidden="true" />
-							Remove
-						</button>
-					</ButtonStyled>
-				</div>
-
-				<div
-					v-for="(dependency, index) in sortedDeps.filter((x) => x.file_name)"
-					:key="index"
-					class="dependency"
+					<template #actions>
+						<div class="flex">
+							<ButtonStyled color="orange">
+								<nuxt-link
+									:to="`/${project.project_type}/${
+										project.slug ? project.slug : project.id
+									}/settings/permissions`"
+								>
+									{{ formatMessage(commonProjectSettingsMessages.withheldVersionsWarningResolve) }}
+									<RightArrowIcon />
+								</nuxt-link>
+							</ButtonStyled>
+						</div>
+					</template>
+				</Admonition>
+				<VersionPage
+					:version="version"
+					:enrichment="enrichment"
+					:members="members"
+					:user-link-creator="(user) => (moderator ? `/user/${user.id}` : undefined)"
+					:dependency-link-creator="createDependencyLink"
+					class="mb-4"
 				>
-					<Avatar alt="dependency-icon" size="sm" />
-					<div class="info">
-						<span class="project-title">
-							{{ dependency.file_name }}
-						</span>
-						<span class="dep-type" :class="dependency.dependency_type">Added via overrides</span>
-					</div>
-				</div>
-			</template>
-		</div>
-		<div class="version-page__files universal-card">
-			<h3>Files</h3>
-			<div
-				v-for="file in version.files"
-				:key="file.hashes.sha1"
-				:class="{
-					file: true,
-					primary: primaryFile.hashes.sha1 === file.hashes.sha1,
-				}"
-			>
-				<FileIcon aria-hidden="true" />
-				<span class="filename">
-					<strong>{{ file.filename }}</strong>
-					<span class="file-size">({{ formatBytes(file.size) }})</span>
-					<span v-if="primaryFile.hashes.sha1 === file.hashes.sha1" class="file-type">
-						Primary
-					</span>
-					<span
-						v-else-if="file.file_type === 'required-resource-pack' && !isEditing"
-						class="file-type"
-					>
-						Required resource pack
-					</span>
-					<span
-						v-else-if="file.file_type === 'optional-resource-pack' && !isEditing"
-						class="file-type"
-					>
-						Optional resource pack
-					</span>
-				</span>
-				<ButtonStyled>
-					<a
-						:href="decorateDownloadUrl(file.url)"
-						class="raised-button"
-						:title="`Download ${file.filename}`"
-						:download="file.filename"
-						tabindex="0"
-					>
-						<DownloadIcon aria-hidden="true" />
-						Download
-					</a>
-				</ButtonStyled>
-			</div>
-		</div>
-		<div class="version-page__metadata">
-			<div class="universal-card full-width-inputs">
-				<h3>Metadata</h3>
-				<div>
-					<h4>Release channel</h4>
-					<Badge
-						v-if="version.version_type === 'release'"
-						class="value"
-						type="release"
-						color="green"
-					/>
-					<Badge
-						v-else-if="version.version_type === 'beta'"
-						class="value"
-						type="beta"
-						color="orange"
-					/>
-					<Badge
-						v-else-if="version.version_type === 'alpha'"
-						class="value"
-						type="alpha"
-						color="red"
-					/>
-				</div>
-				<div>
-					<h4>Version number</h4>
-					<span>{{ version.version_number }}</span>
-				</div>
-				<div v-if="project.project_type !== 'resourcepack'">
-					<h4>Loaders</h4>
-
-					<span v-if="noModpackLoader">No mod loader</span>
-					<Categories v-else :categories="version.loaders ?? []" :type="project.project_type" />
-				</div>
-				<div>
-					<h4>Game versions</h4>
-					<span>{{ formatVersionDisplay(version.game_versions) }}</span>
-				</div>
-				<div v-if="!isEditing && environment">
-					<h4>Environment</h4>
-					<div class="flex items-center gap-1.5">
-						<template v-if="(environment as any).icon">
-							<component :is="(environment as any).icon" />
+					<template #headerActions="{ primaryFile, promotedFiles }">
+						<ButtonStyled color="brand">
+							<a
+								v-tooltip="
+									primaryFile?.url
+										? primaryFile.filename + ' (' + formatBytes(primaryFile.size) + ')'
+										: formatMessage(messages.noPrimaryFile)
+								"
+								:href="decoratedPrimaryFileUrl"
+								:download="primaryFile?.filename"
+								:disabled="primaryFile?.url === undefined"
+								@click="emit('onDownload')"
+							>
+								<DownloadIcon aria-hidden="true" />
+								{{ formatMessage(commonMessages.downloadButton) }}
+							</a>
+						</ButtonStyled>
+						<ButtonStyled
+							v-for="file in promotedFiles.filter(
+								(x) =>
+									!!x &&
+									(x.file_type === 'required-resource-pack' ||
+										x.file_type === 'optional-resource-pack'),
+							)"
+							:key="`promoted-file-${file.hashes.sha1}`"
+						>
+							<a
+								v-tooltip="file.filename + ' (' + formatBytes(file.size) + ')'"
+								:href="
+									createProjectDownloadUrl(file.url, {
+										reason: 'dependency',
+									})
+								"
+								:download="primaryFile?.filename"
+								:disabled="primaryFile?.url === undefined"
+								@click="emit('onDownload')"
+							>
+								<DownloadIcon aria-hidden="true" />
+								<template v-if="file.file_type === 'required-resource-pack'">
+									{{ formatMessage(messages.requiredResourcePack) }}
+								</template>
+								<template v-else-if="file.file_type === 'optional-resource-pack'">
+									{{ formatMessage(messages.optionalResourcePack) }}
+								</template>
+							</a>
+						</ButtonStyled>
+						<template v-if="currentMember">
+							<ButtonStyled
+								v-if="
+									version.loaders.some((x: string) => tags.loaderData.dataPackLoaders.includes(x))
+								"
+							>
+								<button @click="packageModal?.show()">
+									<PackageClosedIcon aria-hidden="true" />
+									{{ formatMessage(messages.packageAsMod) }}
+								</button>
+							</ButtonStyled>
+							<ButtonStyled>
+								<OverflowMenu
+									:dropdown-id="`${baseId}-edit-overflow`"
+									class="btn-dropdown-animation"
+									:options="[
+										{
+											id: 'edit-metadata',
+											action: () => handleOpenEditVersionModal(version!.id, project.id, 'metadata'),
+										},
+										{
+											id: 'edit-details',
+											action: () =>
+												handleOpenEditVersionModal(version!.id, project.id, 'add-details'),
+										},
+										{
+											id: 'edit-files',
+											action: () =>
+												handleOpenEditVersionModal(version!.id, project.id, 'add-files'),
+										},
+										{
+											id: 'delete',
+											color: 'red',
+											action: () => confirmModal?.show(),
+										},
+									]"
+								>
+									<SettingsIcon aria-hidden="true" /> {{ formatMessage(messages.edit) }}
+									<DropdownIcon class="h-5 w-5 text-secondary" />
+									<template #edit-metadata>
+										<BoxIcon aria-hidden="true" />
+										{{ formatMessage(messages.editMetadata) }}
+									</template>
+									<template #edit-details>
+										<InfoIcon aria-hidden="true" />
+										{{ formatMessage(messages.editDetails) }}
+									</template>
+									<template #edit-files>
+										<FileIcon aria-hidden="true" />
+										{{ formatMessage(messages.editFiles) }}
+									</template>
+									<template #delete>
+										<TrashIcon aria-hidden="true" />
+										{{ formatMessage(commonMessages.deleteLabel) }}
+									</template>
+								</OverflowMenu>
+							</ButtonStyled>
 						</template>
-						<span>
-							{{ environment.title.defaultMessage }}
-						</span>
-					</div>
-				</div>
-				<div v-if="!isEditing">
-					<h4>Downloads</h4>
-					<span>{{ version.downloads }}</span>
-				</div>
-				<div v-if="!isEditing">
-					<h4>Publication date</h4>
-					<span>
-						{{ formatDateTime(version.date_published) }}
-					</span>
-				</div>
-				<div v-if="!isEditing && version.author">
-					<h4>Publisher</h4>
-					<div
-						class="team-member columns button-transparent"
-						@click="router.push('/user/' + version.author.user.username)"
+						<ButtonStyled v-else type="outlined" circular>
+							<OverflowMenu
+								v-tooltip="formatMessage(commonMessages.moreOptionsButton)"
+								:options="[
+									{
+										id: 'report',
+										color: 'red',
+										action: () =>
+											auth.user ? reportVersion(version!.id) : navigateTo(signInRouteObj),
+									},
+								]"
+							>
+								<MoreVerticalIcon />
+								<template #report>
+									<ReportIcon aria-hidden="true" />
+									{{ formatMessage(commonMessages.reportButton) }}
+								</template>
+							</OverflowMenu>
+						</ButtonStyled>
+					</template>
+					<template #supplementaryResourceActions="{ file }">
+						<ButtonStyled>
+							<a
+								:href="decorateDownloadUrl(file.url)"
+								:title="`Download ${file.filename}`"
+								:download="file.filename"
+								tabindex="0"
+							>
+								<DownloadIcon aria-hidden="true" />
+								{{ formatMessage(commonMessages.downloadButton) }}
+							</a>
+						</ButtonStyled>
+						<ButtonStyled type="outlined" circular>
+							<OverflowMenu
+								:tooltip="formatMessage(commonMessages.moreOptionsButton)"
+								:options="[
+									{
+										id: 'copy-sha1',
+										action: () => copyFileHash(file, 'sha1'),
+									},
+									{
+										id: 'copy-sha512',
+										action: () => copyFileHash(file, 'sha512'),
+									},
+								]"
+								:dropdown-id="`${baseId}-supplementary-resource-actions`"
+							>
+								<MoreVerticalIcon aria-hidden="true" />
+								<template #copy-sha1>
+									<CopyIcon aria-hidden="true" />
+									{{ formatMessage(messages.copySha1) }}
+								</template>
+								<template #copy-sha512>
+									<CopyIcon aria-hidden="true" />
+									{{ formatMessage(messages.copySha512) }}
+								</template>
+							</OverflowMenu>
+						</ButtonStyled>
+					</template>
+					<template #dependencyActions="{ dependency }">
+						<ButtonStyled circular>
+							<nuxt-link
+								v-if="createDependencyLink(dependency)"
+								v-tooltip="
+									formatMessage(dependency.version ? messages.viewVersion : messages.viewProject)
+								"
+								:to="createDependencyLink(dependency)"
+								target="_blank"
+							>
+								<ExternalIcon />
+							</nuxt-link>
+						</ButtonStyled>
+						<ButtonStyled circular color="brand" color-fill="text">
+							<a
+								v-if="
+									dependency.version && dependency.dependency.dependency_type !== 'incompatible'
+								"
+								v-tooltip="
+									dependencyVersionPrimaryFiles[dependency.version.id]
+										? dependencyVersionPrimaryFiles[dependency.version.id].filename +
+											' (' +
+											formatBytes(dependencyVersionPrimaryFiles[dependency.version.id].size) +
+											')'
+										: formatMessage(messages.noPrimaryFile)
+								"
+								:href="
+									createProjectDownloadUrl(
+										dependencyVersionPrimaryFiles[dependency.version.id].url,
+										{
+											reason: 'dependency',
+										},
+									)
+								"
+								:download="dependencyVersionPrimaryFiles[dependency.version.id].filename"
+								:disabled="dependencyVersionPrimaryFiles[dependency.version.id].url === undefined"
+							>
+								<DownloadIcon />
+							</a>
+							<a
+								v-else-if="dependency.project"
+								v-tooltip="formatMessage(messages.downloadProject)"
+								:href="`/project/${dependency.project.id}#download`"
+								target="_blank"
+							>
+								<DownloadIcon />
+							</a>
+						</ButtonStyled>
+					</template>
+				</VersionPage>
+				<section
+					v-if="
+						flags.alwaysShowVersionDevInfo ||
+						projectV3.project_types.includes('mod') ||
+						projectV3.project_types.includes('plugin')
+					"
+					class="flex flex-col overflow-hidden rounded-2xl border-[1px] border-solid border-surface-4 bg-surface-2 p-0"
+				>
+					<button
+						class="group m-0 flex w-full min-w-0 appearance-none items-center gap-3 rounded-2xl rounded-b-none bg-surface-3 p-4 text-left outline-offset-[-3px]"
+						@click="devInfoCollapsed = !devInfoCollapsed"
 					>
-						<Avatar
-							:src="version.author.avatar_url"
-							:alt="version.author.user.username"
-							size="sm"
-							circle
+						<DropdownIcon
+							aria-hidden="true"
+							class="size-5 text-contrast transition-transform"
+							:class="{ 'rotate-180': !devInfoCollapsed }"
 						/>
-
-						<div class="member-info">
-							<nuxt-link :to="'/user/' + version.author.user.username" class="name">
-								<p>
-									{{ version.author.name }}
-								</p>
-							</nuxt-link>
-							<p v-if="version.author.role" class="role">
-								{{ version.author.role }}
+						<h3 class="m-0 flex items-center gap-2 text-base font-semibold">
+							{{ formatMessage(messages.devInfo) }}
+						</h3>
+					</button>
+					<Collapsible
+						:collapsed="devInfoCollapsed"
+						class="rounded-b-2xl border-0 border-t border-solid border-surface-4"
+					>
+						<div class="flex flex-col p-4">
+							<p class="mb-3 mt-0 leading-normal">
+								<IntlFormatted :message-id="messages.mavenDescription">
+									<template #gradle-link="{ children }">
+										<a href="https://gradle.org/" class="text-link" target="_blank" rel="noopener">
+											<component :is="() => children" />
+										</a>
+									</template>
+									<template #article-link="{ children }">
+										<a
+											href="https://support.modrinth.com/en/articles/8801191-modrinth-maven"
+											class="text-link"
+											target="_blank"
+											rel="noopener"
+										>
+											<component :is="() => children" />
+										</a>
+									</template>
+								</IntlFormatted>
+							</p>
+							<p class="mb-4 mt-0 leading-normal">
+								{{ formatMessage(messages.mavenNote) }}
 							</p>
-							<p v-else-if="version.author_id === 'GVFjtWTf'" class="role">Archivist</p>
+							<h4 class="mb-2 mt-0 font-medium text-contrast">
+								{{ formatMessage(messages.mavenCoordinates) }}
+							</h4>
+							<CopyCode :text="coordinatesSnippet" />
+							<h4 class="mb-2 mt-4 font-medium text-contrast">
+								{{ formatMessage(messages.versionId) }}
+							</h4>
+							<CopyCode :text="version.id" />
+							<h4 class="mb-2 mt-4 font-medium text-contrast">
+								{{ formatMessage(messages.gradleSnippet) }}
+							</h4>
+							<pre
+								class="m-0 overflow-x-auto rounded-xl border border-solid border-surface-4 bg-surface-3 text-sm"
+								>{{ gradleSnippet }}</pre
+							>
 						</div>
+					</Collapsible>
+				</section>
+			</template>
+			<template v-else-if="versionError">
+				Uh oh, something went wrong.
+				<pre>
+					{{ versionError }}
+				</pre
+				>
+			</template>
+			<template v-else>
+				<div class="flex flex-col gap-4 pb-[30rem]">
+					<div
+						class="mt-4 flex h-[8rem] w-full animate-pulse items-center justify-center rounded-2xl bg-surface-3"
+					></div>
+					<hr class="m-0 w-full animate-pulse border-surface-4" />
+					<div class="grid gap-4 sm:grid-cols-2">
+						<div
+							class="flex h-[6rem] w-full animate-pulse items-center justify-center rounded-2xl bg-surface-3"
+						></div>
+						<div
+							class="flex h-[6rem] w-full animate-pulse items-center justify-center rounded-2xl bg-surface-3"
+						></div>
 					</div>
+					<div
+						class="flex h-[18rem] w-full animate-pulse items-center justify-center rounded-2xl bg-surface-3"
+					></div>
 				</div>
-				<div v-if="!isEditing">
-					<h4>Version ID</h4>
-					<CopyCode :text="version.id" />
-				</div>
-				<div v-if="!isEditing && flags.developerMode">
-					<h4>Maven coordinates</h4>
-					<div class="maven-section">
-						<CopyCode :text="`maven.modrinth:${project.id}:${version.id}`" />
-					</div>
-				</div>
-			</div>
+			</template>
 		</div>
 	</div>
 </template>
 <script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
 import {
 	BoxIcon,
+	ChevronLeftIcon,
+	CopyIcon,
 	DownloadIcon,
+	DropdownIcon,
+	ExternalIcon,
 	FileIcon,
 	InfoIcon,
-	PlusIcon,
+	MoreVerticalIcon,
+	PackageClosedIcon,
 	ReportIcon,
 	RightArrowIcon,
-	SaveIcon,
-	SpinnerIcon,
-	StarIcon,
+	SettingsIcon,
 	TrashIcon,
 	XIcon,
 } from '@modrinth/assets'
 import {
-	Avatar,
-	Badge,
+	Admonition,
 	ButtonStyled,
-	Categories,
+	Collapsible,
+	commonMessages,
+	commonProjectSettingsMessages,
 	ConfirmModal,
 	CopyCode,
-	ENVIRONMENTS_COPY,
+	defineMessages,
+	formatLoader,
+	injectModrinthClient,
 	injectNotificationManager,
 	injectProjectPageContext,
+	IntlFormatted,
 	MultiSelect,
-	PROJECT_DEP_MARKER_QUERY,
-	StyledInput,
+	NewModal,
+	OverflowMenu,
 	useFormatBytes,
 	useFormatDateTime,
+	useVIntl,
+	VersionPage,
 } from '@modrinth/ui'
-import { renderHighlightedString } from '@modrinth/utils'
+import { isStaff } from '@modrinth/utils'
+import { useMutation, useQuery, useQueryClient } from '@tanstack/vue-query'
 
-import Breadcrumbs from '~/components/ui/Breadcrumbs.vue'
 import CreateProjectVersionModal from '~/components/ui/create-project-version/CreateProjectVersionModal.vue'
-import Modal from '~/components/ui/Modal.vue'
 import { getSignInRouteObj } from '~/composables/auth.js'
-import { useImageUpload } from '~/composables/image-upload.ts'
-import { inferVersionInfo } from '~/helpers/infer'
+import { STALE_TIME } from '~/composables/queries/project'
 import { createDataPackVersion } from '~/helpers/package.js'
 import { reportVersion } from '~/utils/report-helpers.ts'
+
 const emit = defineEmits<{
 	onDownload: []
 }>()
 
-// Composables
 const data = useNuxtApp()
 const route = useNativeRoute()
-const signInRouteObj = computed(() => getSignInRouteObj(route))
 const router = useRouter()
 const auth = await useAuth()
 const tags = useGeneratedState()
-const flags = useFeatureFlags()
+const client = injectModrinthClient()
+const queryClient = useQueryClient()
 const { addNotification } = injectNotificationManager()
 const { createProjectDownloadUrl } = useCdnDownloadContext()
-const formatDateTime = useFormatDateTime({
-	timeStyle: 'short',
-	dateStyle: 'long',
-})
 const formatDate = useFormatDateTime({ dateStyle: 'medium' })
 const formatBytes = useFormatBytes()
+const { formatMessage } = useVIntl()
 
-// Helper for accessing nuxt app $formatVersion
-const formatVersionDisplay = (versions: string[]) => (data as any).$formatVersion(versions)
-
-// Get data from DI context
 const {
 	projectV2: project,
+	projectV3,
 	currentMember,
 	allMembers: members,
-	versions: contextVersions,
+	versions,
+	versionsLoading,
 	loadVersions,
 	dependencies: contextDependencies,
-	dependenciesLoading: contextDependenciesLoading,
 	loadDependencies,
 	invalidate,
 	cdnDownloadReason,
 } = injectProjectPageContext()
 
-// Load versions and dependencies in parallel
-await Promise.all([loadVersions(), loadDependencies()])
+loadVersions()
+loadDependencies()
 
-// Template refs
-const createProjectVersionModal = useTemplateRef('createProjectVersionModal')
-const modal_confirm = useTemplateRef('modal_confirm')
-const modal_package_mod = useTemplateRef('modal_package_mod')
-
-// Initial mode calculation
-const path = route.name?.toString().split('-') ?? []
-const initialMode = path[path.length - 1]
-
-// Reactive state from data()
-const _dependencyAddMode = ref('project')
-const _newDependencyType = ref('required')
-const newDependencyId = ref('')
-const _showSnapshots = ref(false)
-const newFiles = ref<File[]>([])
-const deleteFiles = ref<string[]>([])
-const newFileTypes = ref<Array<{ display: string; value: string } | null>>([])
-const packageLoaders = ref(['forge', 'fabric', 'quilt', 'neoforge'])
-const packageLoaderOptions = [
-	{ value: 'fabric', label: 'Fabric' },
-	{ value: 'forge', label: 'Forge' },
-	{ value: 'quilt', label: 'Quilt' },
-	{ value: 'neoforge', label: 'Neoforge' },
-]
-const showKnownErrors = ref(false)
-const shouldPreventActions = ref(false)
-const uploadedImageIds = ref<string[]>([])
-
-const dependenciesMetaLoading = ref(true)
-const dependenciesLoading = computed(
-	() => contextDependenciesLoading.value || dependenciesMetaLoading.value,
-)
-
-// File types constant
-const fileTypes = ref([
-	{
-		display: 'Required resource pack',
-		value: 'required-resource-pack',
-	},
-	{
-		display: 'Optional resource pack',
-		value: 'optional-resource-pack',
+const flags = useFeatureFlags()
+const devInfoCollapsed = computed({
+	get: () => flags.value.versionDevInfoCollapsed,
+	set: (value) => {
+		flags.value.versionDevInfoCollapsed = value
+		saveFeatureFlags()
 	},
-])
-
-// Mutable state initialized during setup
-const isCreating = ref(false)
-const isEditing = ref(false)
-const version = ref<Record<string, any>>({})
-const primaryFile = ref<Record<string, any>>({})
-const alternateFile = ref<Record<string, any> | undefined>(undefined)
-const replaceFile = ref<File | null>(null)
-const oldFileTypes = ref<Array<{ display: string; value: string } | null>>([])
+})
 
-// Initialize version data
-if (initialMode === 'edit') {
-	isEditing.value = true
-}
+const baseId = useId()
+const signInRouteObj = computed(() => getSignInRouteObj(route))
 
-if (route.params.version === 'create') {
-	isCreating.value = true
-	isEditing.value = true
+const versionRouteParam = computed(() => route.params.version as string)
+const isLatestRoute = computed(() => versionRouteParam.value === 'latest')
 
-	version.value = {
-		id: 'none',
-		project_id: project.value.id,
-		author_id: currentMember.value?.user.id,
-		name: '',
-		version_number: '',
-		changelog: '',
-		date_published: Date.now(),
-		downloads: 0,
-		version_type: 'release',
-		files: [],
-		dependencies: [],
-		game_versions: [],
-		loaders: [],
-		featured: false,
+const latestVersionId = computed(() => {
+	if (!isLatestRoute.value) {
+		return null
 	}
 
-	// For navigation from versions page / upload file prompt
-	if (import.meta.client && history.state && history.state.newPrimaryFile) {
-		replaceFile.value = history.state.newPrimaryFile
+	let allVersions = versions.value ?? []
 
-		try {
-			const inferredData = await inferVersionInfo(
-				replaceFile.value!,
-				project.value as any,
-				tags.value.gameVersions,
-			)
-
-			version.value = {
-				...version.value,
-				...inferredData,
-			}
-		} catch (err) {
-			console.error('Error parsing version file data', err)
-		}
-	}
-} else if (route.params.version === 'latest') {
-	let versionList = contextVersions.value ?? []
-	if (route.query.loader) {
-		versionList = versionList.filter((x: any) => x.loaders.includes(route.query.loader))
-	}
-	if (route.query.version) {
-		versionList = versionList.filter((x: any) => x.game_versions.includes(route.query.version))
-	}
-	if (versionList.length === 0) {
-		throw createError({
-			fatal: true,
-			statusCode: 404,
-			message: 'No version matches the filters',
-		})
+	const loaderFilter = route.query.loader
+	if (typeof loaderFilter === 'string') {
+		allVersions = allVersions.filter((x) => x.loaders.includes(loaderFilter))
 	}
-	version.value = versionList.reduce((a: any, b: any) =>
-		a.date_published > b.date_published ? a : b,
-	)
-} else {
-	let foundVersion = ((contextVersions.value ?? []) as any[]).find(
-		(x: any) => x.id === route.params.version,
-	)
 
-	if (!foundVersion) {
-		foundVersion = ((contextVersions.value ?? []) as any[]).find(
-			(x: any) => x.displayUrlEnding === route.params.version,
-		)
+	const gameVersionFilter = route.query.version
+	if (typeof gameVersionFilter === 'string') {
+		allVersions = allVersions.filter((x) => x.game_versions.includes(gameVersionFilter))
 	}
 
-	if (!foundVersion) {
-		foundVersion = ((contextVersions.value ?? []) as any[]).find(
-			(x: any) => x.version_number === route.params.version,
-		)
-	}
+	if (allVersions.length === 0) return null
 
-	if (foundVersion) {
-		const versionV3 = (await useBaseFetch(
-			`project/${project.value.id}/version/${route.params.version}`,
-			{ apiVersion: 3 },
-		)) as any
-		if (versionV3) {
-			foundVersion.environment = versionV3.environment
-			foundVersion.changelog = versionV3.changelog
-		}
-		version.value = foundVersion
-	} else {
-		// cache is stale (e.g., version was just created/reuploaded)
-		try {
-			const versionV3 = (await useBaseFetch(
-				`project/${project.value.id}/version/${route.params.version}`,
-				{ apiVersion: 3 },
-			)) as any
-			if (versionV3) {
-				version.value = versionV3
-				// Refresh cache to include this version
-				await invalidate()
-			}
-		} catch {
-			// API fetch failed - version truly doesn't exist, will 404 below
-		}
-	}
-}
-
-if (!version.value || Object.keys(version.value).length === 0) {
-	throw createError({
-		fatal: true,
-		statusCode: 404,
-		message: 'Version not found',
-	})
-}
+	return allVersions.reduce((a, b) => (a.date_published > b.date_published ? a : b)).id
+})
 
-// Deep clone version to make it reactive and avoid mutating the original
-version.value = JSON.parse(JSON.stringify(version.value))
-primaryFile.value =
-	version.value.files?.find((file: any) => file.primary) ?? version.value.files?.[0] ?? {}
-alternateFile.value = version.value.files?.find(
-	(file: any) => file.file_type && file.file_type.includes('resource-pack'),
+const versionLookupKey = computed(() =>
+	isLatestRoute.value ? latestVersionId.value : versionRouteParam.value,
 )
 
-// Process dependencies
-watch(
-	[contextDependencies],
-	() => {
-		const deps = contextDependencies.value ?? { projects: [], versions: [] }
-
-		for (const dependency of version.value.dependencies ?? []) {
-			dependency.version = deps.versions.find((x: any) => x.id === dependency.version_id)
-
-			if (dependency.version) {
-				dependency.project = deps.projects.find((x: any) => x.id === dependency.version.project_id)
-			}
-
-			if (!dependency.project) {
-				dependency.project = deps.projects.find((x: any) => x.id === dependency.project_id)
-			}
+const {
+	data: version,
+	refetch: refetchVersion,
+	error: versionError,
+} = useQuery({
+	queryKey: computed(
+		() => ['project', project.value.id, 'version', 'v3', versionLookupKey.value] as const,
+	),
+	queryFn: () =>
+		client.labrinth.versions_v3.getVersionFromIdOrNumber(project.value.id, versionLookupKey.value!),
+	enabled: computed(() => !!project.value.id && !!versionLookupKey.value),
+	staleTime: STALE_TIME,
+})
 
-			dependency.link = dependency.project
-				? `/${dependency.project.project_type}/${dependency.project.slug ?? dependency.project.id}${
-						dependency.version ? `/version/${encodeURI(dependency.version.version_number)}` : ''
-					}`
-				: ''
+watch(
+	versionError,
+	(error) => {
+		if (error) {
+			showError({
+				fatal: true,
+				statusCode: 404,
+				message: 'Version not found',
+			})
 		}
-		dependenciesMetaLoading.value = false
 	},
-	{ deep: true, immediate: true },
+	{ immediate: true },
 )
 
-oldFileTypes.value = (version.value.files ?? []).map(
-	(x: any) => fileTypes.value.find((y) => y.value === x.file_type) ?? null,
+watch(
+	[isLatestRoute, latestVersionId, versionsLoading, versions],
+	() => {
+		if (isLatestRoute.value && !versionsLoading.value && versions.value && !latestVersionId.value) {
+			showError({
+				fatal: true,
+				statusCode: 404,
+				message: 'No version matches the filters',
+			})
+		}
+	},
+	{ immediate: true },
 )
 
-// Computed properties
-const title = computed(
-	() => `${isCreating.value ? 'Create Version' : version.value.name} - ${project.value.title}`,
-)
+const enrichment = computed(() => contextDependencies.value ?? undefined)
 
-const modpackLoaders = computed<string[]>(() => {
-	if (project.value.project_type !== 'modpack') {
-		return []
-	}
-
-	if (Array.isArray(version.value.mrpack_loaders) && version.value.mrpack_loaders.length > 0) {
-		return version.value.mrpack_loaders
-	}
-
-	return (version.value.loaders ?? []).filter((loader: string) => loader !== 'mrpack')
-})
-
-const noModpackLoader = computed(
-	() =>
-		project.value.project_type === 'modpack' &&
-		((modpackLoaders.value.length === 1 && modpackLoaders.value[0] === 'minecraft') ||
-			modpackLoaders.value.length === 0),
+const primaryFile = computed(
+	() => version.value?.files?.find((file) => file.primary) ?? version.value?.files?.[0],
 )
 
-const description = computed(
-	() =>
-		`Download ${project.value.title} ${
-			version.value.version_number
-		} on Modrinth. Supports ${(data as any).$formatVersion(version.value.game_versions)} ${(
-			version.value.loaders ?? []
-		)
-			.map((x: string) => x.charAt(0).toUpperCase() + x.slice(1))
-			.join(
-				' & ',
-			)}. Published on ${formatDate(version.value.date_published)}. ${version.value.downloads} downloads.`,
+const title = computed(() =>
+	version.value ? ` ${version.value.version_number} - ${project.value.title}` : undefined,
 )
 
-const usesFeaturedVersions = computed(() =>
-	(contextVersions.value ?? []).some((v: any) => v.featured),
-)
-
-const fieldErrors = computed(
-	() =>
-		version.value.version_number === '' ||
-		(version.value.game_versions?.length ?? 0) === 0 ||
-		((version.value.loaders?.length ?? 0) === 0 && project.value.project_type !== 'resourcepack') ||
-		(newFiles.value.length === 0 && (version.value.files?.length ?? 0) === 0 && !replaceFile.value),
-)
+const description = computed(() => {
+	if (!version.value) return ''
 
-const sortedDeps = computed(() => {
-	const order = ['required', 'optional', 'incompatible', 'embedded']
-	return [...(version.value.dependencies ?? [])].sort(
-		(a, b) => order.indexOf(a.dependency_type) - order.indexOf(b.dependency_type),
+	return `Download ${project.value.title} ${
+		version.value.version_number
+	} on Modrinth. Supports ${(data as any).$formatVersion(version.value.game_versions)} ${(
+		version.value.loaders ?? []
 	)
+		.map((x: string) => x.charAt(0).toUpperCase() + x.slice(1))
+		.join(
+			' & ',
+		)}. Published on ${formatDate(version.value.date_published)}. ${version.value.downloads} downloads.`
 })
 
-const decoratedPrimaryFileUrl = computed(() =>
-	createProjectDownloadUrl(primaryFile.value?.url, { reason: cdnDownloadReason.value }),
-)
-
-function decorateDownloadUrl(url: string) {
-	return createProjectDownloadUrl(url, { reason: cdnDownloadReason.value })
-}
-
-function navigateToDependency(dependency: { link: string }) {
-	return router.push({
-		path: dependency.link,
-		query: { ...PROJECT_DEP_MARKER_QUERY },
-	})
-}
-
-const environment = computed(
-	() => ENVIRONMENTS_COPY[version.value.environment as keyof typeof ENVIRONMENTS_COPY],
-)
-
-// SEO
 useSeoMeta({
 	title,
 	description,
@@ -791,307 +594,66 @@ useSeoMeta({
 	ogDescription: description,
 })
 
-// Watch route changes
-watch(
-	() => route.path,
-	() => {
-		const routePath = route.name?.toString().split('-') ?? []
-		const mode = routePath[routePath.length - 1]
-		isEditing.value = mode === 'edit' || route.params.version === 'create'
-	},
-)
-
-// Methods
-function handleOpenEditVersionModal(versionId: string, projectId: string, stageId: string) {
-	if (!currentMember.value) return
-	createProjectVersionModal.value?.openEditVersionModal(versionId, projectId, stageId)
-}
-
-async function _onImageUpload(file: File) {
-	const response = await useImageUpload(file, { context: 'version' })
+const editModal = useTemplateRef('editModal')
+const confirmModal = useTemplateRef('confirmModal')
+const packageModal = useTemplateRef('packageModal')
 
-	uploadedImageIds.value.push(response.id)
-	uploadedImageIds.value = uploadedImageIds.value.slice(-10)
-
-	return response.url
-}
-
-function getPreviousLink() {
-	if (router.options.history.state.back) {
-		if ((router.options.history.state.back as string).includes('/versions')) {
-			return router.options.history.state.back as string
-		}
-	}
-	return `/${project.value.project_type}/${project.value.slug ? project.value.slug : project.value.id}/versions`
-}
+const packageLoaders = ref(['forge', 'fabric', 'quilt', 'neoforge'])
+const packageLoaderOptions = [
+	{ value: 'fabric', label: formatLoader(formatMessage, 'fabric') },
+	{ value: 'forge', label: formatLoader(formatMessage, 'forge') },
+	{ value: 'quilt', label: formatLoader(formatMessage, 'quilt') },
+	{ value: 'neoforge', label: formatLoader(formatMessage, 'neoforge') },
+]
 
-function getPreviousLabel() {
-	return router.options.history.state.back &&
-		(router.options.history.state.back as string).endsWith('/versions')
-		? 'Back to versions'
-		: 'All versions'
+async function handleVersionSaved() {
+	await Promise.all([
+		invalidate(),
+		queryClient.invalidateQueries({ queryKey: ['project', project.value.id, 'version', 'v3'] }),
+		refetchVersion(),
+	])
 }
 
-async function _addDependency(
-	dependencyAddModeParam: string,
-	newDependencyIdParam: string,
-	newDependencyTypeParam: string,
-	hideErrors?: boolean,
-) {
-	try {
-		if (dependencyAddModeParam === 'project') {
-			const project = (await useBaseFetch(`project/${newDependencyIdParam}`)) as any
-
-			if (version.value.dependencies.some((dep: any) => project.id === dep.project_id)) {
-				addNotification({
-					title: 'Dependency already added',
-					text: 'You cannot add the same dependency twice.',
-					type: 'error',
-				})
-			} else {
-				version.value.dependencies.push({
-					project,
-					project_id: project.id,
-					dependency_type: newDependencyTypeParam,
-					link: `/${project.project_type}/${project.slug ?? project.id}`,
-				})
-			}
-		} else if (dependencyAddModeParam === 'version') {
-			const versionData = (await useBaseFetch(`version/${newDependencyIdParam}`)) as any
-			const project = (await useBaseFetch(`project/${versionData.project_id}`)) as any
-
-			if (version.value.dependencies.some((dep: any) => versionData.id === dep.version_id)) {
-				addNotification({
-					title: 'Dependency already added',
-					text: 'You cannot add the same dependency twice.',
-					type: 'error',
-				})
-			} else {
-				version.value.dependencies.push({
-					version: versionData,
-					project,
-					version_id: versionData.id,
-					project_id: project.id,
-					dependency_type: newDependencyTypeParam,
-					link: `/${project.project_type}/${project.slug ?? project.id}/version/${encodeURI(
-						versionData.version_number,
-					)}`,
-				})
-			}
-		}
-
-		newDependencyId.value = ''
-	} catch {
-		if (!hideErrors) {
-			addNotification({
-				title: 'Invalid Dependency',
-				text: 'The specified dependency could not be found',
-				type: 'error',
-			})
-		}
-	}
+function handleOpenEditVersionModal(versionId: string, projectId: string, stageId: string) {
+	if (!currentMember.value) return
+	editModal.value?.openEditVersionModal(versionId, projectId, stageId)
 }
 
-async function saveEditedVersion() {
-	startLoading()
-
-	if (fieldErrors.value) {
-		showKnownErrors.value = true
-		stopLoading()
-		return
-	}
-
-	try {
-		if (newFiles.value.length > 0) {
-			const formData = new FormData()
-			const fileParts = newFiles.value.map((f, idx) => `${f.name}-${idx}`)
-
-			formData.append(
-				'data',
-				JSON.stringify({
-					file_types: newFileTypes.value.reduce(
-						(acc, x, i) => ({
-							...acc,
-							[fileParts[i]]: x ? x.value : null,
-						}),
-						{},
-					),
-				}),
-			)
-
-			for (let i = 0; i < newFiles.value.length; i++) {
-				formData.append(fileParts[i], new Blob([newFiles.value[i]]), newFiles.value[i].name)
-			}
-
-			await useBaseFetch(`version/${version.value.id}/file`, {
-				method: 'POST',
-				body: formData,
-				headers: {
-					'Content-Disposition': formData as any,
-				},
-			})
-		}
-
-		const body: Record<string, any> = {
-			name: version.value.name || version.value.version_number,
-			version_number: version.value.version_number,
-			changelog: version.value.changelog,
-			version_type: version.value.version_type,
-			dependencies: version.value.dependencies,
-			game_versions: version.value.game_versions,
-			loaders: version.value.loaders,
-			primary_file: ['sha1', primaryFile.value.hashes.sha1],
-			featured: version.value.featured,
-			file_types: oldFileTypes.value.map((x, i) => {
-				return {
-					algorithm: 'sha1',
-					hash: version.value.files[i].hashes.sha1,
-					file_type: x ? x.value : null,
-				}
-			}),
-		}
-
-		if (project.value.project_type === 'modpack') {
-			delete body.dependencies
-		}
-
-		await useBaseFetch(`version/${version.value.id}`, {
-			method: 'PATCH',
-			body,
+const deleteVersionMutation = useMutation({
+	mutationFn: () => client.labrinth.versions_v3.deleteVersion(version.value!.id),
+	onSuccess: async () => {
+		addNotification({
+			title: 'Version deleted',
+			text: 'The version has been successfully deleted.',
+			type: 'success',
 		})
-
-		for (const hash of deleteFiles.value) {
-			await useBaseFetch(`version_file/${hash}?version_id=${version.value.id}`, {
-				method: 'DELETE',
-			})
-		}
-
-		await resetProjectVersions()
-
-		await router.replace(
-			`/${project.value.project_type}/${project.value.slug ? project.value.slug : project.value.id}/version/${encodeURI(
-				((contextVersions.value ?? []) as any[]).find((x: any) => x.id === version.value.id)
-					?.displayUrlEnding ?? version.value.id,
-			)}`,
-		)
-	} catch (err: any) {
+		await invalidate()
+		await router.replace(`/${project.value.project_type}/${project.value.id}/settings/versions`)
+	},
+	onError: (err: { data?: { description?: string } }) => {
 		addNotification({
 			title: 'An error occurred',
-			text: err.data ? err.data.description : err,
+			text: err.data?.description ?? String(err),
 			type: 'error',
 		})
-		window.scrollTo({ top: 0, behavior: 'smooth' })
-	}
-	stopLoading()
-}
+	},
+})
 
-async function createVersion() {
-	shouldPreventActions.value = true
+async function deleteVersion() {
 	startLoading()
-
-	if (fieldErrors.value) {
-		showKnownErrors.value = true
-		shouldPreventActions.value = false
-		stopLoading()
-		return
-	}
-
 	try {
-		await createVersionRaw(version.value)
-	} catch (err: any) {
-		addNotification({
-			title: 'An error occurred',
-			text: err.data ? err.data.description : err,
-			type: 'error',
-		})
-		window.scrollTo({ top: 0, behavior: 'smooth' })
-	}
-
-	stopLoading()
-	shouldPreventActions.value = false
-}
-
-async function createVersionRaw(versionData: Record<string, any>) {
-	const formData = new FormData()
-
-	const fileParts = newFiles.value.map((f, idx) => `${f.name}-${idx}`)
-	if (replaceFile.value) {
-		fileParts.unshift(replaceFile.value.name.concat('-primary'))
-	}
-
-	if (project.value.project_type === 'resourcepack') {
-		versionData.loaders = ['minecraft']
-	}
-
-	const newVersion = {
-		project_id: versionData.project_id,
-		file_parts: fileParts,
-		version_number: versionData.version_number,
-		version_title: versionData.name || versionData.version_number,
-		version_body: versionData.changelog,
-		dependencies: versionData.dependencies,
-		game_versions: versionData.game_versions,
-		loaders: versionData.loaders,
-		release_channel: versionData.version_type,
-		featured: versionData.featured,
-		file_types: newFileTypes.value.reduce(
-			(acc, x, i) => ({
-				...acc,
-				[fileParts[replaceFile.value ? i + 1 : i]]: x ? x.value : null,
-			}),
-			{},
-		),
-	}
-
-	formData.append('data', JSON.stringify(newVersion))
-
-	if (replaceFile.value) {
-		formData.append(
-			replaceFile.value.name.concat('-primary'),
-			new Blob([replaceFile.value]),
-			replaceFile.value.name,
-		)
-	}
-
-	for (let i = 0; i < newFiles.value.length; i++) {
-		formData.append(
-			fileParts[replaceFile.value ? i + 1 : i],
-			new Blob([newFiles.value[i]]),
-			newFiles.value[i].name,
-		)
+		await deleteVersionMutation.mutateAsync()
+	} finally {
+		stopLoading()
 	}
-
-	const responseData = (await useBaseFetch('version', {
-		method: 'POST',
-		body: formData,
-		headers: {
-			'Content-Disposition': formData as any,
-		},
-	})) as any
-
-	await resetProjectVersions()
-
-	await router.push(
-		`/${project.value.project_type}/${project.value.slug ? project.value.slug : project.value.id}/version/${responseData.id}`,
-	)
 }
 
-async function deleteVersion() {
-	startLoading()
-
-	await useBaseFetch(`version/${version.value.id}`, {
-		method: 'DELETE',
-	})
-
-	await resetProjectVersions()
-	await router.replace(`/${project.value.project_type}/${project.value.id}/versions`)
-	stopLoading()
-}
+const createDataPackVersionMutation = useMutation({
+	mutationFn: async () => {
+		if (!version.value || !primaryFile.value) {
+			throw new Error('Version data is not available')
+		}
 
-async function createDataPackVersionHandler() {
-	shouldPreventActions.value = true
-	startLoading()
-	try {
 		const blob = await createDataPackVersion(
 			project.value,
 			version.value,
@@ -1101,296 +663,257 @@ async function createDataPackVersionHandler() {
 			packageLoaders.value,
 		)
 
-		newFiles.value = []
-		newFileTypes.value = []
-		replaceFile.value = new File(
-			[blob],
-			`${project.value.slug}-${version.value.version_number}.jar`,
-		)
+		const file = new File([blob], `${project.value.slug}-${version.value.version_number}.jar`)
 
-		await createVersionRaw({
+		const draftVersion: Labrinth.Versions.v3.DraftVersion = {
 			project_id: project.value.id,
-			author_id: currentMember.value?.user.id,
-			name: version.value.name,
+			name: version.value.name ?? version.value.version_number,
 			version_number: `${version.value.version_number}+mod`,
-			changelog: version.value.changelog,
+			changelog: version.value.changelog ?? '',
 			version_type: version.value.version_type,
-			dependencies: version.value.dependencies,
+			dependencies: version.value.dependencies ?? [],
 			game_versions: version.value.game_versions,
 			loaders: packageLoaders.value,
 			featured: version.value.featured,
-		})
+		}
 
-		modal_package_mod.value?.hide()
+		const uploadHandle = client.labrinth.versions_v3.createVersion(draftVersion, [{ file }], 'mod')
+		return uploadHandle.promise
+	},
+	onSuccess: async (newVersion) => {
+		packageModal.value?.hide()
 
 		addNotification({
 			title: 'Packaging Success',
 			text: 'Your data pack was successfully packaged as a mod! Make sure to playtest to check for errors.',
 			type: 'success',
 		})
-	} catch (err: any) {
+
+		await invalidate()
+		await router.push(
+			`/${project.value.project_type}/${project.value.slug ? project.value.slug : project.value.id}/version/${newVersion.id}`,
+		)
+	},
+	onError: (err: { data?: { description?: string } }) => {
 		addNotification({
 			title: 'An error occurred',
-			text: err.data ? err.data.description : err,
+			text: err.data?.description ?? String(err),
 			type: 'error',
 		})
-	}
-	stopLoading()
-	shouldPreventActions.value = false
-}
-
-async function resetProjectVersions() {
-	await invalidate()
-}
-</script>
-
-<style lang="scss" scoped>
-.changelog-editor-spacing {
-	padding-block: var(--gap-md);
-}
-
-.version-page {
-	display: grid;
-
-	grid-template:
-		'title' auto
-		'changelog' auto
-		'dependencies' auto
-		'metadata' auto
-		'files' auto
-		/ 1fr;
-
-	@media (min-width: 1200px) {
-		grid-template:
-			'title title' auto
-			'changelog metadata' auto
-			'dependencies metadata' auto
-			'files metadata' auto
-			'dummy metadata' 1fr
-			/ 1fr 20rem;
-	}
-
-	column-gap: var(--spacing-card-md);
-
-	.version-page__title {
-		grid-area: title;
-
-		.version-header {
-			display: flex;
-			flex-wrap: wrap;
-			align-items: center;
-			gap: var(--spacing-card-md);
-
-			h2,
-			input[type='text'] {
-				margin: 0;
-				font-size: var(--font-size-2xl);
-				font-weight: bold;
-			}
-
-			input[type='text'] {
-				max-width: 100%;
-				min-width: 0;
-				flex-grow: 1;
-				width: 2rem;
-			}
-
-			.featured {
-				display: flex;
-				align-items: center;
-				gap: var(--spacing-card-xs);
-
-				svg {
-					height: 1.45rem;
-				}
-			}
-		}
-
-		.known-errors {
-			margin-bottom: 1rem;
-		}
-	}
-
-	h3 {
-		font-size: var(--font-size-lg);
-		margin: 0 0 0.5rem 0;
-	}
-
-	.version-page__changelog {
-		grid-area: changelog;
-		overflow-x: hidden;
-	}
-
-	.version-page__dependencies {
-		grid-area: dependencies;
-
-		.dependency {
-			align-items: center;
-			display: flex;
-			gap: var(--spacing-card-sm);
-			padding: var(--spacing-card-sm);
-
-			.info {
-				display: flex;
-				flex-direction: column;
-				gap: var(--spacing-card-xs);
-
-				.project-title {
-					font-weight: bold;
-				}
-
-				.dep-type {
-					color: var(--color-text-secondary);
-
-					&.incompatible {
-						color: var(--color-red);
-					}
-
-					&::first-letter {
-						text-transform: capitalize;
-					}
-				}
-			}
-
-			button {
-				margin-left: auto;
-			}
-		}
-
-		.add-dependency {
-			h4 {
-				margin-bottom: var(--spacing-card-sm);
-			}
-
-			.input-group {
-				&:not(:last-child) {
-					margin-bottom: var(--spacing-card-sm);
-				}
-
-				input {
-					flex-grow: 2;
-				}
-			}
-		}
-	}
-
-	.version-page__files {
-		grid-area: files;
-
-		.file {
-			--text-color: var(--color-button-text);
-			--background-color: var(--color-button-bg);
-
-			&.primary {
-				--background-color: var(--color-brand-highlight);
-				--text-color: var(--color-button-text-active);
-			}
-
-			display: flex;
-			align-items: center;
-
-			font-weight: 500;
-			color: var(--text-color);
-			background-color: var(--background-color);
-			padding: var(--spacing-card-sm) var(--spacing-card-bg);
-			border-radius: var(--size-rounded-sm);
-
-			svg {
-				min-width: 1.1rem;
-				min-height: 1.1rem;
-				margin-right: 0.5rem;
-			}
-
-			.filename {
-				word-wrap: anywhere;
-			}
-
-			.file-size {
-				margin-left: 1ch;
-				font-weight: 400;
-				white-space: nowrap;
-			}
-
-			.file-type {
-				margin-left: 1ch;
-				font-style: italic;
-				font-weight: 300;
-			}
-
-			.raised-button {
-				margin-left: auto;
-				background-color: var(--color-raised-bg);
-			}
-
-			&:not(:nth-child(2)) {
-				margin-top: 0.5rem;
-			}
-		}
+	},
+})
 
-		.additional-files {
-			h4 {
-				margin-bottom: 0.5rem;
-			}
+async function createDataPackVersionHandler() {
+	if (packageLoaders.value.length === 0) return
 
-			label {
-				margin-top: 0.5rem;
-			}
-		}
+	startLoading()
+	try {
+		await createDataPackVersionMutation.mutateAsync()
+	} finally {
+		stopLoading()
 	}
 }
 
-.version-page__metadata {
-	grid-area: metadata;
-
-	h4 {
-		margin: 1rem 0 0.25rem 0;
-	}
+const decoratedPrimaryFileUrl = computed(() => {
+	const url = primaryFile.value?.url
+	if (!url) return undefined
+	return createProjectDownloadUrl(url, { reason: cdnDownloadReason.value })
+})
 
-	.maven-section {
-		display: flex;
-		align-items: center;
-		gap: 0.5rem;
+function decorateDownloadUrl(url: string) {
+	return createProjectDownloadUrl(url, { reason: cdnDownloadReason.value })
+}
 
-		button {
-			max-width: 100%;
-		}
-	}
+const messages = defineMessages({
+	noPrimaryFile: {
+		id: 'version.download.no-primary-file',
+		defaultMessage: 'Error: No primary file found',
+	},
+	edit: {
+		id: 'version.edit.button',
+		defaultMessage: 'Edit',
+	},
+	editMetadata: {
+		id: 'version.edit.metadata',
+		defaultMessage: 'Edit metadata',
+	},
+	editDetails: {
+		id: 'version.edit.details',
+		defaultMessage: 'Edit details',
+	},
+	editFiles: {
+		id: 'version.edit.files',
+		defaultMessage: 'Edit files',
+	},
+	packageAsMod: {
+		id: 'version.package-as-mod.button',
+		defaultMessage: 'Package as mod',
+	},
+	copySha1: {
+		id: 'version.supplementary-resources.copy-hash-sha1',
+		defaultMessage: 'Copy SHA-1',
+	},
+	copySha512: {
+		id: 'version.supplementary-resources.copy-hash-sha512',
+		defaultMessage: 'Copy SHA-512',
+	},
+	allVersions: {
+		id: 'version.all-versions',
+		defaultMessage: 'All versions',
+	},
+	unknownEmbeddedContent: {
+		id: 'version.unknown-embedded-content.title',
+		defaultMessage: 'Withheld due to unknown embedded content',
+	},
+	unknownEmbeddedContentDescription: {
+		id: 'version.unknown-embedded-content.description',
+		defaultMessage: `This version is currently withheld and not publicly listed. Please provide proof that you have permission to redistribute certain files included.`,
+	},
+	viewProject: {
+		id: 'version.dependency.view-project',
+		defaultMessage: `View project`,
+	},
+	viewVersion: {
+		id: 'version.dependency.view-version',
+		defaultMessage: `View version`,
+	},
+	downloadProject: {
+		id: 'version.download.download-dependency',
+		defaultMessage: 'Download dependency',
+	},
+	requiredResourcePack: {
+		id: 'version.download.required-resource-pack',
+		defaultMessage: 'Required resource pack',
+	},
+	optionalResourcePack: {
+		id: 'version.download.optional-resource-pack',
+		defaultMessage: 'Optional resource pack',
+	},
+	packageDataPack: {
+		id: 'version.package-as-mod.submit-button',
+		defaultMessage: 'Package data pack',
+	},
+	packageDataPackHeader: {
+		id: 'version.package-as-mod.header',
+		defaultMessage: 'Packaging data pack as a mod',
+	},
+	packageDataPackDescription: {
+		id: 'version.package-as-mod.description',
+		defaultMessage:
+			'This will create a new version with support for the selected mod loaders. You will be redirected to the new version and can edit it to your liking.',
+	},
+	modLoadersLabel: {
+		id: 'version.package-as-mod.mod-loaders',
+		defaultMessage: 'Mod loaders',
+	},
+	modLoadersDescription: {
+		id: 'version.package-as-mod.mod-loaders.description',
+		defaultMessage: 'The mod loaders you would like to package your data pack for.',
+	},
+	modLoadersPlaceholder: {
+		id: 'version.package-as-mod.mod-loaders.placeholder',
+		defaultMessage: 'Choose mod loaders...',
+	},
+	confirmTitle: {
+		id: 'version.confirm-delete.title',
+		defaultMessage: 'Are you sure you want to delete this version?',
+	},
+	confirmDescription: {
+		id: 'version.confirm-delete.description',
+		defaultMessage: 'This version will be permanently deleted. This action cannot be undone.',
+	},
+	proceedDeletion: {
+		id: 'version.confirm-delete.proceed',
+		defaultMessage: 'Delete version',
+	},
+	devInfo: {
+		id: 'version.section.content.dev-info',
+		defaultMessage: 'Developer information',
+	},
+	mavenDescription: {
+		id: 'version.section.content.dev-info.maven-description',
+		defaultMessage:
+			'Projects on Modrinth are automatically available through a Maven repository for use with JVM build tools such as <gradle-link>Gradle</gradle-link>. To learn more about the Modrinth Maven API, <article-link>click here</article-link>.',
+	},
+	mavenNote: {
+		id: 'version.section.content.dev-info.maven-note',
+		defaultMessage: `Note: When available, you should use the creator's maven repo instead as it will have transitive dependency information that the Modrinth Maven API does not. You may also end up with duplicate dependencies if you use a mix of Modrinth and non-Modrinth Maven repositories for your dependencies, because the group identifier will be different when served through the Modrinth Maven API.`,
+	},
+	mavenCoordinates: {
+		id: 'version.section.content.dev-info.maven-coordinates',
+		defaultMessage: `Maven coordinates:`,
+	},
+	versionId: {
+		id: 'version.section.content.dev-info.version-id',
+		defaultMessage: `Version ID:`,
+	},
+	gradleSnippet: {
+		id: 'version.section.content.dev-info.gradle-snippet',
+		defaultMessage: `build.gradle:`,
+	},
+})
 
-	.team-member {
-		align-items: center;
-		padding: 0.25rem 0.5rem;
+const copyFileHash = async (
+	file: Labrinth.Versions.v3.VersionFile,
+	method: Labrinth.Versions.v3.FileHashType,
+) => {
+	await navigator.clipboard.writeText(file.hashes[method])
+}
 
-		.member-info {
-			overflow: hidden;
-			margin: auto 0 auto 0.75rem;
+const dependencyVersionPrimaryFiles = computed(() => {
+	const versions = enrichment.value?.versions
+	const primaryFileMap: Record<string, Labrinth.Versions.v2.VersionFile> = {}
+	versions?.forEach((depVersion) => {
+		const depPrimaryFile = depVersion.files.find((file) => file.primary) ?? depVersion.files[0]
 
-			.name {
-				font-weight: bold;
-			}
+		primaryFileMap[depVersion.id] = depPrimaryFile
+	})
+	return primaryFileMap
+})
 
-			p {
-				font-size: var(--font-size-sm);
-				margin: 0.2rem 0;
-			}
-		}
-	}
+function createDependencyLink(context: {
+	project?: Labrinth.Projects.v2.Project
+	version?: Labrinth.Versions.v2.Version
+}) {
+	const baseUrl = context.version
+		? `/project/${context.version.project_id}/version/${context.version.id}`
+		: context.project
+			? `/project/${context.project.id}`
+			: undefined
+	return baseUrl
+		? createProjectDownloadUrl(baseUrl, {
+				reason: 'dependency',
+			})
+		: undefined
 }
 
-.separator {
-	margin: var(--spacing-card-sm) 0;
+const coordinatesSnippet = computed(() => `maven.modrinth:${project.value.id}:${version.value?.id}`)
+const gradleSnippet = computed(
+	() => `repositories {
+    exclusiveContent {
+        forRepository {
+            maven {
+                name = "Modrinth"
+                url = "https://api.modrinth.com/maven"
+            }
+        }
+        // forRepositories(fg.repository) // Uncomment when using ForgeGradle
+        filter {
+            includeGroup "maven.modrinth"
+        }
+    }
 }
 
-.modal-package-mod {
-	padding: var(--spacing-card-bg);
-	display: flex;
-	flex-direction: column;
+// Standard Gradle dependency
+dependencies {
+    implementation "${coordinatesSnippet.value}"
+}
 
-	.markdown-body {
-		margin-bottom: 1rem;
-	}
+// Legacy Loom dependency
+dependencies {
+    modImplementation "${coordinatesSnippet.value}"
+}`,
+)
 
-	.package-loader-select {
-		max-width: 20rem;
-	}
-}
-</style>
+const moderator = computed(() => isStaff(auth.value?.user))
+</script>
diff --git a/apps/frontend/src/pages/moderation/external-projects.vue b/apps/frontend/src/pages/moderation/external-projects.vue
index 605bfc9bfc..fde7ff7ef2 100644
--- a/apps/frontend/src/pages/moderation/external-projects.vue
+++ b/apps/frontend/src/pages/moderation/external-projects.vue
@@ -185,7 +185,7 @@ function mapExternalProject(
 		exceptions: project.exceptions,
 		proof: project.proof,
 		flame_project_id: project.flame_project_id,
-		files: project.linked_files,
+		files: project.linked_files ?? [],
 	}
 }
 
diff --git a/apps/frontend/src/pages/organization/[organization].vue b/apps/frontend/src/pages/organization/[organization].vue
index f6e566c90c..8302638c3c 100644
--- a/apps/frontend/src/pages/organization/[organization].vue
+++ b/apps/frontend/src/pages/organization/[organization].vue
@@ -149,27 +149,34 @@
 				<div class="card flex-card">
 					<h2>Members</h2>
 					<div class="details-list">
-						<template v-for="member in acceptedMembers" :key="member?.user.id">
-							<nuxt-link
-								class="details-list__item details-list__item--type-large"
-								:to="`/user/${member?.user?.username}`"
-							>
-								<Avatar :src="member?.user.avatar_url" circle />
-								<div class="rows">
-									<span class="flex items-center gap-1">
-										{{ member?.user?.username }}
-										<CrownIcon
-											v-if="member?.is_owner"
-											v-tooltip="'Organization owner'"
-											class="text-brand-orange"
-										/>
-									</span>
-									<span class="details-list__item__text--style-secondary">
-										{{ member?.role ? member.role : 'Member' }}
-									</span>
-								</div>
-							</nuxt-link>
-						</template>
+						<nuxt-link
+							v-for="member in acceptedMembers"
+							:key="`member-${member?.user?.id}`"
+							class="group flex w-fit items-center gap-2 leading-[1.2] text-primary"
+							:to="`/user/${member?.user?.username}`"
+						>
+							<Avatar
+								:src="member.user.avatar_url"
+								:alt="member.user.username"
+								size="32px"
+								circle
+							/>
+							<div class="flex flex-col">
+								<span class="flex w-full flex-nowrap items-center gap-1 group-hover:underline">
+									<span class="min-w-0 overflow-hidden truncate font-normal text-contrast">{{
+										member.user.username
+									}}</span>
+									<CrownIcon
+										v-if="member.is_owner"
+										v-tooltip="'Organization owner'"
+										class="text-brand-orange"
+									/>
+								</span>
+								<span class="text-sm font-normal">
+									{{ member?.role ? member.role : 'Member' }}
+								</span>
+							</div>
+						</nuxt-link>
 					</div>
 				</div>
 			</div>
diff --git a/apps/frontend/src/pages/report.vue b/apps/frontend/src/pages/report.vue
index 59af8701e6..461ac3fed5 100644
--- a/apps/frontend/src/pages/report.vue
+++ b/apps/frontend/src/pages/report.vue
@@ -284,11 +284,11 @@ import {
 	VersionIcon,
 	XCircleIcon,
 } from '@modrinth/assets'
-import { defineMessage } from '@modrinth/ui'
 import {
 	AutoLink,
 	Avatar,
 	ButtonStyled,
+	defineMessage,
 	defineMessages,
 	formatReportItemType,
 	injectNotificationManager,
diff --git a/apps/frontend/src/pages/user/[user].vue b/apps/frontend/src/pages/user/[user].vue
index a590bccc27..8a5bdd4d1b 100644
--- a/apps/frontend/src/pages/user/[user].vue
+++ b/apps/frontend/src/pages/user/[user].vue
@@ -133,7 +133,7 @@
 						<span class="flex items-center gap-2">
 							{{ user.username }}
 							<BadgeCheckIcon
-								v-if="isModrinthUser"
+								v-if="isOfficialAccount"
 								v-tooltip="formatMessage(messages.officialAccount)"
 								class="size-5 text-brand"
 								fill="var(--color-brand-highlight)"
@@ -810,6 +810,10 @@ const sortedOrgs = computed(() =>
 )
 
 const isModrinthUser = computed(() => user.value?.id === '2REoufqX')
+const isAutoMod = computed(() => user.value?.id === '')
+const isOfficialAccount = computed(
+	() => isModrinthUser.value || isAutoMod.value || user.value?.id === 'GVFjtWTf',
+)
 
 const sortedCollections = computed(() => {
 	const list = collections.value
diff --git a/apps/frontend/src/providers/setup/attribution-moderation.ts b/apps/frontend/src/providers/setup/attribution-moderation.ts
new file mode 100644
index 0000000000..944f18040d
--- /dev/null
+++ b/apps/frontend/src/providers/setup/attribution-moderation.ts
@@ -0,0 +1,6 @@
+import { attributionQuickReplies } from '@modrinth/moderation'
+import { provideAttributionModeration } from '@modrinth/ui'
+
+export function setupAttributionModerationProvider() {
+	provideAttributionModeration({ attributionQuickReplies })
+}
diff --git a/apps/frontend/src/providers/version/manage-version-modal.ts b/apps/frontend/src/providers/version/manage-version-modal.ts
index 51b98c4942..34397fcf64 100644
--- a/apps/frontend/src/providers/version/manage-version-modal.ts
+++ b/apps/frontend/src/providers/version/manage-version-modal.ts
@@ -3,9 +3,11 @@ import { SaveIcon, SpinnerIcon } from '@modrinth/assets'
 import {
 	type ComboboxOption,
 	createContext,
+	defineMessage,
 	injectModrinthClient,
 	injectNotificationManager,
 	injectProjectPageContext,
+	type MessageDescriptor,
 	type MultiStageModal,
 	resolveCtxFn,
 	type StageButtonConfig,
@@ -164,6 +166,44 @@ export const fileTypeLabels: Record<Labrinth.Versions.v3.FileType | 'primary', s
 	signature: 'Signature',
 }
 
+export const fileTypeMessages: Record<
+	Labrinth.Versions.v3.FileType | 'primary',
+	MessageDescriptor
+> = {
+	primary: defineMessage({
+		id: 'version.file-type.primary',
+		defaultMessage: 'Primary',
+	}),
+	unknown: defineMessage({
+		id: 'version.file-type.unknown',
+		defaultMessage: 'Other',
+	}),
+	'required-resource-pack': defineMessage({
+		id: 'version.file-type.required-resource-pack',
+		defaultMessage: 'Required resource pack',
+	}),
+	'optional-resource-pack': defineMessage({
+		id: 'version.file-type.optional-resource-pack',
+		defaultMessage: 'Optional resource pack',
+	}),
+	'sources-jar': defineMessage({
+		id: 'version.file-type.sources-jar',
+		defaultMessage: 'Sources jar',
+	}),
+	'dev-jar': defineMessage({
+		id: 'version.file-type.dev-jar',
+		defaultMessage: 'Dev jar',
+	}),
+	'javadoc-jar': defineMessage({
+		id: 'version.file-type.javadoc-jar',
+		defaultMessage: 'Javadoc jar',
+	}),
+	signature: defineMessage({
+		id: 'version.file-type.signature',
+		defaultMessage: 'Signature file',
+	}),
+}
+
 export const [injectManageVersionContext, provideManageVersionContext] =
 	createContext<ManageVersionContextValue>('CreateProjectVersionModal')
 
diff --git a/apps/labrinth/.sqlx/query-6542c79dffa73e462c527f1bd4ba67e658814d7a788259dc4b3874c54cb5ae57.json b/apps/labrinth/.sqlx/query-03d85f360d4c603688d0662d24caee7b59985adba006fb531beb09f195582277.json
similarity index 86%
rename from apps/labrinth/.sqlx/query-6542c79dffa73e462c527f1bd4ba67e658814d7a788259dc4b3874c54cb5ae57.json
rename to apps/labrinth/.sqlx/query-03d85f360d4c603688d0662d24caee7b59985adba006fb531beb09f195582277.json
index 8668834ed4..d134483d44 100644
--- a/apps/labrinth/.sqlx/query-6542c79dffa73e462c527f1bd4ba67e658814d7a788259dc4b3874c54cb5ae57.json
+++ b/apps/labrinth/.sqlx/query-03d85f360d4c603688d0662d24caee7b59985adba006fb531beb09f195582277.json
@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n        SELECT\n            mel.id,\n            mel.title,\n            mel.status,\n            mel.link,\n            mel.exceptions,\n            mel.proof,\n            mel.flame_project_id,\n            mel.inserted_at,\n            mel.inserted_by,\n            mel.updated_at,\n            mel.updated_by\n        FROM moderation_external_licenses mel\n        WHERE ($1::text IS NULL OR mel.title ILIKE '%' || $1 || '%')\n          AND ($2::integer IS NULL OR mel.flame_project_id = $2)\n        ORDER BY mel.id\n        ",
+  "query": "\n        SELECT\n            mel.id,\n            mel.title,\n            mel.status,\n            mel.link,\n            mel.exceptions,\n            mel.proof,\n            mel.flame_project_id,\n            mel.inserted_at,\n            mel.inserted_by,\n            mel.updated_at,\n            mel.updated_by\n        FROM moderation_external_licenses mel\n        WHERE mel.flame_project_id = ANY($1)\n        ORDER BY mel.id\n        ",
   "describe": {
     "columns": [
       {
@@ -61,8 +61,7 @@
     ],
     "parameters": {
       "Left": [
-        "Text",
-        "Int4"
+        "Int4Array"
       ]
     },
     "nullable": [
@@ -79,5 +78,5 @@
       true
     ]
   },
-  "hash": "6542c79dffa73e462c527f1bd4ba67e658814d7a788259dc4b3874c54cb5ae57"
+  "hash": "03d85f360d4c603688d0662d24caee7b59985adba006fb531beb09f195582277"
 }
diff --git a/apps/labrinth/.sqlx/query-0dda0265b39d4c8b019eb1ea6d164ee639a6deb0f47c1dcdd83a5816308faab0.json b/apps/labrinth/.sqlx/query-0dda0265b39d4c8b019eb1ea6d164ee639a6deb0f47c1dcdd83a5816308faab0.json
new file mode 100644
index 0000000000..b0124573bd
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-0dda0265b39d4c8b019eb1ea6d164ee639a6deb0f47c1dcdd83a5816308faab0.json
@@ -0,0 +1,32 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        select\n            fa.file_id as \"file_id: DBFileId\",\n            f.url,\n            v.mod_id as \"project_id: DBProjectId\"\n        from file_scans fa\n        inner join files f on f.id = fa.file_id\n        inner join attribution_enforced_versions aev on aev.id = f.version_id\n        inner join versions v on v.id = f.version_id\n        where fa.attributions_scanned_at is null\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "file_id: DBFileId",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "url",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 2,
+        "name": "project_id: DBProjectId",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": []
+    },
+    "nullable": [
+      false,
+      false,
+      false
+    ]
+  },
+  "hash": "0dda0265b39d4c8b019eb1ea6d164ee639a6deb0f47c1dcdd83a5816308faab0"
+}
diff --git a/apps/labrinth/.sqlx/query-99749414f92886a904158484661cae8928f78206c1cdf8adb66fde999bbe94d4.json b/apps/labrinth/.sqlx/query-0e9e528a008a9dd24acfabbffcfe8ee4fd48fbae7c6197bfbbf1923e6256658b.json
similarity index 77%
rename from apps/labrinth/.sqlx/query-99749414f92886a904158484661cae8928f78206c1cdf8adb66fde999bbe94d4.json
rename to apps/labrinth/.sqlx/query-0e9e528a008a9dd24acfabbffcfe8ee4fd48fbae7c6197bfbbf1923e6256658b.json
index 890112c0a6..1fb57916d6 100644
--- a/apps/labrinth/.sqlx/query-99749414f92886a904158484661cae8928f78206c1cdf8adb66fde999bbe94d4.json
+++ b/apps/labrinth/.sqlx/query-0e9e528a008a9dd24acfabbffcfe8ee4fd48fbae7c6197bfbbf1923e6256658b.json
@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n        SELECT\n            mel.id,\n            mel.title,\n            mel.status,\n            mel.link,\n            mel.exceptions,\n            mel.proof,\n            mel.flame_project_id,\n            mel.inserted_at,\n            mel.inserted_by,\n            mel.updated_at,\n            mel.updated_by\n        FROM moderation_external_files mef\n        INNER JOIN moderation_external_licenses mel ON mel.id = mef.external_license_id\n        WHERE mef.sha1 = $1\n        ",
+  "query": "\n        SELECT\n            mel.id,\n            mel.title,\n            mel.status,\n            mel.link,\n            mel.exceptions,\n            mel.proof,\n            mel.flame_project_id,\n            mel.inserted_at,\n            mel.inserted_by,\n            mel.updated_at,\n            mel.updated_by\n        FROM moderation_external_licenses mel\n        WHERE ($1::text IS NULL OR mel.title ILIKE '%' || $1 || '%')\n          AND (\n            ($2::integer IS NULL AND $3::integer[] IS NULL)\n            OR mel.flame_project_id = $2\n            OR mel.flame_project_id = ANY($3)\n          )\n        ORDER BY mel.id\n        ",
   "describe": {
     "columns": [
       {
@@ -61,7 +61,9 @@
     ],
     "parameters": {
       "Left": [
-        "Bytea"
+        "Text",
+        "Int4",
+        "Int4Array"
       ]
     },
     "nullable": [
@@ -78,5 +80,5 @@
       true
     ]
   },
-  "hash": "99749414f92886a904158484661cae8928f78206c1cdf8adb66fde999bbe94d4"
+  "hash": "0e9e528a008a9dd24acfabbffcfe8ee4fd48fbae7c6197bfbbf1923e6256658b"
 }
diff --git a/apps/labrinth/.sqlx/query-623881c24c12e77f6fc57669929be55a34800cd2269da29d555959164919c9a3.json b/apps/labrinth/.sqlx/query-16e13baf35118cda943abf259a0e24cfe13436844b7909e6502ec15a249fc856.json
similarity index 56%
rename from apps/labrinth/.sqlx/query-623881c24c12e77f6fc57669929be55a34800cd2269da29d555959164919c9a3.json
rename to apps/labrinth/.sqlx/query-16e13baf35118cda943abf259a0e24cfe13436844b7909e6502ec15a249fc856.json
index 6ad1c4b9b5..d33825a8c3 100644
--- a/apps/labrinth/.sqlx/query-623881c24c12e77f6fc57669929be55a34800cd2269da29d555959164919c9a3.json
+++ b/apps/labrinth/.sqlx/query-16e13baf35118cda943abf259a0e24cfe13436844b7909e6502ec15a249fc856.json
@@ -1,30 +1,35 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n                    SELECT DISTINCT dependent_id as version_id, d.mod_dependency_id as dependency_project_id, d.dependency_id as dependency_version_id, d.dependency_file_name as file_name, d.dependency_type as dependency_type\n                    FROM dependencies d\n                    WHERE dependent_id = ANY($1)\n                    ",
+  "query": "\n                    SELECT DISTINCT d.id as dependency_id, dependent_id as version_id, d.mod_dependency_id as dependency_project_id, d.dependency_id as dependency_version_id, d.dependency_file_name as file_name, d.dependency_type as dependency_type\n                    FROM dependencies d\n                    WHERE dependent_id = ANY($1)\n                    ",
   "describe": {
     "columns": [
       {
         "ordinal": 0,
+        "name": "dependency_id",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 1,
         "name": "version_id",
         "type_info": "Int8"
       },
       {
-        "ordinal": 1,
+        "ordinal": 2,
         "name": "dependency_project_id",
         "type_info": "Int8"
       },
       {
-        "ordinal": 2,
+        "ordinal": 3,
         "name": "dependency_version_id",
         "type_info": "Int8"
       },
       {
-        "ordinal": 3,
+        "ordinal": 4,
         "name": "file_name",
         "type_info": "Varchar"
       },
       {
-        "ordinal": 4,
+        "ordinal": 5,
         "name": "dependency_type",
         "type_info": "Varchar"
       }
@@ -35,6 +40,7 @@
       ]
     },
     "nullable": [
+      false,
       false,
       true,
       true,
@@ -42,5 +48,5 @@
       false
     ]
   },
-  "hash": "623881c24c12e77f6fc57669929be55a34800cd2269da29d555959164919c9a3"
+  "hash": "16e13baf35118cda943abf259a0e24cfe13436844b7909e6502ec15a249fc856"
 }
diff --git a/apps/labrinth/.sqlx/query-1d96df0ac64801641f9af796d482d2964c1acf2d03e15b8f1397340d0c994af6.json b/apps/labrinth/.sqlx/query-1d96df0ac64801641f9af796d482d2964c1acf2d03e15b8f1397340d0c994af6.json
new file mode 100644
index 0000000000..25146596a0
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-1d96df0ac64801641f9af796d482d2964c1acf2d03e15b8f1397340d0c994af6.json
@@ -0,0 +1,46 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tselect\n\t\t\tg.id as \"id: DBAttributionGroupId\",\n\t\t\tg.flame_project,\n\t\t\tg.attribution,\n\t\t\tg.attributed_at,\n\t\t\tg.attributed_by as \"attributed_by: i64\"\n\t\tfrom project_attribution_groups g\n\t\twhere g.project_id = $1\n\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id: DBAttributionGroupId",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "flame_project",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 2,
+        "name": "attribution",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 3,
+        "name": "attributed_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 4,
+        "name": "attributed_by: i64",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false,
+      true,
+      true,
+      true,
+      true
+    ]
+  },
+  "hash": "1d96df0ac64801641f9af796d482d2964c1acf2d03e15b8f1397340d0c994af6"
+}
diff --git a/apps/labrinth/.sqlx/query-2055c95a568c9159849b10fa94fd6682fb4edf05d80d9b5c17c597d8807f1346.json b/apps/labrinth/.sqlx/query-2055c95a568c9159849b10fa94fd6682fb4edf05d80d9b5c17c597d8807f1346.json
new file mode 100644
index 0000000000..48c9c6bafe
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-2055c95a568c9159849b10fa94fd6682fb4edf05d80d9b5c17c597d8807f1346.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tdelete from project_attribution_files paf\n\t\tusing project_attribution_groups pag\n\t\twhere pag.id = paf.group_id\n\t\t\tand pag.project_id = $1\n\t\t\tand paf.sha1 = $2\n\t\t\tand paf.group_id != $3\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "2055c95a568c9159849b10fa94fd6682fb4edf05d80d9b5c17c597d8807f1346"
+}
diff --git a/apps/labrinth/.sqlx/query-25d6977fa2db63f979fbe391f3475445fa92c9bbb5b034531f5e033a18c2a6a3.json b/apps/labrinth/.sqlx/query-25d6977fa2db63f979fbe391f3475445fa92c9bbb5b034531f5e033a18c2a6a3.json
new file mode 100644
index 0000000000..1fbd6879da
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-25d6977fa2db63f979fbe391f3475445fa92c9bbb5b034531f5e033a18c2a6a3.json
@@ -0,0 +1,88 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        SELECT\n            mef.sha1 hash,\n            mel.id,\n            mel.title,\n            mel.status,\n            mel.link,\n            mel.exceptions,\n            mel.proof,\n            mel.flame_project_id,\n            mel.inserted_at,\n            mel.inserted_by,\n            mel.updated_at,\n            mel.updated_by\n        FROM moderation_external_files mef\n        INNER JOIN moderation_external_licenses mel ON mel.id = mef.external_license_id\n        WHERE mef.sha1 = ANY($1)\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "hash",
+        "type_info": "Bytea"
+      },
+      {
+        "ordinal": 1,
+        "name": "id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 2,
+        "name": "title",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 3,
+        "name": "status",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 4,
+        "name": "link",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 5,
+        "name": "exceptions",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 6,
+        "name": "proof",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 7,
+        "name": "flame_project_id",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 8,
+        "name": "inserted_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 9,
+        "name": "inserted_by",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 10,
+        "name": "updated_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 11,
+        "name": "updated_by",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "ByteaArray"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      true,
+      false,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true
+    ]
+  },
+  "hash": "25d6977fa2db63f979fbe391f3475445fa92c9bbb5b034531f5e033a18c2a6a3"
+}
diff --git a/apps/labrinth/.sqlx/query-262070fb8ef00ba6e7c7e7b3b5262e959448892945bf56117ba74446808cea76.json b/apps/labrinth/.sqlx/query-262070fb8ef00ba6e7c7e7b3b5262e959448892945bf56117ba74446808cea76.json
new file mode 100644
index 0000000000..b5d39609ad
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-262070fb8ef00ba6e7c7e7b3b5262e959448892945bf56117ba74446808cea76.json
@@ -0,0 +1,28 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tselect attribution, project_id as \"project_id: DBProjectId\"\n\t\tfrom project_attribution_groups\n\t\twhere id = $1\n\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "attribution",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 1,
+        "name": "project_id: DBProjectId",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      true,
+      false
+    ]
+  },
+  "hash": "262070fb8ef00ba6e7c7e7b3b5262e959448892945bf56117ba74446808cea76"
+}
diff --git a/apps/labrinth/.sqlx/query-2ecca6dd46f1d4cc99745a8ab6780701a07444b2b658f2f7e8af94f78411bab6.json b/apps/labrinth/.sqlx/query-2ecca6dd46f1d4cc99745a8ab6780701a07444b2b658f2f7e8af94f78411bab6.json
new file mode 100644
index 0000000000..bd96a7e60a
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-2ecca6dd46f1d4cc99745a8ab6780701a07444b2b658f2f7e8af94f78411bab6.json
@@ -0,0 +1,17 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n                insert into project_attribution_files (group_id, name, sha1, moderation_external_license_id)\n                values ($1, $2, $3, $4)\n                on conflict (group_id, sha1) do update\n                set moderation_external_license_id = excluded.moderation_external_license_id\n                ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Text",
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "2ecca6dd46f1d4cc99745a8ab6780701a07444b2b658f2f7e8af94f78411bab6"
+}
diff --git a/apps/labrinth/.sqlx/query-2f56a06b78a810936a77547ab5890943d6aa3e9143a8e2617d025be960880223.json b/apps/labrinth/.sqlx/query-2f56a06b78a810936a77547ab5890943d6aa3e9143a8e2617d025be960880223.json
new file mode 100644
index 0000000000..202c1c4e6d
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-2f56a06b78a810936a77547ab5890943d6aa3e9143a8e2617d025be960880223.json
@@ -0,0 +1,40 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            SELECT mel.id, mel.flame_project_id, mel.status status, mel.link\n            FROM moderation_external_licenses mel\n            WHERE mel.flame_project_id = ANY($1)\n            ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "flame_project_id",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 2,
+        "name": "status",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 3,
+        "name": "link",
+        "type_info": "Text"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int4Array"
+      ]
+    },
+    "nullable": [
+      false,
+      true,
+      false,
+      true
+    ]
+  },
+  "hash": "2f56a06b78a810936a77547ab5890943d6aa3e9143a8e2617d025be960880223"
+}
diff --git a/apps/labrinth/.sqlx/query-301959b1ec20a4925f86188bc5e1c0cdd11f0d15004ce9f91fbeefcc3a27f8f4.json b/apps/labrinth/.sqlx/query-301959b1ec20a4925f86188bc5e1c0cdd11f0d15004ce9f91fbeefcc3a27f8f4.json
new file mode 100644
index 0000000000..80c3a445f6
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-301959b1ec20a4925f86188bc5e1c0cdd11f0d15004ce9f91fbeefcc3a27f8f4.json
@@ -0,0 +1,12 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        DELETE FROM project_attribution_groups g\n        WHERE NOT EXISTS (\n            SELECT 1\n            FROM project_attribution_files paf\n            INNER JOIN override_file_sources ofs ON ofs.sha1 = paf.sha1\n            WHERE paf.group_id = g.id\n        )\n        ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": []
+    },
+    "nullable": []
+  },
+  "hash": "301959b1ec20a4925f86188bc5e1c0cdd11f0d15004ce9f91fbeefcc3a27f8f4"
+}
diff --git a/apps/labrinth/.sqlx/query-424b975139004d2854d9365ef950984dd1a65e333bb80924b5883df5e7d3cad2.json b/apps/labrinth/.sqlx/query-424b975139004d2854d9365ef950984dd1a65e333bb80924b5883df5e7d3cad2.json
new file mode 100644
index 0000000000..c427ada77e
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-424b975139004d2854d9365ef950984dd1a65e333bb80924b5883df5e7d3cad2.json
@@ -0,0 +1,28 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        select id as \"id: DBAttributionGroupId\", flame_project\n        from project_attribution_groups\n        where project_id = $1 and flame_project is not null\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id: DBAttributionGroupId",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "flame_project",
+        "type_info": "Jsonb"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false,
+      true
+    ]
+  },
+  "hash": "424b975139004d2854d9365ef950984dd1a65e333bb80924b5883df5e7d3cad2"
+}
diff --git a/apps/labrinth/.sqlx/query-428bef57672572cfe1f308701d17844412e6b25a06b1ec530a18f5ad11274bd2.json b/apps/labrinth/.sqlx/query-428bef57672572cfe1f308701d17844412e6b25a06b1ec530a18f5ad11274bd2.json
new file mode 100644
index 0000000000..05f2bf2074
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-428bef57672572cfe1f308701d17844412e6b25a06b1ec530a18f5ad11274bd2.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            insert into project_attribution_files (group_id, name, sha1)\n            select $1, unnest($2::text[]), unnest($3::bytea[])\n            on conflict (group_id, sha1) do nothing\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "TextArray",
+        "ByteaArray"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "428bef57672572cfe1f308701d17844412e6b25a06b1ec530a18f5ad11274bd2"
+}
diff --git a/apps/labrinth/.sqlx/query-43ce7cbf44ce123c3d71c5dee035022d2e6b537eb53fcb39608e820e77174b81.json b/apps/labrinth/.sqlx/query-43ce7cbf44ce123c3d71c5dee035022d2e6b537eb53fcb39608e820e77174b81.json
new file mode 100644
index 0000000000..77eab0d2fb
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-43ce7cbf44ce123c3d71c5dee035022d2e6b537eb53fcb39608e820e77174b81.json
@@ -0,0 +1,14 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tinsert into file_scans (file_id)\n\t\tselect f.id\n\t\tfrom files f\n\t\tinner join attribution_enforced_versions aev on aev.id = f.version_id\n\t\twhere f.version_id = any($1)\n\t\ton conflict (file_id) do nothing\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8Array"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "43ce7cbf44ce123c3d71c5dee035022d2e6b537eb53fcb39608e820e77174b81"
+}
diff --git a/apps/labrinth/.sqlx/query-48a83bc9de9bea73eac5c43e71f43fb8a1ac7eb67079d16e3de92f5ff6bf72b8.json b/apps/labrinth/.sqlx/query-48a83bc9de9bea73eac5c43e71f43fb8a1ac7eb67079d16e3de92f5ff6bf72b8.json
new file mode 100644
index 0000000000..dac0ac1f3f
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-48a83bc9de9bea73eac5c43e71f43fb8a1ac7eb67079d16e3de92f5ff6bf72b8.json
@@ -0,0 +1,47 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\t\tselect\n\t\t\t\tpaf.group_id as \"group_id!\",\n\t\t\t\tpaf.name as \"name!\",\n\t\t\t\tconvert_from(paf.sha1, 'UTF8') as \"sha1!\",\n\t\t\t\tpaf.moderation_external_license_id,\n\t\t\t\tcoalesce(array_agg(distinct aev.id) filter (where aev.id is not null), '{}') as \"version_ids!: Vec<i64>\"\n\t\t\tfrom project_attribution_files paf\n\t\t\tleft join override_file_sources ofs on ofs.sha1 = paf.sha1\n\t\t\tleft join files f on f.id = ofs.file_id\n\t\t\tleft join versions v on v.id = f.version_id and v.mod_id = $2\n\t\t\tleft join attribution_enforced_versions aev on aev.id = v.id\n\t\t\twhere paf.group_id = ANY($1)\n\t\t\tgroup by paf.group_id, paf.name, paf.sha1, paf.moderation_external_license_id\n\t\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "group_id!",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "name!",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 2,
+        "name": "sha1!",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 3,
+        "name": "moderation_external_license_id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 4,
+        "name": "version_ids!: Vec<i64>",
+        "type_info": "Int8Array"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8Array",
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      null,
+      true,
+      null
+    ]
+  },
+  "hash": "48a83bc9de9bea73eac5c43e71f43fb8a1ac7eb67079d16e3de92f5ff6bf72b8"
+}
diff --git a/apps/labrinth/.sqlx/query-5394780f3fadc02e56bf904718ab1607eb89f5ac6fd8531404c8274f4ce319ef.json b/apps/labrinth/.sqlx/query-5394780f3fadc02e56bf904718ab1607eb89f5ac6fd8531404c8274f4ce319ef.json
new file mode 100644
index 0000000000..659c50f4ba
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-5394780f3fadc02e56bf904718ab1607eb89f5ac6fd8531404c8274f4ce319ef.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            insert into project_attribution_files (group_id, name, sha1)\n            values ($1, $2, $3)\n            on conflict (group_id, sha1) do nothing\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Text",
+        "Bytea"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "5394780f3fadc02e56bf904718ab1607eb89f5ac6fd8531404c8274f4ce319ef"
+}
diff --git a/apps/labrinth/.sqlx/query-5f7b9d628d3ff0addc12cfaab68d7cbcca08a89aedeb15ce5926ed87ed8a12c6.json b/apps/labrinth/.sqlx/query-5f7b9d628d3ff0addc12cfaab68d7cbcca08a89aedeb15ce5926ed87ed8a12c6.json
new file mode 100644
index 0000000000..e71a423986
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-5f7b9d628d3ff0addc12cfaab68d7cbcca08a89aedeb15ce5926ed87ed8a12c6.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tupdate project_attribution_files\n\t\tset group_id = $1\n\t\twhere sha1 = $2 and group_id = $3\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "5f7b9d628d3ff0addc12cfaab68d7cbcca08a89aedeb15ce5926ed87ed8a12c6"
+}
diff --git a/apps/labrinth/.sqlx/query-5f847946ce63d3773b9a5822971ee7acaafeed018ce0540b2826bd878f213b87.json b/apps/labrinth/.sqlx/query-5f847946ce63d3773b9a5822971ee7acaafeed018ce0540b2826bd878f213b87.json
new file mode 100644
index 0000000000..a219d084e8
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-5f847946ce63d3773b9a5822971ee7acaafeed018ce0540b2826bd878f213b87.json
@@ -0,0 +1,82 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        SELECT\n            id,\n            title,\n            status,\n            link,\n            exceptions,\n            proof,\n            flame_project_id,\n            inserted_at,\n            inserted_by,\n            updated_at,\n            updated_by\n        FROM moderation_external_licenses\n        WHERE id = $1\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "title",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 2,
+        "name": "status",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 3,
+        "name": "link",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 4,
+        "name": "exceptions",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 5,
+        "name": "proof",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 6,
+        "name": "flame_project_id",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 7,
+        "name": "inserted_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 8,
+        "name": "inserted_by",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 9,
+        "name": "updated_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 10,
+        "name": "updated_by",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false,
+      true,
+      false,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true
+    ]
+  },
+  "hash": "5f847946ce63d3773b9a5822971ee7acaafeed018ce0540b2826bd878f213b87"
+}
diff --git a/apps/labrinth/.sqlx/query-6320df0491556027ee64fd031797b252c2145ecf179e9ea9a8cedbdc8b7ed622.json b/apps/labrinth/.sqlx/query-6320df0491556027ee64fd031797b252c2145ecf179e9ea9a8cedbdc8b7ed622.json
new file mode 100644
index 0000000000..297814d5ad
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-6320df0491556027ee64fd031797b252c2145ecf179e9ea9a8cedbdc8b7ed622.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tinsert into project_attribution_groups (id, project_id)\n\t\tvalues ($1, $2)\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "6320df0491556027ee64fd031797b252c2145ecf179e9ea9a8cedbdc8b7ed622"
+}
diff --git a/apps/labrinth/.sqlx/query-73f7542b4b6738c4baf1e2a3513645c3bf07a960b7b9fac529f23099675ec0cc.json b/apps/labrinth/.sqlx/query-73f7542b4b6738c4baf1e2a3513645c3bf07a960b7b9fac529f23099675ec0cc.json
new file mode 100644
index 0000000000..1aa6170dcc
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-73f7542b4b6738c4baf1e2a3513645c3bf07a960b7b9fac529f23099675ec0cc.json
@@ -0,0 +1,23 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tselect exists(\n\t\t\tselect 1 from project_attribution_groups where id = $1 and project_id = $2\n\t\t) as \"exists!\"\n\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "exists!",
+        "type_info": "Bool"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "73f7542b4b6738c4baf1e2a3513645c3bf07a960b7b9fac529f23099675ec0cc"
+}
diff --git a/apps/labrinth/.sqlx/query-80751dbca09a9dcb469a30fe5b8225e520baf50750a78875f582349610439a55.json b/apps/labrinth/.sqlx/query-80751dbca09a9dcb469a30fe5b8225e520baf50750a78875f582349610439a55.json
new file mode 100644
index 0000000000..b8fc60acc8
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-80751dbca09a9dcb469a30fe5b8225e520baf50750a78875f582349610439a55.json
@@ -0,0 +1,14 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        insert into file_scans (file_id, attributions_scanned_at)\n        values ($1, now())\n        on conflict (file_id) do update set attributions_scanned_at = now()\n        ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "80751dbca09a9dcb469a30fe5b8225e520baf50750a78875f582349610439a55"
+}
diff --git a/apps/labrinth/.sqlx/query-86e59f16918c0197b4e1492d3f72e191a8deb05f7753743f48f1b6647f83f544.json b/apps/labrinth/.sqlx/query-86e59f16918c0197b4e1492d3f72e191a8deb05f7753743f48f1b6647f83f544.json
new file mode 100644
index 0000000000..77323e7c62
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-86e59f16918c0197b4e1492d3f72e191a8deb05f7753743f48f1b6647f83f544.json
@@ -0,0 +1,34 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        select distinct f.version_id as \"version_id: DBVersionId\", f.id as \"file_id: DBFileId\",\n            pag.flame_project\n        from files f\n        inner join attribution_enforced_versions aev on aev.id = f.version_id\n        inner join versions v on v.id = f.version_id\n        inner join override_file_sources ofs on ofs.file_id = f.id\n        inner join project_attribution_files paf on paf.sha1 = ofs.sha1\n        inner join project_attribution_groups pag on pag.id = paf.group_id\n        where f.version_id = ANY($1)\n          and pag.project_id = v.mod_id\n          and (\n            pag.attribution is null\n            or pag.attribution->>'kind' = 'no_permission'\n            or coalesce(\n              pag.attribution->'moderation_status'->>'kind',\n              'approved'\n            ) != 'approved'\n          )\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "version_id: DBVersionId",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "file_id: DBFileId",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 2,
+        "name": "flame_project",
+        "type_info": "Jsonb"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8Array"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      true
+    ]
+  },
+  "hash": "86e59f16918c0197b4e1492d3f72e191a8deb05f7753743f48f1b6647f83f544"
+}
diff --git a/apps/labrinth/.sqlx/query-8820a5985291c159c98371c9650092e3eba21c81e3b3386be779978aff30451a.json b/apps/labrinth/.sqlx/query-8820a5985291c159c98371c9650092e3eba21c81e3b3386be779978aff30451a.json
deleted file mode 100644
index 18d5cf1b83..0000000000
--- a/apps/labrinth/.sqlx/query-8820a5985291c159c98371c9650092e3eba21c81e3b3386be779978aff30451a.json
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n        SELECT DISTINCT ON (dr.id)\n            to_jsonb(dr)\n            || jsonb_build_object(\n                'report_id', dr.id,\n                'file_id', to_base62(f.id),\n                'version_id', to_base62(v.id),\n                'project_id', to_base62(v.mod_id),\n                'file_name', f.filename,\n                'file_size', f.size,\n                'flag_reason', 'delphi',\n                'download_url', f.url,\n                -- TODO: replace with `json_array` in Postgres 16\n                'issues', (\n                    SELECT json_agg(\n                        to_jsonb(dri)\n                        || jsonb_build_object(\n                            -- TODO: replace with `json_array` in Postgres 16\n                            'details', (\n                                SELECT coalesce(jsonb_agg(\n                                    jsonb_build_object(\n                                        'id', didws.id,\n                                        'issue_id', didws.issue_id,\n                                        'key', didws.key,\n                                        'file_path', didws.file_path,\n                                        'decompiled_source', didws.decompiled_source,\n                                        'data', didws.data,\n                                        'severity', didws.severity,\n                                        'status', didws.status\n                                    )\n                                ), '[]'::jsonb)\n                                FROM delphi_issue_details_with_statuses didws\n                                WHERE didws.issue_id = dri.id\n                            )\n                        )\n                    )\n                    FROM delphi_report_issues dri\n                    WHERE\n                        dri.report_id = dr.id\n                        -- see delphi.rs todo comment\n                        AND dri.issue_type != '__dummy'\n                )\n            ) AS \"data!: sqlx::types::Json<FileReport>\"\n        FROM delphi_reports dr\n        INNER JOIN files f ON f.id = dr.file_id\n        INNER JOIN versions v ON v.id = f.version_id\n        WHERE dr.id = $1\n        ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "data!: sqlx::types::Json<FileReport>",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "8820a5985291c159c98371c9650092e3eba21c81e3b3386be779978aff30451a"
-}
diff --git a/apps/labrinth/.sqlx/query-8ffcb0c2bd82eaf64b143745adab359db6fcc448d6306292a7b345277a075883.json b/apps/labrinth/.sqlx/query-8ffcb0c2bd82eaf64b143745adab359db6fcc448d6306292a7b345277a075883.json
new file mode 100644
index 0000000000..3da4278f04
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-8ffcb0c2bd82eaf64b143745adab359db6fcc448d6306292a7b345277a075883.json
@@ -0,0 +1,22 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "SELECT EXISTS(SELECT 1 FROM project_attribution_groups WHERE id=$1)",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "exists",
+        "type_info": "Bool"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "8ffcb0c2bd82eaf64b143745adab359db6fcc448d6306292a7b345277a075883"
+}
diff --git a/apps/labrinth/.sqlx/query-944286604bdef4ee40f79af358d1b68cc93bfd2067619d9cc1d03013f73e5424.json b/apps/labrinth/.sqlx/query-944286604bdef4ee40f79af358d1b68cc93bfd2067619d9cc1d03013f73e5424.json
new file mode 100644
index 0000000000..06e8fd3198
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-944286604bdef4ee40f79af358d1b68cc93bfd2067619d9cc1d03013f73e5424.json
@@ -0,0 +1,82 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\t\t\tselect\n\t\t\t\t\tid,\n\t\t\t\t\ttitle,\n\t\t\t\t\tstatus,\n\t\t\t\t\tlink,\n\t\t\t\t\texceptions,\n\t\t\t\t\tproof,\n\t\t\t\t\tflame_project_id,\n\t\t\t\t\tinserted_at,\n\t\t\t\t\tinserted_by,\n\t\t\t\t\tupdated_at,\n\t\t\t\t\tupdated_by\n\t\t\t\tfrom moderation_external_licenses\n\t\t\t\twhere id = ANY($1)\n\t\t\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "title",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 2,
+        "name": "status",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 3,
+        "name": "link",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 4,
+        "name": "exceptions",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 5,
+        "name": "proof",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 6,
+        "name": "flame_project_id",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 7,
+        "name": "inserted_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 8,
+        "name": "inserted_by",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 9,
+        "name": "updated_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 10,
+        "name": "updated_by",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8Array"
+      ]
+    },
+    "nullable": [
+      false,
+      true,
+      false,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true,
+      true
+    ]
+  },
+  "hash": "944286604bdef4ee40f79af358d1b68cc93bfd2067619d9cc1d03013f73e5424"
+}
diff --git a/apps/labrinth/.sqlx/query-94920d66b27503c84744d41cb2b44dd213bb461596046488eaab0b62b0fe83c5.json b/apps/labrinth/.sqlx/query-94920d66b27503c84744d41cb2b44dd213bb461596046488eaab0b62b0fe83c5.json
new file mode 100644
index 0000000000..7b1815f835
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-94920d66b27503c84744d41cb2b44dd213bb461596046488eaab0b62b0fe83c5.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tupdate project_attribution_groups\n\t\tset attribution = $1, attributed_at = now(), attributed_by = $3\n\t\twhere id = $2\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Jsonb",
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "94920d66b27503c84744d41cb2b44dd213bb461596046488eaab0b62b0fe83c5"
+}
diff --git a/apps/labrinth/.sqlx/query-968904f577c2c696c6222e19cc145bce0e845f2ab9f8629b0789a4861bddb4dc.json b/apps/labrinth/.sqlx/query-968904f577c2c696c6222e19cc145bce0e845f2ab9f8629b0789a4861bddb4dc.json
new file mode 100644
index 0000000000..1a588c429d
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-968904f577c2c696c6222e19cc145bce0e845f2ab9f8629b0789a4861bddb4dc.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            update file_scans\n            set attributions_scanned_at = now\n            from unnest($1::bigint[], $2::timestamptz[]) as u(id, now)\n            where file_scans.file_id = u.id\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8Array",
+        "TimestamptzArray"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "968904f577c2c696c6222e19cc145bce0e845f2ab9f8629b0789a4861bddb4dc"
+}
diff --git a/apps/labrinth/.sqlx/query-a39aff314fd586a0d5bf275482e7034711b7c168757f77c33274ce93a385b324.json b/apps/labrinth/.sqlx/query-a39aff314fd586a0d5bf275482e7034711b7c168757f77c33274ce93a385b324.json
new file mode 100644
index 0000000000..dd6f959259
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-a39aff314fd586a0d5bf275482e7034711b7c168757f77c33274ce93a385b324.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tinsert into project_attribution_files (\n\t\t\tgroup_id,\n\t\t\tname,\n\t\t\tsha1,\n\t\t\tmoderation_external_license_id\n\t\t)\n\t\tselect\n\t\t\t$1,\n\t\t\tpaf.name,\n\t\t\tpaf.sha1,\n\t\t\tpaf.moderation_external_license_id\n\t\tfrom project_attribution_files paf\n\t\tinner join project_attribution_groups pag on pag.id = paf.group_id\n\t\twhere paf.sha1 = $2 and pag.project_id = $3\n\t\torder by paf.moderation_external_license_id nulls last, paf.name\n\t\tlimit 1\n\t\ton conflict (group_id, sha1) do update\n\t\tset moderation_external_license_id = coalesce(\n\t\t\tproject_attribution_files.moderation_external_license_id,\n\t\t\texcluded.moderation_external_license_id\n\t\t)\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "a39aff314fd586a0d5bf275482e7034711b7c168757f77c33274ce93a385b324"
+}
diff --git a/apps/labrinth/.sqlx/query-adef48e6edd40766c05946e1cb71bc6c7700c31726c4f4f39a1bdcdc4f84e1fd.json b/apps/labrinth/.sqlx/query-adef48e6edd40766c05946e1cb71bc6c7700c31726c4f4f39a1bdcdc4f84e1fd.json
new file mode 100644
index 0000000000..7109167038
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-adef48e6edd40766c05946e1cb71bc6c7700c31726c4f4f39a1bdcdc4f84e1fd.json
@@ -0,0 +1,40 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        select\n            d.id as \"dependency_id!\",\n            pag.attribution,\n            pag.flame_project,\n            pag.project_id as \"project_id: DBProjectId\"\n        from dependencies d\n        inner join files f on f.version_id = d.dependent_id\n        inner join attribution_enforced_versions aev on aev.id = f.version_id\n        inner join versions v on v.id = f.version_id\n        inner join override_file_sources ofs on ofs.file_id = f.id\n        inner join project_attribution_files paf on paf.sha1 = ofs.sha1\n        inner join project_attribution_groups pag on pag.id = paf.group_id\n        where d.dependent_id = ANY($1)\n          and pag.project_id = v.mod_id\n          and d.dependency_file_name is not null\n          and (\n            pag.flame_project is not null\n            or pag.attribution is not null\n          )\n          and split_part(paf.name, '/', -1) = d.dependency_file_name\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "dependency_id!",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 1,
+        "name": "attribution",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 2,
+        "name": "flame_project",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 3,
+        "name": "project_id: DBProjectId",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8Array"
+      ]
+    },
+    "nullable": [
+      false,
+      true,
+      true,
+      false
+    ]
+  },
+  "hash": "adef48e6edd40766c05946e1cb71bc6c7700c31726c4f4f39a1bdcdc4f84e1fd"
+}
diff --git a/apps/labrinth/.sqlx/query-b471add519874a6364b7a9cdbfa3a8e6f5a8a1ac9a7bacbce378f7995eb48664.json b/apps/labrinth/.sqlx/query-b471add519874a6364b7a9cdbfa3a8e6f5a8a1ac9a7bacbce378f7995eb48664.json
new file mode 100644
index 0000000000..e4cde72b9a
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-b471add519874a6364b7a9cdbfa3a8e6f5a8a1ac9a7bacbce378f7995eb48664.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            insert into project_attribution_groups (id, project_id)\n            values ($1, $2)\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "b471add519874a6364b7a9cdbfa3a8e6f5a8a1ac9a7bacbce378f7995eb48664"
+}
diff --git a/apps/labrinth/.sqlx/query-b774f5cce4d76032d85a986e7905695c98e6175a134f105eb53495bfce4399be.json b/apps/labrinth/.sqlx/query-b774f5cce4d76032d85a986e7905695c98e6175a134f105eb53495bfce4399be.json
new file mode 100644
index 0000000000..3df2b8beef
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-b774f5cce4d76032d85a986e7905695c98e6175a134f105eb53495bfce4399be.json
@@ -0,0 +1,17 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            insert into project_attribution_files (group_id, name, sha1, moderation_external_license_id)\n            values ($1, $2, $3, $4)\n            on conflict (group_id, sha1) do update\n            set moderation_external_license_id = excluded.moderation_external_license_id\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Text",
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "b774f5cce4d76032d85a986e7905695c98e6175a134f105eb53495bfce4399be"
+}
diff --git a/apps/labrinth/.sqlx/query-b782ed64e0df1e83623c8a8e55c00716f5338c85b6dfbb15c3465ff0cec339a7.json b/apps/labrinth/.sqlx/query-b782ed64e0df1e83623c8a8e55c00716f5338c85b6dfbb15c3465ff0cec339a7.json
new file mode 100644
index 0000000000..af1927f767
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-b782ed64e0df1e83623c8a8e55c00716f5338c85b6dfbb15c3465ff0cec339a7.json
@@ -0,0 +1,23 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tselect paf.group_id\n\t\tfrom project_attribution_files paf\n\t\tinner join project_attribution_groups pag on pag.id = paf.group_id\n\t\twhere paf.sha1 = $1 and pag.project_id = $2\n\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "group_id",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false
+    ]
+  },
+  "hash": "b782ed64e0df1e83623c8a8e55c00716f5338c85b6dfbb15c3465ff0cec339a7"
+}
diff --git a/apps/labrinth/.sqlx/query-cd29f5f072e102f9286869081b387eca5cee6b78f175320cbd615ce216e39171.json b/apps/labrinth/.sqlx/query-cd29f5f072e102f9286869081b387eca5cee6b78f175320cbd615ce216e39171.json
new file mode 100644
index 0000000000..0180b54374
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-cd29f5f072e102f9286869081b387eca5cee6b78f175320cbd615ce216e39171.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            INSERT INTO file_scans (file_id)\n            SELECT $1\n            WHERE EXISTS (\n                SELECT 1\n                FROM attribution_enforced_versions\n                WHERE id = $2\n            )\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "cd29f5f072e102f9286869081b387eca5cee6b78f175320cbd615ce216e39171"
+}
diff --git a/apps/labrinth/.sqlx/query-ce9b408d416b4782ad501e14cb1ff006964818e81855bb299b269ffaa4c3f7fa.json b/apps/labrinth/.sqlx/query-ce9b408d416b4782ad501e14cb1ff006964818e81855bb299b269ffaa4c3f7fa.json
new file mode 100644
index 0000000000..9d4ffdf994
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-ce9b408d416b4782ad501e14cb1ff006964818e81855bb299b269ffaa4c3f7fa.json
@@ -0,0 +1,29 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tselect paf.group_id, paf.name from project_attribution_files paf\n\t\tinner join project_attribution_groups pag on pag.id = paf.group_id\n\t\twhere paf.sha1 = $1 and pag.project_id = $2\n\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "group_id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "name",
+        "type_info": "Text"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Bytea",
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false,
+      false
+    ]
+  },
+  "hash": "ce9b408d416b4782ad501e14cb1ff006964818e81855bb299b269ffaa4c3f7fa"
+}
diff --git a/apps/labrinth/.sqlx/query-dac21bfc23fe361a6133e69892224351aefa03f14efec1be31a21441419e19b9.json b/apps/labrinth/.sqlx/query-dac21bfc23fe361a6133e69892224351aefa03f14efec1be31a21441419e19b9.json
new file mode 100644
index 0000000000..8565cb6fbd
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-dac21bfc23fe361a6133e69892224351aefa03f14efec1be31a21441419e19b9.json
@@ -0,0 +1,40 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\t\tselect id, name, version_number, date_published\n\t\t\tfrom versions\n\t\t\twhere id = ANY($1)\n\t\t\torder by date_published desc\n\t\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "name",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 2,
+        "name": "version_number",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 3,
+        "name": "date_published",
+        "type_info": "Timestamptz"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8Array"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      false,
+      false
+    ]
+  },
+  "hash": "dac21bfc23fe361a6133e69892224351aefa03f14efec1be31a21441419e19b9"
+}
diff --git a/apps/labrinth/.sqlx/query-df7652db8624e291447975b1d9b2151b1627316fbaaea4914607d66869670375.json b/apps/labrinth/.sqlx/query-df7652db8624e291447975b1d9b2151b1627316fbaaea4914607d66869670375.json
new file mode 100644
index 0000000000..2456b3554f
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-df7652db8624e291447975b1d9b2151b1627316fbaaea4914607d66869670375.json
@@ -0,0 +1,17 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            insert into project_attribution_groups (id, project_id, attribution, flame_project)\n            values ($1, $2, $3, $4)\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8",
+        "Jsonb",
+        "Jsonb"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "df7652db8624e291447975b1d9b2151b1627316fbaaea4914607d66869670375"
+}
diff --git a/apps/labrinth/.sqlx/query-e4b58fe6e5d19ded48ab9e457b4e96fb51c8f74a7532bb9ab2e7a945b95bbe78.json b/apps/labrinth/.sqlx/query-e4b58fe6e5d19ded48ab9e457b4e96fb51c8f74a7532bb9ab2e7a945b95bbe78.json
new file mode 100644
index 0000000000..91a7a9c5c8
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-e4b58fe6e5d19ded48ab9e457b4e96fb51c8f74a7532bb9ab2e7a945b95bbe78.json
@@ -0,0 +1,23 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        select paf.sha1 from project_attribution_files paf\n        inner join project_attribution_groups pag on pag.id = paf.group_id\n        where pag.project_id = $1 and paf.sha1 = ANY($2)\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "sha1",
+        "type_info": "Bytea"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "ByteaArray"
+      ]
+    },
+    "nullable": [
+      false
+    ]
+  },
+  "hash": "e4b58fe6e5d19ded48ab9e457b4e96fb51c8f74a7532bb9ab2e7a945b95bbe78"
+}
diff --git a/apps/labrinth/.sqlx/query-e7a0481729efa9cba6140effcdddff1a076eb7269d5b22860db3e3d1a651f6eb.json b/apps/labrinth/.sqlx/query-e7a0481729efa9cba6140effcdddff1a076eb7269d5b22860db3e3d1a651f6eb.json
new file mode 100644
index 0000000000..0b7cf69e9c
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-e7a0481729efa9cba6140effcdddff1a076eb7269d5b22860db3e3d1a651f6eb.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            insert into override_file_sources (sha1, file_id)\n            select unnest($1::bytea[]), $2\n            on conflict do nothing\n            ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "ByteaArray",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "e7a0481729efa9cba6140effcdddff1a076eb7269d5b22860db3e3d1a651f6eb"
+}
diff --git a/apps/labrinth/.sqlx/query-e88ab785893c4ea26e633eef766e7259623eb4323337a480d99f5448310e65eb.json b/apps/labrinth/.sqlx/query-e88ab785893c4ea26e633eef766e7259623eb4323337a480d99f5448310e65eb.json
new file mode 100644
index 0000000000..5dfb28c854
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-e88ab785893c4ea26e633eef766e7259623eb4323337a480d99f5448310e65eb.json
@@ -0,0 +1,28 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tselect\n\t\t\tid as \"id: DBVersionId\",\n\t\t\tmod_id as \"project_id: DBProjectId\"\n\t\tfrom versions\n\t\twhere id = any($1)\n\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "id: DBVersionId",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "project_id: DBProjectId",
+        "type_info": "Int8"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8Array"
+      ]
+    },
+    "nullable": [
+      false,
+      false
+    ]
+  },
+  "hash": "e88ab785893c4ea26e633eef766e7259623eb4323337a480d99f5448310e65eb"
+}
diff --git a/apps/labrinth/.sqlx/query-ed027c5571c34ff4fd1ac50e96f257b0055c9497d2699927b34829490e7a2529.json b/apps/labrinth/.sqlx/query-ed027c5571c34ff4fd1ac50e96f257b0055c9497d2699927b34829490e7a2529.json
new file mode 100644
index 0000000000..1b14566eb0
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-ed027c5571c34ff4fd1ac50e96f257b0055c9497d2699927b34829490e7a2529.json
@@ -0,0 +1,12 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\tdelete from project_attribution_groups g\n\t\twhere not exists (\n\t\t\tselect 1 from project_attribution_files f where f.group_id = g.id\n\t\t)\n\t\t",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": []
+    },
+    "nullable": []
+  },
+  "hash": "ed027c5571c34ff4fd1ac50e96f257b0055c9497d2699927b34829490e7a2529"
+}
diff --git a/apps/labrinth/.sqlx/query-f9131eb55490b96851ac3760e3199d2fd2dbb3d212cb2b8687dda8ba0fad2a80.json b/apps/labrinth/.sqlx/query-f9131eb55490b96851ac3760e3199d2fd2dbb3d212cb2b8687dda8ba0fad2a80.json
new file mode 100644
index 0000000000..0ccd35ecd7
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-f9131eb55490b96851ac3760e3199d2fd2dbb3d212cb2b8687dda8ba0fad2a80.json
@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n                insert into project_attribution_groups (id, project_id, flame_project)\n                values ($1, $2, $3)\n                ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8",
+        "Jsonb"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "f9131eb55490b96851ac3760e3199d2fd2dbb3d212cb2b8687dda8ba0fad2a80"
+}
diff --git a/apps/labrinth/.sqlx/query-f9b96c70c83f1bf0112243602843abae6ddc8851fc623ccf0a23f87567763485.json b/apps/labrinth/.sqlx/query-f9b96c70c83f1bf0112243602843abae6ddc8851fc623ccf0a23f87567763485.json
new file mode 100644
index 0000000000..17bdd2c3af
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-f9b96c70c83f1bf0112243602843abae6ddc8851fc623ccf0a23f87567763485.json
@@ -0,0 +1,40 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        SELECT encode(mef.sha1, 'escape') sha1, mel.id, mel.status status, mel.link\n        FROM moderation_external_files mef\n        INNER JOIN moderation_external_licenses mel ON mef.external_license_id = mel.id\n        WHERE mef.sha1 = ANY($1)\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "sha1",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 1,
+        "name": "id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 2,
+        "name": "status",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 3,
+        "name": "link",
+        "type_info": "Text"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "ByteaArray"
+      ]
+    },
+    "nullable": [
+      null,
+      false,
+      false,
+      true
+    ]
+  },
+  "hash": "f9b96c70c83f1bf0112243602843abae6ddc8851fc623ccf0a23f87567763485"
+}
diff --git a/apps/labrinth/.sqlx/query-fe4ff6ab40fe3dc3d474c0c23c9dba514c66ac30e573fc5f4e44ed7ff360d3d6.json b/apps/labrinth/.sqlx/query-fe4ff6ab40fe3dc3d474c0c23c9dba514c66ac30e573fc5f4e44ed7ff360d3d6.json
new file mode 100644
index 0000000000..99a5a8243f
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-fe4ff6ab40fe3dc3d474c0c23c9dba514c66ac30e573fc5f4e44ed7ff360d3d6.json
@@ -0,0 +1,22 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        SELECT DISTINCT ON (dr.id)\n            to_jsonb(dr)\n            || jsonb_build_object(\n                'report_id', dr.id,\n                'file_id', to_base62(f.id),\n                'version_id', to_base62(v.id),\n                'project_id', to_base62(v.mod_id),\n                'file_name', f.filename,\n                'file_size', f.size,\n                'flag_reason', 'delphi',\n                'download_url', f.url,\n                -- TODO: replace with `json_array` in Postgres 16\n\t\t\t\t'issues', (\n\t\t\t\t\tSELECT coalesce(json_agg(\n\t\t\t\t\t\tto_jsonb(dri)\n\t\t\t\t\t\t|| jsonb_build_object(\n\t\t\t\t\t\t\t-- TODO: replace with `json_array` in Postgres 16\n\t\t\t\t\t\t\t'details', (\n\t\t\t\t\t\t\t\tSELECT coalesce(jsonb_agg(\n                                    jsonb_build_object(\n                                        'id', didws.id,\n                                        'issue_id', didws.issue_id,\n                                        'key', didws.key,\n                                        'file_path', didws.file_path,\n                                        'decompiled_source', didws.decompiled_source,\n                                        'data', didws.data,\n                                        'severity', didws.severity,\n                                        'status', didws.status\n                                    )\n                                ), '[]'::jsonb)\n                                FROM delphi_issue_details_with_statuses didws\n                                WHERE didws.issue_id = dri.id\n                            )\n\t\t\t\t\t\t)\n\t\t\t\t\t), '[]'::json)\n\t\t\t\t\tFROM delphi_report_issues dri\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tdri.report_id = dr.id\n                        -- see delphi.rs todo comment\n                        AND dri.issue_type != '__dummy'\n                )\n            ) AS \"data!: sqlx::types::Json<FileReport>\"\n        FROM delphi_reports dr\n        INNER JOIN files f ON f.id = dr.file_id\n        INNER JOIN versions v ON v.id = f.version_id\n        WHERE dr.id = $1\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "data!: sqlx::types::Json<FileReport>",
+        "type_info": "Jsonb"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "fe4ff6ab40fe3dc3d474c0c23c9dba514c66ac30e573fc5f4e44ed7ff360d3d6"
+}
diff --git a/apps/labrinth/AGENTS.md b/apps/labrinth/AGENTS.md
index 8cd2edd6c8..6398fdfbc7 100644
--- a/apps/labrinth/AGENTS.md
+++ b/apps/labrinth/AGENTS.md
@@ -6,7 +6,7 @@
   - `ApiError::Request` instead of `ApiError::InvalidInput`
   - `ApiError::Auth` instead of `ApiError::CustomAuthentication`
   - `ApiError::Internal` for database errors, 3rd party service errors, anything else internal
-  - Use `eyre!` to construct a value for `Internal` and `Request` variants
+  - Use `eyre!` to construct a value for `Internal`, `Request`, and `Auth` variants
 - Error messages (both for errors and exceptions) must be formatted as per the Rust API guidelines:
   - lowercase message
   - no trailing punctuation
@@ -29,3 +29,6 @@
 - You can force a search reindex by:
   - Running `cd apps/labrinth && cargo run -p labrinth -- --run-background-task index-search` (prefer this if backend is running locally)
   - Hitting the force reindex admin endpoint
+- To seed the database locally: `psql postgresql://labrinth:labrinth@localhost/labrinth -f apps/labrinth/fixtures/labrinth-seed-data-202508052143.sql
+`
+- When writing `sqlx` queries, prefer `r#` raw strings over escaping quotes
diff --git a/apps/labrinth/AGENTS.md~HEAD b/apps/labrinth/AGENTS.md~HEAD
new file mode 100644
index 0000000000..0b73458d53
--- /dev/null
+++ b/apps/labrinth/AGENTS.md~HEAD
@@ -0,0 +1,34 @@
+# Labrinth
+
+Labrinth is the backend API service for Modrinth, written in Rust.
+
+## Code style
+
+- When writing `sqlx` queries, NEVER use `query` directly. Always prefer using the `query!`, `query_as!`, `query_scalar!` macros.
+
+## Pre-PR Checks
+
+When the user refers to "perform[ing] pre-PR checks", do the following:
+
+- Run `cargo clippy -p labrinth --all-targets` — there must be ZERO warnings, otherwise CI will fail
+- DO NOT run tests unless explicitly requested (they take a long time)
+- Prepare the sqlx cache: cd into `apps/labrinth` and run `cargo sqlx prepare -- --tests`
+	- NEVER run `cargo sqlx prepare --workspace`
+
+## Testing
+
+- Run `cargo test -p labrinth --all-targets` to test your changes — all tests must pass
+
+## Local Services
+
+- Read the root `docker-compose.yml` to see what running services are available while developing
+- Use `docker exec` to access these services
+
+### Clickhouse
+
+- Access: `docker exec labrinth-clickhouse clickhouse-client`
+- Database: `staging_ariadne`
+
+### Postgres
+
+- Access: `docker exec labrinth-postgres psql -U labrinth -d labrinth -c "<query>"`
diff --git a/apps/labrinth/migrations/20260423114534_project_attribution.sql b/apps/labrinth/migrations/20260423114534_project_attribution.sql
new file mode 100644
index 0000000000..805d85d870
--- /dev/null
+++ b/apps/labrinth/migrations/20260423114534_project_attribution.sql
@@ -0,0 +1,33 @@
+create table file_scans (
+	file_id bigint primary key references files(id),
+	-- if a file..
+	-- - does not have a row
+	--   -> was created before attributions system
+	-- - has a row, but `attributions_scanned_at = null`
+	--   -> still needs to be scanned
+	-- - has a row, and `attributions_scanned_at` is not null
+	--   -> attributions have been scanned
+	attributions_scanned_at timestamptz
+);
+
+create table project_attribution_groups (
+	id bigint primary key,
+	project_id bigint not null references mods(id),
+	flame_project jsonb,
+	attribution jsonb,
+	attributed_at timestamptz,
+	attributed_by bigint references users(id)
+);
+create index on project_attribution_groups (project_id);
+
+create table project_attribution_files (
+	group_id bigint not null references project_attribution_groups(id),
+	name text not null,
+	sha1 bytea not null
+);
+
+create table override_file_sources (
+	sha1 bytea not null,
+	file_id bigint not null references files(id),
+	primary key (sha1, file_id)
+);
diff --git a/apps/labrinth/migrations/20260519143157_fix_file_attribution_deletion.sql b/apps/labrinth/migrations/20260519143157_fix_file_attribution_deletion.sql
new file mode 100644
index 0000000000..473dbda6e9
--- /dev/null
+++ b/apps/labrinth/migrations/20260519143157_fix_file_attribution_deletion.sql
@@ -0,0 +1,19 @@
+alter table file_scans
+	drop constraint file_scans_file_id_fkey,
+	add constraint file_scans_file_id_fkey
+		foreign key (file_id) references files(id) on delete cascade;
+
+alter table project_attribution_groups
+	drop constraint project_attribution_groups_project_id_fkey,
+	add constraint project_attribution_groups_project_id_fkey
+		foreign key (project_id) references mods(id) on delete cascade;
+
+alter table project_attribution_files
+	drop constraint project_attribution_files_group_id_fkey,
+	add constraint project_attribution_files_group_id_fkey
+		foreign key (group_id) references project_attribution_groups(id) on delete cascade;
+
+alter table override_file_sources
+	drop constraint override_file_sources_file_id_fkey,
+	add constraint override_file_sources_file_id_fkey
+		foreign key (file_id) references files(id) on delete cascade;
diff --git a/apps/labrinth/migrations/20260521120000_project_attribution_external_license.sql b/apps/labrinth/migrations/20260521120000_project_attribution_external_license.sql
new file mode 100644
index 0000000000..9007b0aa43
--- /dev/null
+++ b/apps/labrinth/migrations/20260521120000_project_attribution_external_license.sql
@@ -0,0 +1,36 @@
+alter table project_attribution_files
+	add column moderation_external_license_id bigint references moderation_external_licenses(id);
+
+create table attributions_exemptions (
+	version_id bigint references versions(id) on delete cascade,
+	project_id bigint references mods(id) on delete cascade,
+	check ((version_id is null) != (project_id is null))
+);
+
+create unique index attributions_exemptions_version_id_idx
+	on attributions_exemptions (version_id)
+	where version_id is not null;
+
+create unique index attributions_exemptions_project_id_idx
+	on attributions_exemptions (project_id)
+	where project_id is not null;
+
+create view attribution_enforced_versions as
+select v.id
+from versions v
+where not exists (
+	select 1
+	from attributions_exemptions ae
+	where ae.version_id = v.id or ae.project_id = v.mod_id
+);
+
+-- grandfathering migration:
+-- insert into attributions_exemptions (version_id)
+-- select id
+-- from versions
+-- on conflict do nothing;
+--
+-- insert into attributions_exemptions (project_id)
+-- select id
+-- from mods
+-- on conflict do nothing;
diff --git a/apps/labrinth/migrations/20260623120000_unique_project_attribution_files.sql b/apps/labrinth/migrations/20260623120000_unique_project_attribution_files.sql
new file mode 100644
index 0000000000..2c026a6544
--- /dev/null
+++ b/apps/labrinth/migrations/20260623120000_unique_project_attribution_files.sql
@@ -0,0 +1,20 @@
+alter table project_attribution_files
+	add constraint project_attribution_files_group_id_sha1_key unique (group_id, sha1);
+
+-- manually run:
+--
+-- delete from project_attribution_files paf
+-- using (
+--     select ctid
+--     from (
+--         select
+--             ctid,
+--             row_number() over (
+--                 partition by group_id, sha1
+--                 order by moderation_external_license_id nulls last, name
+--             ) as row_number
+--         from project_attribution_files
+--     ) duplicates
+--     where row_number > 1
+-- ) duplicates
+-- where paf.ctid = duplicates.ctid;
diff --git a/apps/labrinth/src/auth/checks.rs b/apps/labrinth/src/auth/checks.rs
index 329e071042..970f9ab7b2 100644
--- a/apps/labrinth/src/auth/checks.rs
+++ b/apps/labrinth/src/auth/checks.rs
@@ -5,11 +5,39 @@ use crate::database::models::version_item::VersionQueryResult;
 use crate::database::models::{DBCollection, DBOrganization, DBTeamMember};
 use crate::database::redis::RedisPool;
 use crate::database::{DBProject, DBVersion, models};
+use crate::models::ids::FileId;
+use crate::models::projects::{
+    MissingAttributionFile, OverrideSource, Version,
+};
 use crate::models::users::User;
+use crate::queue::file_scan::{
+    get_dependency_attributions, get_files_missing_attribution,
+};
 use crate::routes::ApiError;
 use futures::TryStreamExt;
 use itertools::Itertools;
 
+pub async fn enrich_dependency_attributions(
+    versions: &mut [VersionQueryResult],
+    pool: &PgPool,
+) {
+    let version_ids = versions.iter().map(|v| v.inner.id).collect::<Vec<_>>();
+    let dep_attr = get_dependency_attributions(pool, &version_ids)
+        .await
+        .unwrap_or_default();
+
+    for version in versions {
+        for dep in &mut version.dependencies {
+            if let Some(attr) = dep_attr.get(&dep.id)
+                && (attr.attribution.flame_project.is_some()
+                    || attr.attribution.resolution.is_some())
+            {
+                dep.attribution = Some(attr.attribution.clone());
+            }
+        }
+    }
+}
+
 pub trait ValidateAuthorized {
     fn validate_authorized(
         &self,
@@ -204,7 +232,42 @@ pub async fn filter_visible_versions(
     )
     .await?;
     versions.retain(|x| filtered_version_ids.contains(&x.inner.id));
-    Ok(versions.into_iter().map(|x| x.into()).collect())
+
+    let version_ids: Vec<_> = versions.iter().map(|v| v.inner.id).collect();
+    let missing = get_files_missing_attribution(pool, &version_ids)
+        .await
+        .unwrap_or_default();
+
+    enrich_dependency_attributions(&mut versions, pool).await;
+
+    Ok(versions
+        .into_iter()
+        .map(|v| {
+            let files_missing = missing
+                .get(&v.inner.id)
+                .map(|entries| {
+                    entries
+                        .iter()
+                        .map(|(id, fp)| MissingAttributionFile {
+                            id: FileId(id.0 as u64),
+                            override_source: fp
+                                .as_ref()
+                                .map(|p| OverrideSource::Flame {
+                                    id: p.id,
+                                    title: p.title.clone(),
+                                    url: p.url.clone(),
+                                    icon_url: p.icon_url.clone(),
+                                })
+                                .or(Some(OverrideSource::Unknown)),
+                        })
+                        .collect::<Vec<_>>()
+                })
+                .unwrap_or_default();
+            let mut version = Version::from(v);
+            version.files_missing_attribution = files_missing;
+            version
+        })
+        .collect())
 }
 
 impl ValidateAuthorized for models::DBOAuthClient {
@@ -258,13 +321,20 @@ pub async fn filter_visible_version_ids(
         filter_enlisted_version_ids(versions.clone(), user_option, pool, redis)
             .await?;
 
+    let version_ids: Vec<_> = versions.iter().map(|v| v.id).collect();
+    let withheld_versions = get_files_missing_attribution(pool, &version_ids)
+        .await
+        .unwrap_or_default();
+
     // Return versions that are not hidden, we are a mod of, or we are enlisted on the team of
     for version in versions {
+        let is_withheld = withheld_versions.contains_key(&version.id);
         // We can see the version if:
-        // - it's not hidden and we can see the project
+        // - it's not hidden and we can see the project and it's not withheld for attribution
         // - we are a mod
         // - we are enlisted on the team of the mod
         if (!version.status.is_hidden()
+            && !is_withheld
             && visible_project_ids.contains(&version.project_id))
             || user_option.as_ref().is_some_and(|x| x.role.is_mod())
             || enlisted_version_ids.contains(&version.id)
diff --git a/apps/labrinth/src/background_task.rs b/apps/labrinth/src/background_task.rs
index 08f0cf914c..688fe84b9d 100644
--- a/apps/labrinth/src/background_task.rs
+++ b/apps/labrinth/src/background_task.rs
@@ -3,10 +3,12 @@ use crate::database::PgPool;
 use crate::database::models::ids::DBUserId;
 use crate::database::models::notification_item::NotificationBuilder;
 use crate::database::redis::RedisPool;
+use crate::file_hosting::FileHost;
 use crate::models::notifications::NotificationBody;
 use crate::queue::analytics::cache::cache_analytics;
 use crate::queue::billing::{index_billing, index_subscriptions};
 use crate::queue::email::EmailQueue;
+use crate::queue::file_scan::scan_all_files;
 use crate::queue::payouts::{
     PayoutsQueue, index_payouts_notifications,
     insert_bank_balances_and_webhook, process_affiliate_payouts,
@@ -38,6 +40,10 @@ pub enum BackgroundTask {
     /// Attempts to ping Minecraft Java servers as if we were a client, to
     /// collect info on if they're online, game version, description, etc.
     PingMinecraftJavaServers,
+    /// Finds files of versions which have not been scanned for attributions
+    /// yet, extracts them to find file overrides, and finds any overrides which
+    /// require attribution from the creator.
+    ScanFiles,
     /// Queues Discord Creator Club role claim emails for newly eligible users.
     DiscordRoleEmailCampaign,
 }
@@ -50,6 +56,7 @@ impl BackgroundTask {
         ro_pool: PgPool,
         redis_pool: RedisPool,
         search_backend: web::Data<dyn SearchBackend>,
+        file_host: web::Data<dyn FileHost>,
         kafka_client: web::Data<crate::util::kafka::KafkaClientState>,
         clickhouse: clickhouse::Client,
         stripe_client: stripe::Client,
@@ -112,6 +119,7 @@ impl BackgroundTask {
                 )
                 .await
             }
+            ScanFiles => scan_all_files(&pool, &redis_pool, &**file_host).await,
             DiscordRoleEmailCampaign => {
                 discord_role_email_campaign(pool, redis_pool).await
             }
diff --git a/apps/labrinth/src/database/models/ids.rs b/apps/labrinth/src/database/models/ids.rs
index 1ebb09b27d..5e585362a1 100644
--- a/apps/labrinth/src/database/models/ids.rs
+++ b/apps/labrinth/src/database/models/ids.rs
@@ -1,12 +1,13 @@
 use super::DatabaseError;
 use crate::database::PgTransaction;
 use crate::models::ids::{
-    AffiliateCodeId, AnalyticsEventId, CampaignDonationId, ChargeId,
-    CollectionId, FileId, ImageId, NotificationId, OAuthAccessTokenId,
-    OAuthClientAuthorizationId, OAuthClientId, OAuthRedirectUriId,
-    OrganizationId, PatId, PayoutId, ProductId, ProductPriceId, ProjectId,
-    ReportId, SessionId, SharedInstanceId, SharedInstanceVersionId, TeamId,
-    TeamMemberId, ThreadId, ThreadMessageId, UserSubscriptionId, VersionId,
+    AffiliateCodeId, AnalyticsEventId, AttributionGroupId, CampaignDonationId,
+    ChargeId, CollectionId, FileId, ImageId, NotificationId,
+    OAuthAccessTokenId, OAuthClientAuthorizationId, OAuthClientId,
+    OAuthRedirectUriId, OrganizationId, PatId, PayoutId, ProductId,
+    ProductPriceId, ProjectId, ReportId, SessionId, SharedInstanceId,
+    SharedInstanceVersionId, TeamId, TeamMemberId, ThreadId, ThreadMessageId,
+    UserSubscriptionId, VersionId,
 };
 use ariadne::ids::base62_impl::to_base62;
 use ariadne::ids::{UserId, random_base62_rng, random_base62_rng_range};
@@ -172,6 +173,10 @@ db_id_interface!(
     CollectionId,
     generator: generate_collection_id @ "collections",
 );
+db_id_interface!(
+    AttributionGroupId,
+    generator: generate_attribution_group_id @ "project_attribution_groups",
+);
 db_id_interface!(
     FileId,
     generator: generate_file_id @ "files",
diff --git a/apps/labrinth/src/database/models/project_item.rs b/apps/labrinth/src/database/models/project_item.rs
index 904f799e62..9fa9091a9b 100644
--- a/apps/labrinth/src/database/models/project_item.rs
+++ b/apps/labrinth/src/database/models/project_item.rs
@@ -6,6 +6,7 @@ use super::{DBUser, ids::*};
 use crate::database::models::DatabaseError;
 use crate::database::redis::RedisPool;
 use crate::database::{PgTransaction, models};
+use crate::file_hosting::FileHost;
 use crate::models::exp;
 use crate::models::ids::ProjectId;
 use crate::models::projects::{
@@ -187,6 +188,8 @@ impl ProjectBuilder {
     pub async fn insert(
         self,
         transaction: &mut PgTransaction<'_>,
+        redis: &RedisPool,
+        file_host: &dyn FileHost,
         http: &reqwest::Client,
     ) -> Result<DBProjectId, DatabaseError> {
         let project_struct = DBProject {
@@ -235,7 +238,7 @@ impl ProjectBuilder {
 
         for mut version in self.initial_versions {
             version.project_id = self.project_id;
-            version.insert(&mut *transaction, http).await?;
+            version.insert(transaction, redis, file_host, http).await?;
         }
 
         LinkUrl::insert_many_projects(
diff --git a/apps/labrinth/src/database/models/version_item.rs b/apps/labrinth/src/database/models/version_item.rs
index 6ffaf90c7f..4bae414aa4 100644
--- a/apps/labrinth/src/database/models/version_item.rs
+++ b/apps/labrinth/src/database/models/version_item.rs
@@ -6,8 +6,11 @@ use crate::database::models::loader_fields::{
     QueryLoaderField, QueryLoaderFieldEnumValue, QueryVersionField,
 };
 use crate::database::redis::RedisPool;
+use crate::file_hosting::FileHost;
 use crate::models::exp;
+
 use crate::models::projects::{FileType, VersionStatus};
+use crate::queue::file_scan::scan_file;
 use crate::routes::internal::delphi::DelphiRunParameters;
 use chrono::{DateTime, Utc};
 use dashmap::{DashMap, DashSet};
@@ -17,10 +20,31 @@ use serde::{Deserialize, Serialize};
 use std::cmp::Ordering;
 use std::collections::HashMap;
 use std::iter;
+use tracing::error;
 
 pub const VERSIONS_NAMESPACE: &str = "versions";
 const VERSION_FILES_NAMESPACE: &str = "versions_files";
 
+pub async fn cleanup_empty_attribution_groups(
+    transaction: &mut PgTransaction<'_>,
+) -> Result<(), DatabaseError> {
+    sqlx::query!(
+        "
+        DELETE FROM project_attribution_groups g
+        WHERE NOT EXISTS (
+            SELECT 1
+            FROM project_attribution_files paf
+            INNER JOIN override_file_sources ofs ON ofs.sha1 = paf.sha1
+            WHERE paf.group_id = g.id
+        )
+        ",
+    )
+    .execute(&mut *transaction)
+    .await?;
+
+    Ok(())
+}
+
 #[derive(Clone)]
 pub struct VersionBuilder {
     pub version_id: DBVersionId,
@@ -134,7 +158,10 @@ impl VersionFileBuilder {
     pub async fn insert(
         self,
         version_id: DBVersionId,
+        project_id: DBProjectId,
         transaction: &mut PgTransaction<'_>,
+        redis: &RedisPool,
+        file_host: &dyn FileHost,
         http: &reqwest::Client,
     ) -> Result<DBFileId, DatabaseError> {
         let file_id = generate_file_id(&mut *transaction).await?;
@@ -169,6 +196,22 @@ impl VersionFileBuilder {
             .await?;
         }
 
+        let attribution_scan = sqlx::query!(
+            "
+            INSERT INTO file_scans (file_id)
+            SELECT $1
+            WHERE EXISTS (
+                SELECT 1
+                FROM attribution_enforced_versions
+                WHERE id = $2
+            )
+            ",
+            file_id as DBFileId,
+            version_id as DBVersionId,
+        )
+        .execute(&mut *transaction)
+        .await?;
+
         if let Err(err) = crate::routes::internal::delphi::run(
             &mut *transaction,
             DelphiRunParameters {
@@ -178,7 +221,21 @@ impl VersionFileBuilder {
         )
         .await
         {
-            tracing::error!("Error submitting new file to Delphi: {err}");
+            error!("Error submitting new file to Delphi: {err:?}");
+        }
+
+        if attribution_scan.rows_affected() > 0
+            && let Err(err) = scan_file(
+                &mut *transaction,
+                redis,
+                file_host,
+                project_id,
+                file_id,
+                &self.url,
+            )
+            .await
+        {
+            error!("Error scanning new file {file_id:?}: {err:?}");
         }
 
         Ok(file_id)
@@ -195,6 +252,8 @@ impl VersionBuilder {
     pub async fn insert(
         self,
         transaction: &mut PgTransaction<'_>,
+        redis: &RedisPool,
+        file_host: &dyn FileHost,
         http: &reqwest::Client,
     ) -> Result<DBVersionId, DatabaseError> {
         let version = DBVersion {
@@ -236,7 +295,15 @@ impl VersionBuilder {
         } = self;
 
         for file in files {
-            file.insert(version_id, transaction, http).await?;
+            file.insert(
+                version_id,
+                self.project_id,
+                transaction,
+                redis,
+                file_host,
+                http,
+            )
+            .await?;
         }
 
         DependencyBuilder::insert_many(
@@ -426,6 +493,8 @@ impl DBVersion {
         .execute(&mut *transaction)
         .await?;
 
+        cleanup_empty_attribution_groups(transaction).await?;
+
         // Sync dependencies
 
         let project_id = sqlx::query!(
@@ -716,7 +785,7 @@ impl DBVersion {
 
                 let dependencies : DashMap<DBVersionId, Vec<DependencyQueryResult>> = sqlx::query!(
                     "
-                    SELECT DISTINCT dependent_id as version_id, d.mod_dependency_id as dependency_project_id, d.dependency_id as dependency_version_id, d.dependency_file_name as file_name, d.dependency_type as dependency_type
+                    SELECT DISTINCT d.id as dependency_id, dependent_id as version_id, d.mod_dependency_id as dependency_project_id, d.dependency_id as dependency_version_id, d.dependency_file_name as file_name, d.dependency_type as dependency_type
                     FROM dependencies d
                     WHERE dependent_id = ANY($1)
                     ",
@@ -724,10 +793,12 @@ impl DBVersion {
                 ).fetch(&mut exec)
                     .try_fold(DashMap::new(), |acc : DashMap<_,Vec<DependencyQueryResult>>, m| {
                         let dependency = DependencyQueryResult {
+                            id: m.dependency_id,
                             project_id: m.dependency_project_id.map(DBProjectId),
                             version_id: m.dependency_version_id.map(DBVersionId),
                             file_name: m.file_name,
                             dependency_type: m.dependency_type,
+                            attribution: None,
                         };
 
                         acc.entry(DBVersionId(m.version_id))
@@ -862,14 +933,14 @@ impl DBVersion {
             })
     }
 
-    pub async fn get_files_from_hash<'a, 'b, E>(
+    pub async fn get_files_from_hash<'a, E>(
         algorithm: String,
         hashes: &[String],
         executor: E,
         redis: &RedisPool,
     ) -> Result<Vec<DBFile>, DatabaseError>
     where
-        E: crate::database::Executor<'a, Database = sqlx::Postgres> + Copy,
+        E: crate::database::Executor<'a, Database = sqlx::Postgres>,
     {
         let val = redis.get_cached_keys(
             VERSION_FILES_NAMESPACE,
@@ -977,10 +1048,12 @@ pub struct VersionQueryResult {
 
 #[derive(Clone, Deserialize, Serialize, PartialEq, Eq)]
 pub struct DependencyQueryResult {
+    pub id: i32,
     pub project_id: Option<DBProjectId>,
     pub version_id: Option<DBVersionId>,
     pub file_name: Option<String>,
     pub dependency_type: String,
+    pub attribution: Option<crate::models::projects::DependencyAttribution>,
 }
 
 #[derive(Clone, Deserialize, Serialize, PartialEq, Eq)]
diff --git a/apps/labrinth/src/file_hosting/mock.rs b/apps/labrinth/src/file_hosting/mock.rs
index 3e414bd393..8f18da5334 100644
--- a/apps/labrinth/src/file_hosting/mock.rs
+++ b/apps/labrinth/src/file_hosting/mock.rs
@@ -29,9 +29,7 @@ impl FileHost for MockHost {
         file_publicity: FileHostPublicity,
         file_bytes: Bytes,
     ) -> Result<UploadFileData, FileHostingError> {
-        let file_name = urlencoding::decode(file_name)
-            .map_err(|_| FileHostingError::InvalidFilename)?;
-        let path = get_file_path(&file_name, file_publicity);
+        let path = get_file_path(file_name, file_publicity);
         std::fs::create_dir_all(
             path.parent().ok_or(FileHostingError::InvalidFilename)?,
         )?;
@@ -72,6 +70,16 @@ impl FileHost for MockHost {
             file_name: file_name.to_string(),
         })
     }
+
+    async fn read_file(
+        &self,
+        file_name: &str,
+        file_publicity: FileHostPublicity,
+    ) -> Result<Bytes, FileHostingError> {
+        let path = get_file_path(file_name, file_publicity);
+        let data = std::fs::read(&path)?;
+        Ok(Bytes::from(data))
+    }
 }
 
 fn get_file_path(
diff --git a/apps/labrinth/src/file_hosting/mod.rs b/apps/labrinth/src/file_hosting/mod.rs
index 667f4cb21e..29fd25d8cf 100644
--- a/apps/labrinth/src/file_hosting/mod.rs
+++ b/apps/labrinth/src/file_hosting/mod.rs
@@ -45,7 +45,11 @@ pub enum FileHostPublicity {
 }
 
 #[async_trait]
-pub trait FileHost {
+pub trait FileHost: Send + Sync {
+    /// Uploads a file at the exact storage key provided.
+    ///
+    /// Callers must URL-decode keys derived from public URLs before passing
+    /// them here, and URL-encode this key before exposing it in a public URL.
     async fn upload_file(
         &self,
         content_type: &str,
@@ -54,17 +58,35 @@ pub trait FileHost {
         file_bytes: Bytes,
     ) -> Result<UploadFileData, FileHostingError>;
 
+    /// Returns a private URL for the exact storage key provided.
+    ///
+    /// Callers must URL-decode keys derived from public URLs before passing
+    /// them here.
     async fn get_url_for_private_file(
         &self,
         file_name: &str,
         expiry_secs: u32,
     ) -> Result<String, FileHostingError>;
 
+    /// Deletes the file at the exact storage key provided.
+    ///
+    /// Callers must URL-decode keys derived from public URLs before passing
+    /// them here.
     async fn delete_file(
         &self,
         file_name: &str,
         file_publicity: FileHostPublicity,
     ) -> Result<DeleteFileData, FileHostingError>;
+
+    /// Reads the file at the exact storage key provided.
+    ///
+    /// Callers must URL-decode keys derived from public URLs before passing
+    /// them here.
+    async fn read_file(
+        &self,
+        file_name: &str,
+        file_publicity: FileHostPublicity,
+    ) -> Result<Bytes, FileHostingError>;
 }
 
 #[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
diff --git a/apps/labrinth/src/file_hosting/s3_host.rs b/apps/labrinth/src/file_hosting/s3_host.rs
index 56bd0ef45c..558e4d5086 100644
--- a/apps/labrinth/src/file_hosting/s3_host.rs
+++ b/apps/labrinth/src/file_hosting/s3_host.rs
@@ -169,4 +169,28 @@ impl FileHost for S3Host {
             file_name: file_name.to_string(),
         })
     }
+
+    async fn read_file(
+        &self,
+        file_name: &str,
+        file_publicity: FileHostPublicity,
+    ) -> Result<Bytes, FileHostingError> {
+        let bucket = self.get_bucket(file_publicity);
+
+        let response = bucket
+            .client
+            .get_object()
+            .bucket(bucket.name.as_str())
+            .key(file_name)
+            .send()
+            .await
+            .map_err(|e| s3_error("reading file", e))?;
+
+        Ok(response
+            .body
+            .collect()
+            .await
+            .map_err(|e| s3_error("reading file body", e))?
+            .into_bytes())
+    }
 }
diff --git a/apps/labrinth/src/lib.rs b/apps/labrinth/src/lib.rs
index d6da0785b5..1d64722707 100644
--- a/apps/labrinth/src/lib.rs
+++ b/apps/labrinth/src/lib.rs
@@ -58,7 +58,7 @@ pub struct LabrinthConfig {
     pub ro_pool: ReadOnlyPgPool,
     pub redis_pool: RedisPool,
     pub clickhouse: Client,
-    pub file_host: Arc<dyn file_hosting::FileHost + Send + Sync>,
+    pub file_host: web::Data<dyn file_hosting::FileHost>,
     pub scheduler: Arc<scheduler::Scheduler>,
     pub ip_salt: Pepper,
     pub search_state: web::Data<search::SearchState>,
@@ -85,7 +85,7 @@ pub fn app_setup(
     redis_pool: RedisPool,
     search_backend: actix_web::web::Data<dyn search::SearchBackend>,
     clickhouse: &mut Client,
-    file_host: Arc<dyn file_hosting::FileHost + Send + Sync>,
+    file_host: web::Data<dyn file_hosting::FileHost>,
     stripe_client: stripe::Client,
     anrok_client: anrok::Client,
     email_queue: EmailQueue,
@@ -359,7 +359,7 @@ pub fn app_config(
     .app_data(web::Data::new(labrinth_config.redis_pool.clone()))
     .app_data(web::Data::new(labrinth_config.pool.clone()))
     .app_data(web::Data::new(labrinth_config.ro_pool.clone()))
-    .app_data(web::Data::new(labrinth_config.file_host.clone()))
+    .app_data(labrinth_config.file_host.clone())
     .app_data(web::Data::from(
         labrinth_config.search_state.backend.clone(),
     ))
diff --git a/apps/labrinth/src/main.rs b/apps/labrinth/src/main.rs
index adda6b7faf..8b636f485e 100644
--- a/apps/labrinth/src/main.rs
+++ b/apps/labrinth/src/main.rs
@@ -2,14 +2,14 @@
 
 use actix_web::dev::Service;
 use actix_web::middleware::from_fn;
-use actix_web::{App, HttpServer};
+use actix_web::{App, HttpServer, web};
 use actix_web_prom::PrometheusMetricsBuilder;
 use clap::Parser;
 
 use labrinth::background_task::BackgroundTask;
 use labrinth::database::redis::RedisPool;
 use labrinth::env::ENV;
-use labrinth::file_hosting::{FileHostKind, S3BucketConfig, S3Host};
+use labrinth::file_hosting::{FileHost, FileHostKind, S3BucketConfig, S3Host};
 use labrinth::queue::email::EmailQueue;
 use labrinth::search;
 use labrinth::util::anrok;
@@ -111,44 +111,38 @@ async fn app() -> std::io::Result<()> {
     let redis_pool = RedisPool::new("");
 
     let storage_backend = ENV.STORAGE_BACKEND;
-    let file_host: Arc<dyn file_hosting::FileHost + Send + Sync> =
-        match storage_backend {
-            FileHostKind::S3 => {
-                let not_empty = |v: &str| -> String {
-                    assert!(!v.is_empty(), "S3 env var is empty");
-                    v.to_string()
-                };
-
-                Arc::new(
-                    S3Host::new(
-                        S3BucketConfig {
-                            name: not_empty(&ENV.S3_PUBLIC_BUCKET_NAME),
-                            uses_path_style: ENV
-                                .S3_PUBLIC_USES_PATH_STYLE_BUCKET,
-                            region: not_empty(&ENV.S3_PUBLIC_REGION),
-                            url: not_empty(&ENV.S3_PUBLIC_URL),
-                            access_token: not_empty(
-                                &ENV.S3_PUBLIC_ACCESS_TOKEN,
-                            ),
-                            secret: not_empty(&ENV.S3_PUBLIC_SECRET),
-                        },
-                        S3BucketConfig {
-                            name: not_empty(&ENV.S3_PRIVATE_BUCKET_NAME),
-                            uses_path_style: ENV
-                                .S3_PRIVATE_USES_PATH_STYLE_BUCKET,
-                            region: not_empty(&ENV.S3_PRIVATE_REGION),
-                            url: not_empty(&ENV.S3_PRIVATE_URL),
-                            access_token: not_empty(
-                                &ENV.S3_PRIVATE_ACCESS_TOKEN,
-                            ),
-                            secret: not_empty(&ENV.S3_PRIVATE_SECRET),
-                        },
-                    )
-                    .unwrap(),
+    let file_host: Arc<dyn FileHost> = match storage_backend {
+        FileHostKind::S3 => {
+            let not_empty = |v: &str| -> String {
+                assert!(!v.is_empty(), "S3 env var is empty");
+                v.to_string()
+            };
+
+            Arc::new(
+                S3Host::new(
+                    S3BucketConfig {
+                        name: not_empty(&ENV.S3_PUBLIC_BUCKET_NAME),
+                        uses_path_style: ENV.S3_PUBLIC_USES_PATH_STYLE_BUCKET,
+                        region: not_empty(&ENV.S3_PUBLIC_REGION),
+                        url: not_empty(&ENV.S3_PUBLIC_URL),
+                        access_token: not_empty(&ENV.S3_PUBLIC_ACCESS_TOKEN),
+                        secret: not_empty(&ENV.S3_PUBLIC_SECRET),
+                    },
+                    S3BucketConfig {
+                        name: not_empty(&ENV.S3_PRIVATE_BUCKET_NAME),
+                        uses_path_style: ENV.S3_PRIVATE_USES_PATH_STYLE_BUCKET,
+                        region: not_empty(&ENV.S3_PRIVATE_REGION),
+                        url: not_empty(&ENV.S3_PRIVATE_URL),
+                        access_token: not_empty(&ENV.S3_PRIVATE_ACCESS_TOKEN),
+                        secret: not_empty(&ENV.S3_PRIVATE_SECRET),
+                    },
                 )
-            }
-            FileHostKind::Local => Arc::new(file_hosting::MockHost::new()),
-        };
+                .unwrap(),
+            )
+        }
+        FileHostKind::Local => Arc::new(file_hosting::MockHost::new()),
+    };
+    let file_host = web::Data::<dyn FileHost>::from(file_host);
 
     info!("Initializing clickhouse connection");
     let mut clickhouse = clickhouse::init_client().await.unwrap();
@@ -178,6 +172,7 @@ async fn app() -> std::io::Result<()> {
             ro_pool.into_inner(),
             redis_pool,
             search_backend,
+            file_host,
             kafka_client,
             clickhouse,
             stripe_client,
diff --git a/apps/labrinth/src/models/v3/ids.rs b/apps/labrinth/src/models/v3/ids.rs
index d7919fe681..5d23815f4f 100644
--- a/apps/labrinth/src/models/v3/ids.rs
+++ b/apps/labrinth/src/models/v3/ids.rs
@@ -1,5 +1,6 @@
 use ariadne::ids::base62_id;
 
+base62_id!(AttributionGroupId);
 base62_id!(ChargeId);
 base62_id!(CampaignDonationId);
 base62_id!(CollectionId);
diff --git a/apps/labrinth/src/models/v3/projects.rs b/apps/labrinth/src/models/v3/projects.rs
index 92abe3fddb..5c31df5b35 100644
--- a/apps/labrinth/src/models/v3/projects.rs
+++ b/apps/labrinth/src/models/v3/projects.rs
@@ -12,6 +12,7 @@ use ariadne::ids::UserId;
 use chrono::{DateTime, Utc};
 use itertools::Itertools;
 use serde::{Deserialize, Serialize};
+use url::Url;
 use validator::Validate;
 
 /// A project returned from the API
@@ -645,6 +646,98 @@ impl SideTypesMigrationReviewStatus {
     }
 }
 
+#[derive(Debug, Serialize, Deserialize, Clone, utoipa::ToSchema)]
+pub struct MissingAttributionFile {
+    pub id: FileId,
+    pub override_source: Option<OverrideSource>,
+}
+
+#[derive(Debug, Serialize, Deserialize, Clone, utoipa::ToSchema)]
+#[serde(tag = "type", rename_all = "snake_case")]
+pub enum OverrideSource {
+    Flame {
+        id: u32,
+        title: String,
+        url: String,
+        icon_url: String,
+    },
+    Unknown,
+}
+
+#[derive(
+    Debug, Serialize, Deserialize, Clone, PartialEq, Eq, utoipa::ToSchema,
+)]
+pub struct FlameProject {
+    pub id: u32,
+    pub title: String,
+    pub url: String,
+    pub icon_url: String,
+}
+
+#[derive(
+    Debug, Serialize, Deserialize, Clone, PartialEq, Eq, utoipa::ToSchema,
+)]
+#[serde(untagged)]
+pub enum AttributionLicense {
+    Spdx(String),
+    Custom { name: String },
+}
+
+#[derive(
+    Debug, Serialize, Deserialize, Clone, PartialEq, Eq, utoipa::ToSchema,
+)]
+#[serde(tag = "kind", rename_all = "snake_case")]
+pub enum AttributionResolutionKind {
+    License {
+        license: AttributionLicense,
+        link_to_work: Url,
+    },
+    GloballyAllowed {
+        link_to_work: Url,
+    },
+    MyProject {
+        license: AttributionLicense,
+    },
+    SpecialPermissions {
+        link_to_work: Url,
+    },
+    NoPermission {
+        link_to_work: Option<Url>,
+    },
+}
+
+#[derive(Debug, Serialize, Deserialize, Clone, utoipa::ToSchema)]
+#[serde(tag = "kind", rename_all = "snake_case")]
+pub enum AttributionModerationStatusKind {
+    NotAllowed,
+    Approved,
+    BadProof,
+}
+
+#[derive(Debug, Serialize, Deserialize, Clone, utoipa::ToSchema)]
+pub struct AttributionModerationStatus {
+    #[serde(flatten)]
+    pub kind: AttributionModerationStatusKind,
+    #[serde(default)]
+    pub reason: String,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub moderated_at: Option<DateTime<Utc>>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub moderated_by: Option<UserId>,
+}
+
+#[derive(Debug, Serialize, Deserialize, Clone, utoipa::ToSchema)]
+pub struct AttributionResolution {
+    #[serde(flatten)]
+    pub kind: AttributionResolutionKind,
+    #[serde(default)]
+    pub moderation_status: Option<AttributionModerationStatus>,
+    #[serde(default)]
+    pub updated_by_moderator: bool,
+    pub notes: String,
+    pub image_urls: Vec<Url>,
+}
+
 /// A specific version of a project
 #[derive(Debug, Serialize, Deserialize, Clone, utoipa::ToSchema)]
 pub struct Version {
@@ -681,6 +774,9 @@ pub struct Version {
 
     /// A list of files available for download for this version.
     pub files: Vec<VersionFile>,
+    /// Files in this version that contain override files not yet attributed.
+    #[serde(default, skip_serializing_if = "Vec::is_empty")]
+    pub files_missing_attribution: Vec<MissingAttributionFile>,
     /// A list of projects that this version depends on.
     pub dependencies: Vec<Dependency>,
 
@@ -757,6 +853,7 @@ impl From<VersionQueryResult> for Version {
                     dependency_type: DependencyType::from_string(
                         d.dependency_type.as_str(),
                     ),
+                    attribution: d.attribution,
                 })
                 .collect(),
             loaders: data.loaders.into_iter().map(Loader).collect(),
@@ -768,6 +865,7 @@ impl From<VersionQueryResult> for Version {
                 .map(|vf| (vf.field_name, vf.value.serialize_internal()))
                 .collect(),
             components: data.components,
+            files_missing_attribution: Vec::new(),
         }
     }
 }
@@ -899,6 +997,18 @@ pub struct Dependency {
     pub file_name: Option<String>,
     /// The type of the dependency
     pub dependency_type: DependencyType,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub attribution: Option<DependencyAttribution>,
+}
+
+#[derive(
+    Serialize, Deserialize, Clone, Debug, PartialEq, Eq, utoipa::ToSchema,
+)]
+pub struct DependencyAttribution {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub flame_project: Option<FlameProject>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub resolution: Option<AttributionResolutionKind>,
 }
 
 #[derive(
diff --git a/apps/labrinth/src/queue/file_scan.rs b/apps/labrinth/src/queue/file_scan.rs
new file mode 100644
index 0000000000..d3978c4022
--- /dev/null
+++ b/apps/labrinth/src/queue/file_scan.rs
@@ -0,0 +1,1030 @@
+use std::collections::HashMap;
+use std::io::{Cursor, Read};
+
+use chrono::Utc;
+use eyre::{Result, eyre};
+use hex::ToHex;
+use sha1::Digest;
+use tokio::task::spawn_blocking;
+use tracing::{Instrument, info, info_span, warn};
+use zip::ZipArchive;
+
+use crate::database::models::ids::{
+    DBAttributionGroupId, DBProjectId, DBVersionId,
+    generate_attribution_group_id,
+};
+use crate::database::models::moderation_external_item::ExternalLicense;
+use crate::database::models::{DBFileId, DBUserId, DBVersion};
+use crate::database::{PgPool, PgTransaction, redis::RedisPool};
+use crate::env::ENV;
+use crate::file_hosting::{FileHost, FileHostPublicity};
+use crate::models::ids::FileId;
+use crate::models::projects::{
+    AttributionResolution, AttributionResolutionKind, DependencyAttribution,
+    FlameProject,
+};
+use crate::queue::moderation::{
+    ApprovalType, FingerprintResponse, FlameResponse,
+};
+use crate::util::error::Context;
+use crate::util::http::HTTP_CLIENT;
+
+/// Attribution enforcement is version/project-scoped, not file-hash-scoped.
+///
+/// Versions or projects listed in `attributions_exemptions` predate this
+/// attribution system. They are not scanned for attribution requirements and
+/// must not cause missing-attribution withholding. A later non-exempt version
+/// can still contain the same override SHA1 and create attribution groups/files
+/// for that SHA1. Because of that, reverse lookups from override SHA1s to
+/// versions must go through the `attribution_enforced_versions` view so
+/// grandfathered versions and projects are ignored without making the SHA1
+/// itself exempt.
+pub async fn scan_all_files(
+    db: &PgPool,
+    redis: &RedisPool,
+    file_host: &dyn FileHost,
+) -> Result<()> {
+    let mut txn = db.begin().await.wrap_err("beginning transaction")?;
+
+    let files_to_scan = sqlx::query!(
+        r#"
+        select
+            fa.file_id as "file_id: DBFileId",
+            f.url,
+            v.mod_id as "project_id: DBProjectId"
+        from file_scans fa
+        inner join files f on f.id = fa.file_id
+        inner join attribution_enforced_versions aev on aev.id = f.version_id
+        inner join versions v on v.id = f.version_id
+        where fa.attributions_scanned_at is null
+        "#
+    )
+    .fetch_all(&mut txn)
+    .await
+    .wrap_err("fetching files to scan")?;
+
+    info!("Found {} files to scan", files_to_scan.len());
+
+    let mut scanned_ids = Vec::new();
+
+    for row in files_to_scan {
+        let human_file_id = FileId::from(row.file_id);
+        let span = info_span!("scan", file_id = %human_file_id);
+        async {
+            info!("Scanning file");
+
+            let file_id = row.file_id;
+
+            let overrides = extract_override_files_from_storage(
+                file_host, file_id, &row.url,
+            )
+            .await
+            .wrap_err_with(|| {
+                eyre!("extracting overrides for file {file_id:?}")
+            })?;
+
+            if overrides.is_empty() {
+                info!("Found no overrides");
+            } else {
+                info!("Found {} overrides", overrides.len());
+
+                let resolved = resolve_overrides(&overrides, redis, &mut txn)
+                    .await
+                    .wrap_err_with(|| {
+                        eyre!("resolving overrides for file {file_id:?}")
+                    })?;
+                info!("Resolved: {resolved:#?}");
+
+                persist_attribution_results(
+                    row.project_id,
+                    file_id,
+                    &overrides,
+                    &resolved,
+                    &mut txn,
+                )
+                .await
+                .wrap_err_with(|| {
+                    eyre!("persisting attribution results for file {file_id:?}")
+                })?;
+            }
+
+            scanned_ids.push(file_id.0);
+            eyre::Ok(())
+        }
+        .instrument(span)
+        .await?;
+    }
+
+    if !scanned_ids.is_empty() {
+        let now = Utc::now();
+        sqlx::query!(
+            "
+            update file_scans
+            set attributions_scanned_at = now
+            from unnest($1::bigint[], $2::timestamptz[]) as u(id, now)
+            where file_scans.file_id = u.id
+            ",
+            &scanned_ids,
+            &vec![now; scanned_ids.len()],
+        )
+        .execute(&mut txn)
+        .await
+        .wrap_err("marking files as scanned")?;
+    }
+
+    info!("Marked {} files as scanned", scanned_ids.len());
+
+    txn.commit().await.wrap_err("committing transaction")?;
+
+    Ok(())
+}
+
+pub async fn scan_file(
+    txn: &mut PgTransaction<'_>,
+    redis: &RedisPool,
+    file_host: &dyn FileHost,
+    project_id: DBProjectId,
+    file_id: DBFileId,
+    file_url: &str,
+) -> Result<()> {
+    let overrides =
+        extract_override_files_from_storage(file_host, file_id, file_url)
+            .await
+            .wrap_err_with(|| {
+                eyre!("extracting overrides for file {file_id:?}")
+            })?;
+
+    if !overrides.is_empty() {
+        let resolved = resolve_overrides(&overrides, redis, txn)
+            .await
+            .wrap_err_with(|| {
+                eyre!("resolving overrides for file {file_id:?}")
+            })?;
+
+        persist_attribution_results(
+            project_id, file_id, &overrides, &resolved, txn,
+        )
+        .await
+        .wrap_err_with(|| {
+            eyre!("persisting attribution results for file {file_id:?}")
+        })?;
+    }
+
+    sqlx::query!(
+        "
+        insert into file_scans (file_id, attributions_scanned_at)
+        values ($1, now())
+        on conflict (file_id) do update set attributions_scanned_at = now()
+        ",
+        file_id.0,
+    )
+    .execute(&mut *txn)
+    .await
+    .wrap_err("marking file as scanned")?;
+
+    Ok(())
+}
+
+pub async fn scan_override_files(
+    file_host: &dyn FileHost,
+    file_id: DBFileId,
+    file_url: &str,
+) -> Result<Vec<OverrideFile>> {
+    extract_override_files_from_storage(file_host, file_id, file_url)
+        .await
+        .wrap_err_with(|| eyre!("extracting overrides for file {file_id:?}"))
+}
+
+async fn extract_override_files_from_storage(
+    file_host: &dyn FileHost,
+    file_id: DBFileId,
+    file_url: &str,
+) -> Result<Vec<OverrideFile>> {
+    let key = file_url
+        .strip_prefix(&ENV.CDN_URL)
+        .unwrap_or(file_url)
+        .trim_start_matches('/');
+    let key = urlencoding::decode(key).wrap_err("decoding file URL path")?;
+
+    let file_data = file_host
+        .read_file(&key, FileHostPublicity::Public)
+        .await
+        .wrap_err_with(|| {
+            eyre!("reading file {file_id:?} from storage at {key}")
+        })?;
+
+    spawn_blocking(move || extract_override_files(&file_data))
+        .await
+        .wrap_err("extracting override files")?
+        .wrap_err("extracting override files")
+}
+
+#[derive(Debug)]
+pub struct OverrideFile {
+    pub path: String,
+    pub sha1: String,
+    pub murmur2: u32,
+}
+
+#[derive(Debug)]
+pub enum OverrideResolution {
+    OnModrinth,
+    ExternalLicense {
+        id: i64,
+        status: ApprovalType,
+        link: Option<String>,
+        flame_project: Option<FlameProject>,
+    },
+    Flame(FlameProject),
+    Unknown,
+}
+
+const OVERRIDE_PREFIXES: &[&str] = &[
+    "overrides/mods",
+    "client-overrides/mods",
+    "server-overrides/mods",
+    "overrides/shaderpacks",
+    "client-overrides/shaderpacks",
+    "overrides/resourcepacks",
+    "client-overrides/resourcepacks",
+];
+
+fn extract_override_files(data: &[u8]) -> Result<Vec<OverrideFile>> {
+    let reader = Cursor::new(data);
+    let mut zip =
+        ZipArchive::new(reader).wrap_err("creating zip archive reader")?;
+
+    let mut files = Vec::new();
+
+    for i in 0..zip.len() {
+        let mut file = zip
+            .by_index(i)
+            .wrap_err_with(|| eyre!("reading file {i}"))?;
+        let name = file.name().to_string();
+
+        if file.is_dir() {
+            continue;
+        }
+
+        if !OVERRIDE_PREFIXES
+            .iter()
+            .any(|prefix| name.starts_with(prefix))
+        {
+            continue;
+        }
+
+        let should_scan_file = name.contains(".jar")
+            || (name.contains(".zip") && !name.ends_with(".zip.txt"));
+
+        if name.matches('/').count() > 2 || !should_scan_file {
+            continue;
+        }
+
+        let mut contents = Vec::new();
+        file.read_to_end(&mut contents)?;
+
+        let sha1 = sha1::Sha1::digest(&contents).encode_hex::<String>();
+        let murmur = hash_flame_murmur32(contents);
+
+        files.push(OverrideFile {
+            sha1,
+            murmur2: murmur,
+            path: name,
+        });
+    }
+
+    Ok(files)
+}
+
+async fn persist_attribution_results(
+    project_id: DBProjectId,
+    file_id: DBFileId,
+    overrides: &[OverrideFile],
+    resolved: &HashMap<String, OverrideResolution>,
+    txn: &mut PgTransaction<'_>,
+) -> Result<()> {
+    let all_sha1s: Vec<Vec<u8>> = overrides
+        .iter()
+        .map(|f| f.sha1.as_bytes().to_vec())
+        .collect();
+
+    let already_persisted: Vec<Vec<u8>> = sqlx::query_scalar!(
+        "
+        select paf.sha1 from project_attribution_files paf
+        inner join project_attribution_groups pag on pag.id = paf.group_id
+        where pag.project_id = $1 and paf.sha1 = ANY($2)
+        ",
+        project_id as DBProjectId,
+        &all_sha1s,
+    )
+    .fetch_all(&mut *txn)
+    .await
+    .wrap_err("checking existing attribution files")?;
+
+    let mut flame_groups: HashMap<
+        u32,
+        (Vec<&OverrideFile>, Option<&OverrideResolution>),
+    > = HashMap::new();
+    let mut external_license_files: Vec<(
+        &OverrideFile,
+        i64,
+        ApprovalType,
+        Option<String>,
+        Option<FlameProject>,
+    )> = Vec::new();
+    let mut unknown_files: Vec<&OverrideFile> = Vec::new();
+
+    for file in overrides {
+        if already_persisted
+            .iter()
+            .any(|s| s.as_slice() == file.sha1.as_bytes())
+        {
+            continue;
+        }
+
+        match resolved.get(&file.sha1) {
+            Some(OverrideResolution::OnModrinth) => continue,
+            Some(OverrideResolution::ExternalLicense {
+                id,
+                status,
+                link,
+                flame_project,
+            }) => {
+                external_license_files.push((
+                    file,
+                    *id,
+                    *status,
+                    link.clone(),
+                    flame_project.clone(),
+                ));
+            }
+            Some(res @ OverrideResolution::Flame(flame_project)) => {
+                let entry = flame_groups.entry(flame_project.id).or_default();
+                entry.0.push(file);
+                if entry.1.is_none() {
+                    entry.1 = Some(res);
+                }
+            }
+            Some(OverrideResolution::Unknown) | None => {
+                unknown_files.push(file);
+            }
+        }
+    }
+
+    let existing_flame_groups = sqlx::query!(
+        r#"
+        select id as "id: DBAttributionGroupId", flame_project
+        from project_attribution_groups
+        where project_id = $1 and flame_project is not null
+        "#,
+        project_id as DBProjectId,
+    )
+    .fetch_all(&mut *txn)
+    .await
+    .wrap_err("fetching existing flame attribution groups")?;
+
+    let mut existing_flame_group_ids = HashMap::new();
+    for group in existing_flame_groups {
+        if let Some(flame_project) = group
+            .flame_project
+            .and_then(|fp| serde_json::from_value::<FlameProject>(fp).ok())
+        {
+            existing_flame_group_ids.insert(flame_project.id, group.id);
+        }
+    }
+
+    for (file, external_license_id, status, link, flame_project) in
+        external_license_files
+    {
+        if let Some(group_id) = flame_project
+            .as_ref()
+            .and_then(|fp| existing_flame_group_ids.get(&fp.id))
+        {
+            sqlx::query!(
+                r#"
+                insert into project_attribution_files (group_id, name, sha1, moderation_external_license_id)
+                values ($1, $2, $3, $4)
+                on conflict (group_id, sha1) do update
+                set moderation_external_license_id = excluded.moderation_external_license_id
+                "#,
+                *group_id as DBAttributionGroupId,
+                &file.path,
+                &file.sha1.as_bytes().to_vec() as &[u8],
+                external_license_id,
+            )
+            .execute(&mut *txn)
+            .await
+            .wrap_err("inserting external license attribution file into existing flame group")?;
+
+            continue;
+        }
+
+        let attribution = default_external_license_attribution(status, link);
+        let flame_project =
+            flame_project.and_then(|fp| serde_json::to_value(fp).ok());
+        let group_id = generate_attribution_group_id(&mut *txn).await?;
+        sqlx::query!(
+			"
+            insert into project_attribution_groups (id, project_id, attribution, flame_project)
+            values ($1, $2, $3, $4)
+            ",
+			group_id as DBAttributionGroupId,
+			project_id as DBProjectId,
+			attribution,
+			flame_project,
+		)
+        .execute(&mut *txn)
+        .await
+        .wrap_err("inserting external license attribution group")?;
+
+        sqlx::query!(
+            r#"
+            insert into project_attribution_files (group_id, name, sha1, moderation_external_license_id)
+            values ($1, $2, $3, $4)
+            on conflict (group_id, sha1) do update
+            set moderation_external_license_id = excluded.moderation_external_license_id
+            "#,
+            group_id as DBAttributionGroupId,
+            &file.path,
+            &file.sha1.as_bytes().to_vec() as &[u8],
+            external_license_id,
+        )
+        .execute(&mut *txn)
+        .await
+        .wrap_err("inserting external license attribution file")?;
+    }
+
+    for (flame_project_id, (files, resolution)) in &flame_groups {
+        let group_id = if let Some(group_id) =
+            existing_flame_group_ids.get(flame_project_id)
+        {
+            *group_id
+        } else {
+            let fp = resolution
+                .and_then(|r| {
+                    if let OverrideResolution::Flame(flame_project) = r {
+                        Some(serde_json::to_value(flame_project).ok())
+                    } else {
+                        None
+                    }
+                })
+                .flatten();
+
+            let id = generate_attribution_group_id(&mut *txn).await?;
+            sqlx::query!(
+                "
+                insert into project_attribution_groups (id, project_id, flame_project)
+                values ($1, $2, $3)
+                ",
+                id as DBAttributionGroupId,
+                project_id as DBProjectId,
+                fp,
+            )
+            .execute(&mut *txn)
+            .await
+            .wrap_err("inserting attribution group")?;
+            existing_flame_group_ids.insert(*flame_project_id, id);
+            id
+        };
+
+        let names: Vec<String> = files.iter().map(|f| f.path.clone()).collect();
+        let sha1s: Vec<Vec<u8>> =
+            files.iter().map(|f| f.sha1.as_bytes().to_vec()).collect();
+
+        sqlx::query!(
+            r#"
+            insert into project_attribution_files (group_id, name, sha1)
+            select $1, unnest($2::text[]), unnest($3::bytea[])
+            on conflict (group_id, sha1) do nothing
+            "#,
+            group_id as DBAttributionGroupId,
+            &names,
+            &sha1s,
+        )
+        .execute(&mut *txn)
+        .await
+        .wrap_err("inserting attribution files")?;
+    }
+
+    for file in &unknown_files {
+        let group_id = generate_attribution_group_id(&mut *txn).await?;
+        sqlx::query!(
+            "
+            insert into project_attribution_groups (id, project_id)
+            values ($1, $2)
+            ",
+            group_id as DBAttributionGroupId,
+            project_id as DBProjectId,
+        )
+        .execute(&mut *txn)
+        .await
+        .wrap_err("inserting unknown attribution group")?;
+
+        sqlx::query!(
+            r#"
+            insert into project_attribution_files (group_id, name, sha1)
+            values ($1, $2, $3)
+            on conflict (group_id, sha1) do nothing
+            "#,
+            group_id as DBAttributionGroupId,
+            &file.path,
+            &file.sha1.as_bytes().to_vec() as &[u8],
+        )
+        .execute(&mut *txn)
+        .await
+        .wrap_err("inserting unknown attribution file")?;
+    }
+
+    if !all_sha1s.is_empty() {
+        sqlx::query!(
+            "
+            insert into override_file_sources (sha1, file_id)
+            select unnest($1::bytea[]), $2
+            on conflict do nothing
+            ",
+            &all_sha1s,
+            file_id as DBFileId,
+        )
+        .execute(&mut *txn)
+        .await
+        .wrap_err("inserting override file sources")?;
+    }
+
+    Ok(())
+}
+
+fn default_external_license_attribution(
+    status: ApprovalType,
+    link: Option<String>,
+) -> Option<serde_json::Value> {
+    match status {
+        ApprovalType::Yes
+        | ApprovalType::WithAttributionAndSource
+        | ApprovalType::WithAttribution => link
+            .and_then(|link| url::Url::parse(&link).ok())
+            .and_then(|link_to_work| {
+                serde_json::to_value(AttributionResolution {
+                    kind: AttributionResolutionKind::GloballyAllowed {
+                        link_to_work,
+                    },
+                    moderation_status: None,
+                    updated_by_moderator: false,
+                    notes: String::new(),
+                    image_urls: Vec::new(),
+                })
+                .ok()
+            }),
+        ApprovalType::No => {
+            let link_to_work =
+                link.and_then(|link| url::Url::parse(&link).ok());
+
+            serde_json::to_value(AttributionResolution {
+                kind: AttributionResolutionKind::NoPermission { link_to_work },
+                moderation_status: None,
+                updated_by_moderator: false,
+                notes: String::new(),
+                image_urls: Vec::new(),
+            })
+            .ok()
+        }
+        ApprovalType::PermanentNo | ApprovalType::Unidentified => None,
+    }
+}
+
+async fn resolve_overrides(
+    overrides: &[OverrideFile],
+    redis: &RedisPool,
+    txn: &mut PgTransaction<'_>,
+) -> Result<HashMap<String, OverrideResolution>> {
+    let mut results: HashMap<String, OverrideResolution> = HashMap::new();
+    let mut remaining: Vec<usize> = (0..overrides.len()).collect();
+
+    if overrides.is_empty() {
+        return Ok(results);
+    }
+
+    let hashes: Vec<String> =
+        overrides.iter().map(|x| x.sha1.clone()).collect();
+    let files = DBVersion::get_files_from_hash(
+        "sha1".to_string(),
+        &hashes,
+        &mut *txn,
+        redis,
+    )
+    .await
+    .wrap_err("fetching files on platform by hash")?;
+
+    let version_ids: Vec<_> = files.iter().map(|x| x.version_id).collect();
+    let versions_data = DBVersion::get_many(&version_ids, &mut *txn, redis)
+        .await
+        .wrap_err("fetching versions")?;
+
+    for file in &files {
+        if !versions_data.iter().any(|v| v.inner.id == file.version_id) {
+            continue;
+        }
+
+        if let Some(hash) = file.hashes.get("sha1")
+            && let Some(pos) =
+                remaining.iter().position(|i| overrides[*i].sha1 == *hash)
+        {
+            let idx = remaining.remove(pos);
+            results.insert(
+                overrides[idx].sha1.clone(),
+                OverrideResolution::OnModrinth,
+            );
+        }
+    }
+
+    if remaining.is_empty() {
+        return Ok(results);
+    }
+
+    let rows = sqlx::query!(
+		"
+        SELECT encode(mef.sha1, 'escape') sha1, mel.id, mel.status status, mel.link
+        FROM moderation_external_files mef
+        INNER JOIN moderation_external_licenses mel ON mef.external_license_id = mel.id
+        WHERE mef.sha1 = ANY($1)
+        ",
+        &remaining
+            .iter()
+            .map(|i| overrides[*i].sha1.as_bytes().to_vec())
+            .collect::<Vec<_>>()
+    )
+    .fetch_all(&mut *txn)
+	.await
+	.wrap_err("fetching external file licenses")?;
+
+    let mut direct_external_licenses = HashMap::new();
+    for row in rows {
+        if let Some(sha1) = row.sha1 {
+            direct_external_licenses.insert(
+                sha1,
+                (
+                    row.id,
+                    ApprovalType::from_string(&row.status)
+                        .unwrap_or(ApprovalType::Unidentified),
+                    row.link,
+                ),
+            );
+        }
+    }
+
+    let fingerprints: Vec<u32> =
+        remaining.iter().map(|i| overrides[*i].murmur2).collect();
+    let res = HTTP_CLIENT
+        .post(format!("{}/v1/fingerprints", ENV.FLAME_ANVIL_URL))
+        .json(&serde_json::json!({
+            "fingerprints": fingerprints
+        }))
+        .send()
+        .await;
+
+    if let Err(e) = &res {
+        warn!("Flame fingerprint request failed: {e}");
+    }
+
+    if let Ok(res) = res {
+        let body = res
+            .text()
+            .await
+            .wrap_err("reading Flame fingerprint response")?;
+
+        let flame_files: Vec<_> =
+            serde_json::from_str::<FlameResponse<FingerprintResponse>>(&body)
+                .ok()
+                .map(|x| {
+                    x.data
+                        .exact_matches
+                        .into_iter()
+                        .map(|m| m.file)
+                        .collect::<Vec<_>>()
+                })
+                .unwrap_or_default();
+
+        let mut flame_matches: Vec<(String, u32)> = Vec::new();
+        for flame_file in &flame_files {
+            if let Some(hash) = flame_file
+                .hashes
+                .iter()
+                .find(|x| x.algo == 1)
+                .map(|x| x.value.clone())
+            {
+                flame_matches.push((hash, flame_file.mod_id));
+            }
+        }
+
+        let project_license_rows = sqlx::query!(
+            "
+            SELECT mel.id, mel.flame_project_id, mel.status status, mel.link
+            FROM moderation_external_licenses mel
+            WHERE mel.flame_project_id = ANY($1)
+            ",
+            &flame_matches.iter().map(|x| x.1 as i32).collect::<Vec<_>>()
+        )
+        .fetch_all(&mut *txn)
+        .await
+        .wrap_err("fetching Flame project licenses")?;
+
+        let mut project_external_licenses = HashMap::new();
+        for row in project_license_rows {
+            if let Some(flame_project_id) = row.flame_project_id {
+                project_external_licenses.insert(
+                    flame_project_id as u32,
+                    (
+                        row.id,
+                        ApprovalType::from_string(&row.status)
+                            .unwrap_or(ApprovalType::Unidentified),
+                        row.link,
+                    ),
+                );
+            }
+        }
+
+        let flame_projects_res = HTTP_CLIENT
+            .post(format!("{}/v1/mods", ENV.FLAME_ANVIL_URL))
+            .json(&serde_json::json!({
+                "modIds": flame_matches.iter().map(|x| x.1).collect::<Vec<_>>()
+            }))
+            .send()
+            .await;
+
+        let flame_projects = match flame_projects_res {
+            Ok(res) => res
+                .text()
+                .await
+                .ok()
+                .and_then(|t| {
+                    serde_json::from_str::<
+                        FlameResponse<
+                            Vec<crate::queue::moderation::FlameProjectResponse>,
+                        >,
+                    >(&t)
+                    .ok()
+                })
+                .map(|x| x.data)
+                .unwrap_or_default(),
+            Err(e) => {
+                warn!("Flame projects request failed: {e}");
+                Vec::new()
+            }
+        };
+        let mut flame_project_metadata = HashMap::new();
+        for project in flame_projects {
+            if flame_project_url_is_not_found(&project.links.website_url).await
+            {
+                info!(
+                    "Flame project {} at {:?} returned 404, ignoring",
+                    project.id, project.links.website_url,
+                );
+                continue;
+            }
+
+            flame_project_metadata.insert(
+                project.id,
+                FlameProject {
+                    id: project.id,
+                    title: project.name,
+                    url: project.links.website_url,
+                    icon_url: project.logo.thumbnail_url,
+                },
+            );
+        }
+
+        let mut insert_hashes = Vec::new();
+        let mut insert_filenames = Vec::new();
+        let mut insert_ids = Vec::new();
+
+        for (sha1, flame_project_id) in &flame_matches {
+            if let Some(remaining_pos) =
+                remaining.iter().position(|i| overrides[*i].sha1 == *sha1)
+            {
+                let idx = remaining.remove(remaining_pos);
+                let flame_project =
+                    flame_project_metadata.get(flame_project_id).cloned();
+
+                if let Some((id, status, link)) =
+                    direct_external_licenses.remove(&overrides[idx].sha1)
+                {
+                    results.insert(
+                        overrides[idx].sha1.clone(),
+                        OverrideResolution::ExternalLicense {
+                            id,
+                            status,
+                            link,
+                            flame_project,
+                        },
+                    );
+                } else if let Some((id, status, link)) =
+                    project_external_licenses.get(flame_project_id)
+                {
+                    results.insert(
+                        overrides[idx].sha1.clone(),
+                        OverrideResolution::ExternalLicense {
+                            id: *id,
+                            status: *status,
+                            link: link.clone(),
+                            flame_project,
+                        },
+                    );
+
+                    insert_hashes.push(overrides[idx].sha1.as_bytes().to_vec());
+                    insert_filenames.push(Some(overrides[idx].path.clone()));
+                    insert_ids.push(*id);
+                } else if let Some(flame_project) = flame_project {
+                    results.insert(
+                        overrides[idx].sha1.clone(),
+                        OverrideResolution::Flame(flame_project),
+                    );
+                }
+            }
+        }
+
+        if !insert_hashes.is_empty() {
+            ExternalLicense::insert_files(
+                &mut *txn,
+                &insert_hashes,
+                &insert_filenames,
+                &insert_ids,
+                DBUserId(0),
+            )
+            .await
+            .wrap_err("inserting external license files")?;
+        }
+    }
+
+    remaining.retain(|idx| {
+        if let Some((id, status, link)) =
+            direct_external_licenses.remove(&overrides[*idx].sha1)
+        {
+            results.insert(
+                overrides[*idx].sha1.clone(),
+                OverrideResolution::ExternalLicense {
+                    id,
+                    status,
+                    link,
+                    flame_project: None,
+                },
+            );
+            false
+        } else {
+            true
+        }
+    });
+
+    for idx in remaining {
+        results
+            .insert(overrides[idx].sha1.clone(), OverrideResolution::Unknown);
+    }
+
+    Ok(results)
+}
+
+async fn flame_project_url_is_not_found(url: &str) -> bool {
+    match HTTP_CLIENT.get(url).send().await {
+        Ok(response) => response.status() == reqwest::StatusCode::NOT_FOUND,
+        Err(err) => {
+            warn!("Flame project URL check failed for {url}: {err}");
+            false
+        }
+    }
+}
+
+fn hash_flame_murmur32(input: Vec<u8>) -> u32 {
+    murmur2::murmur2(
+        &input
+            .into_iter()
+            .filter(|x| *x != 9 && *x != 10 && *x != 13 && *x != 32)
+            .collect::<Vec<u8>>(),
+        1,
+    )
+}
+
+pub async fn get_files_missing_attribution<'a, E>(
+    exec: E,
+    version_ids: &[DBVersionId],
+) -> Result<
+    std::collections::HashMap<
+        DBVersionId,
+        Vec<(DBFileId, Option<FlameProject>)>,
+    >,
+>
+where
+    E: sqlx::Executor<'a, Database = sqlx::Postgres>,
+{
+    if version_ids.is_empty() {
+        return Ok(std::collections::HashMap::new());
+    }
+
+    let rows = sqlx::query!(
+        r#"
+        select distinct f.version_id as "version_id: DBVersionId", f.id as "file_id: DBFileId",
+            pag.flame_project
+        from files f
+        inner join attribution_enforced_versions aev on aev.id = f.version_id
+        inner join versions v on v.id = f.version_id
+        inner join override_file_sources ofs on ofs.file_id = f.id
+        inner join project_attribution_files paf on paf.sha1 = ofs.sha1
+        inner join project_attribution_groups pag on pag.id = paf.group_id
+        where f.version_id = ANY($1)
+          and pag.project_id = v.mod_id
+          and (
+            pag.attribution is null
+            or pag.attribution->>'kind' = 'no_permission'
+            or coalesce(
+              pag.attribution->'moderation_status'->>'kind',
+              'approved'
+            ) != 'approved'
+          )
+        "#,
+        &version_ids.iter().map(|v| v.0).collect::<Vec<_>>(),
+    )
+    .fetch_all(exec)
+    .await
+    .wrap_err("fetching files missing attribution")?;
+
+    let mut result = std::collections::HashMap::new();
+    for row in rows {
+        let flame_project = row
+            .flame_project
+            .and_then(|v| serde_json::from_value(v).ok());
+        result
+            .entry(row.version_id)
+            .or_insert_with(Vec::new)
+            .push((row.file_id, flame_project));
+    }
+
+    Ok(result)
+}
+
+pub struct DependencyAttributionData {
+    pub attribution: DependencyAttribution,
+}
+
+pub async fn get_dependency_attributions<'a, E>(
+    exec: E,
+    version_ids: &[DBVersionId],
+) -> Result<HashMap<i32, DependencyAttributionData>>
+where
+    E: sqlx::Executor<'a, Database = sqlx::Postgres>,
+{
+    if version_ids.is_empty() {
+        return Ok(HashMap::new());
+    }
+
+    let version_ids_vec: Vec<_> = version_ids.iter().map(|v| v.0).collect();
+
+    let rows = sqlx::query!(
+        r#"
+        select
+            d.id as "dependency_id!",
+            pag.attribution,
+            pag.flame_project,
+            pag.project_id as "project_id: DBProjectId"
+        from dependencies d
+        inner join files f on f.version_id = d.dependent_id
+        inner join attribution_enforced_versions aev on aev.id = f.version_id
+        inner join versions v on v.id = f.version_id
+        inner join override_file_sources ofs on ofs.file_id = f.id
+        inner join project_attribution_files paf on paf.sha1 = ofs.sha1
+        inner join project_attribution_groups pag on pag.id = paf.group_id
+        where d.dependent_id = ANY($1)
+          and pag.project_id = v.mod_id
+          and d.dependency_file_name is not null
+          and (
+            pag.flame_project is not null
+            or pag.attribution is not null
+          )
+          and split_part(paf.name, '/', -1) = d.dependency_file_name
+        "#,
+        &version_ids_vec,
+    )
+    .fetch_all(exec)
+    .await
+    .wrap_err("fetching dependency attributions")?;
+
+    let mut result = HashMap::new();
+    for row in rows {
+        let attribution: Option<AttributionResolution> =
+            row.attribution.and_then(|v| serde_json::from_value(v).ok());
+
+        let flame_project: Option<FlameProject> = row
+            .flame_project
+            .and_then(|v| serde_json::from_value(v).ok());
+
+        let resolution = attribution.map(|a| a.kind);
+
+        result.insert(
+            row.dependency_id,
+            DependencyAttributionData {
+                attribution: DependencyAttribution {
+                    flame_project,
+                    resolution,
+                },
+            },
+        );
+    }
+
+    Ok(result)
+}
diff --git a/apps/labrinth/src/queue/mod.rs b/apps/labrinth/src/queue/mod.rs
index 666670dc0b..0d7dcb273b 100644
--- a/apps/labrinth/src/queue/mod.rs
+++ b/apps/labrinth/src/queue/mod.rs
@@ -1,6 +1,7 @@
 pub mod analytics;
 pub mod billing;
 pub mod email;
+pub mod file_scan;
 pub mod moderation;
 pub mod payouts;
 pub mod server_ping;
diff --git a/apps/labrinth/src/queue/moderation.rs b/apps/labrinth/src/queue/moderation.rs
index 7d852f4eb3..48f55a6c06 100644
--- a/apps/labrinth/src/queue/moderation.rs
+++ b/apps/labrinth/src/queue/moderation.rs
@@ -570,7 +570,7 @@ impl AutomatedModerationQueue {
                                             Vec::new()
                                         } else {
                                             let res = client
-                                                .post(format!("{}v1/mods", ENV.FLAME_ANVIL_URL))
+                                                .post(format!("{}/v1/mods", ENV.FLAME_ANVIL_URL))
                                             .json(&serde_json::json!({
                                                 "modIds": flame_files.iter().map(|x| x.1).collect::<Vec<_>>()
                                             }))
@@ -579,7 +579,7 @@ impl AutomatedModerationQueue {
                                             .text()
                                             .await?;
 
-                                        serde_json::from_str::<FlameResponse<Vec<FlameProject>>>(&res)?.data
+                                        serde_json::from_str::<FlameResponse<Vec<FlameProjectResponse>>>(&res)?.data
                                     };
 
                                     let mut missing_metadata = MissingMetadata {
@@ -823,7 +823,7 @@ pub enum ApprovalType {
 }
 
 impl ApprovalType {
-    fn approved(&self) -> bool {
+    pub fn approved(&self) -> bool {
         match self {
             ApprovalType::Yes => true,
             ApprovalType::WithAttributionAndSource => true,
@@ -896,11 +896,18 @@ pub struct FlameFileHash {
 
 #[derive(Deserialize, Serialize)]
 #[serde(rename_all = "camelCase")]
-pub struct FlameProject {
+pub struct FlameProjectResponse {
     pub id: u32,
     pub name: String,
     pub slug: String,
     pub links: FlameLinks,
+    pub logo: FlameLogo,
+}
+
+#[derive(Deserialize, Serialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FlameLogo {
+    pub thumbnail_url: String,
 }
 
 #[derive(Deserialize, Serialize)]
diff --git a/apps/labrinth/src/routes/internal/attribution.rs b/apps/labrinth/src/routes/internal/attribution.rs
new file mode 100644
index 0000000000..38555da299
--- /dev/null
+++ b/apps/labrinth/src/routes/internal/attribution.rs
@@ -0,0 +1,863 @@
+use actix_web::{HttpRequest, get, patch, post, web};
+use chrono::{DateTime, Utc};
+use eyre::eyre;
+use serde::{Deserialize, Serialize};
+
+use crate::auth::get_user_from_headers;
+use crate::database::PgPool;
+use crate::database::models::{
+    DBOrganization, DBTeamMember,
+    ids::{
+        DBAttributionGroupId, DBProjectId, DBVersionId,
+        generate_attribution_group_id,
+    },
+};
+use crate::database::redis::RedisPool;
+use crate::models::ids::{ProjectId, VersionId};
+use crate::models::pats::Scopes;
+use crate::models::projects::{
+    AttributionModerationStatusKind, AttributionResolution,
+    AttributionResolutionKind, FlameProject,
+};
+use crate::models::teams::ProjectPermissions;
+use crate::models::users::User;
+use crate::queue::moderation::ApprovalType;
+use crate::queue::session::AuthQueue;
+use crate::routes::ApiError;
+use crate::util::error::Context;
+
+pub fn config(cfg: &mut utoipa_actix_web::service_config::ServiceConfig) {
+    cfg.service(list)
+        .service(update_group)
+        .service(scan)
+        .service(assign)
+        .service(split);
+}
+
+#[derive(Serialize)]
+struct AttributionGroupResponse {
+    id: crate::models::ids::AttributionGroupId,
+    flame_project: Option<FlameProject>,
+    attribution: Option<crate::models::projects::AttributionResolution>,
+    attributed_at: Option<chrono::DateTime<chrono::Utc>>,
+    attributed_by: Option<ariadne::ids::UserId>,
+    files: Vec<AttributionFileResponse>,
+    versions: Vec<VersionInfo>,
+}
+
+#[derive(Clone, Serialize)]
+struct VersionInfo {
+    id: VersionId,
+    name: String,
+    version_number: String,
+    date_created: chrono::DateTime<chrono::Utc>,
+}
+
+#[derive(Serialize)]
+struct AttributionFileResponse {
+    name: String,
+    sha1: String,
+    versions: Vec<VersionId>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    moderation_external_license_id: Option<i64>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    moderation_external_license: Option<ModerationExternalLicenseResponse>,
+}
+
+#[derive(Clone, Serialize)]
+struct ModerationExternalLicenseResponse {
+    id: i64,
+    title: Option<String>,
+    status: ApprovalType,
+    link: Option<String>,
+    exceptions: Option<String>,
+    proof: Option<String>,
+    flame_project_id: Option<i32>,
+    inserted_at: Option<DateTime<Utc>>,
+    inserted_by: Option<i64>,
+    updated_at: Option<DateTime<Utc>>,
+    updated_by: Option<i64>,
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+struct ScanBody {
+    version_ids: Vec<VersionId>,
+}
+
+#[derive(Serialize, utoipa::ToSchema)]
+struct ScanResponse {
+    queued_files: u64,
+}
+
+#[utoipa::path]
+#[post("/scan")]
+async fn scan(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    web::Json(body): web::Json<ScanBody>,
+) -> Result<web::Json<ScanResponse>, ApiError> {
+    let user = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::VERSION_WRITE,
+    )
+    .await?
+    .1;
+
+    let mut version_ids: Vec<i64> = body
+        .version_ids
+        .into_iter()
+        .map(|id| DBVersionId::from(id).0)
+        .collect();
+    version_ids.sort_unstable();
+    version_ids.dedup();
+
+    if version_ids.is_empty() {
+        return Ok(web::Json(ScanResponse { queued_files: 0 }));
+    }
+
+    let versions = sqlx::query!(
+        r#"
+		select
+			id as "id: DBVersionId",
+			mod_id as "project_id: DBProjectId"
+		from versions
+		where id = any($1)
+		"#,
+        &version_ids,
+    )
+    .fetch_all(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to fetch versions for attribution scan")?;
+
+    if versions.len() != version_ids.len() {
+        return Err(ApiError::NotFound);
+    }
+
+    let mut project_ids: Vec<DBProjectId> =
+        versions.iter().map(|version| version.project_id).collect();
+    project_ids.sort_unstable_by_key(|id| id.0);
+    project_ids.dedup_by_key(|id| id.0);
+
+    for project_id in project_ids {
+        ensure_can_upload_versions_to_project(
+            pool.as_ref(),
+            project_id,
+            &user,
+            "you do not have permission to upload versions to this project",
+        )
+        .await?;
+    }
+
+    let result = sqlx::query!(
+        r#"
+		insert into file_scans (file_id)
+		select f.id
+		from files f
+		inner join attribution_enforced_versions aev on aev.id = f.version_id
+		where f.version_id = any($1)
+		on conflict (file_id) do nothing
+		"#,
+        &version_ids,
+    )
+    .execute(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to queue version files for attribution scan")?;
+
+    Ok(web::Json(ScanResponse {
+        queued_files: result.rows_affected(),
+    }))
+}
+
+#[utoipa::path]
+#[get("/{project_id}")]
+async fn list(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    path: web::Path<ProjectId>,
+) -> Result<web::Json<Vec<AttributionGroupResponse>>, ApiError> {
+    let project_id: DBProjectId = path.into_inner().into();
+    let requester_is_mod = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_READ,
+    )
+    .await
+    .ok()
+    .is_some_and(|(_, user)| user.role.is_mod());
+
+    let groups = sqlx::query!(
+        r#"
+		select
+			g.id as "id: DBAttributionGroupId",
+			g.flame_project,
+			g.attribution,
+			g.attributed_at,
+			g.attributed_by as "attributed_by: i64"
+		from project_attribution_groups g
+		where g.project_id = $1
+		"#,
+        project_id as DBProjectId,
+    )
+    .fetch_all(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to fetch attribution groups")?;
+
+    let group_ids: Vec<i64> = groups.iter().map(|g| g.id.0).collect();
+
+    let files = if group_ids.is_empty() {
+        Vec::new()
+    } else {
+        sqlx::query!(
+            r#"
+			select
+				paf.group_id as "group_id!",
+				paf.name as "name!",
+				convert_from(paf.sha1, 'UTF8') as "sha1!",
+				paf.moderation_external_license_id,
+				coalesce(array_agg(distinct aev.id) filter (where aev.id is not null), '{}') as "version_ids!: Vec<i64>"
+			from project_attribution_files paf
+			left join override_file_sources ofs on ofs.sha1 = paf.sha1
+			left join files f on f.id = ofs.file_id
+			left join versions v on v.id = f.version_id and v.mod_id = $2
+			left join attribution_enforced_versions aev on aev.id = v.id
+			where paf.group_id = ANY($1)
+			group by paf.group_id, paf.name, paf.sha1, paf.moderation_external_license_id
+			"#,
+            &group_ids,
+            project_id as DBProjectId,
+        )
+        .fetch_all(pool.as_ref())
+        .await
+        .wrap_internal_err("failed to fetch attribution group files")?
+    };
+
+    let moderation_external_licenses = if requester_is_mod {
+        let mut ids: Vec<i64> = files
+            .iter()
+            .filter_map(|f| f.moderation_external_license_id)
+            .collect();
+        ids.sort_unstable();
+        ids.dedup();
+
+        if ids.is_empty() {
+            std::collections::HashMap::new()
+        } else {
+            sqlx::query!(
+                r#"
+				select
+					id,
+					title,
+					status,
+					link,
+					exceptions,
+					proof,
+					flame_project_id,
+					inserted_at,
+					inserted_by,
+					updated_at,
+					updated_by
+				from moderation_external_licenses
+				where id = ANY($1)
+				"#,
+                &ids,
+            )
+            .fetch_all(pool.as_ref())
+            .await
+            .wrap_internal_err("failed to fetch moderation external licenses")?
+            .into_iter()
+            .map(|row| {
+                (
+                    row.id,
+                    ModerationExternalLicenseResponse {
+                        id: row.id,
+                        title: row.title,
+                        status: ApprovalType::from_string(&row.status)
+                            .unwrap_or(ApprovalType::Unidentified),
+                        link: row.link,
+                        exceptions: row.exceptions,
+                        proof: row.proof,
+                        flame_project_id: row.flame_project_id,
+                        inserted_at: row.inserted_at,
+                        inserted_by: row.inserted_by,
+                        updated_at: row.updated_at,
+                        updated_by: row.updated_by,
+                    },
+                )
+            })
+            .collect()
+        }
+    } else {
+        std::collections::HashMap::new()
+    };
+
+    let mut all_version_ids: Vec<i64> = files
+        .iter()
+        .flat_map(|f| f.version_ids.iter().copied())
+        .collect();
+    all_version_ids.sort_unstable();
+    all_version_ids.dedup();
+
+    let version_infos = if all_version_ids.is_empty() {
+        Vec::new()
+    } else {
+        let rows = sqlx::query!(
+            "
+			select id, name, version_number, date_published
+			from versions
+			where id = ANY($1)
+			order by date_published desc
+			",
+            &all_version_ids,
+        )
+        .fetch_all(pool.as_ref())
+        .await
+        .wrap_internal_err("failed to fetch attribution group versions")?;
+        rows.into_iter()
+            .map(|v| VersionInfo {
+                id: VersionId(v.id as u64),
+                name: v.name,
+                version_number: v.version_number,
+                date_created: v.date_published,
+            })
+            .collect()
+    };
+    let version_order = version_infos
+        .iter()
+        .enumerate()
+        .map(|(index, version)| (version.id, index))
+        .collect::<std::collections::HashMap<_, _>>();
+
+    let mut result = Vec::new();
+    for group in groups {
+        let group_files: Vec<AttributionFileResponse> = files
+            .iter()
+            .filter(|f| f.group_id == group.id.0)
+            .map(|f| AttributionFileResponse {
+                name: f.name.clone(),
+                sha1: f.sha1.clone(),
+                moderation_external_license_id: if requester_is_mod {
+                    f.moderation_external_license_id
+                } else {
+                    None
+                },
+                moderation_external_license: if requester_is_mod {
+                    f.moderation_external_license_id.and_then(|id| {
+                        moderation_external_licenses.get(&id).cloned()
+                    })
+                } else {
+                    None
+                },
+                versions: {
+                    let mut versions: Vec<_> = f
+                        .version_ids
+                        .iter()
+                        .copied()
+                        .map(|id| VersionId(id as u64))
+                        .collect();
+                    versions.sort_by_key(|id| {
+                        version_order.get(id).copied().unwrap_or(usize::MAX)
+                    });
+                    versions
+                },
+            })
+            .collect();
+        let group_version_ids = group_files
+            .iter()
+            .flat_map(|file| file.versions.iter().copied())
+            .collect::<std::collections::HashSet<_>>();
+        let group_versions = version_infos
+            .iter()
+            .filter(|version| group_version_ids.contains(&version.id))
+            .cloned()
+            .collect();
+
+        let mut attribution = group.attribution.and_then(|v| {
+            serde_json::from_value::<AttributionResolution>(v).ok()
+        });
+        if let Some(moderation_status) = attribution
+            .as_mut()
+            .and_then(|a| a.moderation_status.as_mut())
+            && !requester_is_mod
+        {
+            moderation_status.moderated_by = None;
+        }
+        let attributed_by = if attribution
+            .as_ref()
+            .is_some_and(|attribution| attribution.updated_by_moderator)
+            && !requester_is_mod
+        {
+            None
+        } else {
+            group
+                .attributed_by
+                .map(|id| ariadne::ids::UserId(id as u64))
+        };
+
+        result.push(AttributionGroupResponse {
+            id: group.id.into(),
+            flame_project: group
+                .flame_project
+                .and_then(|v| serde_json::from_value(v).ok()),
+            attribution,
+            attributed_at: group.attributed_at,
+            attributed_by,
+            files: group_files,
+            versions: group_versions,
+        });
+    }
+
+    Ok(web::Json(result))
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+struct UpdateGroupBody {
+    attribution: AttributionResolution,
+}
+
+#[utoipa::path]
+#[patch("/group/{group_id}")]
+async fn update_group(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    path: web::Path<i64>,
+    web::Json(body): web::Json<UpdateGroupBody>,
+) -> Result<(), ApiError> {
+    let group_id = path.into_inner();
+    let user = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::VERSION_WRITE,
+    )
+    .await?
+    .1;
+
+    if !can_edit_attribution_group(pool.as_ref(), group_id, &user).await? {
+        return Err(ApiError::CustomAuthentication(
+            "This attribution group cannot be edited".to_string(),
+        ));
+    }
+
+    if matches!(
+        body.attribution.kind,
+        AttributionResolutionKind::GloballyAllowed { .. }
+    ) && !user.role.is_mod()
+    {
+        return Err(ApiError::CustomAuthentication(
+            "Only moderators can set globally allowed attributions".to_string(),
+        ));
+    }
+
+    if body.attribution.moderation_status.is_some() && !user.role.is_mod() {
+        return Err(ApiError::CustomAuthentication(
+            "Only moderators can set attribution moderation status".to_string(),
+        ));
+    }
+
+    let mut attribution = body.attribution;
+    attribution.updated_by_moderator = user.role.is_mod();
+    if let Some(moderation_status) = &mut attribution.moderation_status {
+        moderation_status.moderated_at = Some(Utc::now());
+        moderation_status.moderated_by = Some(user.id);
+    }
+
+    let result = sqlx::query!(
+        "
+		update project_attribution_groups
+		set attribution = $1, attributed_at = now(), attributed_by = $3
+		where id = $2
+		",
+        &serde_json::to_value(&attribution).unwrap_or_default(),
+        group_id,
+        user.id.0 as i64,
+    )
+    .execute(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to update attribution group")?;
+
+    if result.rows_affected() == 0 {
+        return Err(ApiError::NotFound);
+    }
+
+    Ok(())
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+struct AssignBody {
+    sha1: String,
+    target_group_id: i64,
+    project_id: ProjectId,
+}
+
+#[utoipa::path]
+#[post("/assign")]
+async fn assign(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    web::Json(body): web::Json<AssignBody>,
+) -> Result<(), ApiError> {
+    let user = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::VERSION_WRITE,
+    )
+    .await?
+    .1;
+
+    let sha1 = body.sha1.trim().to_lowercase();
+    if hex_to_bytes(&sha1).is_none() {
+        return Err(ApiError::InvalidInput(
+            "invalid sha1 hex string".to_string(),
+        ));
+    }
+    let sha1_bytes = sha1.as_bytes().to_vec();
+    let project_id: DBProjectId = body.project_id.into();
+
+    let source_group_id = sqlx::query_scalar!(
+        "
+		select paf.group_id
+		from project_attribution_files paf
+		inner join project_attribution_groups pag on pag.id = paf.group_id
+		where paf.sha1 = $1 and pag.project_id = $2
+		",
+        &sha1_bytes,
+        project_id as DBProjectId,
+    )
+    .fetch_optional(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to fetch source attribution group")?
+    .ok_or(ApiError::NotFound)?;
+
+    let target_group_exists = sqlx::query_scalar!(
+        "
+		select exists(
+			select 1 from project_attribution_groups where id = $1 and project_id = $2
+		) as \"exists!\"
+		",
+        body.target_group_id,
+        project_id as DBProjectId,
+    )
+    .fetch_one(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to check target attribution group")?;
+
+    if !target_group_exists {
+        return Err(ApiError::NotFound);
+    }
+
+    if !can_edit_attribution_group(pool.as_ref(), source_group_id, &user)
+        .await?
+        || !can_edit_attribution_group(
+            pool.as_ref(),
+            body.target_group_id,
+            &user,
+        )
+        .await?
+    {
+        return Err(ApiError::CustomAuthentication(
+            "This attribution group cannot be edited".to_string(),
+        ));
+    }
+
+    let mut txn = pool.begin().await.wrap_internal_err(
+        "failed to begin attribution assignment transaction",
+    )?;
+
+    let result = sqlx::query!(
+        r#"
+		insert into project_attribution_files (
+			group_id,
+			name,
+			sha1,
+			moderation_external_license_id
+		)
+		select
+			$1,
+			paf.name,
+			paf.sha1,
+			paf.moderation_external_license_id
+		from project_attribution_files paf
+		inner join project_attribution_groups pag on pag.id = paf.group_id
+		where paf.sha1 = $2 and pag.project_id = $3
+		order by paf.moderation_external_license_id nulls last, paf.name
+		limit 1
+		on conflict (group_id, sha1) do update
+		set moderation_external_license_id = coalesce(
+			project_attribution_files.moderation_external_license_id,
+			excluded.moderation_external_license_id
+		)
+		"#,
+        body.target_group_id,
+        &sha1_bytes,
+        project_id as DBProjectId,
+    )
+    .execute(&mut txn)
+    .await
+    .wrap_internal_err("failed to insert assigned attribution file")?;
+
+    if result.rows_affected() == 0 {
+        return Err(ApiError::NotFound);
+    }
+
+    sqlx::query!(
+        r#"
+		delete from project_attribution_files paf
+		using project_attribution_groups pag
+		where pag.id = paf.group_id
+			and pag.project_id = $1
+			and paf.sha1 = $2
+			and paf.group_id != $3
+		"#,
+        project_id as DBProjectId,
+        &sha1_bytes,
+        body.target_group_id,
+    )
+    .execute(&mut txn)
+    .await
+    .wrap_internal_err("failed to remove old assigned attribution files")?;
+
+    txn.commit().await.wrap_internal_err(
+        "failed to commit attribution assignment transaction",
+    )?;
+
+    cleanup_empty_groups(pool.as_ref())
+        .await
+        .wrap_internal_err("failed to clean up empty attribution groups")?;
+
+    Ok(())
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+struct SplitBody {
+    sha1: String,
+    project_id: ProjectId,
+}
+
+#[utoipa::path]
+#[post("/split")]
+async fn split(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    web::Json(body): web::Json<SplitBody>,
+) -> Result<(), ApiError> {
+    let user = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::VERSION_WRITE,
+    )
+    .await?
+    .1;
+
+    let sha1 = body.sha1.trim().to_lowercase();
+    if hex_to_bytes(&sha1).is_none() {
+        return Err(ApiError::InvalidInput(
+            "invalid sha1 hex string".to_string(),
+        ));
+    }
+    let sha1_bytes = sha1.as_bytes().to_vec();
+    let project_id: DBProjectId = body.project_id.into();
+
+    let existing = sqlx::query!(
+        "
+		select paf.group_id, paf.name from project_attribution_files paf
+		inner join project_attribution_groups pag on pag.id = paf.group_id
+		where paf.sha1 = $1 and pag.project_id = $2
+		",
+        &sha1_bytes,
+        project_id as DBProjectId,
+    )
+    .fetch_optional(pool.as_ref())
+    .await
+    .wrap_internal_err("failed to fetch attribution file to split")?;
+
+    let Some(existing) = existing else {
+        return Err(ApiError::NotFound);
+    };
+
+    if !can_edit_attribution_group(pool.as_ref(), existing.group_id, &user)
+        .await?
+    {
+        return Err(ApiError::CustomAuthentication(
+            "This attribution group cannot be edited".to_string(),
+        ));
+    }
+
+    let mut txn = pool
+        .begin()
+        .await
+        .wrap_internal_err("failed to begin attribution split transaction")?;
+
+    let new_group_id = generate_attribution_group_id(&mut txn)
+        .await
+        .wrap_internal_err("failed to generate attribution group id")?;
+
+    sqlx::query!(
+        "
+		insert into project_attribution_groups (id, project_id)
+		values ($1, $2)
+		",
+        new_group_id as DBAttributionGroupId,
+        project_id as DBProjectId,
+    )
+    .execute(&mut txn)
+    .await
+    .wrap_internal_err("failed to insert split attribution group")?;
+
+    sqlx::query!(
+        "
+		update project_attribution_files
+		set group_id = $1
+		where sha1 = $2 and group_id = $3
+		",
+        new_group_id as DBAttributionGroupId,
+        &sha1_bytes,
+        existing.group_id,
+    )
+    .execute(&mut txn)
+    .await
+    .wrap_internal_err("failed to move attribution file to split group")?;
+
+    txn.commit()
+        .await
+        .wrap_internal_err("failed to commit attribution split transaction")?;
+
+    cleanup_empty_groups(pool.as_ref())
+        .await
+        .wrap_internal_err("failed to clean up empty attribution groups")?;
+
+    Ok(())
+}
+
+async fn can_edit_attribution_group(
+    pool: &PgPool,
+    group_id: i64,
+    user: &User,
+) -> Result<bool, ApiError> {
+    let group = sqlx::query!(
+        r#"
+		select attribution, project_id as "project_id: DBProjectId"
+		from project_attribution_groups
+		where id = $1
+		"#,
+        group_id,
+    )
+    .fetch_optional(pool)
+    .await
+    .wrap_internal_err("failed to fetch attribution group")?
+    .ok_or(ApiError::NotFound)?;
+
+    ensure_can_upload_versions_to_project(
+        pool,
+        group.project_id,
+        user,
+        "you do not have permission to edit this attribution group",
+    )
+    .await?;
+
+    let attribution: Option<AttributionResolution> = group
+        .attribution
+        .and_then(|value| serde_json::from_value(value).ok());
+
+    Ok(!matches!(
+        attribution
+            .and_then(|attribution| attribution.moderation_status)
+            .map(|status| status.kind),
+        Some(AttributionModerationStatusKind::NotAllowed)
+    ))
+}
+
+async fn ensure_can_upload_versions_to_project(
+    pool: &PgPool,
+    project_id: DBProjectId,
+    user: &User,
+    permission_error: &'static str,
+) -> Result<(), ApiError> {
+    if user.role.is_mod() {
+        return Ok(());
+    }
+
+    let team_member = DBTeamMember::get_from_user_id_project(
+        project_id,
+        user.id.into(),
+        false,
+        pool,
+    )
+    .await
+    .wrap_internal_err("failed to fetch project team member")?;
+
+    let organization = DBOrganization::get_associated_organization_project_id(
+        project_id, pool,
+    )
+    .await
+    .wrap_internal_err("failed to fetch associated organization")?;
+
+    let organization_team_member = if let Some(organization) = organization {
+        DBTeamMember::get_from_user_id(
+            organization.team_id,
+            user.id.into(),
+            pool,
+        )
+        .await
+        .wrap_internal_err("failed to fetch organization team member")?
+    } else {
+        None
+    };
+
+    let permissions = ProjectPermissions::get_permissions_by_role(
+        &user.role,
+        &team_member,
+        &organization_team_member,
+    )
+    .unwrap_or_default();
+
+    if !permissions.contains(ProjectPermissions::UPLOAD_VERSION) {
+        return Err(ApiError::Auth(eyre!(permission_error)));
+    }
+
+    Ok(())
+}
+
+async fn cleanup_empty_groups(pool: &PgPool) -> Result<(), ApiError> {
+    sqlx::query!(
+        "
+		delete from project_attribution_groups g
+		where not exists (
+			select 1 from project_attribution_files f where f.group_id = g.id
+		)
+		",
+    )
+    .execute(pool)
+    .await
+    .wrap_internal_err("failed to delete empty attribution groups")?;
+    Ok(())
+}
+
+fn hex_to_bytes(hex: &str) -> Option<Vec<u8>> {
+    if !hex.len().is_multiple_of(2) {
+        return None;
+    }
+    (0..hex.len())
+        .step_by(2)
+        .map(|i| u8::from_str_radix(&hex[i..i + 2], 16).ok())
+        .collect()
+}
diff --git a/apps/labrinth/src/routes/internal/flows.rs b/apps/labrinth/src/routes/internal/flows.rs
index 2945893401..7fe23ccb73 100644
--- a/apps/labrinth/src/routes/internal/flows.rs
+++ b/apps/labrinth/src/routes/internal/flows.rs
@@ -43,7 +43,6 @@ use serde::{Deserialize, Serialize};
 use sha2::Sha256;
 use std::collections::HashMap;
 use std::str::FromStr;
-use std::sync::Arc;
 use tracing::info;
 use validator::Validate;
 use zxcvbn::Score;
@@ -89,7 +88,7 @@ impl TempUser {
         provider: AuthProvider,
         transaction: &mut PgTransaction<'_>,
         client: &PgPool,
-        file_host: &Arc<dyn FileHost + Send + Sync>,
+        file_host: &dyn FileHost,
         redis: &RedisPool,
     ) -> Result<crate::database::models::DBUserId, AuthenticationError> {
         if let Some(email) = &self.email
@@ -156,7 +155,7 @@ impl TempUser {
                     ext,
                     Some(96),
                     Some(1.0),
-                    &**file_host,
+                    file_host,
                 )
                 .await;
 
@@ -1179,7 +1178,7 @@ pub async fn auth_callback(
     req: HttpRequest,
     Query(query): Query<HashMap<String, String>>,
     client: Data<PgPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     redis: Data<RedisPool>,
 ) -> Result<HttpResponse, crate::auth::templates::ErrorPage> {
     let state_string = query
@@ -1337,7 +1336,7 @@ pub async fn auth_callback(
                         provider,
                         &mut transaction,
                         &client,
-                        &file_host,
+                        &**file_host,
                         &redis,
                     )
                     .await?
diff --git a/apps/labrinth/src/routes/internal/mod.rs b/apps/labrinth/src/routes/internal/mod.rs
index afc19bfc86..5bc6531856 100644
--- a/apps/labrinth/src/routes/internal/mod.rs
+++ b/apps/labrinth/src/routes/internal/mod.rs
@@ -1,5 +1,6 @@
 pub mod admin;
 pub mod affiliate;
+pub mod attribution;
 pub mod billing;
 pub mod campaign;
 pub mod delphi;
@@ -107,5 +108,10 @@ pub fn utoipa_config(
         utoipa_actix_web::scope("/_internal/server-ping")
             .wrap(default_cors())
             .configure(server_ping::config),
+    )
+    .service(
+        utoipa_actix_web::scope("/_internal/attribution")
+            .wrap(default_cors())
+            .configure(attribution::config),
     );
 }
diff --git a/apps/labrinth/src/routes/internal/moderation/external_license.rs b/apps/labrinth/src/routes/internal/moderation/external_license.rs
index cbcf03b245..6ef567ee34 100644
--- a/apps/labrinth/src/routes/internal/moderation/external_license.rs
+++ b/apps/labrinth/src/routes/internal/moderation/external_license.rs
@@ -5,6 +5,8 @@ use chrono::{DateTime, Utc};
 use serde::{Deserialize, Serialize};
 
 use crate::database::PgPool;
+use crate::database::models::ids::DBUserId;
+use crate::database::models::moderation_external_item::ExternalLicense;
 use crate::database::redis::RedisPool;
 use crate::models::pats::Scopes;
 use crate::queue::moderation::ApprovalType;
@@ -14,7 +16,11 @@ use crate::{auth::check_is_moderator_from_headers, queue::session::AuthQueue};
 pub fn config(cfg: &mut utoipa_actix_web::service_config::ServiceConfig) {
     cfg.service(search)
         .service(get_by_sha1)
-        .service(update_license);
+        .service(get_by_sha1_bulk)
+        .service(lookup)
+        .service(update_license)
+        .service(add_file)
+        .service(reassign_file);
 }
 
 #[derive(Serialize, Deserialize, utoipa::ToSchema)]
@@ -43,6 +49,26 @@ pub struct LinkedFile {
 pub struct SearchRequest {
     pub title: Option<String>,
     pub flame_id: Option<i32>,
+    pub flame_ids: Option<Vec<i32>>,
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+pub struct HashLookupRequest {
+    pub hashes: Vec<String>,
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+pub struct ExternalLicenseLookupRequest {
+    #[serde(default)]
+    pub flame_ids: Vec<i32>,
+    #[serde(default)]
+    pub hashes: Vec<String>,
+}
+
+#[derive(Serialize, utoipa::ToSchema)]
+pub struct ExternalLicenseLookupResponse {
+    pub flame_ids: HashMap<i32, Vec<ExternalProject>>,
+    pub hashes: HashMap<String, ExternalProject>,
 }
 
 #[derive(Deserialize, utoipa::ToSchema)]
@@ -55,6 +81,32 @@ pub struct UpdateLicenseRequest {
     pub flame_project_id: Option<i32>,
 }
 
+#[derive(Deserialize, utoipa::ToSchema)]
+pub struct FileLicenseRequest {
+    pub hashes: Vec<String>,
+    pub license_id: LicenseId,
+}
+
+#[derive(Deserialize, utoipa::ToSchema)]
+#[serde(untagged)]
+pub enum LicenseId {
+    Number(i64),
+    String(String),
+}
+
+impl LicenseId {
+    fn parse(self) -> Result<i64, ApiError> {
+        match self {
+            LicenseId::Number(id) => Ok(id),
+            LicenseId::String(id) => id.parse().map_err(|_| {
+                ApiError::InvalidInput(
+                    "license_id must be a valid integer".to_string(),
+                )
+            }),
+        }
+    }
+}
+
 struct LicenseRow {
     id: i64,
     title: Option<String>,
@@ -69,6 +121,38 @@ struct LicenseRow {
     updated_by: Option<i64>,
 }
 
+struct LicenseHashRow {
+    hash: Vec<u8>,
+    id: i64,
+    title: Option<String>,
+    status: String,
+    link: Option<String>,
+    exceptions: Option<String>,
+    proof: Option<String>,
+    flame_project_id: Option<i32>,
+    inserted_at: Option<DateTime<Utc>>,
+    inserted_by: Option<i64>,
+    updated_at: Option<DateTime<Utc>>,
+    updated_by: Option<i64>,
+}
+
+fn normalize_sha1_hashes(hashes: &[String]) -> Result<Vec<String>, ApiError> {
+    hashes
+        .iter()
+        .map(|hash| {
+            let hash = hash.trim().to_lowercase();
+            if hash.len() != 40 || !hash.chars().all(|c| c.is_ascii_hexdigit())
+            {
+                return Err(ApiError::InvalidInput(
+                    "hash must be a valid SHA1 hex string".to_string(),
+                ));
+            }
+
+            Ok(hash)
+        })
+        .collect()
+}
+
 impl LicenseRow {
     fn into_external_project(
         self,
@@ -120,12 +204,131 @@ async fn fetch_linked_files(
             .or_default()
             .push(LinkedFile {
                 name: row.filename,
-                sha1: hex::encode(&row.sha1),
+                sha1: String::from_utf8(row.sha1)
+                    .unwrap_or_else(|err| hex::encode(err.into_bytes())),
             });
     }
     Ok(map)
 }
 
+async fn fetch_by_hashes(
+    pool: &PgPool,
+    hashes: &[String],
+) -> Result<HashMap<String, ExternalProject>, ApiError> {
+    if hashes.is_empty() {
+        return Ok(HashMap::new());
+    }
+
+    let hash_bytes = hashes
+        .iter()
+        .map(|hash| hash.as_bytes().to_vec())
+        .collect::<Vec<_>>();
+
+    let rows = sqlx::query_as!(
+        LicenseHashRow,
+        r#"
+        SELECT
+            mef.sha1 hash,
+            mel.id,
+            mel.title,
+            mel.status,
+            mel.link,
+            mel.exceptions,
+            mel.proof,
+            mel.flame_project_id,
+            mel.inserted_at,
+            mel.inserted_by,
+            mel.updated_at,
+            mel.updated_by
+        FROM moderation_external_files mef
+        INNER JOIN moderation_external_licenses mel ON mel.id = mef.external_license_id
+        WHERE mef.sha1 = ANY($1)
+        "#,
+        &hash_bytes,
+    )
+    .fetch_all(pool)
+    .await?;
+
+    let license_ids = rows.iter().map(|row| row.id).collect::<Vec<_>>();
+    let files_map = fetch_linked_files(pool, &license_ids).await?;
+
+    let mut results = HashMap::new();
+    for row in rows {
+        let hash = String::from_utf8(row.hash)
+            .unwrap_or_else(|err| hex::encode(err.into_bytes()));
+        let linked_files = files_map.get(&row.id).cloned().unwrap_or_default();
+        results.insert(
+            hash,
+            LicenseRow {
+                id: row.id,
+                title: row.title,
+                status: row.status,
+                link: row.link,
+                exceptions: row.exceptions,
+                proof: row.proof,
+                flame_project_id: row.flame_project_id,
+                inserted_at: row.inserted_at,
+                inserted_by: row.inserted_by,
+                updated_at: row.updated_at,
+                updated_by: row.updated_by,
+            }
+            .into_external_project(linked_files),
+        );
+    }
+
+    Ok(results)
+}
+
+async fn fetch_by_flame_ids(
+    pool: &PgPool,
+    flame_ids: &[i32],
+) -> Result<HashMap<i32, Vec<ExternalProject>>, ApiError> {
+    if flame_ids.is_empty() {
+        return Ok(HashMap::new());
+    }
+
+    let rows = sqlx::query_as!(
+        LicenseRow,
+        r#"
+        SELECT
+            mel.id,
+            mel.title,
+            mel.status,
+            mel.link,
+            mel.exceptions,
+            mel.proof,
+            mel.flame_project_id,
+            mel.inserted_at,
+            mel.inserted_by,
+            mel.updated_at,
+            mel.updated_by
+        FROM moderation_external_licenses mel
+        WHERE mel.flame_project_id = ANY($1)
+        ORDER BY mel.id
+        "#,
+        flame_ids,
+    )
+    .fetch_all(pool)
+    .await?;
+
+    let license_ids = rows.iter().map(|row| row.id).collect::<Vec<_>>();
+    let files_map = fetch_linked_files(pool, &license_ids).await?;
+
+    let mut results: HashMap<i32, Vec<ExternalProject>> = HashMap::new();
+    for row in rows {
+        if let Some(flame_project_id) = row.flame_project_id {
+            let linked_files =
+                files_map.get(&row.id).cloned().unwrap_or_default();
+            results
+                .entry(flame_project_id)
+                .or_default()
+                .push(row.into_external_project(linked_files));
+        }
+    }
+
+    Ok(results)
+}
+
 #[utoipa::path]
 #[post("/search")]
 async fn search(
@@ -144,7 +347,8 @@ async fn search(
     )
     .await?;
 
-    let rows = sqlx::query!(
+    let rows = sqlx::query_as!(
+        LicenseRow,
         r#"
         SELECT
             mel.id,
@@ -160,11 +364,16 @@ async fn search(
             mel.updated_by
         FROM moderation_external_licenses mel
         WHERE ($1::text IS NULL OR mel.title ILIKE '%' || $1 || '%')
-          AND ($2::integer IS NULL OR mel.flame_project_id = $2)
+          AND (
+            ($2::integer IS NULL AND $3::integer[] IS NULL)
+            OR mel.flame_project_id = $2
+            OR mel.flame_project_id = ANY($3)
+          )
         ORDER BY mel.id
         "#,
         body.title,
         body.flame_id,
+        body.flame_ids.as_deref(),
     )
     .fetch_all(&**pool)
     .await?;
@@ -177,26 +386,42 @@ async fn search(
         .map(|row| {
             let linked_files =
                 files_map.get(&row.id).cloned().unwrap_or_default();
-            LicenseRow {
-                id: row.id,
-                title: row.title,
-                status: row.status,
-                link: row.link,
-                exceptions: row.exceptions,
-                proof: row.proof,
-                flame_project_id: row.flame_project_id,
-                inserted_at: row.inserted_at,
-                inserted_by: row.inserted_by,
-                updated_at: row.updated_at,
-                updated_by: row.updated_by,
-            }
-            .into_external_project(linked_files)
+            row.into_external_project(linked_files)
         })
         .collect();
 
     Ok(web::Json(results))
 }
 
+#[utoipa::path]
+#[post("/lookup")]
+async fn lookup(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    body: web::Json<ExternalLicenseLookupRequest>,
+) -> Result<web::Json<ExternalLicenseLookupResponse>, ApiError> {
+    check_is_moderator_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_READ,
+    )
+    .await?;
+
+    let body = body.into_inner();
+    let hashes = normalize_sha1_hashes(&body.hashes)?;
+    let flame_ids = fetch_by_flame_ids(&pool, &body.flame_ids).await?;
+    let hashes = fetch_by_hashes(&pool, &hashes).await?;
+
+    Ok(web::Json(ExternalLicenseLookupResponse {
+        flame_ids,
+        hashes,
+    }))
+}
+
 #[utoipa::path]
 #[get("/by-sha1/{sha1}")]
 async fn get_by_sha1(
@@ -215,48 +440,145 @@ async fn get_by_sha1(
     )
     .await?;
 
-    let sha1 = path.into_inner().0;
+    let hashes = normalize_sha1_hashes(&[path.into_inner().0])?;
+    let hash = hashes.first().ok_or(ApiError::NotFound)?;
+    let mut results = fetch_by_hashes(&pool, &hashes).await?;
+    let result = results.remove(hash).ok_or(ApiError::NotFound)?;
+
+    Ok(web::Json(result))
+}
+
+#[utoipa::path]
+#[post("/by-sha1")]
+async fn get_by_sha1_bulk(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    body: web::Json<HashLookupRequest>,
+) -> Result<web::Json<HashMap<String, ExternalProject>>, ApiError> {
+    check_is_moderator_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_READ,
+    )
+    .await?;
+
+    let hashes = normalize_sha1_hashes(&body.hashes)?;
+    let results = fetch_by_hashes(&pool, &hashes).await?;
+
+    Ok(web::Json(results))
+}
+
+#[utoipa::path]
+#[post("/file")]
+async fn add_file(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    body: web::Json<FileLicenseRequest>,
+) -> Result<web::Json<ExternalProject>, ApiError> {
+    upsert_file_license(req, pool, redis, session_queue, body).await
+}
+
+#[utoipa::path]
+#[post("/file/reassign")]
+async fn reassign_file(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    body: web::Json<FileLicenseRequest>,
+) -> Result<web::Json<ExternalProject>, ApiError> {
+    upsert_file_license(req, pool, redis, session_queue, body).await
+}
+
+async fn upsert_file_license(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    body: web::Json<FileLicenseRequest>,
+) -> Result<web::Json<ExternalProject>, ApiError> {
+    let user = check_is_moderator_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_READ,
+    )
+    .await?;
+
+    let body = body.into_inner();
+    let license_id = body.license_id.parse()?;
+    if body.hashes.is_empty() {
+        return Err(ApiError::InvalidInput(
+            "hashes must contain at least one SHA1 hex string".to_string(),
+        ));
+    }
+    let hashes = normalize_sha1_hashes(&body.hashes)?;
+    let hash_bytes = hashes
+        .iter()
+        .map(|hash| hash.as_bytes().to_vec())
+        .collect::<Vec<_>>();
+    let filenames = vec![None; hashes.len()];
+    let license_ids = vec![license_id; hashes.len()];
+
+    let mut transaction = pool.begin().await?;
 
-    let row = sqlx::query!(
+    let license = sqlx::query!(
         r#"
         SELECT
-            mel.id,
-            mel.title,
-            mel.status,
-            mel.link,
-            mel.exceptions,
-            mel.proof,
-            mel.flame_project_id,
-            mel.inserted_at,
-            mel.inserted_by,
-            mel.updated_at,
-            mel.updated_by
-        FROM moderation_external_files mef
-        INNER JOIN moderation_external_licenses mel ON mel.id = mef.external_license_id
-        WHERE mef.sha1 = $1
+            id,
+            title,
+            status,
+            link,
+            exceptions,
+            proof,
+            flame_project_id,
+            inserted_at,
+            inserted_by,
+            updated_at,
+            updated_by
+        FROM moderation_external_licenses
+        WHERE id = $1
         "#,
-        sha1.as_bytes().to_vec(),
+        license_id,
     )
-    .fetch_optional(&**pool)
+    .fetch_optional(&mut transaction)
     .await?
     .ok_or(ApiError::NotFound)?;
 
-    let files_map = fetch_linked_files(&pool, &[row.id]).await?;
-    let linked_files = files_map.get(&row.id).cloned().unwrap_or_default();
+    ExternalLicense::insert_files(
+        &mut transaction,
+        &hash_bytes,
+        &filenames,
+        &license_ids,
+        DBUserId(user.id.0 as i64),
+    )
+    .await?;
+
+    transaction.commit().await?;
+
+    let files_map = fetch_linked_files(&pool, &[license_id]).await?;
+    let linked_files = files_map.get(&license_id).cloned().unwrap_or_default();
 
     Ok(web::Json(
         LicenseRow {
-            id: row.id,
-            title: row.title,
-            status: row.status,
-            link: row.link,
-            exceptions: row.exceptions,
-            proof: row.proof,
-            flame_project_id: row.flame_project_id,
-            inserted_at: row.inserted_at,
-            inserted_by: row.inserted_by,
-            updated_at: row.updated_at,
-            updated_by: row.updated_by,
+            id: license.id,
+            title: license.title,
+            status: license.status,
+            link: license.link,
+            exceptions: license.exceptions,
+            proof: license.proof,
+            flame_project_id: license.flame_project_id,
+            inserted_at: license.inserted_at,
+            inserted_by: license.inserted_by,
+            updated_at: license.updated_at,
+            updated_by: license.updated_by,
         }
         .into_external_project(linked_files),
     ))
diff --git a/apps/labrinth/src/routes/internal/moderation/tech_review.rs b/apps/labrinth/src/routes/internal/moderation/tech_review.rs
index 05fae0e884..cfa609a98e 100644
--- a/apps/labrinth/src/routes/internal/moderation/tech_review.rs
+++ b/apps/labrinth/src/routes/internal/moderation/tech_review.rs
@@ -290,13 +290,13 @@ async fn get_report(
                 'flag_reason', 'delphi',
                 'download_url', f.url,
                 -- TODO: replace with `json_array` in Postgres 16
-                'issues', (
-                    SELECT json_agg(
-                        to_jsonb(dri)
-                        || jsonb_build_object(
-                            -- TODO: replace with `json_array` in Postgres 16
-                            'details', (
-                                SELECT coalesce(jsonb_agg(
+				'issues', (
+					SELECT coalesce(json_agg(
+						to_jsonb(dri)
+						|| jsonb_build_object(
+							-- TODO: replace with `json_array` in Postgres 16
+							'details', (
+								SELECT coalesce(jsonb_agg(
                                     jsonb_build_object(
                                         'id', didws.id,
                                         'issue_id', didws.issue_id,
@@ -311,11 +311,11 @@ async fn get_report(
                                 FROM delphi_issue_details_with_statuses didws
                                 WHERE didws.issue_id = dri.id
                             )
-                        )
-                    )
-                    FROM delphi_report_issues dri
-                    WHERE
-                        dri.report_id = dr.id
+						)
+					), '[]'::json)
+					FROM delphi_report_issues dri
+					WHERE
+						dri.report_id = dr.id
                         -- see delphi.rs todo comment
                         AND dri.issue_type != '__dummy'
                 )
diff --git a/apps/labrinth/src/routes/mod.rs b/apps/labrinth/src/routes/mod.rs
index 178a8a706b..f5cfdc1ad9 100644
--- a/apps/labrinth/src/routes/mod.rs
+++ b/apps/labrinth/src/routes/mod.rs
@@ -97,7 +97,8 @@ pub enum ApiError {
     FileHosting(#[from] FileHostingError),
     #[error("database error")]
     Database(#[from] crate::database::models::DatabaseError),
-    #[error("Postgres database error")]
+    // todo: remove this variant
+    #[error("Postgres database error: {0}")]
     SqlxDatabase(#[from] sqlx::Error),
     #[error("redis database error")]
     RedisDatabase(#[from] redis::RedisError),
diff --git a/apps/labrinth/src/routes/v2/project_creation.rs b/apps/labrinth/src/routes/v2/project_creation.rs
index ded3fd4f05..d6afd30cc8 100644
--- a/apps/labrinth/src/routes/v2/project_creation.rs
+++ b/apps/labrinth/src/routes/v2/project_creation.rs
@@ -21,7 +21,6 @@ use serde::{Deserialize, Serialize};
 use serde_json::json;
 
 use std::collections::HashMap;
-use std::sync::Arc;
 use validator::Validate;
 
 use super::version_creation::InitialVersionData;
@@ -159,7 +158,7 @@ pub async fn project_create(
     payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: Data<AuthQueue>,
     http: Data<HttpClient>,
     search_state: Data<SearchState>,
diff --git a/apps/labrinth/src/routes/v2/projects.rs b/apps/labrinth/src/routes/v2/projects.rs
index 77deda18de..700001b5f3 100644
--- a/apps/labrinth/src/routes/v2/projects.rs
+++ b/apps/labrinth/src/routes/v2/projects.rs
@@ -18,7 +18,6 @@ use crate::search::{SearchBackend, SearchRequest, SearchState};
 use actix_web::{HttpRequest, HttpResponse, delete, get, patch, post, web};
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
-use std::sync::Arc;
 use validator::Validate;
 
 pub fn config(cfg: &mut utoipa_actix_web::service_config::ServiceConfig) {
@@ -927,7 +926,7 @@ pub async fn project_icon_edit(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
@@ -969,7 +968,7 @@ pub async fn delete_project_icon(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
 ) -> Result<HttpResponse, ApiError> {
@@ -1062,7 +1061,7 @@ pub async fn add_gallery_item(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
@@ -1209,7 +1208,7 @@ pub async fn delete_gallery_item(
     web::Query(item): web::Query<GalleryDeleteQuery>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
 ) -> Result<HttpResponse, ApiError> {
diff --git a/apps/labrinth/src/routes/v2/threads.rs b/apps/labrinth/src/routes/v2/threads.rs
index 51145e709e..e04a369cc5 100644
--- a/apps/labrinth/src/routes/v2/threads.rs
+++ b/apps/labrinth/src/routes/v2/threads.rs
@@ -1,5 +1,3 @@
-use std::sync::Arc;
-
 use crate::database::PgPool;
 use crate::database::redis::RedisPool;
 use crate::file_hosting::FileHost;
@@ -169,7 +167,7 @@ pub async fn message_delete(
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
     session_queue: web::Data<AuthQueue>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
 ) -> Result<HttpResponse, ApiError> {
     // Returns NoContent, so we don't need to convert the response
     v3::threads::message_delete(
diff --git a/apps/labrinth/src/routes/v2/users.rs b/apps/labrinth/src/routes/v2/users.rs
index 3d965598bb..21e80adfbe 100644
--- a/apps/labrinth/src/routes/v2/users.rs
+++ b/apps/labrinth/src/routes/v2/users.rs
@@ -11,7 +11,6 @@ use crate::queue::session::AuthQueue;
 use crate::routes::{ApiError, v2_reroute, v3};
 use actix_web::{HttpRequest, HttpResponse, delete, get, patch, web};
 use serde::{Deserialize, Serialize};
-use std::sync::Arc;
 use validator::Validate;
 
 pub fn config(cfg: &mut utoipa_actix_web::service_config::ServiceConfig) {
@@ -299,7 +298,7 @@ pub async fn user_icon_edit(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
@@ -339,7 +338,7 @@ pub async fn user_icon_delete(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
     // Returns NoContent, so we don't need to convert to V2
diff --git a/apps/labrinth/src/routes/v2/version_creation.rs b/apps/labrinth/src/routes/v2/version_creation.rs
index 1b8be2733b..72da4004e0 100644
--- a/apps/labrinth/src/routes/v2/version_creation.rs
+++ b/apps/labrinth/src/routes/v2/version_creation.rs
@@ -22,7 +22,6 @@ use actix_web::{HttpRequest, HttpResponse, post, web};
 use serde::{Deserialize, Serialize};
 use serde_json::json;
 use std::collections::HashMap;
-use std::sync::Arc;
 use validator::Validate;
 
 pub fn default_requested_status() -> VersionStatus {
@@ -101,7 +100,7 @@ pub async fn version_create(
     payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: Data<AuthQueue>,
     moderation_queue: Data<AutomatedModerationQueue>,
     http: Data<HttpClient>,
@@ -335,7 +334,7 @@ pub async fn upload_file_to_version(
     payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     http: web::Data<HttpClient>,
     search_state: Data<SearchState>,
diff --git a/apps/labrinth/src/routes/v3/collections.rs b/apps/labrinth/src/routes/v3/collections.rs
index cbf75477a0..605f857065 100644
--- a/apps/labrinth/src/routes/v3/collections.rs
+++ b/apps/labrinth/src/routes/v3/collections.rs
@@ -25,7 +25,6 @@ use chrono::Utc;
 use eyre::eyre;
 use itertools::Itertools;
 use serde::{Deserialize, Serialize};
-use std::sync::Arc;
 use validator::Validate;
 
 pub fn config(cfg: &mut web::ServiceConfig) {
@@ -390,7 +389,7 @@ pub async fn collection_icon_edit(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
@@ -423,7 +422,7 @@ pub async fn collection_icon_edit(
         collection_item.icon_url,
         collection_item.raw_icon_url,
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -442,7 +441,7 @@ pub async fn collection_icon_edit(
         &ext.ext,
         Some(96),
         Some(1.0),
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -474,7 +473,7 @@ pub async fn delete_collection_icon(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
     let user = get_user_from_headers(
@@ -505,7 +504,7 @@ pub async fn delete_collection_icon(
         collection_item.icon_url,
         collection_item.raw_icon_url,
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
     let mut transaction = pool.begin().await?;
diff --git a/apps/labrinth/src/routes/v3/images.rs b/apps/labrinth/src/routes/v3/images.rs
index efeb59a838..d00e03946c 100644
--- a/apps/labrinth/src/routes/v3/images.rs
+++ b/apps/labrinth/src/routes/v3/images.rs
@@ -1,5 +1,3 @@
-use std::sync::Arc;
-
 use super::threads::is_authorized_thread;
 use crate::auth::checks::{is_team_member_project, is_team_member_version};
 use crate::auth::get_user_from_headers;
@@ -41,7 +39,7 @@ pub struct ImageUpload {
 pub async fn images_add(
     req: HttpRequest,
     web::Query(data): web::Query<ImageUpload>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
@@ -191,7 +189,7 @@ pub async fn images_add(
         &data.ext,
         None,
         None,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
diff --git a/apps/labrinth/src/routes/v3/oauth_clients.rs b/apps/labrinth/src/routes/v3/oauth_clients.rs
index adcb4e477e..7c16ea141d 100644
--- a/apps/labrinth/src/routes/v3/oauth_clients.rs
+++ b/apps/labrinth/src/routes/v3/oauth_clients.rs
@@ -1,4 +1,4 @@
-use std::{collections::HashSet, fmt::Display, sync::Arc};
+use std::{collections::HashSet, fmt::Display};
 
 use super::ApiError;
 use crate::database::{PgPool, PgTransaction};
@@ -354,7 +354,7 @@ pub async fn oauth_client_icon_edit(
     client_id: web::Path<OAuthClientId>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
@@ -382,7 +382,7 @@ pub async fn oauth_client_icon_edit(
         client.icon_url.clone(),
         client.raw_icon_url.clone(),
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -399,7 +399,7 @@ pub async fn oauth_client_icon_edit(
         &ext.ext,
         Some(96),
         Some(1.0),
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -424,7 +424,7 @@ pub async fn oauth_client_icon_delete(
     client_id: web::Path<OAuthClientId>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
     let user = get_user_from_headers(
@@ -450,7 +450,7 @@ pub async fn oauth_client_icon_delete(
         client.icon_url.clone(),
         client.raw_icon_url.clone(),
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
diff --git a/apps/labrinth/src/routes/v3/organizations.rs b/apps/labrinth/src/routes/v3/organizations.rs
index cd6a119dac..b59e74cefd 100644
--- a/apps/labrinth/src/routes/v3/organizations.rs
+++ b/apps/labrinth/src/routes/v3/organizations.rs
@@ -1,5 +1,4 @@
 use std::collections::HashMap;
-use std::sync::Arc;
 
 use super::ApiError;
 use crate::auth::checks::is_visible_organization;
@@ -1188,7 +1187,7 @@ pub async fn organization_icon_edit(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
@@ -1239,7 +1238,7 @@ pub async fn organization_icon_edit(
         organization_item.icon_url,
         organization_item.raw_icon_url,
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -1258,7 +1257,7 @@ pub async fn organization_icon_edit(
         &ext.ext,
         Some(96),
         Some(1.0),
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -1294,7 +1293,7 @@ pub async fn delete_organization_icon(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
     let user = get_user_from_headers(
@@ -1344,7 +1343,7 @@ pub async fn delete_organization_icon(
         organization_item.icon_url,
         organization_item.raw_icon_url,
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
diff --git a/apps/labrinth/src/routes/v3/project_creation.rs b/apps/labrinth/src/routes/v3/project_creation.rs
index b216d9e224..1088302d2f 100644
--- a/apps/labrinth/src/routes/v3/project_creation.rs
+++ b/apps/labrinth/src/routes/v3/project_creation.rs
@@ -41,7 +41,6 @@ use itertools::Itertools;
 use rust_decimal::Decimal;
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
-use std::sync::Arc;
 use thiserror::Error;
 use validator::Validate;
 
@@ -291,7 +290,7 @@ pub async fn project_create(
     payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: Data<AuthQueue>,
     http: Data<HttpClient>,
     search_state: Data<SearchState>,
@@ -314,7 +313,7 @@ pub async fn project_create_internal(
     mut payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: Data<AuthQueue>,
     http: Data<HttpClient>,
     search_state: Data<SearchState>,
@@ -329,7 +328,7 @@ pub async fn project_create_internal(
         req,
         &mut payload,
         &mut transaction,
-        &***file_host,
+        &**file_host,
         &mut uploaded_files,
         &client,
         &redis,
@@ -340,7 +339,7 @@ pub async fn project_create_internal(
     .await;
 
     if result.is_err() {
-        let undo_result = undo_uploads(&***file_host, &uploaded_files).await;
+        let undo_result = undo_uploads(&**file_host, &uploaded_files).await;
         let rollback_result = transaction.rollback().await;
 
         undo_result?;
@@ -372,7 +371,7 @@ pub async fn project_create_with_id(
     mut payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: Data<AuthQueue>,
     http: Data<HttpClient>,
     search_state: Data<SearchState>,
@@ -387,7 +386,7 @@ pub async fn project_create_with_id(
         req,
         &mut payload,
         &mut transaction,
-        &***file_host,
+        &**file_host,
         &mut uploaded_files,
         &client,
         &redis,
@@ -398,7 +397,7 @@ pub async fn project_create_with_id(
     .await;
 
     if result.is_err() {
-        let undo_result = undo_uploads(&***file_host, &uploaded_files).await;
+        let undo_result = undo_uploads(&**file_host, &uploaded_files).await;
         let rollback_result = transaction.rollback().await;
 
         undo_result?;
@@ -928,7 +927,7 @@ async fn project_create_inner(
         let now = Utc::now();
 
         let id = project_builder_actual
-            .insert(&mut *transaction, http)
+            .insert(&mut *transaction, redis, file_host, http)
             .await?;
         DBUser::clear_project_cache(&[current_user.id.into()], redis).await?;
 
diff --git a/apps/labrinth/src/routes/v3/project_creation/new.rs b/apps/labrinth/src/routes/v3/project_creation/new.rs
index 357776a8e4..877ad9a70d 100644
--- a/apps/labrinth/src/routes/v3/project_creation/new.rs
+++ b/apps/labrinth/src/routes/v3/project_creation/new.rs
@@ -16,6 +16,7 @@ use crate::{
         },
         redis::RedisPool,
     },
+    file_hosting::FileHost,
     models::{
         exp::{self, ProjectComponentKind, component::ComponentRelationError},
         ids::ProjectId,
@@ -119,6 +120,7 @@ pub async fn create(
     req: HttpRequest,
     db: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     http: web::Data<HttpClient>,
     search_state: web::Data<SearchState>,
@@ -308,13 +310,13 @@ pub async fn create(
     };
 
     project_builder
-        .insert(&mut txn, &http)
+        .insert(&mut txn, &redis, &**file_host, &http)
         .await
         .wrap_internal_err("failed to insert project")?;
 
     if let Some(version_builder) = version_builder {
         version_builder
-            .insert(&mut txn, &http)
+            .insert(&mut txn, &redis, &**file_host, &http)
             .await
             .wrap_internal_err("failed to insert initial version")?;
     }
diff --git a/apps/labrinth/src/routes/v3/projects.rs b/apps/labrinth/src/routes/v3/projects.rs
index 88e695a4b7..cfad6a004b 100644
--- a/apps/labrinth/src/routes/v3/projects.rs
+++ b/apps/labrinth/src/routes/v3/projects.rs
@@ -1,6 +1,5 @@
 use std::any::type_name;
 use std::collections::HashMap;
-use std::sync::Arc;
 
 use crate::auth::checks::{filter_visible_versions, is_visible_project};
 use crate::auth::{filter_visible_projects, get_user_from_headers};
@@ -1725,7 +1724,7 @@ async fn project_icon_edit(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
@@ -1750,7 +1749,7 @@ pub async fn project_icon_edit_internal(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
@@ -1809,7 +1808,7 @@ pub async fn project_icon_edit_internal(
         project_item.inner.icon_url,
         project_item.inner.raw_icon_url,
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -1828,7 +1827,7 @@ pub async fn project_icon_edit_internal(
         &ext.ext,
         Some(96),
         Some(1.0),
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -1868,7 +1867,7 @@ async fn delete_project_icon(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
 ) -> Result<HttpResponse, ApiError> {
@@ -1889,7 +1888,7 @@ pub async fn delete_project_icon_internal(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
 ) -> Result<HttpResponse, ApiError> {
@@ -1946,7 +1945,7 @@ pub async fn delete_project_icon_internal(
         project_item.inner.icon_url,
         project_item.inner.raw_icon_url,
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -1996,7 +1995,7 @@ pub async fn add_gallery_item(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
@@ -2023,7 +2022,7 @@ pub async fn add_gallery_item_internal(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
@@ -2104,7 +2103,7 @@ pub async fn add_gallery_item_internal(
         &ext.ext,
         Some(350),
         Some(1.0),
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
@@ -2381,7 +2380,7 @@ async fn delete_gallery_item(
     web::Query(item): web::Query<GalleryDeleteQuery>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
 ) -> Result<HttpResponse, ApiError> {
@@ -2402,7 +2401,7 @@ pub async fn delete_gallery_item_internal(
     web::Query(item): web::Query<GalleryDeleteQuery>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     search_state: web::Data<SearchState>,
 ) -> Result<HttpResponse, ApiError> {
@@ -2479,7 +2478,7 @@ pub async fn delete_gallery_item_internal(
         Some(item.image_url),
         Some(item.raw_image_url),
         FileHostPublicity::Public,
-        &***file_host,
+        &**file_host,
     )
     .await?;
 
diff --git a/apps/labrinth/src/routes/v3/shared_instance_version_creation.rs b/apps/labrinth/src/routes/v3/shared_instance_version_creation.rs
index 657853c258..9fdc289025 100644
--- a/apps/labrinth/src/routes/v3/shared_instance_version_creation.rs
+++ b/apps/labrinth/src/routes/v3/shared_instance_version_creation.rs
@@ -25,7 +25,6 @@ use bytes::BytesMut;
 use chrono::Utc;
 use futures_util::StreamExt;
 use hex::FromHex;
-use std::sync::Arc;
 
 const MAX_FILE_SIZE: usize = 500 * 1024 * 1024;
 const MAX_FILE_SIZE_TEXT: &str = "500 MB";
@@ -44,7 +43,7 @@ pub async fn shared_instance_version_create(
     payload: web::Payload,
     web::Header(ContentLength(content_length)): web::Header<ContentLength>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     info: web::Path<(SharedInstanceId,)>,
     session_queue: Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
@@ -63,7 +62,7 @@ pub async fn shared_instance_version_create(
         payload,
         content_length,
         &redis,
-        &***file_host,
+        &**file_host,
         info.into_inner().0.into(),
         &session_queue,
         &mut transaction,
@@ -73,7 +72,7 @@ pub async fn shared_instance_version_create(
 
     if result.is_err() {
         let undo_result = super::project_creation::undo_uploads(
-            &***file_host,
+            &**file_host,
             &uploaded_files,
         )
         .await;
diff --git a/apps/labrinth/src/routes/v3/shared_instances.rs b/apps/labrinth/src/routes/v3/shared_instances.rs
index 260a0ef5e1..3768777029 100644
--- a/apps/labrinth/src/routes/v3/shared_instances.rs
+++ b/apps/labrinth/src/routes/v3/shared_instances.rs
@@ -22,7 +22,6 @@ use actix_web::web::{Data, Redirect};
 use actix_web::{HttpRequest, HttpResponse, web};
 use futures_util::future::try_join_all;
 use serde::Deserialize;
-use std::sync::Arc;
 use validator::Validate;
 
 pub fn config(cfg: &mut web::ServiceConfig) {
@@ -565,7 +564,7 @@ pub async fn shared_instance_version_download(
     req: HttpRequest,
     pool: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     info: web::Path<(SharedInstanceVersionId,)>,
     session_queue: Data<AuthQueue>,
 ) -> Result<Redirect, ApiError> {
diff --git a/apps/labrinth/src/routes/v3/threads.rs b/apps/labrinth/src/routes/v3/threads.rs
index 136313cdfe..23ce400feb 100644
--- a/apps/labrinth/src/routes/v3/threads.rs
+++ b/apps/labrinth/src/routes/v3/threads.rs
@@ -1,5 +1,3 @@
-use std::sync::Arc;
-
 use crate::auth::get_user_from_headers;
 use crate::database;
 use crate::database::PgPool;
@@ -599,7 +597,7 @@ pub async fn message_delete(
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
     session_queue: web::Data<AuthQueue>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
 ) -> Result<HttpResponse, ApiError> {
     let user = get_user_from_headers(
         &req,
diff --git a/apps/labrinth/src/routes/v3/users.rs b/apps/labrinth/src/routes/v3/users.rs
index 1d517126b1..e35c4a7431 100644
--- a/apps/labrinth/src/routes/v3/users.rs
+++ b/apps/labrinth/src/routes/v3/users.rs
@@ -1,7 +1,4 @@
-use std::{
-    collections::{HashMap, HashSet},
-    sync::Arc,
-};
+use std::collections::{HashMap, HashSet};
 
 use super::{ApiError, oauth_clients::get_user_clients};
 use crate::database::PgPool;
@@ -833,7 +830,7 @@ pub async fn user_icon_edit(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     mut payload: web::Payload,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
@@ -860,7 +857,7 @@ pub async fn user_icon_edit(
             actual_user.avatar_url,
             actual_user.raw_avatar_url,
             FileHostPublicity::Public,
-            &***file_host,
+            &**file_host,
         )
         .await?;
 
@@ -879,7 +876,7 @@ pub async fn user_icon_edit(
             &ext.ext,
             Some(96),
             Some(1.0),
-            &***file_host,
+            &**file_host,
         )
         .await?;
 
@@ -908,7 +905,7 @@ pub async fn user_icon_delete(
     info: web::Path<(String,)>,
     pool: web::Data<PgPool>,
     redis: web::Data<RedisPool>,
-    file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: web::Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
 ) -> Result<HttpResponse, ApiError> {
     let user = get_user_from_headers(
@@ -934,7 +931,7 @@ pub async fn user_icon_delete(
             actual_user.avatar_url,
             actual_user.raw_avatar_url,
             FileHostPublicity::Public,
-            &***file_host,
+            &**file_host,
         )
         .await?;
 
diff --git a/apps/labrinth/src/routes/v3/version_creation.rs b/apps/labrinth/src/routes/v3/version_creation.rs
index 650f153b9c..9749efee3c 100644
--- a/apps/labrinth/src/routes/v3/version_creation.rs
+++ b/apps/labrinth/src/routes/v3/version_creation.rs
@@ -42,7 +42,6 @@ use itertools::Itertools;
 use serde::{Deserialize, Serialize};
 use sha1::Digest;
 use std::collections::{HashMap, HashSet};
-use std::sync::Arc;
 use validator::Validate;
 
 fn default_requested_status() -> VersionStatus {
@@ -111,7 +110,7 @@ pub async fn version_create(
     mut payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: Data<AuthQueue>,
     moderation_queue: web::Data<AutomatedModerationQueue>,
     http: web::Data<HttpClient>,
@@ -125,7 +124,7 @@ pub async fn version_create(
         &mut payload,
         &mut transaction,
         &redis,
-        &***file_host,
+        &**file_host,
         &mut uploaded_files,
         &client,
         &session_queue,
@@ -136,7 +135,7 @@ pub async fn version_create(
 
     if result.is_err() {
         let undo_result = super::project_creation::undo_uploads(
-            &***file_host,
+            &**file_host,
             &uploaded_files,
         )
         .await;
@@ -491,10 +490,11 @@ async fn version_create_inner(
         loaders: version_data.loaders,
         fields: version_data.fields,
         components: exp::VersionQuery::default(),
+        files_missing_attribution: Vec::new(),
     };
 
     let project_id = builder.project_id;
-    builder.insert(transaction, http).await?;
+    builder.insert(transaction, redis, file_host, http).await?;
 
     for image_id in version_data.uploaded_images {
         if let Some(db_image) =
@@ -552,7 +552,7 @@ pub async fn upload_file_to_version(
     mut payload: Multipart,
     client: Data<PgPool>,
     redis: Data<RedisPool>,
-    file_host: Data<Arc<dyn FileHost + Send + Sync>>,
+    file_host: Data<dyn FileHost>,
     session_queue: web::Data<AuthQueue>,
     http: web::Data<HttpClient>,
     search_state: Data<SearchState>,
@@ -568,7 +568,7 @@ pub async fn upload_file_to_version(
         client,
         &mut transaction,
         redis.clone(),
-        &***file_host,
+        &**file_host,
         &mut uploaded_files,
         version_id,
         &session_queue,
@@ -578,7 +578,7 @@ pub async fn upload_file_to_version(
 
     if result.is_err() {
         let undo_result = super::project_creation::undo_uploads(
-            &***file_host,
+            &**file_host,
             &uploaded_files,
         )
         .await;
@@ -798,8 +798,18 @@ async fn upload_file_to_version_inner(
             "At least one file must be specified".to_string(),
         ));
     } else {
+        let project_id = version.inner.project_id;
+
         for file in file_builders {
-            file.insert(version_id, &mut *transaction, http).await?;
+            file.insert(
+                version_id,
+                project_id,
+                &mut *transaction,
+                &redis,
+                file_host,
+                http,
+            )
+            .await?;
         }
     }
 
@@ -880,8 +890,10 @@ pub async fn upload_file(
         ));
     }
 
+    let data = data.freeze();
+
     let validation_result = validate_file(
-        data.clone().into(),
+        data.clone(),
         file_extension.to_string(),
         loaders.clone(),
         file_type,
@@ -958,7 +970,6 @@ pub async fn upload_file(
         }
     }
 
-    let data = data.freeze();
     let primary = (validation_result.is_passed()
         && version_files.iter().all(|x| !x.primary)
         && !ignore_primary)
diff --git a/apps/labrinth/src/routes/v3/version_file.rs b/apps/labrinth/src/routes/v3/version_file.rs
index 7723ffdeb8..f182edaed3 100644
--- a/apps/labrinth/src/routes/v3/version_file.rs
+++ b/apps/labrinth/src/routes/v3/version_file.rs
@@ -721,6 +721,11 @@ pub async fn delete_file(
         .execute(&mut transaction)
         .await?;
 
+        database::models::version_item::cleanup_empty_attribution_groups(
+            &mut transaction,
+        )
+        .await?;
+
         delphi::send_tech_review_exit_file_deleted_message_if_exited(
             row.project_id,
             was_in_tech_review,
diff --git a/apps/labrinth/src/routes/v3/versions.rs b/apps/labrinth/src/routes/v3/versions.rs
index 8a10987322..1de3408440 100644
--- a/apps/labrinth/src/routes/v3/versions.rs
+++ b/apps/labrinth/src/routes/v3/versions.rs
@@ -2,7 +2,8 @@ use std::collections::HashMap;
 
 use super::ApiError;
 use crate::auth::checks::{
-    filter_visible_versions, is_visible_project, is_visible_version,
+    enrich_dependency_attributions, filter_visible_versions,
+    is_visible_project, is_visible_version,
 };
 use crate::auth::get_user_from_headers;
 use crate::database;
@@ -24,6 +25,7 @@ use crate::models::projects::{
 };
 use crate::models::projects::{Loader, skip_nulls};
 use crate::models::teams::ProjectPermissions;
+use crate::queue::file_scan::get_files_missing_attribution;
 use crate::queue::session::AuthQueue;
 use crate::routes::internal::delphi;
 use crate::search::{SearchBackend, SearchState};
@@ -109,12 +111,42 @@ pub async fn version_project_get_helper(
                 || x.inner.version_number == id.1
         });
 
-        if let Some(version) = version
+        if let Some(mut version) = version
             && is_visible_version(&version.inner, &user_option, &pool, &redis)
                 .await?
         {
-            return Ok(HttpResponse::Ok()
-                .json(models::projects::Version::from(version)));
+            let version_id = version.inner.id;
+            enrich_dependency_attributions(
+                std::slice::from_mut(&mut version),
+                &pool,
+            )
+            .await;
+            let mut v = models::projects::Version::from(version);
+            let missing = get_files_missing_attribution(&**pool, &[version_id])
+                .await
+                .unwrap_or_default();
+            v.files_missing_attribution = missing
+                 .get(&version_id)
+                 .map(|entries| {
+                     entries
+                         .iter()
+                         .map(|(id, fp)| models::projects::MissingAttributionFile {
+                             id: models::ids::FileId(id.0 as u64),
+                             override_source: fp
+                                 .as_ref()
+                                 .map(|p| models::projects::OverrideSource::Flame {
+                                     id: p.id,
+                                     title: p.title.clone(),
+                                     url: p.url.clone(),
+                                     icon_url: p.icon_url.clone(),
+                                 })
+                                 .or(Some(models::projects::OverrideSource::Unknown)),
+                         })
+                         .collect()
+                 })
+                 .unwrap_or_default();
+
+            return Ok(HttpResponse::Ok().json(v));
         }
     }
 
@@ -204,10 +236,40 @@ pub async fn version_get_helper(
     .map(|x| x.1)
     .ok();
 
-    if let Some(data) = version_data
+    if let Some(mut data) = version_data
         && is_visible_version(&data.inner, &user_option, &pool, &redis).await?
     {
-        return Ok(web::Json(models::projects::Version::from(data)));
+        let version_id = data.inner.id;
+        enrich_dependency_attributions(std::slice::from_mut(&mut data), &pool)
+            .await;
+        let mut version = models::projects::Version::from(data);
+        let missing = get_files_missing_attribution(&**pool, &[version_id])
+            .await
+            .unwrap_or_default();
+        version.files_missing_attribution = missing
+            .get(&version_id)
+            .map(|entries| {
+                entries
+                    .iter()
+                    .map(|(id, fp)| models::projects::MissingAttributionFile {
+                        id: models::ids::FileId(id.0 as u64),
+                        override_source: fp
+                            .as_ref()
+                            .map(|p| models::projects::OverrideSource::Flame {
+                                id: p.id,
+                                title: p.title.clone(),
+                                url: p.url.clone(),
+                                icon_url: p.icon_url.clone(),
+                            })
+                            .or(Some(
+                                models::projects::OverrideSource::Unknown,
+                            )),
+                    })
+                    .collect()
+            })
+            .unwrap_or_default();
+
+        return Ok(web::Json(version));
     }
 
     Err(ApiError::NotFound)
diff --git a/apps/labrinth/src/test/mod.rs b/apps/labrinth/src/test/mod.rs
index 9a7520f284..e81289e48d 100644
--- a/apps/labrinth/src/test/mod.rs
+++ b/apps/labrinth/src/test/mod.rs
@@ -1,10 +1,14 @@
+use std::sync::Arc;
+
+use actix_web::web;
+
 use crate::env::ENV;
+use crate::file_hosting::FileHost;
 use crate::queue::email::EmailQueue;
 use crate::util::anrok;
 use crate::util::gotenberg::GotenbergClient;
 use crate::{LabrinthConfig, file_hosting};
 use crate::{clickhouse, env};
-use std::sync::Arc;
 
 pub mod api_common;
 pub mod api_v2;
@@ -31,8 +35,8 @@ pub async fn setup(db: &database::TemporaryDatabase) -> LabrinthConfig {
     let ro_pool = db.ro_pool.clone();
     let redis_pool = db.redis_pool.clone();
     let search_backend = db.search_backend.clone();
-    let file_host: Arc<dyn file_hosting::FileHost + Send + Sync> =
-        Arc::new(file_hosting::MockHost::new());
+    let file_host: Arc<dyn FileHost> = Arc::new(file_hosting::MockHost::new());
+    let file_host = web::Data::<dyn FileHost>::from(file_host);
     let mut clickhouse = clickhouse::init_client().await.unwrap();
 
     let stripe_client = stripe::Client::new(ENV.STRIPE_API_KEY.clone());
diff --git a/apps/labrinth/src/util/http.rs b/apps/labrinth/src/util/http.rs
index cfa942ef73..621205fe17 100644
--- a/apps/labrinth/src/util/http.rs
+++ b/apps/labrinth/src/util/http.rs
@@ -1,24 +1,23 @@
-use std::time::Duration;
+use std::sync::LazyLock;
 
 use derive_more::Deref;
-use reqwest::header::{HeaderMap, HeaderValue, USER_AGENT};
 
-/// Generic HTTP client used for anywhere you need to send an HTTP request, and
-/// do not care what headers or other parameters are used.
+pub static HTTP_CLIENT: LazyLock<HttpClient> = LazyLock::new(HttpClient::new);
+
 #[derive(Debug, Clone, Deref)]
-pub struct HttpClient(pub reqwest::Client);
+pub struct HttpClient(reqwest::Client);
 
 impl HttpClient {
     pub fn new() -> Self {
         let client = reqwest::Client::builder()
-            .default_headers(HeaderMap::from_iter([(
-                USER_AGENT,
-                HeaderValue::from_static(concat!(
+            .default_headers(reqwest::header::HeaderMap::from_iter([(
+                reqwest::header::USER_AGENT,
+                reqwest::header::HeaderValue::from_static(concat!(
                     "Labrinth/",
                     env!("COMPILATION_DATE")
                 )),
             )]))
-            .timeout(Duration::from_secs(30))
+            .timeout(std::time::Duration::from_secs(30))
             .build()
             .unwrap();
         Self(client)
diff --git a/apps/labrinth/tests/version.rs b/apps/labrinth/tests/version.rs
index 46cf863d9d..5e5a6ecf97 100644
--- a/apps/labrinth/tests/version.rs
+++ b/apps/labrinth/tests/version.rs
@@ -494,7 +494,8 @@ pub async fn test_patch_version() {
                 project_id: Some(*beta_project_id_parsed),
                 version_id: None,
                 file_name: Some("dummy_file_name".to_string()),
-                dependency_type: DependencyType::Required
+                dependency_type: DependencyType::Required,
+                attribution: None,
             }]
         );
         assert_eq!(version.loaders, vec!["forge".to_string()]);
diff --git a/packages/api-client/src/modules/index.ts b/packages/api-client/src/modules/index.ts
index 7e857f12c3..6a2e6a703e 100644
--- a/packages/api-client/src/modules/index.ts
+++ b/packages/api-client/src/modules/index.ts
@@ -20,6 +20,7 @@ import { KyrosUploadSessionsV1Module } from './kyros/upload-sessions/v1'
 import { LabrinthVersionsV2Module, LabrinthVersionsV3Module } from './labrinth'
 import { LabrinthAffiliateInternalModule } from './labrinth/affiliate/internal'
 import { LabrinthAnalyticsV3Module } from './labrinth/analytics/v3'
+import { LabrinthAttributionInternalModule } from './labrinth/attribution/internal'
 import { LabrinthAuthInternalModule } from './labrinth/auth/internal'
 import { LabrinthAuthV2Module } from './labrinth/auth/v2'
 import { LabrinthBillingInternalModule } from './labrinth/billing/internal'
@@ -28,6 +29,7 @@ import { LabrinthCollectionsModule } from './labrinth/collections'
 import { LabrinthExternalProjectsInternalModule } from './labrinth/external-projects/internal'
 import { LabrinthFriendsV3Module } from './labrinth/friends/v3'
 import { LabrinthGlobalsInternalModule } from './labrinth/globals/internal'
+import { LabrinthImagesV3Module } from './labrinth/images/v3'
 import { LabrinthLimitsV3Module } from './labrinth/limits/v3'
 import { LabrinthModerationInternalModule } from './labrinth/moderation/internal'
 import { LabrinthNotificationsV2Module } from './labrinth/notifications/v2'
@@ -91,12 +93,14 @@ export const MODULE_REGISTRY = {
 	labrinth_analytics_v3: LabrinthAnalyticsV3Module,
 	labrinth_auth_internal: LabrinthAuthInternalModule,
 	labrinth_auth_v2: LabrinthAuthV2Module,
+	labrinth_attribution_internal: LabrinthAttributionInternalModule,
 	labrinth_billing_internal: LabrinthBillingInternalModule,
 	labrinth_campaign_internal: LabrinthCampaignInternalModule,
 	labrinth_collections: LabrinthCollectionsModule,
 	labrinth_external_projects_internal: LabrinthExternalProjectsInternalModule,
 	labrinth_friends_v3: LabrinthFriendsV3Module,
 	labrinth_globals_internal: LabrinthGlobalsInternalModule,
+	labrinth_images_v3: LabrinthImagesV3Module,
 	labrinth_moderation_internal: LabrinthModerationInternalModule,
 	labrinth_notifications_v2: LabrinthNotificationsV2Module,
 	labrinth_oauth_internal: LabrinthOAuthInternalModule,
diff --git a/packages/api-client/src/modules/labrinth/attribution/internal.ts b/packages/api-client/src/modules/labrinth/attribution/internal.ts
new file mode 100644
index 0000000000..36773c77e1
--- /dev/null
+++ b/packages/api-client/src/modules/labrinth/attribution/internal.ts
@@ -0,0 +1,103 @@
+import { AbstractModule } from '../../../core/abstract-module'
+import type { Labrinth } from '../types'
+
+const BASE62_CHARS = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+
+/**
+ * Decode a base62-encoded ID string into a number.
+ * The backend serializes attribution group IDs as base62 strings in responses,
+ * but the assign/update endpoints expect raw integer IDs in their request payloads.
+ */
+function decodeBase62Id(id: string): number {
+	let value = 0
+	for (const char of id) {
+		const digit = BASE62_CHARS.indexOf(char)
+		if (digit < 0) {
+			throw new Error(`Invalid base62 character "${char}" in id "${id}"`)
+		}
+		value = value * 62 + digit
+		if (!Number.isSafeInteger(value)) {
+			throw new Error(`Base62 id "${id}" exceeds safe integer range`)
+		}
+	}
+	return value
+}
+
+export class LabrinthAttributionInternalModule extends AbstractModule {
+	public getModuleID(): string {
+		return 'labrinth_attribution_internal'
+	}
+
+	/**
+	 * List attribution groups for a project
+	 * GET /_internal/attribution/{project_id}
+	 */
+	public async listProjectAttribution(
+		projectId: string,
+	): Promise<Labrinth.Attribution.Internal.AttributionGroup[]> {
+		return this.client.request<Labrinth.Attribution.Internal.AttributionGroup[]>(
+			`/attribution/${projectId}`,
+			{
+				api: 'labrinth',
+				version: 'internal',
+				method: 'GET',
+			},
+		)
+	}
+
+	/**
+	 * Update an attribution group's attribution payload.
+	 * PATCH /_internal/attribution/group/{group_id}
+	 *
+	 * @param groupId - The base62 attribution group id (as returned from listProjectAttribution).
+	 */
+	public async updateGroup(
+		groupId: string,
+		body: Labrinth.Attribution.Internal.UpdateGroupRequest,
+	): Promise<void> {
+		const numericId = decodeBase62Id(groupId)
+		return this.client.request<void>(`/attribution/group/${numericId}`, {
+			api: 'labrinth',
+			version: 'internal',
+			method: 'PATCH',
+			body,
+		})
+	}
+
+	/**
+	 * Reassign a file (by sha1) to another attribution group within the same project.
+	 * POST /_internal/attribution/assign
+	 *
+	 * @param body.target_group_id - The base62 id of the attribution group to assign the file to.
+	 */
+	public async assignFileToGroup(body: {
+		sha1: string
+		target_group_id: string
+		project_id: string
+	}): Promise<void> {
+		const wireBody: Labrinth.Attribution.Internal.AssignRequest = {
+			sha1: body.sha1,
+			target_group_id: decodeBase62Id(body.target_group_id),
+			project_id: body.project_id,
+		}
+		return this.client.request<void>('/attribution/assign', {
+			api: 'labrinth',
+			version: 'internal',
+			method: 'POST',
+			body: wireBody,
+		})
+	}
+
+	/**
+	 * Split a file (by sha1) out of its current attribution group into a new group.
+	 * POST /_internal/attribution/split
+	 */
+	public async splitFile(body: Labrinth.Attribution.Internal.SplitRequest): Promise<void> {
+		return this.client.request<void>('/attribution/split', {
+			api: 'labrinth',
+			version: 'internal',
+			method: 'POST',
+			body,
+		})
+	}
+}
diff --git a/packages/api-client/src/modules/labrinth/external-projects/internal.ts b/packages/api-client/src/modules/labrinth/external-projects/internal.ts
index 4d0e278a02..3f03b9bc83 100644
--- a/packages/api-client/src/modules/labrinth/external-projects/internal.ts
+++ b/packages/api-client/src/modules/labrinth/external-projects/internal.ts
@@ -47,4 +47,18 @@ export class LabrinthExternalProjectsInternalModule extends AbstractModule {
 			},
 		)
 	}
+
+	public async addFile(
+		data: Labrinth.ExternalProjects.Internal.AddFileRequest,
+	): Promise<Labrinth.ExternalProjects.Internal.ExternalProject> {
+		return this.client.request<Labrinth.ExternalProjects.Internal.ExternalProject>(
+			'/moderation/external-license/file',
+			{
+				api: 'labrinth',
+				version: 'internal',
+				method: 'POST',
+				body: data,
+			},
+		)
+	}
 }
diff --git a/packages/api-client/src/modules/labrinth/images/v3.ts b/packages/api-client/src/modules/labrinth/images/v3.ts
new file mode 100644
index 0000000000..7613f0debd
--- /dev/null
+++ b/packages/api-client/src/modules/labrinth/images/v3.ts
@@ -0,0 +1,47 @@
+import { AbstractModule } from '../../../core/abstract-module'
+import type { UploadHandle } from '../../../types/upload'
+import type { Labrinth } from '../types'
+
+function buildImageQueryParams(
+	ext: Labrinth.Images.v3.ImageExtension,
+	target: Labrinth.Images.v3.UploadImageParams,
+): Record<string, string> {
+	const params: Record<string, string> = {
+		ext,
+		context: target.context,
+	}
+	switch (target.context) {
+		case 'project':
+			params.project_id = target.project_id
+			break
+		case 'version':
+			params.version_id = target.version_id
+			break
+		case 'thread_message':
+			params.thread_message_id = target.thread_message_id
+			break
+		case 'report':
+			params.report_id = target.report_id
+			break
+	}
+	return params
+}
+
+export class LabrinthImagesV3Module extends AbstractModule {
+	public getModuleID(): string {
+		return 'labrinth_images_v3'
+	}
+
+	public uploadImage(
+		file: File | Blob,
+		ext: Labrinth.Images.v3.ImageExtension,
+		target: Labrinth.Images.v3.UploadImageParams,
+	): UploadHandle<Labrinth.Images.v3.UploadedImage> {
+		return this.client.upload<Labrinth.Images.v3.UploadedImage>('/image', {
+			api: 'labrinth',
+			version: 3,
+			file,
+			params: buildImageQueryParams(ext, target),
+		})
+	}
+}
diff --git a/packages/api-client/src/modules/labrinth/index.ts b/packages/api-client/src/modules/labrinth/index.ts
index 4bc8e150e1..0c698b1cc3 100644
--- a/packages/api-client/src/modules/labrinth/index.ts
+++ b/packages/api-client/src/modules/labrinth/index.ts
@@ -1,4 +1,5 @@
 export * from './analytics/v3'
+export * from './attribution/internal'
 export * from './auth/internal'
 export * from './auth/v2'
 export * from './billing/internal'
@@ -6,6 +7,7 @@ export * from './collections'
 export * from './external-projects/internal'
 export * from './friends/v3'
 export * from './globals/internal'
+export * from './images/v3'
 export * from './limits/v3'
 export * from './moderation/internal'
 export * from './notifications/v2'
diff --git a/packages/api-client/src/modules/labrinth/moderation/internal.ts b/packages/api-client/src/modules/labrinth/moderation/internal.ts
index 6865ab746a..a03b1ce7fe 100644
--- a/packages/api-client/src/modules/labrinth/moderation/internal.ts
+++ b/packages/api-client/src/modules/labrinth/moderation/internal.ts
@@ -57,4 +57,15 @@ export class LabrinthModerationInternalModule extends AbstractModule {
 			},
 		)
 	}
+
+	public async setProjectJudgements(
+		judgements: Labrinth.Moderation.Internal.ProjectJudgements,
+	): Promise<void> {
+		return this.client.request<void>('/moderation/project', {
+			api: 'labrinth',
+			version: 'internal',
+			method: 'POST',
+			body: judgements,
+		})
+	}
 }
diff --git a/packages/api-client/src/modules/labrinth/types.ts b/packages/api-client/src/modules/labrinth/types.ts
index 7007aff632..95dca046ee 100644
--- a/packages/api-client/src/modules/labrinth/types.ts
+++ b/packages/api-client/src/modules/labrinth/types.ts
@@ -249,6 +249,144 @@ export namespace Labrinth {
 		}
 	}
 
+	export namespace Attribution {
+		export namespace Internal {
+			export type AttributionPermissionKind =
+				| 'license'
+				| 'my_project'
+				| 'special_permissions'
+				| 'globally_allowed'
+				| 'no_permission'
+			export type AttributionResolutionKind = AttributionPermissionKind
+
+			export type AttributionLicense = string | { name: string }
+
+			export type AttributionModerationStatusKind = 'not_allowed' | 'approved' | 'bad_proof'
+
+			export type AttributionModerationStatus = {
+				kind: AttributionModerationStatusKind
+				reason: string
+				moderated_at?: string
+				moderated_by?: string
+			}
+
+			export type AttributionResolutionBase = {
+				notes: string
+				image_urls: string[]
+				moderation_status?: AttributionModerationStatus | null
+				updated_by_moderator: boolean
+			}
+
+			export type AttributionResolution =
+				| (AttributionResolutionBase & {
+						kind: 'license'
+						license: AttributionLicense
+						link_to_work: string
+				  })
+				| (AttributionResolutionBase & {
+						kind: 'my_project'
+						license: AttributionLicense
+				  })
+				| (AttributionResolutionBase & {
+						kind: 'special_permissions'
+						link_to_work: string
+				  })
+				| (AttributionResolutionBase & {
+						kind: 'globally_allowed'
+						link_to_work: string
+				  })
+				| (AttributionResolutionBase & {
+						kind: 'no_permission'
+						link_to_work?: string
+				  })
+
+			export type FlameProject = {
+				id: number
+				title: string
+				url: string
+				icon_url: string
+			}
+
+			export type AttributionFile = {
+				name: string
+				sha1: string
+				versions: string[]
+				moderation_external_license_id?: number
+				moderation_external_license?: ExternalProjects.Internal.ExternalProject
+			}
+
+			export type AttributionVersionInfo = {
+				id: string
+				name: string
+				version_number: string
+				date_created: string
+			}
+
+			export type AttributionGroup = {
+				id: string
+				flame_project: FlameProject | null
+				attribution: AttributionResolution | null
+				attributed_at: string | null
+				attributed_by: string | null
+				files: AttributionFile[]
+				versions: AttributionVersionInfo[]
+			}
+
+			export type UpdateGroupRequest = {
+				attribution: AttributionResolution
+			}
+
+			export type AssignRequest = {
+				sha1: string
+				target_group_id: number
+				project_id: string
+			}
+
+			export type SplitRequest = {
+				sha1: string
+				project_id: string
+			}
+		}
+	}
+
+	export namespace Images {
+		export namespace v3 {
+			/** Extensions accepted by POST /v3/image (Labrinth image pipeline). */
+			export type ImageExtension = 'bmp' | 'gif' | 'jpeg' | 'jpg' | 'png' | 'webp'
+
+			/** `context` query values accepted by POST /v3/image. */
+			export type ImageUploadContext = 'project' | 'version' | 'thread_message' | 'report'
+
+			export type UploadedImage = {
+				id: string
+				url: string
+				size: number
+				created: string
+				owner_id: string
+			} & (
+				| { context: 'project'; project_id: string }
+				| { context: 'version'; version_id: string }
+				| { context: 'thread_message'; thread_message_id: string }
+				| { context: 'report'; report_id: string }
+			)
+
+			export type UploadedImageFor<C extends ImageUploadContext> = Extract<
+				UploadedImage,
+				{ context: C }
+			>
+
+			/**
+			 * Target for POST /v3/image (per-context id query params, plus `context`).
+			 * `ext` is passed as a separate argument on the client module.
+			 */
+			export type UploadImageParams =
+				| { context: 'project'; project_id: string }
+				| { context: 'version'; version_id: string }
+				| { context: 'thread_message'; thread_message_id: string }
+				| { context: 'report'; report_id: string }
+		}
+	}
+
 	export namespace Analytics {
 		export namespace v3 {
 			export type AnalyticsEventId = number
@@ -1147,11 +1285,47 @@ export namespace Labrinth {
 
 		// TODO: consolidate duplicated types between v2 and v3 versions
 		export namespace v3 {
+			export type FlameProject = {
+				id: number
+				title: string
+				url: string
+				icon_url: string
+			}
+
+			export type DependencyAttribution = {
+				flame_project?: FlameProject
+				resolution?: DependencyAttributionResolution
+			}
+
+			export type DependencyAttributionResolution =
+				| {
+						kind: 'license'
+						license: Labrinth.Attribution.Internal.AttributionLicense
+						link_to_work: string
+				  }
+				| {
+						kind: 'globally_allowed'
+						link_to_work: string
+				  }
+				| {
+						kind: 'my_project'
+						license: Labrinth.Attribution.Internal.AttributionLicense
+				  }
+				| {
+						kind: 'special_permissions'
+						link_to_work: string
+				  }
+				| {
+						kind: 'no_permission'
+						link_to_work?: string
+				  }
+
 			export interface Dependency {
 				dependency_type: Labrinth.Versions.v2.DependencyType
 				project_id?: string
 				file_name?: string
 				version_id?: string
+				attribution?: DependencyAttribution
 			}
 
 			export interface GetProjectVersionsParams {
@@ -1174,12 +1348,12 @@ export namespace Labrinth {
 				| 'signature'
 				| 'unknown'
 
-			export interface VersionFileHash {
-				sha512: string
-				sha1: string
+			export type FileHashType = 'sha512' | 'sha1'
+			export type VersionFileHash = {
+				[key in FileHashType]: string
 			}
 
-			interface VersionFile {
+			export interface VersionFile {
 				hashes: VersionFileHash
 				url: string
 				filename: string
@@ -1211,6 +1385,7 @@ export namespace Labrinth {
 				date_published: string
 				downloads: number
 				files: VersionFile[]
+				files_missing_attribution?: string[]
 				environment?: Labrinth.Projects.v3.Environment
 				mrpack_loaders?: string[]
 
@@ -1658,6 +1833,28 @@ export namespace Labrinth {
 			export type ReleaseLockResponse = {
 				success: boolean
 			}
+
+			export type ProjectJudgementStatus = ExternalProjects.Internal.ExternalLicenseStatus
+
+			export type FlameJudgement = {
+				type: 'flame'
+				id: number
+				status: ProjectJudgementStatus
+				link: string
+				title: string
+			}
+
+			export type UnknownJudgement = {
+				type: 'unknown'
+				status: ProjectJudgementStatus
+				proof?: string
+				link?: string
+				title?: string
+			}
+
+			export type ProjectJudgement = FlameJudgement | UnknownJudgement
+
+			export type ProjectJudgements = Record<string, ProjectJudgement>
 		}
 	}
 
@@ -1819,7 +2016,7 @@ export namespace Labrinth {
 				inserted_by: number | null
 				updated_at: string | null
 				updated_by: number | null
-				linked_files: LinkedFile[]
+				linked_files?: LinkedFile[]
 			}
 
 			export type SearchRequest = {
@@ -1835,6 +2032,11 @@ export namespace Labrinth {
 				proof?: string
 				flame_project_id?: number
 			}
+
+			export type AddFileRequest = {
+				hashes: string[]
+				license_id: number
+			}
 		}
 	}
 
diff --git a/packages/assets/generated-icons.ts b/packages/assets/generated-icons.ts
index 17c0b991ee..b8143dafd6 100644
--- a/packages/assets/generated-icons.ts
+++ b/packages/assets/generated-icons.ts
@@ -11,8 +11,10 @@ import _ArchiveIcon from './icons/archive.svg?component'
 import _ArrowBigRightDashIcon from './icons/arrow-big-right-dash.svg?component'
 import _ArrowBigUpDashIcon from './icons/arrow-big-up-dash.svg?component'
 import _ArrowDownIcon from './icons/arrow-down.svg?component'
+import _ArrowDown10Icon from './icons/arrow-down-1-0.svg?component'
 import _ArrowDownAZIcon from './icons/arrow-down-a-z.svg?component'
 import _ArrowDownLeftIcon from './icons/arrow-down-left.svg?component'
+import _ArrowDownWideNarrowIcon from './icons/arrow-down-wide-narrow.svg?component'
 import _ArrowDownZAIcon from './icons/arrow-down-z-a.svg?component'
 import _ArrowLeftIcon from './icons/arrow-left.svg?component'
 import _ArrowLeftRightIcon from './icons/arrow-left-right.svg?component'
@@ -78,6 +80,7 @@ import _ChevronRightIcon from './icons/chevron-right.svg?component'
 import _ChevronUpIcon from './icons/chevron-up.svg?component'
 import _CircleAlertIcon from './icons/circle-alert.svg?component'
 import _CircleArrowRightIcon from './icons/circle-arrow-right.svg?component'
+import _CircleDashedIcon from './icons/circle-dashed.svg?component'
 import _CircleUserIcon from './icons/circle-user.svg?component'
 import _ClearIcon from './icons/clear.svg?component'
 import _ClientIcon from './icons/client.svg?component'
@@ -120,6 +123,7 @@ import _FilePlusIcon from './icons/file-plus.svg?component'
 import _FileTextIcon from './icons/file-text.svg?component'
 import _FilterIcon from './icons/filter.svg?component'
 import _FilterXIcon from './icons/filter-x.svg?component'
+import _FoldVerticalIcon from './icons/fold-vertical.svg?component'
 import _FolderIcon from './icons/folder.svg?component'
 import _FolderArchiveIcon from './icons/folder-archive.svg?component'
 import _FolderCogIcon from './icons/folder-cog.svg?component'
@@ -203,6 +207,7 @@ import _PackageOpenIcon from './icons/package-open.svg?component'
 import _PackagePlusIcon from './icons/package-plus.svg?component'
 import _PaintbrushIcon from './icons/paintbrush.svg?component'
 import _PaletteIcon from './icons/palette.svg?component'
+import _PauseIcon from './icons/pause.svg?component'
 import _PencilIcon from './icons/pencil.svg?component'
 import _PickaxeIcon from './icons/pickaxe.svg?component'
 import _PinIcon from './icons/pin.svg?component'
@@ -246,6 +251,7 @@ import _SortAscIcon from './icons/sort-asc.svg?component'
 import _SortDescIcon from './icons/sort-desc.svg?component'
 import _SparklesIcon from './icons/sparkles.svg?component'
 import _SpinnerIcon from './icons/spinner.svg?component'
+import _SplitIcon from './icons/split.svg?component'
 import _StarIcon from './icons/star.svg?component'
 import _StopCircleIcon from './icons/stop-circle.svg?component'
 import _StoreIcon from './icons/store.svg?component'
@@ -403,6 +409,7 @@ import _TriangleAlertIcon from './icons/triangle-alert.svg?component'
 import _UnderlineIcon from './icons/underline.svg?component'
 import _UndoIcon from './icons/undo.svg?component'
 import _UnfoldHorizontalIcon from './icons/unfold-horizontal.svg?component'
+import _UnfoldVerticalIcon from './icons/unfold-vertical.svg?component'
 import _UnknownIcon from './icons/unknown.svg?component'
 import _UnknownDonationIcon from './icons/unknown-donation.svg?component'
 import _UnlinkIcon from './icons/unlink.svg?component'
@@ -434,8 +441,10 @@ export const ArchiveIcon = _ArchiveIcon
 export const ArrowBigRightDashIcon = _ArrowBigRightDashIcon
 export const ArrowBigUpDashIcon = _ArrowBigUpDashIcon
 export const ArrowDownIcon = _ArrowDownIcon
+export const ArrowDown10Icon = _ArrowDown10Icon
 export const ArrowDownAZIcon = _ArrowDownAZIcon
 export const ArrowDownLeftIcon = _ArrowDownLeftIcon
+export const ArrowDownWideNarrowIcon = _ArrowDownWideNarrowIcon
 export const ArrowDownZAIcon = _ArrowDownZAIcon
 export const ArrowLeftIcon = _ArrowLeftIcon
 export const ArrowLeftRightIcon = _ArrowLeftRightIcon
@@ -501,6 +510,7 @@ export const ChevronRightIcon = _ChevronRightIcon
 export const ChevronUpIcon = _ChevronUpIcon
 export const CircleAlertIcon = _CircleAlertIcon
 export const CircleArrowRightIcon = _CircleArrowRightIcon
+export const CircleDashedIcon = _CircleDashedIcon
 export const CircleUserIcon = _CircleUserIcon
 export const ClearIcon = _ClearIcon
 export const ClientIcon = _ClientIcon
@@ -543,6 +553,7 @@ export const FilePlusIcon = _FilePlusIcon
 export const FileTextIcon = _FileTextIcon
 export const FilterIcon = _FilterIcon
 export const FilterXIcon = _FilterXIcon
+export const FoldVerticalIcon = _FoldVerticalIcon
 export const FolderIcon = _FolderIcon
 export const FolderArchiveIcon = _FolderArchiveIcon
 export const FolderCogIcon = _FolderCogIcon
@@ -626,6 +637,7 @@ export const PackageOpenIcon = _PackageOpenIcon
 export const PackagePlusIcon = _PackagePlusIcon
 export const PaintbrushIcon = _PaintbrushIcon
 export const PaletteIcon = _PaletteIcon
+export const PauseIcon = _PauseIcon
 export const PencilIcon = _PencilIcon
 export const PickaxeIcon = _PickaxeIcon
 export const PinIcon = _PinIcon
@@ -669,6 +681,7 @@ export const SortAscIcon = _SortAscIcon
 export const SortDescIcon = _SortDescIcon
 export const SparklesIcon = _SparklesIcon
 export const SpinnerIcon = _SpinnerIcon
+export const SplitIcon = _SplitIcon
 export const StarIcon = _StarIcon
 export const StopCircleIcon = _StopCircleIcon
 export const StoreIcon = _StoreIcon
@@ -826,6 +839,7 @@ export const TriangleAlertIcon = _TriangleAlertIcon
 export const UnderlineIcon = _UnderlineIcon
 export const UndoIcon = _UndoIcon
 export const UnfoldHorizontalIcon = _UnfoldHorizontalIcon
+export const UnfoldVerticalIcon = _UnfoldVerticalIcon
 export const UnknownIcon = _UnknownIcon
 export const UnknownDonationIcon = _UnknownDonationIcon
 export const UnlinkIcon = _UnlinkIcon
diff --git a/packages/assets/icons/arrow-down-1-0.svg b/packages/assets/icons/arrow-down-1-0.svg
new file mode 100644
index 0000000000..fe60477bd4
--- /dev/null
+++ b/packages/assets/icons/arrow-down-1-0.svg
@@ -0,0 +1,19 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-arrow-down-1-0"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <path d="m3 16 4 4 4-4" />
+  <path d="M7 20V4" />
+  <path d="M17 10V4h-2" />
+  <path d="M15 10h4" />
+  <rect x="15" y="14" width="4" height="6" ry="2" />
+</svg>
diff --git a/packages/assets/icons/arrow-down-wide-narrow.svg b/packages/assets/icons/arrow-down-wide-narrow.svg
new file mode 100644
index 0000000000..b65dc828d5
--- /dev/null
+++ b/packages/assets/icons/arrow-down-wide-narrow.svg
@@ -0,0 +1,19 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-arrow-down-wide-narrow"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <path d="m3 16 4 4 4-4" />
+  <path d="M7 20V4" />
+  <path d="M11 4h10" />
+  <path d="M11 8h7" />
+  <path d="M11 12h4" />
+</svg>
diff --git a/packages/assets/icons/circle-dashed.svg b/packages/assets/icons/circle-dashed.svg
new file mode 100644
index 0000000000..f06ebeda6a
--- /dev/null
+++ b/packages/assets/icons/circle-dashed.svg
@@ -0,0 +1,22 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-circle-dashed"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <path d="M10.1 2.182a10 10 0 0 1 3.8 0" />
+  <path d="M13.9 21.818a10 10 0 0 1-3.8 0" />
+  <path d="M17.609 3.721a10 10 0 0 1 2.69 2.7" />
+  <path d="M2.182 13.9a10 10 0 0 1 0-3.8" />
+  <path d="M20.279 17.609a10 10 0 0 1-2.7 2.69" />
+  <path d="M21.818 10.1a10 10 0 0 1 0 3.8" />
+  <path d="M3.721 6.391a10 10 0 0 1 2.7-2.69" />
+  <path d="M6.391 20.279a10 10 0 0 1-2.69-2.7" />
+</svg>
diff --git a/packages/assets/icons/fold-vertical.svg b/packages/assets/icons/fold-vertical.svg
new file mode 100644
index 0000000000..9d8f1bc552
--- /dev/null
+++ b/packages/assets/icons/fold-vertical.svg
@@ -0,0 +1,22 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-fold-vertical"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <path d="M12 22v-6" />
+  <path d="M12 8V2" />
+  <path d="M4 12H2" />
+  <path d="M10 12H8" />
+  <path d="M16 12h-2" />
+  <path d="M22 12h-2" />
+  <path d="m15 19-3-3-3 3" />
+  <path d="m15 5-3 3-3-3" />
+</svg>
diff --git a/packages/assets/icons/pause.svg b/packages/assets/icons/pause.svg
new file mode 100644
index 0000000000..e00dc81d41
--- /dev/null
+++ b/packages/assets/icons/pause.svg
@@ -0,0 +1,16 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-pause"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <rect x="14" y="3" width="5" height="18" rx="1" />
+  <rect x="5" y="3" width="5" height="18" rx="1" />
+</svg>
diff --git a/packages/assets/icons/split.svg b/packages/assets/icons/split.svg
new file mode 100644
index 0000000000..432fc358df
--- /dev/null
+++ b/packages/assets/icons/split.svg
@@ -0,0 +1,18 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-split"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <path d="M16 3h5v5" />
+  <path d="M8 3H3v5" />
+  <path d="M12 22v-8.3a4 4 0 0 0-1.172-2.872L3 3" />
+  <path d="m15 9 6-6" />
+</svg>
diff --git a/packages/assets/icons/unfold-vertical.svg b/packages/assets/icons/unfold-vertical.svg
new file mode 100644
index 0000000000..0c5e2feb97
--- /dev/null
+++ b/packages/assets/icons/unfold-vertical.svg
@@ -0,0 +1,22 @@
+<!-- @license lucide-static v0.562.0 - ISC -->
+<svg
+  class="lucide lucide-unfold-vertical"
+  xmlns="http://www.w3.org/2000/svg"
+  width="24"
+  height="24"
+  viewBox="0 0 24 24"
+  fill="none"
+  stroke="currentColor"
+  stroke-width="2"
+  stroke-linecap="round"
+  stroke-linejoin="round"
+>
+  <path d="M12 22v-6" />
+  <path d="M12 8V2" />
+  <path d="M4 12H2" />
+  <path d="M10 12H8" />
+  <path d="M16 12h-2" />
+  <path d="M22 12h-2" />
+  <path d="m15 19-3 3-3-3" />
+  <path d="m15 5-3-3-3 3" />
+</svg>
diff --git a/packages/moderation/src/data/attribution-quick-replies.ts b/packages/moderation/src/data/attribution-quick-replies.ts
new file mode 100644
index 0000000000..edbbca7bcb
--- /dev/null
+++ b/packages/moderation/src/data/attribution-quick-replies.ts
@@ -0,0 +1,59 @@
+import type { QuickReply } from '../types/quick-reply'
+
+export default [
+	{
+		label: '✅ Corrections Applied',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/corrections-applied.md?raw'))
+				.default,
+		private: false,
+	},
+	{
+		label: '🚫 Bad Proofs',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/illegitimate-evidence.md?raw'))
+				.default,
+		private: false,
+	},
+	{
+		label: '⛔ Inaccessible Proofs',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/inaccessible-evidence.md?raw'))
+				.default,
+		private: false,
+	},
+	{
+		label: '🌐 Not Permission to Distribute',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/but-its-online.md?raw'))
+				.default,
+		private: false,
+	},
+	{
+		label: '🍴 Forks',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/forks.md?raw')).default,
+		private: false,
+	},
+	{
+		label: '💲 Premium Content',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/premium-content.md?raw'))
+				.default,
+		private: false,
+	},
+	{
+		label: '⚖️ Prohibited Content',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/prohibited-content.md?raw'))
+				.default,
+		private: false,
+	},
+	{
+		label: '🧑‍💻 Cheats and Hacks',
+		message: async () =>
+			(await import('./messages/quick-replies/externals-permissions/cheats-and-hacks.md?raw'))
+				.default,
+		private: false,
+	},
+] as ReadonlyArray<QuickReply>
diff --git a/packages/moderation/src/data/checklist.ts b/packages/moderation/src/data/checklist.ts
index 69cd061a54..8b8bb5d689 100644
--- a/packages/moderation/src/data/checklist.ts
+++ b/packages/moderation/src/data/checklist.ts
@@ -1,5 +1,4 @@
 import type { Stage } from '../types/stage'
-import modpackPermissionsStage from './modpack-permissions-stage'
 import categories from './stages/categories'
 import description from './stages/description'
 import environment from './stages/environment/environment'
@@ -7,6 +6,7 @@ import environmentMultiple from './stages/environment/environment-multiple'
 import gallery from './stages/gallery'
 import license from './stages/license'
 import links from './stages/links'
+import permissions from './stages/permissions'
 import postApproval from './stages/post-approval'
 import reupload from './stages/reupload'
 import ruleFollowing from './stages/rule-following'
@@ -28,8 +28,8 @@ export default [
 	gallery,
 	versions,
 	reupload,
+	permissions,
 	ruleFollowing,
-	modpackPermissionsStage,
 	statusAlerts,
 	undefinedProject,
 	postApproval,
diff --git a/packages/moderation/src/data/messages/categories/inaccurate.md b/packages/moderation/src/data/messages/checklist-messages/categories/inaccurate.md
similarity index 100%
rename from packages/moderation/src/data/messages/categories/inaccurate.md
rename to packages/moderation/src/data/messages/checklist-messages/categories/inaccurate.md
diff --git a/packages/moderation/src/data/messages/categories/optimization_misused.md b/packages/moderation/src/data/messages/checklist-messages/categories/optimization_misused.md
similarity index 100%
rename from packages/moderation/src/data/messages/categories/optimization_misused.md
rename to packages/moderation/src/data/messages/checklist-messages/categories/optimization_misused.md
diff --git a/packages/moderation/src/data/messages/categories/resolutions_misused.md b/packages/moderation/src/data/messages/checklist-messages/categories/resolutions_misused.md
similarity index 100%
rename from packages/moderation/src/data/messages/categories/resolutions_misused.md
rename to packages/moderation/src/data/messages/checklist-messages/categories/resolutions_misused.md
diff --git a/packages/moderation/src/data/messages/description/accessability/headers-as-body.md b/packages/moderation/src/data/messages/checklist-messages/description/accessability/headers-as-body.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/accessability/headers-as-body.md
rename to packages/moderation/src/data/messages/checklist-messages/description/accessability/headers-as-body.md
diff --git a/packages/moderation/src/data/messages/description/accessability/image-only.md b/packages/moderation/src/data/messages/checklist-messages/description/accessability/image-only.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/accessability/image-only.md
rename to packages/moderation/src/data/messages/checklist-messages/description/accessability/image-only.md
diff --git a/packages/moderation/src/data/messages/description/accessability/non-english/non-english-server.md b/packages/moderation/src/data/messages/checklist-messages/description/accessability/non-english/non-english-server.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/accessability/non-english/non-english-server.md
rename to packages/moderation/src/data/messages/checklist-messages/description/accessability/non-english/non-english-server.md
diff --git a/packages/moderation/src/data/messages/description/accessability/non-english/non-english.md b/packages/moderation/src/data/messages/checklist-messages/description/accessability/non-english/non-english.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/accessability/non-english/non-english.md
rename to packages/moderation/src/data/messages/checklist-messages/description/accessability/non-english/non-english.md
diff --git a/packages/moderation/src/data/messages/description/accessability/non-standard-text.md b/packages/moderation/src/data/messages/checklist-messages/description/accessability/non-standard-text.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/accessability/non-standard-text.md
rename to packages/moderation/src/data/messages/checklist-messages/description/accessability/non-standard-text.md
diff --git a/packages/moderation/src/data/messages/description/clarity.md b/packages/moderation/src/data/messages/checklist-messages/description/clarity.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/clarity.md
rename to packages/moderation/src/data/messages/checklist-messages/description/clarity.md
diff --git a/packages/moderation/src/data/messages/description/insufficient/insufficient-packs.md b/packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient-packs.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/insufficient/insufficient-packs.md
rename to packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient-packs.md
diff --git a/packages/moderation/src/data/messages/description/insufficient/insufficient-projects.md b/packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient-projects.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/insufficient/insufficient-projects.md
rename to packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient-projects.md
diff --git a/packages/moderation/src/data/messages/description/insufficient/insufficient-servers.md b/packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient-servers.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/insufficient/insufficient-servers.md
rename to packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient-servers.md
diff --git a/packages/moderation/src/data/messages/description/insufficient/insufficient.md b/packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/insufficient/insufficient.md
rename to packages/moderation/src/data/messages/checklist-messages/description/insufficient/insufficient.md
diff --git a/packages/moderation/src/data/messages/description/unfinished.md b/packages/moderation/src/data/messages/checklist-messages/description/unfinished.md
similarity index 100%
rename from packages/moderation/src/data/messages/description/unfinished.md
rename to packages/moderation/src/data/messages/checklist-messages/description/unfinished.md
diff --git a/packages/moderation/src/data/messages/environment/inaccurate.md b/packages/moderation/src/data/messages/checklist-messages/environment/inaccurate.md
similarity index 100%
rename from packages/moderation/src/data/messages/environment/inaccurate.md
rename to packages/moderation/src/data/messages/checklist-messages/environment/inaccurate.md
diff --git a/packages/moderation/src/data/messages/checklist-messages/externals-permissions/invalid.md b/packages/moderation/src/data/messages/checklist-messages/externals-permissions/invalid.md
new file mode 100644
index 0000000000..15e87e7623
--- /dev/null
+++ b/packages/moderation/src/data/messages/checklist-messages/externals-permissions/invalid.md
@@ -0,0 +1,4 @@
+## Proof of Permissions
+
+You may not have the necessary rights or permissions to distribute some of the external content included in your Modpack. </br>
+Per section 4 of %RULES%, we ask that you please complete all steps and address all notes left by moderators if any in your project's %PROJECT_PERMISSIONS_FLINK%.
diff --git a/packages/moderation/src/data/messages/checklist-messages/externals-permissions/missing.md b/packages/moderation/src/data/messages/checklist-messages/externals-permissions/missing.md
new file mode 100644
index 0000000000..9dc97b32b5
--- /dev/null
+++ b/packages/moderation/src/data/messages/checklist-messages/externals-permissions/missing.md
@@ -0,0 +1,3 @@
+## Permissions Incomplete
+
+Per section 4 of %RULES%, we ask that you complete all steps requested in your project's %PROJECT_PERMISSIONS_FLINK%.
diff --git a/packages/moderation/src/data/messages/checklist-messages/externals-permissions/prohibited.md b/packages/moderation/src/data/messages/checklist-messages/externals-permissions/prohibited.md
new file mode 100644
index 0000000000..1d62230ff8
--- /dev/null
+++ b/packages/moderation/src/data/messages/checklist-messages/externals-permissions/prohibited.md
@@ -0,0 +1,6 @@
+## Prohibited External Content
+
+Some external content in your mod was found to be prohibited.</br>
+This means you cannot include these files in your Modpack on Modrinth, likely because it violates one of %RULES%.
+
+Please view your project's %PROJECT_PERMISSIONS_FLINK% for a list of what content must be removed from your pack before distribution on Modrinth.
diff --git a/packages/moderation/src/data/messages/gallery/insufficient.md b/packages/moderation/src/data/messages/checklist-messages/gallery/insufficient.md
similarity index 100%
rename from packages/moderation/src/data/messages/gallery/insufficient.md
rename to packages/moderation/src/data/messages/checklist-messages/gallery/insufficient.md
diff --git a/packages/moderation/src/data/messages/gallery/not-relevant.md b/packages/moderation/src/data/messages/checklist-messages/gallery/not-relevant.md
similarity index 100%
rename from packages/moderation/src/data/messages/gallery/not-relevant.md
rename to packages/moderation/src/data/messages/checklist-messages/gallery/not-relevant.md
diff --git a/packages/moderation/src/data/messages/license/invalid_link-custom_license.md b/packages/moderation/src/data/messages/checklist-messages/license/invalid_link-custom_license.md
similarity index 100%
rename from packages/moderation/src/data/messages/license/invalid_link-custom_license.md
rename to packages/moderation/src/data/messages/checklist-messages/license/invalid_link-custom_license.md
diff --git a/packages/moderation/src/data/messages/license/invalid_link.md b/packages/moderation/src/data/messages/checklist-messages/license/invalid_link.md
similarity index 100%
rename from packages/moderation/src/data/messages/license/invalid_link.md
rename to packages/moderation/src/data/messages/checklist-messages/license/invalid_link.md
diff --git a/packages/moderation/src/data/messages/license/no_source-fork.md b/packages/moderation/src/data/messages/checklist-messages/license/no_source-fork.md
similarity index 100%
rename from packages/moderation/src/data/messages/license/no_source-fork.md
rename to packages/moderation/src/data/messages/checklist-messages/license/no_source-fork.md
diff --git a/packages/moderation/src/data/messages/license/no_source.md b/packages/moderation/src/data/messages/checklist-messages/license/no_source.md
similarity index 100%
rename from packages/moderation/src/data/messages/license/no_source.md
rename to packages/moderation/src/data/messages/checklist-messages/license/no_source.md
diff --git a/packages/moderation/src/data/messages/links/misused.md b/packages/moderation/src/data/messages/checklist-messages/links/misused.md
similarity index 100%
rename from packages/moderation/src/data/messages/links/misused.md
rename to packages/moderation/src/data/messages/checklist-messages/links/misused.md
diff --git a/packages/moderation/src/data/messages/links/not_accessible-discord.md b/packages/moderation/src/data/messages/checklist-messages/links/not_accessible-discord.md
similarity index 100%
rename from packages/moderation/src/data/messages/links/not_accessible-discord.md
rename to packages/moderation/src/data/messages/checklist-messages/links/not_accessible-discord.md
diff --git a/packages/moderation/src/data/messages/links/not_accessible-source.md b/packages/moderation/src/data/messages/checklist-messages/links/not_accessible-source.md
similarity index 100%
rename from packages/moderation/src/data/messages/links/not_accessible-source.md
rename to packages/moderation/src/data/messages/checklist-messages/links/not_accessible-source.md
diff --git a/packages/moderation/src/data/messages/links/not_accessible.md b/packages/moderation/src/data/messages/checklist-messages/links/not_accessible.md
similarity index 100%
rename from packages/moderation/src/data/messages/links/not_accessible.md
rename to packages/moderation/src/data/messages/checklist-messages/links/not_accessible.md
diff --git a/packages/moderation/src/data/messages/misc-metadata/dependencies.md b/packages/moderation/src/data/messages/checklist-messages/misc-metadata/dependencies.md
similarity index 100%
rename from packages/moderation/src/data/messages/misc-metadata/dependencies.md
rename to packages/moderation/src/data/messages/checklist-messages/misc-metadata/dependencies.md
diff --git a/packages/moderation/src/data/messages/misc-metadata/excessive_languages-server.md b/packages/moderation/src/data/messages/checklist-messages/misc-metadata/excessive_languages-server.md
similarity index 100%
rename from packages/moderation/src/data/messages/misc-metadata/excessive_languages-server.md
rename to packages/moderation/src/data/messages/checklist-messages/misc-metadata/excessive_languages-server.md
diff --git a/packages/moderation/src/data/messages/misc-metadata/inconsistent-license.md b/packages/moderation/src/data/messages/checklist-messages/misc-metadata/inconsistent-license.md
similarity index 100%
rename from packages/moderation/src/data/messages/misc-metadata/inconsistent-license.md
rename to packages/moderation/src/data/messages/checklist-messages/misc-metadata/inconsistent-license.md
diff --git a/packages/moderation/src/data/messages/misc-metadata/loaders.md b/packages/moderation/src/data/messages/checklist-messages/misc-metadata/loaders.md
similarity index 100%
rename from packages/moderation/src/data/messages/misc-metadata/loaders.md
rename to packages/moderation/src/data/messages/checklist-messages/misc-metadata/loaders.md
diff --git a/packages/moderation/src/data/messages/misc-metadata/mc-versions.md b/packages/moderation/src/data/messages/checklist-messages/misc-metadata/mc-versions.md
similarity index 100%
rename from packages/moderation/src/data/messages/misc-metadata/mc-versions.md
rename to packages/moderation/src/data/messages/checklist-messages/misc-metadata/mc-versions.md
diff --git a/packages/moderation/src/data/messages/paid-access-server.md b/packages/moderation/src/data/messages/checklist-messages/paid-access-server.md
similarity index 100%
rename from packages/moderation/src/data/messages/paid-access-server.md
rename to packages/moderation/src/data/messages/checklist-messages/paid-access-server.md
diff --git a/packages/moderation/src/data/messages/post-approval/issue-warning.md b/packages/moderation/src/data/messages/checklist-messages/post-approval/issue-warning.md
similarity index 100%
rename from packages/moderation/src/data/messages/post-approval/issue-warning.md
rename to packages/moderation/src/data/messages/checklist-messages/post-approval/issue-warning.md
diff --git a/packages/moderation/src/data/messages/post-approval/metadata-issue.md b/packages/moderation/src/data/messages/checklist-messages/post-approval/metadata-issue.md
similarity index 100%
rename from packages/moderation/src/data/messages/post-approval/metadata-issue.md
rename to packages/moderation/src/data/messages/checklist-messages/post-approval/metadata-issue.md
diff --git a/packages/moderation/src/data/messages/post-approval/missed-deadline.md b/packages/moderation/src/data/messages/checklist-messages/post-approval/missed-deadline.md
similarity index 100%
rename from packages/moderation/src/data/messages/post-approval/missed-deadline.md
rename to packages/moderation/src/data/messages/checklist-messages/post-approval/missed-deadline.md
diff --git a/packages/moderation/src/data/messages/reupload/custom_server/custom_server_overrides-prohibited.md b/packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_overrides-prohibited.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/custom_server/custom_server_overrides-prohibited.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_overrides-prohibited.md
diff --git a/packages/moderation/src/data/messages/reupload/custom_server/custom_server_overrides-verification-list.md b/packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_overrides-verification-list.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/custom_server/custom_server_overrides-verification-list.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_overrides-verification-list.md
diff --git a/packages/moderation/src/data/messages/reupload/custom_server/custom_server_overrides-verification.md b/packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_overrides-verification.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/custom_server/custom_server_overrides-verification.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_overrides-verification.md
diff --git a/packages/moderation/src/data/messages/reupload/custom_server/custom_server_permissions.md b/packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_permissions.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/custom_server/custom_server_permissions.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/custom_server/custom_server_permissions.md
diff --git a/packages/moderation/src/data/messages/reupload/fork.md b/packages/moderation/src/data/messages/checklist-messages/reupload/fork.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/fork.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/fork.md
diff --git a/packages/moderation/src/data/messages/reupload/identity-verification/identity_verification-server.md b/packages/moderation/src/data/messages/checklist-messages/reupload/identity-verification/identity_verification-server.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/identity-verification/identity_verification-server.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/identity-verification/identity_verification-server.md
diff --git a/packages/moderation/src/data/messages/reupload/identity-verification/identity_verification.md b/packages/moderation/src/data/messages/checklist-messages/reupload/identity-verification/identity_verification.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/identity-verification/identity_verification.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/identity-verification/identity_verification.md
diff --git a/packages/moderation/src/data/messages/reupload/insufficient_fork.md b/packages/moderation/src/data/messages/checklist-messages/reupload/insufficient_fork.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/insufficient_fork.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/insufficient_fork.md
diff --git a/packages/moderation/src/data/messages/reupload/proof_of_permissions.md b/packages/moderation/src/data/messages/checklist-messages/reupload/proof_of_permissions.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/proof_of_permissions.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/proof_of_permissions.md
diff --git a/packages/moderation/src/data/messages/reupload/reupload.md b/packages/moderation/src/data/messages/checklist-messages/reupload/reupload.md
similarity index 100%
rename from packages/moderation/src/data/messages/reupload/reupload.md
rename to packages/moderation/src/data/messages/checklist-messages/reupload/reupload.md
diff --git a/packages/moderation/src/data/messages/rule-breaking.md b/packages/moderation/src/data/messages/checklist-messages/rule-breaking.md
similarity index 100%
rename from packages/moderation/src/data/messages/rule-breaking.md
rename to packages/moderation/src/data/messages/checklist-messages/rule-breaking.md
diff --git a/packages/moderation/src/data/messages/slug/misused.md b/packages/moderation/src/data/messages/checklist-messages/slug/misused.md
similarity index 100%
rename from packages/moderation/src/data/messages/slug/misused.md
rename to packages/moderation/src/data/messages/checklist-messages/slug/misused.md
diff --git a/packages/moderation/src/data/messages/status-alerts/account_issues.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/account_issues.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/account_issues.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/account_issues.md
diff --git a/packages/moderation/src/data/messages/status-alerts/automod_confusion.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/automod_confusion.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/automod_confusion.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/automod_confusion.md
diff --git a/packages/moderation/src/data/messages/status-alerts/fixed-approved.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/fixed-approved.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/fixed-approved.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/fixed-approved.md
diff --git a/packages/moderation/src/data/messages/status-alerts/fixed.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/fixed.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/fixed.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/fixed.md
diff --git a/packages/moderation/src/data/messages/status-alerts/private/private-server.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/private/private-server.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/private/private-server.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/private/private-server.md
diff --git a/packages/moderation/src/data/messages/status-alerts/private/private.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/private/private.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/private/private.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/private/private.md
diff --git a/packages/moderation/src/data/messages/status-alerts/serverpack.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/serverpack.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/serverpack.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/serverpack.md
diff --git a/packages/moderation/src/data/messages/status-alerts/tec/source_request-bins.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/tec/source_request-bins.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/tec/source_request-bins.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/tec/source_request-bins.md
diff --git a/packages/moderation/src/data/messages/status-alerts/tec/source_request-obfs.md b/packages/moderation/src/data/messages/checklist-messages/status-alerts/tec/source_request-obfs.md
similarity index 100%
rename from packages/moderation/src/data/messages/status-alerts/tec/source_request-obfs.md
rename to packages/moderation/src/data/messages/checklist-messages/status-alerts/tec/source_request-obfs.md
diff --git a/packages/moderation/src/data/messages/summary/formatting.md b/packages/moderation/src/data/messages/checklist-messages/summary/formatting.md
similarity index 100%
rename from packages/moderation/src/data/messages/summary/formatting.md
rename to packages/moderation/src/data/messages/checklist-messages/summary/formatting.md
diff --git a/packages/moderation/src/data/messages/summary/insufficient.md b/packages/moderation/src/data/messages/checklist-messages/summary/insufficient.md
similarity index 100%
rename from packages/moderation/src/data/messages/summary/insufficient.md
rename to packages/moderation/src/data/messages/checklist-messages/summary/insufficient.md
diff --git a/packages/moderation/src/data/messages/summary/non-english.md b/packages/moderation/src/data/messages/checklist-messages/summary/non-english.md
similarity index 100%
rename from packages/moderation/src/data/messages/summary/non-english.md
rename to packages/moderation/src/data/messages/checklist-messages/summary/non-english.md
diff --git a/packages/moderation/src/data/messages/summary/repeat-ip.md b/packages/moderation/src/data/messages/checklist-messages/summary/repeat-ip.md
similarity index 100%
rename from packages/moderation/src/data/messages/summary/repeat-ip.md
rename to packages/moderation/src/data/messages/checklist-messages/summary/repeat-ip.md
diff --git a/packages/moderation/src/data/messages/summary/repeat-title.md b/packages/moderation/src/data/messages/checklist-messages/summary/repeat-title.md
similarity index 100%
rename from packages/moderation/src/data/messages/summary/repeat-title.md
rename to packages/moderation/src/data/messages/checklist-messages/summary/repeat-title.md
diff --git a/packages/moderation/src/data/messages/title/minecraft-branding.md b/packages/moderation/src/data/messages/checklist-messages/title/minecraft-branding.md
similarity index 100%
rename from packages/moderation/src/data/messages/title/minecraft-branding.md
rename to packages/moderation/src/data/messages/checklist-messages/title/minecraft-branding.md
diff --git a/packages/moderation/src/data/messages/title/similarities-fork.md b/packages/moderation/src/data/messages/checklist-messages/title/similarities-fork.md
similarity index 100%
rename from packages/moderation/src/data/messages/title/similarities-fork.md
rename to packages/moderation/src/data/messages/checklist-messages/title/similarities-fork.md
diff --git a/packages/moderation/src/data/messages/title/similarities-modpack.md b/packages/moderation/src/data/messages/checklist-messages/title/similarities-modpack.md
similarity index 100%
rename from packages/moderation/src/data/messages/title/similarities-modpack.md
rename to packages/moderation/src/data/messages/checklist-messages/title/similarities-modpack.md
diff --git a/packages/moderation/src/data/messages/title/similarities.md b/packages/moderation/src/data/messages/checklist-messages/title/similarities.md
similarity index 100%
rename from packages/moderation/src/data/messages/title/similarities.md
rename to packages/moderation/src/data/messages/checklist-messages/title/similarities.md
diff --git a/packages/moderation/src/data/messages/title/useless-info.md b/packages/moderation/src/data/messages/checklist-messages/title/useless-info.md
similarity index 100%
rename from packages/moderation/src/data/messages/title/useless-info.md
rename to packages/moderation/src/data/messages/checklist-messages/title/useless-info.md
diff --git a/packages/moderation/src/data/messages/undefined-project/no_versions.md b/packages/moderation/src/data/messages/checklist-messages/undefined-project/no_versions.md
similarity index 100%
rename from packages/moderation/src/data/messages/undefined-project/no_versions.md
rename to packages/moderation/src/data/messages/checklist-messages/undefined-project/no_versions.md
diff --git a/packages/moderation/src/data/messages/versions/alternate_versions-additional.md b/packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-additional.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/alternate_versions-additional.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-additional.md
diff --git a/packages/moderation/src/data/messages/versions/alternate_versions-mono.md b/packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-mono.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/alternate_versions-mono.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-mono.md
diff --git a/packages/moderation/src/data/messages/versions/alternate_versions-primary.md b/packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-primary.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/alternate_versions-primary.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-primary.md
diff --git a/packages/moderation/src/data/messages/versions/alternate_versions-server-additional.md b/packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-server-additional.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/alternate_versions-server-additional.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-server-additional.md
diff --git a/packages/moderation/src/data/messages/versions/alternate_versions-server.md b/packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-server.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/alternate_versions-server.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-server.md
diff --git a/packages/moderation/src/data/messages/versions/alternate_versions-zip.md b/packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-zip.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/alternate_versions-zip.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/alternate_versions-zip.md
diff --git a/packages/moderation/src/data/messages/versions/broken_version.md b/packages/moderation/src/data/messages/checklist-messages/versions/broken_version.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/broken_version.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/broken_version.md
diff --git a/packages/moderation/src/data/messages/versions/incorrect_additional_files.md b/packages/moderation/src/data/messages/checklist-messages/versions/incorrect_additional_files.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/incorrect_additional_files.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/incorrect_additional_files.md
diff --git a/packages/moderation/src/data/messages/versions/invalid-datapacks.md b/packages/moderation/src/data/messages/checklist-messages/versions/invalid-datapacks.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/invalid-datapacks.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/invalid-datapacks.md
diff --git a/packages/moderation/src/data/messages/versions/invalid-modpacks.md b/packages/moderation/src/data/messages/checklist-messages/versions/invalid-modpacks.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/invalid-modpacks.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/invalid-modpacks.md
diff --git a/packages/moderation/src/data/messages/versions/invalid-resourcepacks.md b/packages/moderation/src/data/messages/checklist-messages/versions/invalid-resourcepacks.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/invalid-resourcepacks.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/invalid-resourcepacks.md
diff --git a/packages/moderation/src/data/messages/versions/redist_libs.md b/packages/moderation/src/data/messages/checklist-messages/versions/redist_libs.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/redist_libs.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/redist_libs.md
diff --git a/packages/moderation/src/data/messages/versions/unsupported_project.md b/packages/moderation/src/data/messages/checklist-messages/versions/unsupported_project.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/unsupported_project.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/unsupported_project.md
diff --git a/packages/moderation/src/data/messages/versions/vanilla_assets.md b/packages/moderation/src/data/messages/checklist-messages/versions/vanilla_assets.md
similarity index 100%
rename from packages/moderation/src/data/messages/versions/vanilla_assets.md
rename to packages/moderation/src/data/messages/checklist-messages/versions/vanilla_assets.md
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/but-its-online.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/but-its-online.md
new file mode 100644
index 0000000000..07946a831a
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/but-its-online.md
@@ -0,0 +1,3 @@
+Not all free or publicly accessible works permit redistribution.
+
+Please provide accurate information on this file's origin and its ability to be redistributed in your Modpack.
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/cheats-and-hacks.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/cheats-and-hacks.md
new file mode 100644
index 0000000000..70e2c11b9a
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/cheats-and-hacks.md
@@ -0,0 +1 @@
+Modrinth does not permit the distribution of external content that violates section 3 of [Modrinth's Content Rules](https://modrinth.com/legal/rules).
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/corrections-applied.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/corrections-applied.md
new file mode 100644
index 0000000000..1c7ef02493
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/corrections-applied.md
@@ -0,0 +1,3 @@
+The information provided may have been inaccurate or could not be confirmed.
+
+Our moderation team has updated this file with accurate information.
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/forks.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/forks.md
new file mode 100644
index 0000000000..60657b099b
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/forks.md
@@ -0,0 +1,3 @@
+Per section 4 of [Modrinth's Content Rules](https://modrinth.com/legal/rules), projects forked from existing content are subject to the licensing and permissions of the source work.
+
+Please provide proof that this fork is license-abiding and can be distributed in this modpack.
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/illegitimate-evidence.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/illegitimate-evidence.md
new file mode 100644
index 0000000000..722c65544a
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/illegitimate-evidence.md
@@ -0,0 +1 @@
+Please only submit legitimate evidence and do not attempt to spam external content notes with unnecessary information.
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/inaccessible-evidence.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/inaccessible-evidence.md
new file mode 100644
index 0000000000..1fe44ca739
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/inaccessible-evidence.md
@@ -0,0 +1,3 @@
+The link provided does not direct to a publicly accessible forum, or our moderators are unable to review this proof.
+
+Please provide other evidence, such as a screenshot or a link to publicly available information.
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/premium-content.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/premium-content.md
new file mode 100644
index 0000000000..d704bebb1a
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/premium-content.md
@@ -0,0 +1,3 @@
+This file appears to be pay-walled by its author or requires a license to access its features.
+
+The permissions and licensing of this content's standard version do not apply to this file, or it cannot be distributed on Modrinth.
diff --git a/packages/moderation/src/data/messages/quick-replies/externals-permissions/prohibited-content.md b/packages/moderation/src/data/messages/quick-replies/externals-permissions/prohibited-content.md
new file mode 100644
index 0000000000..d4f9564d50
--- /dev/null
+++ b/packages/moderation/src/data/messages/quick-replies/externals-permissions/prohibited-content.md
@@ -0,0 +1 @@
+Modrinth does not permit the distribution of external content that violates [Modrinth's Content Rules](https://modrinth.com/legal/rules).
diff --git a/packages/moderation/src/data/messages/reports/action-taken.md b/packages/moderation/src/data/messages/quick-replies/reports/action-taken.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/action-taken.md
rename to packages/moderation/src/data/messages/quick-replies/reports/action-taken.md
diff --git a/packages/moderation/src/data/messages/reports/antivirus.md b/packages/moderation/src/data/messages/quick-replies/reports/antivirus.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/antivirus.md
rename to packages/moderation/src/data/messages/quick-replies/reports/antivirus.md
diff --git a/packages/moderation/src/data/messages/reports/author-alerted.md b/packages/moderation/src/data/messages/quick-replies/reports/author-alerted.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/author-alerted.md
rename to packages/moderation/src/data/messages/quick-replies/reports/author-alerted.md
diff --git a/packages/moderation/src/data/messages/reports/functionality-disclosed.md b/packages/moderation/src/data/messages/quick-replies/reports/functionality-disclosed.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/functionality-disclosed.md
rename to packages/moderation/src/data/messages/quick-replies/reports/functionality-disclosed.md
diff --git a/packages/moderation/src/data/messages/reports/gameplay-issue.md b/packages/moderation/src/data/messages/quick-replies/reports/gameplay-issue.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/gameplay-issue.md
rename to packages/moderation/src/data/messages/quick-replies/reports/gameplay-issue.md
diff --git a/packages/moderation/src/data/messages/reports/metadata-corrected.md b/packages/moderation/src/data/messages/quick-replies/reports/metadata-corrected.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/metadata-corrected.md
rename to packages/moderation/src/data/messages/quick-replies/reports/metadata-corrected.md
diff --git a/packages/moderation/src/data/messages/reports/metadata-insufficient.md b/packages/moderation/src/data/messages/quick-replies/reports/metadata-insufficient.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/metadata-insufficient.md
rename to packages/moderation/src/data/messages/quick-replies/reports/metadata-insufficient.md
diff --git a/packages/moderation/src/data/messages/reports/not-a-hack.md b/packages/moderation/src/data/messages/quick-replies/reports/not-a-hack.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/not-a-hack.md
rename to packages/moderation/src/data/messages/quick-replies/reports/not-a-hack.md
diff --git a/packages/moderation/src/data/messages/reports/platform-issue.md b/packages/moderation/src/data/messages/quick-replies/reports/platform-issue.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/platform-issue.md
rename to packages/moderation/src/data/messages/quick-replies/reports/platform-issue.md
diff --git a/packages/moderation/src/data/messages/reports/reupload-insufficient.md b/packages/moderation/src/data/messages/quick-replies/reports/reupload-insufficient.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/reupload-insufficient.md
rename to packages/moderation/src/data/messages/quick-replies/reports/reupload-insufficient.md
diff --git a/packages/moderation/src/data/messages/reports/spam.md b/packages/moderation/src/data/messages/quick-replies/reports/spam.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/spam.md
rename to packages/moderation/src/data/messages/quick-replies/reports/spam.md
diff --git a/packages/moderation/src/data/messages/reports/stale.md b/packages/moderation/src/data/messages/quick-replies/reports/stale.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/stale.md
rename to packages/moderation/src/data/messages/quick-replies/reports/stale.md
diff --git a/packages/moderation/src/data/messages/reports/suspected-ai.md b/packages/moderation/src/data/messages/quick-replies/reports/suspected-ai.md
similarity index 100%
rename from packages/moderation/src/data/messages/reports/suspected-ai.md
rename to packages/moderation/src/data/messages/quick-replies/reports/suspected-ai.md
diff --git a/packages/moderation/src/data/messages/tech-review/malware.md b/packages/moderation/src/data/messages/quick-replies/tech-review/malware.md
similarity index 100%
rename from packages/moderation/src/data/messages/tech-review/malware.md
rename to packages/moderation/src/data/messages/quick-replies/tech-review/malware.md
diff --git a/packages/moderation/src/data/messages/tech-review/request-source-bin.md b/packages/moderation/src/data/messages/quick-replies/tech-review/request-source-bin.md
similarity index 100%
rename from packages/moderation/src/data/messages/tech-review/request-source-bin.md
rename to packages/moderation/src/data/messages/quick-replies/tech-review/request-source-bin.md
diff --git a/packages/moderation/src/data/messages/tech-review/request-source-obf.md b/packages/moderation/src/data/messages/quick-replies/tech-review/request-source-obf.md
similarity index 100%
rename from packages/moderation/src/data/messages/tech-review/request-source-obf.md
rename to packages/moderation/src/data/messages/quick-replies/tech-review/request-source-obf.md
diff --git a/packages/moderation/src/data/messages/tech-review/request-source.md b/packages/moderation/src/data/messages/quick-replies/tech-review/request-source.md
similarity index 100%
rename from packages/moderation/src/data/messages/tech-review/request-source.md
rename to packages/moderation/src/data/messages/quick-replies/tech-review/request-source.md
diff --git a/packages/moderation/src/data/messages/tech-review/unclear-misleading.md b/packages/moderation/src/data/messages/quick-replies/tech-review/unclear-misleading.md
similarity index 100%
rename from packages/moderation/src/data/messages/tech-review/unclear-misleading.md
rename to packages/moderation/src/data/messages/quick-replies/tech-review/unclear-misleading.md
diff --git a/packages/moderation/src/data/nags/core.ts b/packages/moderation/src/data/nags/core.ts
index b079d96cf2..b663723169 100644
--- a/packages/moderation/src/data/nags/core.ts
+++ b/packages/moderation/src/data/nags/core.ts
@@ -202,4 +202,33 @@ export const coreNags: Nag[] = [
 			shouldShow: (context: NagContext) => context.currentRoute !== 'type-project-settings-license',
 		},
 	},
+	{
+		id: 'review-permissions',
+		title: defineMessage({
+			id: 'nags.review-permissions.title',
+			defaultMessage: 'Review external permissions',
+		}),
+		description: (context: NagContext) => {
+			const { formatMessage } = useVIntl()
+			return formatMessage(
+				defineMessage({
+					id: 'nags.review-permissions.description',
+					defaultMessage:
+						'Make sure you have provided proof of your permission to distribute any external content in your Modpack.',
+				}),
+			)
+		},
+		status: 'required',
+		shouldShow: (context: NagContext) =>
+			context.versions.some((version) => (version.files_missing_attribution?.length ?? 0) >= 1),
+		link: {
+			path: 'settings/permissions',
+			title: defineMessage({
+				id: 'nags.settings.permissions.title',
+				defaultMessage: 'Visit permissions dashboard',
+			}),
+			shouldShow: (context: NagContext) =>
+				context.currentRoute !== 'type-project-settings-permissions',
+		},
+	},
 ]
diff --git a/packages/moderation/src/data/report-quick-replies.ts b/packages/moderation/src/data/report-quick-replies.ts
index f2f3ff22bb..3ecbb0973b 100644
--- a/packages/moderation/src/data/report-quick-replies.ts
+++ b/packages/moderation/src/data/report-quick-replies.ts
@@ -4,68 +4,78 @@ import type { ExtendedReport } from '../types/reports'
 export default [
 	{
 		label: '✅⚖️ Action Taken',
-		message: async () => (await import('./messages/reports/action-taken.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/action-taken.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '✅⚠️ Author Alerted',
-		message: async () => (await import('./messages/reports/author-alerted.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/author-alerted.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '✅🏷️ Metadata Corrected',
-		message: async () => (await import('./messages/reports/metadata-corrected.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/metadata-corrected.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🏷️ Metadata Insufficient',
-		message: async () => (await import('./messages/reports/metadata-insufficient.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/metadata-insufficient.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌📤 Reupload Insufficient',
-		message: async () => (await import('./messages/reports/reupload-insufficient.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/reupload-insufficient.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🏳️‍🌈 Spam',
-		message: async () => (await import('./messages/reports/spam.md?raw')).default,
+		message: async () => (await import('./messages/quick-replies/reports/spam.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🛡️ Antivirus',
-		message: async () => (await import('./messages/reports/antivirus.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/antivirus.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌👻 Functionality Disclosed',
 		message: async () =>
-			(await import('./messages/reports/functionality-disclosed.md?raw')).default,
+			(await import('./messages/quick-replies/reports/functionality-disclosed.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🤖 Suspected AI',
-		message: async () => (await import('./messages/reports/suspected-ai.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/suspected-ai.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌👩‍💻 Not a Hack',
-		message: async () => (await import('./messages/reports/not-a-hack.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/not-a-hack.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🕹️ Gameplay Issue',
-		message: async () => (await import('./messages/reports/gameplay-issue.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/gameplay-issue.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🎧 Platform Issue',
-		message: async () => (await import('./messages/reports/platform-issue.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/reports/platform-issue.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '❌🪦 Stale',
-		message: async () => (await import('./messages/reports/stale.md?raw')).default,
+		message: async () => (await import('./messages/quick-replies/reports/stale.md?raw')).default,
 		private: false,
 	},
 ] as ReadonlyArray<QuickReply<ExtendedReport>>
diff --git a/packages/moderation/src/data/stages/categories.ts b/packages/moderation/src/data/stages/categories.ts
index a8a250491e..89b37d9ee9 100644
--- a/packages/moderation/src/data/stages/categories.ts
+++ b/packages/moderation/src/data/stages/categories.ts
@@ -23,7 +23,8 @@ const categories: Stage = {
 			weight: 700,
 			suggestedStatus: 'flagged',
 			severity: 'low',
-			message: async () => (await import('../messages/categories/inaccurate.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/categories/inaccurate.md?raw')).default,
 			disablesActions: ['categories_optimization_misused', 'categories_resolutions_misused'],
 		} as ButtonAction,
 		{
@@ -37,8 +38,9 @@ const categories: Stage = {
 				project.categories.includes('optimization') ||
 				project.additional_categories.includes('optimization'),
 			message: async () =>
-				(await import('../messages/categories/inaccurate.md?raw')).default +
-				(await import('../messages/categories/optimization_misused.md?raw')).default,
+				(await import('../messages/checklist-messages/categories/inaccurate.md?raw')).default +
+				(await import('../messages/checklist-messages/categories/optimization_misused.md?raw'))
+					.default,
 			disablesActions: ['categories_inaccurate', 'categories_resolutions_misused'],
 		} as ButtonAction,
 		{
@@ -50,8 +52,9 @@ const categories: Stage = {
 			severity: 'low',
 			shouldShow: (project) => project.project_type === 'resourcepack',
 			message: async () =>
-				(await import('../messages/categories/inaccurate.md?raw')).default +
-				(await import('../messages/categories/resolutions_misused.md?raw')).default,
+				(await import('../messages/checklist-messages/categories/inaccurate.md?raw')).default +
+				(await import('../messages/checklist-messages/categories/resolutions_misused.md?raw'))
+					.default,
 			disablesActions: ['categories_inaccurate', 'categories_optimization_misused'],
 		},
 	],
diff --git a/packages/moderation/src/data/stages/description.ts b/packages/moderation/src/data/stages/description.ts
index 2647d4f157..fa41986c21 100644
--- a/packages/moderation/src/data/stages/description.ts
+++ b/packages/moderation/src/data/stages/description.ts
@@ -21,7 +21,9 @@ const description: Stage = {
 			shouldShow: (project, projectV3) =>
 				project.project_type === 'modpack' && !projectV3?.minecraft_server,
 			message: async () =>
-				(await import('../messages/description/insufficient/insufficient-packs.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/description/insufficient/insufficient-packs.md?raw')
+				).default,
 		} as ButtonAction,
 		{
 			id: 'description_insufficient_projects',
@@ -33,7 +35,9 @@ const description: Stage = {
 			shouldShow: (project, projectV3) =>
 				project.project_type !== 'modpack' && !projectV3?.minecraft_server,
 			message: async () =>
-				(await import('../messages/description/insufficient/insufficient-projects.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/description/insufficient/insufficient-projects.md?raw')
+				).default,
 		} as ButtonAction,
 		{
 			id: 'description_insufficient_servers',
@@ -44,7 +48,9 @@ const description: Stage = {
 			severity: 'medium',
 			shouldShow: (project, projectV3) => !!projectV3?.minecraft_java_server,
 			message: async () =>
-				(await import('../messages/description/insufficient/insufficient-servers.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/description/insufficient/insufficient-servers.md?raw')
+				).default,
 		} as ButtonAction,
 		{
 			id: 'description_insufficient',
@@ -54,7 +60,9 @@ const description: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'medium',
 			message: async () =>
-				(await import('../messages/description/insufficient/insufficient.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/description/insufficient/insufficient.md?raw')
+				).default,
 			relevantExtraInput: [
 				{
 					label: 'Please elaborate on how the author can improve their description.',
@@ -73,8 +81,9 @@ const description: Stage = {
 			severity: 'medium',
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_java_server,
 			message: async () =>
-				(await import('../messages/description/accessability/non-english/non-english.md?raw'))
-					.default,
+				(
+					await import('../messages/checklist-messages/description/accessability/non-english/non-english.md?raw')
+				).default,
 		} as ButtonAction,
 		{
 			id: 'description_non_english-server',
@@ -86,7 +95,7 @@ const description: Stage = {
 			shouldShow: (project, projectV3) => !!projectV3?.minecraft_java_server,
 			message: async () =>
 				(
-					await import('../messages/description/accessability/non-english/non-english-server.md?raw')
+					await import('../messages/checklist-messages/description/accessability/non-english/non-english-server.md?raw')
 				).default,
 		} as ButtonAction,
 		{
@@ -96,7 +105,8 @@ const description: Stage = {
 			weight: 403,
 			suggestedStatus: 'flagged',
 			severity: 'low',
-			message: async () => (await import('../messages/description/unfinished.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/description/unfinished.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'description_headers_as_body',
@@ -106,7 +116,9 @@ const description: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			message: async () =>
-				(await import('../messages/description/accessability/headers-as-body.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/description/accessability/headers-as-body.md?raw')
+				).default,
 		} as ButtonAction,
 		{
 			id: 'description_image_only',
@@ -116,7 +128,8 @@ const description: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'medium',
 			message: async () =>
-				(await import('../messages/description/accessability/image-only.md?raw')).default,
+				(await import('../messages/checklist-messages/description/accessability/image-only.md?raw'))
+					.default,
 		} as ButtonAction,
 		{
 			id: 'description_non_standard_text',
@@ -126,7 +139,9 @@ const description: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'medium',
 			message: async () =>
-				(await import('../messages/description/accessability/non-standard-text.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/description/accessability/non-standard-text.md?raw')
+				).default,
 		} as ButtonAction,
 		{
 			id: 'description_clarity',
@@ -135,7 +150,8 @@ const description: Stage = {
 			weight: 407,
 			suggestedStatus: 'rejected',
 			severity: 'high',
-			message: async () => (await import('../messages/description/clarity.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/description/clarity.md?raw')).default,
 		} as ButtonAction,
 	],
 }
diff --git a/packages/moderation/src/data/stages/environment/environment-multiple.ts b/packages/moderation/src/data/stages/environment/environment-multiple.ts
index 6b9341bc5c..d4f27051e9 100644
--- a/packages/moderation/src/data/stages/environment/environment-multiple.ts
+++ b/packages/moderation/src/data/stages/environment/environment-multiple.ts
@@ -23,7 +23,8 @@ const environmentMultiple: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			shouldShow: (project) => project.project_type === 'mod' || project.project_type === 'modpack',
-			message: async () => (await import('../../messages/environment/inaccurate.md?raw')).default,
+			message: async () =>
+				(await import('../../messages/checklist-messages/environment/inaccurate.md?raw')).default,
 		} as ButtonAction,
 	],
 }
diff --git a/packages/moderation/src/data/stages/environment/environment.ts b/packages/moderation/src/data/stages/environment/environment.ts
index bc7b58d916..b86e42d9bc 100644
--- a/packages/moderation/src/data/stages/environment/environment.ts
+++ b/packages/moderation/src/data/stages/environment/environment.ts
@@ -23,7 +23,8 @@ const environment: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			shouldShow: (project) => project.project_type === 'mod' || project.project_type === 'modpack',
-			message: async () => (await import('../../messages/environment/inaccurate.md?raw')).default,
+			message: async () =>
+				(await import('../../messages/checklist-messages/environment/inaccurate.md?raw')).default,
 		} as ButtonAction,
 	],
 }
diff --git a/packages/moderation/src/data/stages/gallery.ts b/packages/moderation/src/data/stages/gallery.ts
index ac083a3535..e13e0db110 100644
--- a/packages/moderation/src/data/stages/gallery.ts
+++ b/packages/moderation/src/data/stages/gallery.ts
@@ -19,7 +19,8 @@ const gallery: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
-			message: async () => (await import('../messages/gallery/insufficient.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/gallery/insufficient.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'gallery_not_relevant',
@@ -29,7 +30,8 @@ const gallery: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			shouldShow: (project) => project.gallery && project.gallery.length > 0,
-			message: async () => (await import('../messages/gallery/not-relevant.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/gallery/not-relevant.md?raw')).default,
 		} as ButtonAction,
 	],
 }
diff --git a/packages/moderation/src/data/stages/license.ts b/packages/moderation/src/data/stages/license.ts
index 8c887e5507..069b8d670a 100644
--- a/packages/moderation/src/data/stages/license.ts
+++ b/packages/moderation/src/data/stages/license.ts
@@ -39,7 +39,8 @@ const licenseStage: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'medium',
 			shouldShow: (project) => Boolean(project.license.url),
-			message: async () => (await import('../messages/license/invalid_link.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/license/invalid_link.md?raw')).default,
 			enablesActions: [
 				{
 					id: 'license_invalid_link-custom_license',
@@ -49,7 +50,9 @@ const licenseStage: Stage = {
 					suggestedStatus: 'flagged',
 					severity: 'medium',
 					message: async () =>
-						(await import('../messages/license/invalid_link-custom_license.md?raw')).default,
+						(
+							await import('../messages/checklist-messages/license/invalid_link-custom_license.md?raw')
+						).default,
 				},
 			],
 		},
@@ -66,7 +69,8 @@ const licenseStage: Stage = {
 						excludedActions: ['license_no_source-fork'],
 					},
 					weight: 602,
-					message: async () => (await import('../messages/license/no_source.md?raw')).default,
+					message: async () =>
+						(await import('../messages/checklist-messages/license/no_source.md?raw')).default,
 				},
 			],
 			fallbackWeight: 602,
@@ -79,7 +83,8 @@ const licenseStage: Stage = {
 					weight: 602,
 					suggestedStatus: 'rejected',
 					severity: 'high',
-					message: async () => (await import('../messages/license/no_source-fork.md?raw')).default,
+					message: async () =>
+						(await import('../messages/checklist-messages/license/no_source-fork.md?raw')).default,
 				},
 			],
 		},
diff --git a/packages/moderation/src/data/stages/links.ts b/packages/moderation/src/data/stages/links.ts
index 9af86e13f6..fc2d094c2d 100644
--- a/packages/moderation/src/data/stages/links.ts
+++ b/packages/moderation/src/data/stages/links.ts
@@ -46,7 +46,8 @@ const links: Stage = {
 			weight: 500,
 			suggestedStatus: 'flagged',
 			severity: 'low',
-			message: async () => (await import('../messages/links/misused.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/links/misused.md?raw')).default,
 			relevantExtraInput: [
 				{
 					label: 'What links are misused?',
@@ -63,7 +64,8 @@ const links: Stage = {
 			suggestedStatus: 'flagged',
 			// Theoretically a conditional could go here to prevent overlap of misuse and inaccessible messages repeating while still allowing for a multi-select in each.
 			// if links_misused was selected, send nothing.
-			message: async () => (await import('../messages/links/not_accessible.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/links/not_accessible.md?raw')).default,
 			enablesActions: [
 				{
 					id: 'links_inaccessible_options',
@@ -76,14 +78,16 @@ const links: Stage = {
 							weight: 511,
 							shouldShow: (project) => Boolean(project.source_url),
 							message: async () =>
-								(await import('../messages/links/not_accessible-source.md?raw')).default,
+								(await import('../messages/checklist-messages/links/not_accessible-source.md?raw'))
+									.default,
 						},
 						{
 							label: 'Discord',
 							weight: 512,
 							shouldShow: (project) => Boolean(project.discord_url),
 							message: async () =>
-								(await import('../messages/links/not_accessible-discord.md?raw')).default,
+								(await import('../messages/checklist-messages/links/not_accessible-discord.md?raw'))
+									.default,
 						},
 					],
 				},
diff --git a/packages/moderation/src/data/stages/permissions.ts b/packages/moderation/src/data/stages/permissions.ts
new file mode 100644
index 0000000000..0f23c2d464
--- /dev/null
+++ b/packages/moderation/src/data/stages/permissions.ts
@@ -0,0 +1,54 @@
+import { SignatureIcon } from '@modrinth/assets'
+
+import type { Stage } from '../../types/stage'
+
+const permissions: Stage = {
+	title: 'Does this projects external content have any issues?',
+	id: 'permissions',
+	icon: SignatureIcon,
+	guidance_url: 'https://www.notion.so/2e15ee711bf080e4a41df61bbab49892',
+	navigate: '/settings/permissions',
+	actions: [
+		{
+			id: 'invalid-permissions',
+			type: 'button',
+			label: 'Invalid permissions',
+			weight: 2000,
+			suggestedStatus: 'rejected',
+			severity: 'high',
+			shouldShow: (project, projectV3) =>
+				projectV3.project_types?.includes('modpack') && !projectV3?.minecraft_server,
+			message: async () =>
+				(await import('../messages/checklist-messages/externals-permissions/invalid.md?raw'))
+					.default,
+		},
+		{
+			id: 'prohibited-extrernal-content',
+			type: 'button',
+			label: 'Prohibited externals',
+			weight: 2001,
+			suggestedStatus: 'rejected',
+			severity: 'high',
+			shouldShow: (project, projectV3) =>
+				projectV3.project_types?.includes('modpack') && !projectV3?.minecraft_server,
+			message: async () =>
+				(await import('../messages/checklist-messages/externals-permissions/prohibited.md?raw'))
+					.default,
+		},
+		{
+			id: 'missing-permissions',
+			type: 'button',
+			label: 'Missing permissions',
+			weight: 2002,
+			suggestedStatus: 'rejected',
+			severity: 'high',
+			shouldShow: (project, projectV3) =>
+				projectV3.project_types?.includes('modpack') && !projectV3?.minecraft_server,
+			message: async () =>
+				(await import('../messages/checklist-messages/externals-permissions/missing.md?raw'))
+					.default,
+		},
+	],
+}
+
+export default permissions
diff --git a/packages/moderation/src/data/stages/post-approval.ts b/packages/moderation/src/data/stages/post-approval.ts
index 78f5aa93b8..3b5d981490 100644
--- a/packages/moderation/src/data/stages/post-approval.ts
+++ b/packages/moderation/src/data/stages/post-approval.ts
@@ -18,7 +18,8 @@ const postApproval: Stage = {
 			weight: 3000,
 			suggestedStatus: 'approved',
 			severity: 'low',
-			message: async () => (await import('../messages/post-approval/issue-warning.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/post-approval/issue-warning.md?raw')).default,
 		},
 		{
 			id: 'missed_deadline',
@@ -28,7 +29,8 @@ const postApproval: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'high',
 			message: async () =>
-				(await import('../messages/post-approval/missed-deadline.md?raw')).default,
+				(await import('../messages/checklist-messages/post-approval/missed-deadline.md?raw'))
+					.default,
 			disablesActions: ['issue_warning', 'metadata_issue'],
 			relevantExtraInput: [
 				{
@@ -46,7 +48,8 @@ const postApproval: Stage = {
 			suggestedStatus: 'approved',
 			severity: 'low',
 			message: async () =>
-				(await import('../messages/post-approval/metadata-issue.md?raw')).default,
+				(await import('../messages/checklist-messages/post-approval/metadata-issue.md?raw'))
+					.default,
 			enablesActions: [
 				{
 					id: 'dependencies',
@@ -55,7 +58,8 @@ const postApproval: Stage = {
 					weight: 1,
 					severity: 'low',
 					message: async () =>
-						(await import('../messages/misc-metadata/dependencies.md?raw')).default,
+						(await import('../messages/checklist-messages/misc-metadata/dependencies.md?raw'))
+							.default,
 					relevantExtraInput: [
 						{
 							label: 'Dependency Name',
@@ -76,7 +80,8 @@ const postApproval: Stage = {
 					weight: 2,
 					severity: 'low',
 					message: async () =>
-						(await import('../messages/misc-metadata/mc-versions.md?raw')).default,
+						(await import('../messages/checklist-messages/misc-metadata/mc-versions.md?raw'))
+							.default,
 					relevantExtraInput: [
 						{
 							label: 'Provide more details about game versions issue?',
@@ -92,7 +97,8 @@ const postApproval: Stage = {
 					label: 'Loaders',
 					weight: 3,
 					severity: 'low',
-					message: async () => (await import('../messages/misc-metadata/loaders.md?raw')).default,
+					message: async () =>
+						(await import('../messages/checklist-messages/misc-metadata/loaders.md?raw')).default,
 					relevantExtraInput: [
 						{
 							label: 'Provide more details about loaders issue?',
@@ -109,7 +115,9 @@ const postApproval: Stage = {
 					weight: 4,
 					severity: 'low',
 					message: async () =>
-						(await import('../messages/misc-metadata/inconsistent-license.md?raw')).default,
+						(
+							await import('../messages/checklist-messages/misc-metadata/inconsistent-license.md?raw')
+						).default,
 				},
 			],
 		} as ButtonAction,
diff --git a/packages/moderation/src/data/stages/reupload.ts b/packages/moderation/src/data/stages/reupload.ts
index 197010c7a4..8ffb1b1605 100644
--- a/packages/moderation/src/data/stages/reupload.ts
+++ b/packages/moderation/src/data/stages/reupload.ts
@@ -18,7 +18,8 @@ const reupload: Stage = {
 			suggestedStatus: 'rejected',
 			severity: 'high',
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
-			message: async () => (await import('../messages/reupload/reupload.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/reupload/reupload.md?raw')).default,
 			disablesActions: [
 				'reupload_unclear_fork',
 				'reupload_insufficient_fork',
@@ -50,7 +51,8 @@ const reupload: Stage = {
 			suggestedStatus: 'rejected',
 			severity: 'high',
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
-			message: async () => (await import('../messages/reupload/fork.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/reupload/fork.md?raw')).default,
 			disablesActions: [
 				'reupload_reupload',
 				'reupload_insufficient_fork',
@@ -68,7 +70,8 @@ const reupload: Stage = {
 			suggestedStatus: 'rejected',
 			severity: 'high',
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
-			message: async () => (await import('../messages/reupload/insufficient_fork.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/reupload/insufficient_fork.md?raw')).default,
 			disablesActions: [
 				'reupload_unclear_fork',
 				'reupload_reupload',
@@ -86,7 +89,8 @@ const reupload: Stage = {
 			suggestedStatus: 'rejected',
 			severity: 'high',
 			message: async () =>
-				(await import('../messages/reupload/proof_of_permissions.md?raw')).default,
+				(await import('../messages/checklist-messages/reupload/proof_of_permissions.md?raw'))
+					.default,
 			disablesActions: [
 				'reupload_reupload',
 				'reupload_unclear_fork',
@@ -105,8 +109,9 @@ const reupload: Stage = {
 			severity: 'high',
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
 			message: async () =>
-				(await import('../messages/reupload/identity-verification/identity_verification.md?raw'))
-					.default,
+				(
+					await import('../messages/checklist-messages/reupload/identity-verification/identity_verification.md?raw')
+				).default,
 			relevantExtraInput: [
 				{
 					label: 'Where else can the project be found?',
@@ -131,7 +136,7 @@ const reupload: Stage = {
 			shouldShow: (project, projectV3) => !!projectV3?.minecraft_server,
 			message: async () =>
 				(
-					await import('../messages/reupload/identity-verification/identity_verification-server.md?raw')
+					await import('../messages/checklist-messages/reupload/identity-verification/identity_verification-server.md?raw')
 				).default,
 			relevantExtraInput: [
 				{
@@ -159,8 +164,9 @@ const reupload: Stage = {
 				projectV3?.minecraft_java_server?.content?.kind === 'modpack' &&
 				projectV3?.minecraft_java_server?.content?.['project_id'] === project.id,
 			message: async () =>
-				(await import('../messages/reupload/custom_server/custom_server_permissions.md?raw'))
-					.default,
+				(
+					await import('../messages/checklist-messages/reupload/custom_server/custom_server_permissions.md?raw')
+				).default,
 			disablesActions: [
 				'reupload_reupload',
 				'reupload_unclear_fork',
@@ -182,7 +188,7 @@ const reupload: Stage = {
 				projectV3?.minecraft_java_server?.content?.['project_id'] === project.id,
 			message: async () =>
 				(
-					await import('../messages/reupload/custom_server/custom_server_overrides-verification.md?raw')
+					await import('../messages/checklist-messages/reupload/custom_server/custom_server_overrides-verification.md?raw')
 				).default,
 			enablesActions: [
 				{
@@ -192,7 +198,7 @@ const reupload: Stage = {
 					weight: 1101,
 					message: async () =>
 						(
-							await import('../messages/reupload/custom_server/custom_server_overrides-verification-list.md?raw')
+							await import('../messages/checklist-messages/reupload/custom_server/custom_server_overrides-verification-list.md?raw')
 						).default,
 					relevantExtraInput: [
 						{
@@ -227,7 +233,7 @@ const reupload: Stage = {
 				projectV3?.minecraft_java_server?.content?.['project_id'] === project.id,
 			message: async () =>
 				(
-					await import('../messages/reupload/custom_server/custom_server_overrides-prohibited.md?raw')
+					await import('../messages/checklist-messages/reupload/custom_server/custom_server_overrides-prohibited.md?raw')
 				).default,
 			relevantExtraInput: [
 				{
diff --git a/packages/moderation/src/data/stages/rule-following.ts b/packages/moderation/src/data/stages/rule-following.ts
index 98761d1a96..a5ef9887e4 100644
--- a/packages/moderation/src/data/stages/rule-following.ts
+++ b/packages/moderation/src/data/stages/rule-following.ts
@@ -18,7 +18,8 @@ const ruleFollowing: Stage = {
 			weight: 0,
 			suggestedStatus: 'rejected',
 			severity: 'critical',
-			message: async () => (await import('../messages/rule-breaking.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/rule-breaking.md?raw')).default,
 			relevantExtraInput: [
 				{
 					label: 'Please explain to the user how it infringes on our content rules.',
@@ -38,7 +39,8 @@ const ruleFollowing: Stage = {
 			shouldShow(project, projectV3) {
 				return !!projectV3?.minecraft_server
 			},
-			message: async () => (await import('../messages/paid-access-server.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/paid-access-server.md?raw')).default,
 		},
 		{
 			id: 'excessive_languages',
@@ -55,7 +57,9 @@ const ruleFollowing: Stage = {
 				)
 			},
 			message: async () =>
-				(await import('../messages/misc-metadata/excessive_languages-server.md?raw')).default,
+				(
+					await import('../messages/checklist-messages/misc-metadata/excessive_languages-server.md?raw')
+				).default,
 		},
 	],
 }
diff --git a/packages/moderation/src/data/stages/status-alerts.ts b/packages/moderation/src/data/stages/status-alerts.ts
index 05f0066d7a..c044010bb4 100644
--- a/packages/moderation/src/data/stages/status-alerts.ts
+++ b/packages/moderation/src/data/stages/status-alerts.ts
@@ -20,7 +20,8 @@ const statusAlerts: Stage = {
 			suggestedStatus: 'approved',
 			disablesActions: ['status_private_use', 'status_account_issues'],
 			shouldShow: (project) => project.status !== 'approved',
-			message: async () => (await import('../messages/status-alerts/fixed.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/status-alerts/fixed.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'status_corrections_applied-approved',
@@ -31,7 +32,8 @@ const statusAlerts: Stage = {
 			disablesActions: ['status_private_use', 'status_account_issues'],
 			shouldShow: (project) => project.status === 'approved',
 			message: async () =>
-				(await import('../messages/status-alerts/fixed-approved.md?raw')).default,
+				(await import('../messages/checklist-messages/status-alerts/fixed-approved.md?raw'))
+					.default,
 		} as ButtonAction,
 		{
 			id: 'status_private_use',
@@ -42,7 +44,8 @@ const statusAlerts: Stage = {
 			disablesActions: ['status_corrections_applied', 'status_account_issues'],
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
 			message: async () =>
-				(await import('../messages/status-alerts/private/private.md?raw')).default,
+				(await import('../messages/checklist-messages/status-alerts/private/private.md?raw'))
+					.default,
 		} as ButtonAction,
 		{
 			id: 'status_private_use-server',
@@ -53,7 +56,8 @@ const statusAlerts: Stage = {
 			disablesActions: ['status_corrections_applied', 'status_account_issues'],
 			shouldShow: (project, projectV3) => !!projectV3?.minecraft_server,
 			message: async () =>
-				(await import('../messages/status-alerts/private/private-server.md?raw')).default,
+				(await import('../messages/checklist-messages/status-alerts/private/private-server.md?raw'))
+					.default,
 		} as ButtonAction,
 		{
 			id: 'status_server_use',
@@ -62,7 +66,8 @@ const statusAlerts: Stage = {
 			weight: -999999,
 			shouldShow: (project, projectV3) =>
 				project.project_type === 'modpack' && !projectV3?.minecraft_server,
-			message: async () => (await import('../messages/status-alerts/serverpack.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/status-alerts/serverpack.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'status_account_issues',
@@ -72,7 +77,8 @@ const statusAlerts: Stage = {
 			suggestedStatus: 'rejected',
 			disablesActions: ['status_corrections_applied', 'status_private_use'],
 			message: async () =>
-				(await import('../messages/status-alerts/account_issues.md?raw')).default,
+				(await import('../messages/checklist-messages/status-alerts/account_issues.md?raw'))
+					.default,
 		} as ButtonAction,
 		{
 			id: 'status_automod_confusion',
@@ -81,7 +87,8 @@ const statusAlerts: Stage = {
 			weight: -999999,
 			shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
 			message: async () =>
-				(await import('../messages/status-alerts/automod_confusion.md?raw')).default,
+				(await import('../messages/checklist-messages/status-alerts/automod_confusion.md?raw'))
+					.default,
 		} as ButtonAction,
 	],
 }
diff --git a/packages/moderation/src/data/stages/summary.ts b/packages/moderation/src/data/stages/summary.ts
index 749236cec9..6710d0cc65 100644
--- a/packages/moderation/src/data/stages/summary.ts
+++ b/packages/moderation/src/data/stages/summary.ts
@@ -19,7 +19,8 @@ const summary: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			disablesActions: ['summary_repeat_title'],
-			message: async () => (await import('../messages/summary/insufficient.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/summary/insufficient.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'summary_repeat_title',
@@ -29,7 +30,8 @@ const summary: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'low',
 			disablesActions: ['summary_insufficient'],
-			message: async () => (await import('../messages/summary/repeat-title.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/summary/repeat-title.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'summary_formatting',
@@ -38,7 +40,8 @@ const summary: Stage = {
 			weight: 301,
 			suggestedStatus: 'flagged',
 			severity: 'low',
-			message: async () => (await import('../messages/summary/formatting.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/summary/formatting.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'summary_non_english',
@@ -47,7 +50,8 @@ const summary: Stage = {
 			weight: 302,
 			suggestedStatus: 'flagged',
 			severity: 'medium',
-			message: async () => (await import('../messages/summary/non-english.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/summary/non-english.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'summary_repeat_ip',
@@ -57,7 +61,8 @@ const summary: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'medium',
 			shouldShow: (project, projectV3) => !!projectV3?.minecraft_server,
-			message: async () => (await import('../messages/summary/repeat-ip.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/summary/repeat-ip.md?raw')).default,
 		},
 	],
 }
diff --git a/packages/moderation/src/data/stages/title-slug.ts b/packages/moderation/src/data/stages/title-slug.ts
index 59224cae56..4f880423c6 100644
--- a/packages/moderation/src/data/stages/title-slug.ts
+++ b/packages/moderation/src/data/stages/title-slug.ts
@@ -35,7 +35,8 @@ const titleSlug: Stage = {
 			weight: 100,
 			suggestedStatus: 'flagged',
 			severity: 'low',
-			message: async () => (await import('../messages/title/useless-info.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/title/useless-info.md?raw')).default,
 		},
 		{
 			id: 'title_minecraft_branding',
@@ -44,7 +45,8 @@ const titleSlug: Stage = {
 			weight: 100,
 			suggestedStatus: 'flagged',
 			severity: 'medium',
-			message: async () => (await import('../messages/title/minecraft-branding.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/title/minecraft-branding.md?raw')).default,
 		},
 		{
 			id: 'title_similarities',
@@ -53,7 +55,8 @@ const titleSlug: Stage = {
 			weight: 110,
 			suggestedStatus: 'flagged',
 			severity: 'medium',
-			message: async () => (await import('../messages/title/similarities.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/title/similarities.md?raw')).default,
 			enablesActions: [
 				{
 					id: 'title_similarities_options',
@@ -65,14 +68,16 @@ const titleSlug: Stage = {
 							weight: 111,
 							shouldShow: (project) => project.project_type === 'modpack',
 							message: async () =>
-								(await import('../messages/title/similarities-modpack.md?raw')).default,
+								(await import('../messages/checklist-messages/title/similarities-modpack.md?raw'))
+									.default,
 						},
 						{
 							label: 'Forked project',
 							weight: 112,
 							shouldShow: (project, projectV3) => !projectV3?.minecraft_server,
 							message: async () =>
-								(await import('../messages/title/similarities-fork.md?raw')).default,
+								(await import('../messages/checklist-messages/title/similarities-fork.md?raw'))
+									.default,
 						},
 					],
 				},
@@ -89,7 +94,8 @@ const titleSlug: Stage = {
 				{
 					label: 'Misused',
 					weight: 200,
-					message: async () => (await import('../messages/slug/misused.md?raw')).default,
+					message: async () =>
+						(await import('../messages/checklist-messages/slug/misused.md?raw')).default,
 				},
 			],
 		},
diff --git a/packages/moderation/src/data/stages/undefined-project.ts b/packages/moderation/src/data/stages/undefined-project.ts
index 642d0d03ca..a996da0f2c 100644
--- a/packages/moderation/src/data/stages/undefined-project.ts
+++ b/packages/moderation/src/data/stages/undefined-project.ts
@@ -18,7 +18,8 @@ const undefinedProjectStage: Stage = {
 			weight: -100,
 			suggestedStatus: 'rejected',
 			message: async () =>
-				(await import('../messages/undefined-project/no_versions.md?raw')).default,
+				(await import('../messages/checklist-messages/undefined-project/no_versions.md?raw'))
+					.default,
 		},
 	],
 }
diff --git a/packages/moderation/src/data/stages/versions.ts b/packages/moderation/src/data/stages/versions.ts
index 9bd632c0df..2a9d14041e 100644
--- a/packages/moderation/src/data/stages/versions.ts
+++ b/packages/moderation/src/data/stages/versions.ts
@@ -20,7 +20,8 @@ const versions: Stage = {
 			suggestedStatus: 'flagged',
 			severity: 'medium',
 			message: async () =>
-				(await import('../messages/versions/incorrect_additional_files.md?raw')).default,
+				(await import('../messages/checklist-messages/versions/incorrect_additional_files.md?raw'))
+					.default,
 		} as ButtonAction,
 		{
 			id: 'versions_incorrect_project_type',
@@ -41,21 +42,25 @@ const versions: Stage = {
 							weight: 1001,
 							shouldShow: (project) => project.project_type !== 'modpack',
 							message: async () =>
-								(await import('../messages/versions/invalid-modpacks.md?raw')).default,
+								(await import('../messages/checklist-messages/versions/invalid-modpacks.md?raw'))
+									.default,
 						} as DropdownActionOption,
 						{
 							label: 'Resource Pack',
 							weight: 1001,
 							shouldShow: (project) => project.project_type !== 'resourcepack',
 							message: async () =>
-								(await import('../messages/versions/invalid-resourcepacks.md?raw')).default,
+								(
+									await import('../messages/checklist-messages/versions/invalid-resourcepacks.md?raw')
+								).default,
 						} as DropdownActionOption,
 						{
 							label: 'Data Pack',
 							weight: 1001,
 							shouldShow: (project) => !project.loaders.includes('datapack'),
 							message: async () =>
-								(await import('../messages/versions/invalid-datapacks.md?raw')).default,
+								(await import('../messages/checklist-messages/versions/invalid-datapacks.md?raw'))
+									.default,
 						} as DropdownActionOption,
 					],
 				} as DropdownAction,
@@ -79,13 +84,17 @@ const versions: Stage = {
 							label: 'Primary Files',
 							weight: 1002,
 							message: async () =>
-								(await import('../messages/versions/alternate_versions-primary.md?raw')).default,
+								(
+									await import('../messages/checklist-messages/versions/alternate_versions-primary.md?raw')
+								).default,
 						} as DropdownActionOption,
 						{
 							label: 'Additional Files',
 							weight: 1002,
 							message: async () =>
-								(await import('../messages/versions/alternate_versions-additional.md?raw')).default,
+								(
+									await import('../messages/checklist-messages/versions/alternate_versions-additional.md?raw')
+								).default,
 						} as DropdownActionOption,
 						{
 							label: 'Monofile',
@@ -93,14 +102,18 @@ const versions: Stage = {
 							shouldShow: (project) =>
 								project.project_type === 'resourcepack' || project.loaders.includes('datapack'),
 							message: async () =>
-								(await import('../messages/versions/alternate_versions-mono.md?raw')).default,
+								(
+									await import('../messages/checklist-messages/versions/alternate_versions-mono.md?raw')
+								).default,
 						} as DropdownActionOption,
 						{
 							label: 'Server Files (Primary Files)',
 							weight: 1002,
 							shouldShow: (project) => project.project_type === 'modpack',
 							message: async () =>
-								(await import('../messages/versions/alternate_versions-server.md?raw')).default,
+								(
+									await import('../messages/checklist-messages/versions/alternate_versions-server.md?raw')
+								).default,
 						} as DropdownActionOption,
 						{
 							label: 'Server Files (Additional Files)',
@@ -109,8 +122,9 @@ const versions: Stage = {
 							severity: 'high',
 							shouldShow: (project) => project.project_type === 'modpack',
 							message: async () =>
-								(await import('../messages/versions/alternate_versions-server-additional.md?raw'))
-									.default,
+								(
+									await import('../messages/checklist-messages/versions/alternate_versions-server-additional.md?raw')
+								).default,
 						} as DropdownActionOption,
 						{
 							label: 'mods.zip',
@@ -119,7 +133,9 @@ const versions: Stage = {
 							severity: 'high',
 							shouldShow: (project) => project.project_type === 'modpack',
 							message: async () =>
-								(await import('../messages/versions/alternate_versions-zip.md?raw')).default,
+								(
+									await import('../messages/checklist-messages/versions/alternate_versions-zip.md?raw')
+								).default,
 						} as DropdownActionOption,
 					],
 				} as DropdownAction,
@@ -133,7 +149,8 @@ const versions: Stage = {
 			severity: `medium`,
 			weight: 1003,
 			shouldShow: (project) => project.project_type === 'resourcepack',
-			message: async () => (await import('../messages/versions/vanilla_assets.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/versions/vanilla_assets.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'versions_redist_libs',
@@ -143,7 +160,8 @@ const versions: Stage = {
 			severity: `medium`,
 			weight: 1003,
 			shouldShow: (project) => project.project_type === 'mod' || project.project_type === 'plugin',
-			message: async () => (await import('../messages/versions/redist_libs.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/versions/redist_libs.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'versions_duplicate_primary_files',
@@ -152,7 +170,8 @@ const versions: Stage = {
 			suggestedStatus: 'flagged',
 			severity: `medium`,
 			weight: 1004,
-			message: async () => (await import('../messages/versions/broken_version.md?raw')).default,
+			message: async () =>
+				(await import('../messages/checklist-messages/versions/broken_version.md?raw')).default,
 		} as ButtonAction,
 		{
 			id: 'unsupported_project_type',
@@ -162,7 +181,8 @@ const versions: Stage = {
 			severity: `medium`,
 			weight: 1005,
 			message: async () =>
-				(await import('../messages/versions/unsupported_project.md?raw')).default,
+				(await import('../messages/checklist-messages/versions/unsupported_project.md?raw'))
+					.default,
 			relevantExtraInput: [
 				{
 					label: 'Project Type',
diff --git a/packages/moderation/src/data/tech-review-quick-replies.ts b/packages/moderation/src/data/tech-review-quick-replies.ts
index 67aea7c4d2..37e1b51efb 100644
--- a/packages/moderation/src/data/tech-review-quick-replies.ts
+++ b/packages/moderation/src/data/tech-review-quick-replies.ts
@@ -11,27 +11,32 @@ export interface TechReviewContext {
 export default [
 	{
 		label: '⚠️ Unclear/Misleading',
-		message: async () => (await import('./messages/tech-review/unclear-misleading.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/tech-review/unclear-misleading.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '📝 Request Source',
-		message: async () => (await import('./messages/tech-review/request-source.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/tech-review/request-source.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '🔒 Request Source (Obf)',
-		message: async () => (await import('./messages/tech-review/request-source-obf.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/tech-review/request-source-obf.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '📦 Request Source (Bin)',
-		message: async () => (await import('./messages/tech-review/request-source-bin.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/tech-review/request-source-bin.md?raw')).default,
 		private: false,
 	},
 	{
 		label: '🚫 Malware',
-		message: async () => (await import('./messages/tech-review/malware.md?raw')).default,
+		message: async () =>
+			(await import('./messages/quick-replies/tech-review/malware.md?raw')).default,
 		private: false,
 	},
 ] as ReadonlyArray<QuickReply<TechReviewContext>>
diff --git a/packages/moderation/src/index.ts b/packages/moderation/src/index.ts
index 2df2ecfe65..80e08ccf02 100644
--- a/packages/moderation/src/index.ts
+++ b/packages/moderation/src/index.ts
@@ -8,6 +8,7 @@ export {
 	type TechReviewContext,
 	default as techReviewQuickReplies,
 } from './data/tech-review-quick-replies'
+export { default as attributionQuickReplies } from './data/attribution-quick-replies'
 export * from './locales'
 export * from './types/actions'
 export * from './types/keybinds'
diff --git a/packages/moderation/src/locales/en-US/index.json b/packages/moderation/src/locales/en-US/index.json
index 26afc85cac..1a08e00384 100644
--- a/packages/moderation/src/locales/en-US/index.json
+++ b/packages/moderation/src/locales/en-US/index.json
@@ -140,6 +140,12 @@
   "nags.multiple-resolution-tags.title": {
     "defaultMessage": "Select correct resolution"
   },
+  "nags.review-permissions.description": {
+    "defaultMessage": "Make sure you have provided proof of your permission to distribute any external content in your Modpack."
+  },
+  "nags.review-permissions.title": {
+    "defaultMessage": "Review external permissions"
+  },
   "nags.select-compatibility.description": {
     "defaultMessage": "Select what versions your server supports, choose a Modpack, or upload your own."
   },
@@ -182,6 +188,9 @@
   "nags.settings.links.title": {
     "defaultMessage": "Visit links settings"
   },
+  "nags.settings.permissions.title": {
+    "defaultMessage": "Visit permissions dashboard"
+  },
   "nags.settings.tags.title": {
     "defaultMessage": "Visit tag settings"
   },
diff --git a/packages/moderation/src/types/nags.ts b/packages/moderation/src/types/nags.ts
index 3b5d49ee9b..c0a63cddd7 100644
--- a/packages/moderation/src/types/nags.ts
+++ b/packages/moderation/src/types/nags.ts
@@ -28,7 +28,7 @@ export interface NagContext {
 	/**
 	 * The versions associated with the project.
 	 */
-	versions: Labrinth.Versions.v2.Version[]
+	versions: Labrinth.Versions.v3.Version[]
 	/**
 	 * The current project member viewing the nag.
 	 */
diff --git a/packages/moderation/src/utils.ts b/packages/moderation/src/utils.ts
index 0a076dd54a..970d0e446c 100644
--- a/packages/moderation/src/utils.ts
+++ b/packages/moderation/src/utils.ts
@@ -382,6 +382,10 @@ export function flattenProjectVariables(
 	vars[`PROJECT_LANGUAGE_SETTINGS`] = `https://modrinth.com/project/${project.id}/settings/server`
 	vars[`PROJECT_LANGUAGE_SETTINGS_FLINK`] =
 		`[Language Settings](https://modrinth.com/project/${project.id}/settings/server)`
+	vars[`PROJECT_PERMISSIONS_LINK`] =
+		`https://modrinth.com/project/${project.id}/settings/permissions`
+	vars[`PROJECT_PERMISSIONS_FLINK`] =
+		`[Permissions dashboard](https://modrinth.com/project/${project.id}/settings/permissions)`
 
 	return vars
 }
diff --git a/packages/ui/src/components/base/Admonition.vue b/packages/ui/src/components/base/Admonition.vue
index b6499c21f1..38c09af896 100644
--- a/packages/ui/src/components/base/Admonition.vue
+++ b/packages/ui/src/components/base/Admonition.vue
@@ -80,7 +80,7 @@ import ButtonStyled from './ButtonStyled.vue'
 
 const props = withDefaults(
 	defineProps<{
-		type?: 'info' | 'warning' | 'critical' | 'success' | 'moderation'
+		type?: 'info' | 'warning' | 'critical' | 'success' | 'moderation' | 'circle-warning'
 		header?: string
 		body?: string
 		showActionsUnderneath?: boolean
@@ -139,6 +139,7 @@ const timestampTooltip = computed(() => {
 const typeClasses = {
 	info: 'border-brand-blue bg-bg-blue',
 	warning: 'border-brand-orange bg-bg-orange',
+	'circle-warning': 'border-brand-orange bg-bg-orange',
 	critical: 'border-brand-red bg-bg-red',
 	success: 'border-brand-green bg-bg-green',
 	moderation: 'border-brand-orange bg-bg-orange',
@@ -147,6 +148,7 @@ const typeClasses = {
 const iconClasses = {
 	info: 'text-brand-blue',
 	warning: 'text-brand-orange',
+	'circle-warning': 'text-brand-orange',
 	critical: 'text-brand-red',
 	success: 'text-brand-green',
 	moderation: 'text-brand-orange',
@@ -155,6 +157,7 @@ const iconClasses = {
 const buttonColors = {
 	info: 'blue',
 	warning: 'orange',
+	'circle-warning': 'orange',
 	critical: 'red',
 	success: 'green',
 	moderation: 'orange',
@@ -163,6 +166,7 @@ const buttonColors = {
 const progressTrackClasses = {
 	info: 'bg-brand-blue/20',
 	warning: 'bg-brand-orange/20',
+	'circle-warning': 'bg-brand-orange/20',
 	critical: 'bg-brand-red/20',
 	success: 'bg-brand-green/20',
 	moderation: 'bg-brand-orange/20',
@@ -171,6 +175,7 @@ const progressTrackClasses = {
 const progressFillClasses = {
 	info: 'bg-brand-blue',
 	warning: 'bg-brand-orange',
+	'circle-warning': 'bg-brand-orange',
 	critical: 'bg-brand-red',
 	success: 'bg-brand-green',
 	blue: 'bg-brand-blue',
diff --git a/packages/ui/src/components/base/AutoLink.vue b/packages/ui/src/components/base/AutoLink.vue
index 9a9eb11634..1fa4d0d99e 100644
--- a/packages/ui/src/components/base/AutoLink.vue
+++ b/packages/ui/src/components/base/AutoLink.vue
@@ -6,16 +6,23 @@
 		"
 		:to="to"
 		v-bind="$attrs"
+		:class="linkClass"
 	>
 		<slot />
 	</router-link>
-	<a v-else-if="typeof to === 'string' && to?.startsWith('http')" :href="to" v-bind="$attrs">
+	<a
+		v-else-if="typeof to === 'string' && to?.startsWith('http')"
+		:href="to"
+		v-bind="$attrs"
+		:class="linkClass"
+	>
 		<slot />
 	</a>
 	<button
 		v-else-if="typeof to === 'function'"
 		v-bind="$attrs"
 		class="inline bg-transparent border-none p-0 m-0 cursor-pointer"
+		:class="linkClass"
 		@click="to()"
 	>
 		<slot />
@@ -26,10 +33,16 @@
 </template>
 
 <script setup lang="ts">
-defineProps<{
-	// eslint-disable-next-line @typescript-eslint/no-explicit-any
-	to: any
-}>()
+withDefaults(
+	defineProps<{
+		// eslint-disable-next-line @typescript-eslint/no-explicit-any
+		to: any
+		linkClass?: string
+	}>(),
+	{
+		linkClass: '',
+	},
+)
 
 defineOptions({
 	inheritAttrs: false,
diff --git a/packages/ui/src/components/base/Checkbox.vue b/packages/ui/src/components/base/Checkbox.vue
index 4e8fcbd7a4..e7a0c262a4 100644
--- a/packages/ui/src/components/base/Checkbox.vue
+++ b/packages/ui/src/components/base/Checkbox.vue
@@ -1,5 +1,6 @@
 <template>
 	<button
+		type="button"
 		class="group bg-transparent border-none p-0 m-0 flex items-center text-left gap-3 checkbox-outer outline-offset-4 text-contrast"
 		:disabled="disabled"
 		:class="
diff --git a/packages/ui/src/components/base/FileInput.vue b/packages/ui/src/components/base/FileInput.vue
index ff6e765121..9323b1e309 100644
--- a/packages/ui/src/components/base/FileInput.vue
+++ b/packages/ui/src/components/base/FileInput.vue
@@ -96,7 +96,7 @@ label {
 		grid-gap: 0.5rem;
 		background-color: var(--color-button-bg);
 		border-radius: var(--radius-sm);
-		border: dashed 2px var(--color-contrast);
+		border: dashed 2px var(--color-secondary);
 		cursor: pointer;
 		color: var(--color-contrast);
 	}
diff --git a/packages/ui/src/components/base/OverflowMenu.vue b/packages/ui/src/components/base/OverflowMenu.vue
index 92db08c3cf..a9e115917c 100644
--- a/packages/ui/src/components/base/OverflowMenu.vue
+++ b/packages/ui/src/components/base/OverflowMenu.vue
@@ -14,7 +14,7 @@
 				<div
 					v-if="isDivider(option)"
 					:key="`divider-${index}`"
-					class="h-px mx-3 my-2 bg-surface-5"
+					class="h-px mx-[0.625rem] my-2 bg-surface-5"
 				></div>
 				<Button
 					v-else
@@ -144,9 +144,6 @@ defineExpose({ open, close })
 	--text-color: var(--color-base);
 	--background-color: transparent;
 	justify-content: flex-start;
-
-	&:not(:last-child) {
-		margin-bottom: var(--gap-xs);
-	}
+	padding: 0.55rem 0.625rem;
 }
 </style>
diff --git a/packages/ui/src/components/base/Table.vue b/packages/ui/src/components/base/Table.vue
index 12e4b88d72..3163018d0e 100644
--- a/packages/ui/src/components/base/Table.vue
+++ b/packages/ui/src/components/base/Table.vue
@@ -32,7 +32,7 @@
 						<th
 							v-for="column in columns"
 							:key="column.key"
-							class="h-14 first:pl-4 last:pr-4"
+							class="h-12 first:pl-4 last:pr-4"
 							:class="[
 								`text-${column.align ?? 'left'}`,
 								column.enableSorting ? 'cursor-pointer select-none' : '',
diff --git a/packages/ui/src/components/external_files/AddFilesToAttributionGroupModal.vue b/packages/ui/src/components/external_files/AddFilesToAttributionGroupModal.vue
new file mode 100644
index 0000000000..7ef1466574
--- /dev/null
+++ b/packages/ui/src/components/external_files/AddFilesToAttributionGroupModal.vue
@@ -0,0 +1,269 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { CheckIcon, PlusIcon, SearchIcon, SpinnerIcon, XIcon } from '@modrinth/assets'
+import { computed, nextTick, ref } from 'vue'
+
+import { ButtonStyled, NewModal, StyledInput } from '#ui/components'
+import { commonMessages } from '#ui/utils'
+
+import { defineMessages, useVIntl } from '../../composables/i18n'
+
+const props = defineProps<{
+	groupId: string
+	pending?: boolean
+}>()
+
+const emit = defineEmits<{
+	(e: 'confirm', sha1s: string[]): void
+}>()
+
+const { formatMessage } = useVIntl()
+
+const messages = defineMessages({
+	defaultGroupTitle: {
+		id: 'external-files.permissions-card.fallback-group-title',
+		defaultMessage: 'Attribution group {id}',
+	},
+	addFilesModalTitle: {
+		id: 'external-files.permissions-card.add-files-modal.title',
+		defaultMessage: 'Add files to this group',
+	},
+	addFilesModalDescription: {
+		id: 'external-files.permissions-card.add-files-modal.description',
+		defaultMessage: 'Select any files that should be moved into this group.',
+	},
+	addFilesModalEmpty: {
+		id: 'external-files.permissions-card.add-files-modal.empty',
+		defaultMessage: 'There are no files in other groups that can be moved here.',
+	},
+	addFilesModalSearchPlaceholder: {
+		id: 'external-files.permissions-card.add-files-modal.search-placeholder',
+		defaultMessage: 'Search files…',
+	},
+	addFilesModalNoSearchResults: {
+		id: 'external-files.permissions-card.add-files-modal.no-search-results',
+		defaultMessage: 'No files match your search.',
+	},
+	addFilesModalConfirm: {
+		id: 'external-files.permissions-card.add-files-modal.confirm',
+		defaultMessage: '{count, plural, one {Add file} other {Add files}}',
+	},
+	addFilesModalSelectedCount: {
+		id: 'external-files.permissions-card.add-files-modal.selected-count',
+		defaultMessage: '{count, plural, one {# file selected} other {# files selected}}',
+	},
+})
+
+type AssignableFileEntry = {
+	sha1: string
+	displayName: string
+	sourceLabel: string
+}
+
+const modalRef = ref<InstanceType<typeof NewModal> | null>(null)
+const assignableEntries = ref<AssignableFileEntry[]>([])
+const searchQuery = ref('')
+const searchInputRef = ref<{ focus: () => void } | null>(null)
+const selectedSha1s = ref<Set<string>>(new Set())
+
+const filteredEntries = computed(() => {
+	const q = searchQuery.value.trim().toLowerCase()
+	if (!q) {
+		return assignableEntries.value
+	}
+	return assignableEntries.value.filter(
+		(e) =>
+			e.displayName.toLowerCase().includes(q) ||
+			e.sourceLabel.toLowerCase().includes(q) ||
+			e.sha1.toLowerCase().includes(q),
+	)
+})
+
+const selectedFileCount = computed(() => selectedSha1s.value.size)
+
+function isFileSelected(sha1: string) {
+	return selectedSha1s.value.has(sha1)
+}
+
+function toggleFileSelection(sha1: string) {
+	const next = new Set(selectedSha1s.value)
+	if (next.has(sha1)) {
+		next.delete(sha1)
+	} else {
+		next.add(sha1)
+	}
+	selectedSha1s.value = next
+}
+
+function clearSelectedFiles() {
+	selectedSha1s.value = new Set()
+}
+
+function focusSearchOnOpen() {
+	nextTick(() => {
+		setTimeout(() => {
+			searchInputRef.value?.focus()
+		}, 75)
+	})
+}
+
+function buildAssignableEntries(
+	groups: Labrinth.Attribution.Internal.AttributionGroup[],
+): AssignableFileEntry[] {
+	const entries: AssignableFileEntry[] = []
+	for (const g of groups) {
+		if (g.id === props.groupId) {
+			continue
+		}
+		const firstName = g.files?.[0]?.name
+		const sourceLabel =
+			g.flame_project?.title ??
+			(firstName ? (firstName.split('/').pop() ?? firstName) : null) ??
+			formatMessage(messages.defaultGroupTitle, { id: g.id })
+		for (const f of g.files ?? []) {
+			const displayName = f.name.split('/').pop() ?? f.name
+			entries.push({ sha1: f.sha1, displayName, sourceLabel })
+		}
+	}
+	entries.sort((a, b) => {
+		const byName = a.displayName.localeCompare(b.displayName)
+		if (byName !== 0) {
+			return byName
+		}
+		return a.sourceLabel.localeCompare(b.sourceLabel)
+	})
+	return entries
+}
+
+function handleConfirm() {
+	if (selectedFileCount.value === 0) {
+		return
+	}
+	emit('confirm', [...selectedSha1s.value])
+	hide()
+}
+
+function show(event: MouseEvent, groups: Labrinth.Attribution.Internal.AttributionGroup[]) {
+	assignableEntries.value = buildAssignableEntries(groups)
+	searchQuery.value = ''
+	clearSelectedFiles()
+	modalRef.value?.show(event)
+}
+
+function hide() {
+	modalRef.value?.hide()
+}
+
+defineExpose({ show, hide })
+</script>
+
+<template>
+	<NewModal
+		ref="modalRef"
+		:header="formatMessage(messages.addFilesModalTitle)"
+		max-width="560px"
+		:disable-close="pending"
+		:on-show="focusSearchOnOpen"
+		:on-hide="clearSelectedFiles"
+		no-padding
+	>
+		<div class="flex flex-col gap-4 p-4 relative">
+			<p class="text-secondary m-0">
+				{{ formatMessage(messages.addFilesModalDescription) }}
+			</p>
+			<StyledInput
+				ref="searchInputRef"
+				v-model="searchQuery"
+				type="text"
+				autocomplete="off"
+				:placeholder="formatMessage(messages.addFilesModalSearchPlaceholder)"
+				:icon="SearchIcon"
+				:disabled="pending"
+				input-class="h-[40px]"
+				class="sticky top-0"
+				clearable
+			/>
+		</div>
+		<div
+			class="flex flex-col gap-2 bg-surface-2 overflow-y-auto overflow-x-hidden border-0 border-y border-solid border-surface-5 max-h-[calc(max(50vh,600px))]"
+		>
+			<div v-if="assignableEntries.length === 0" class="text-secondary text-sm p-4 m-0">
+				{{ formatMessage(messages.addFilesModalEmpty) }}
+			</div>
+			<div v-else-if="filteredEntries.length === 0" class="text-secondary text-sm m-0 p-4">
+				{{ formatMessage(messages.addFilesModalNoSearchResults) }}
+			</div>
+			<ul v-else class="p-0 m-0 list-none">
+				<li
+					v-for="entry in filteredEntries"
+					:key="entry.sha1"
+					:class="
+						isFileSelected(entry.sha1)
+							? 'border-brand bg-surface-4 hover:bg-surface-5'
+							: 'hover:bg-surface-3 even:bg-surface-2.5'
+					"
+				>
+					<button
+						type="button"
+						class="w-full text-left p-3 flex flex-col gap-1 appearance-none bg-transparent 3 transition-colors disabled:opacity-50"
+						:disabled="pending"
+						:aria-pressed="isFileSelected(entry.sha1)"
+						@click="toggleFileSelection(entry.sha1)"
+					>
+						<span class="flex gap-2 font-medium">
+							<span
+								class="size-4 shrink-0 rounded flex items-center justify-center border-[1px] border-solid"
+								:class="
+									isFileSelected(entry.sha1)
+										? 'bg-brand border-button-border text-brand-inverted'
+										: 'bg-surface-2 border-surface-5'
+								"
+							>
+								<CheckIcon
+									v-if="isFileSelected(entry.sha1)"
+									class="size-3"
+									aria-hidden="true"
+									stroke-width="3"
+								/>
+							</span>
+							<span class="flex flex-col gap-1 truncate">
+								<span class="truncate">{{ entry.displayName }}</span>
+								<span
+									v-if="entry.sourceLabel !== entry.displayName"
+									class="text-secondary text-xs truncate"
+									>{{ entry.sourceLabel }}</span
+								>
+							</span>
+						</span>
+					</button>
+				</li>
+			</ul>
+		</div>
+		<template #actions>
+			<div class="flex justify-between items-center gap-3 w-full pt-4">
+				<p v-if="selectedFileCount > 0" class="text-secondary text-sm m-0">
+					{{ formatMessage(messages.addFilesModalSelectedCount, { count: selectedFileCount }) }}
+				</p>
+				<div class="flex gap-2 ml-auto">
+					<ButtonStyled type="outlined">
+						<button type="button" :disabled="pending" @click="hide">
+							<XIcon class="size-4 shrink-0" />
+							{{ formatMessage(commonMessages.cancelButton) }}
+						</button>
+					</ButtonStyled>
+					<ButtonStyled color="brand">
+						<button
+							type="button"
+							:disabled="selectedFileCount === 0 || pending"
+							@click="handleConfirm"
+						>
+							<SpinnerIcon v-if="pending" class="size-4 shrink-0 animate-spin" />
+							<PlusIcon v-else class="size-4 shrink-0" />
+							{{ formatMessage(messages.addFilesModalConfirm, { count: selectedFileCount }) }}
+						</button>
+					</ButtonStyled>
+				</div>
+			</div>
+		</template>
+	</NewModal>
+</template>
diff --git a/packages/ui/src/components/external_files/AddToExistingExternalProjectModal.vue b/packages/ui/src/components/external_files/AddToExistingExternalProjectModal.vue
new file mode 100644
index 0000000000..0c6365c6fd
--- /dev/null
+++ b/packages/ui/src/components/external_files/AddToExistingExternalProjectModal.vue
@@ -0,0 +1,321 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { PlusIcon, SearchIcon, SpinnerIcon, XIcon } from '@modrinth/assets'
+import { useMutation } from '@tanstack/vue-query'
+import { computed, ref, useTemplateRef } from 'vue'
+
+import { Accordion, ButtonStyled, NewModal, StyledInput } from '#ui/components'
+
+import { injectModrinthClient, injectNotificationManager } from '../../providers'
+import AttributionGroupFilePicker from './AttributionGroupFilePicker.vue'
+import {
+	MODERATOR_ATTRIBUTION_KIND_LABELS,
+	moderatorAttributionGroupTitle,
+	parseInitialAttribution,
+} from './external-project-utils'
+import ExternalProjectLookupCard from './ExternalProjectLookupCard.vue'
+import type { ExternalLicenseStatus } from './types.ts'
+
+const props = defineProps<{
+	group: Labrinth.Attribution.Internal.AttributionGroup
+}>()
+
+const emit = defineEmits<{
+	(e: 'success'): void
+}>()
+
+type ExternalProject = {
+	id: number
+	title: string | null
+	status: ExternalLicenseStatus
+	link: string | null
+	exceptions: string | null
+	proof: string | null
+	flame_project_id: number | null
+	files: {
+		sha1: string
+		name: string | null
+	}[]
+}
+
+const client = injectModrinthClient()
+const { addNotification } = injectNotificationManager()
+
+const modalRef = useTemplateRef<InstanceType<typeof NewModal>>('modalRef')
+const searchAccordionRef = useTemplateRef<InstanceType<typeof Accordion>>('searchAccordionRef')
+const filesAccordionRef = useTemplateRef<InstanceType<typeof Accordion>>('filesAccordionRef')
+
+const query = ref('')
+const isLoading = ref(false)
+const hasSearched = ref(false)
+const activeQuery = ref('')
+const externalProjects = ref<ExternalProject[]>([])
+const selectedProjectId = ref<number | null>(null)
+const selectedSha1s = ref<Set<string>>(new Set())
+
+const hasMultipleFiles = computed(() => props.group.files.length > 1)
+
+const groupPreviewTitle = computed(() => moderatorAttributionGroupTitle(props.group))
+
+const attributionKindLabel = computed(() => {
+	const attribution = parseInitialAttribution(props.group.attribution)
+	if (!attribution) {
+		return null
+	}
+	return `Attribution: ${MODERATOR_ATTRIBUTION_KIND_LABELS[attribution.kind]}`
+})
+
+function mapExternalProject(
+	project: Labrinth.ExternalProjects.Internal.ExternalProject,
+): ExternalProject {
+	return {
+		id: project.id,
+		title: project.title,
+		status: project.status,
+		link: project.link,
+		exceptions: project.exceptions,
+		proof: project.proof,
+		flame_project_id: project.flame_project_id,
+		files: project.linked_files ?? [],
+	}
+}
+
+const searchNeedsInput = computed(() => hasSearched.value && activeQuery.value.trim().length < 3)
+
+const addFilesMutation = useMutation({
+	mutationFn: async () => {
+		if (selectedProjectId.value === null) {
+			throw new Error('No external project selected')
+		}
+
+		await client.labrinth.external_projects_internal.addFile({
+			hashes: [...selectedSha1s.value],
+			license_id: selectedProjectId.value,
+		})
+	},
+})
+
+const canSubmit = computed(
+	() =>
+		selectedProjectId.value !== null &&
+		selectedSha1s.value.size > 0 &&
+		!addFilesMutation.isPending.value,
+)
+
+function resetForm() {
+	query.value = ''
+	hasSearched.value = false
+	activeQuery.value = ''
+	externalProjects.value = []
+	selectedProjectId.value = null
+	selectedSha1s.value = new Set(props.group.files.map((file) => file.sha1))
+}
+
+function handleSearchPanelOpen() {
+	filesAccordionRef.value?.close()
+}
+
+function handleFilesPanelOpen() {
+	searchAccordionRef.value?.close()
+}
+
+function selectProject(projectId: number) {
+	selectedProjectId.value = projectId
+}
+
+async function executeSearch() {
+	hasSearched.value = true
+	activeQuery.value = query.value
+	externalProjects.value = []
+	selectedProjectId.value = null
+
+	if (activeQuery.value.trim().length < 3) {
+		return
+	}
+
+	isLoading.value = true
+
+	try {
+		const response = await client.labrinth.external_projects_internal.search({
+			title: activeQuery.value.trim(),
+		})
+		externalProjects.value = response.map(mapExternalProject)
+	} catch {
+		externalProjects.value = []
+	} finally {
+		isLoading.value = false
+	}
+}
+
+async function handleSubmit() {
+	try {
+		await addFilesMutation.mutateAsync()
+		addNotification({
+			type: 'success',
+			title: 'Files added to existing entry',
+			autoCloseMs: 3000,
+		})
+		hide()
+		emit('success')
+	} catch (error) {
+		addNotification({
+			type: 'error',
+			title: 'Could not add files to existing entry',
+			text: error instanceof Error ? error.message : String(error),
+		})
+	}
+}
+
+function show(event?: MouseEvent) {
+	resetForm()
+	modalRef.value?.show(event)
+}
+
+function hide() {
+	modalRef.value?.hide()
+}
+
+defineExpose({ show, hide })
+</script>
+
+<template>
+	<NewModal
+		ref="modalRef"
+		header="Add to existing entry"
+		max-width="720px"
+		:disable-close="addFilesMutation.isPending.value"
+	>
+		<div class="flex flex-col gap-4 w-[650px]">
+			<div
+				class="rounded-xl bg-surface-3 border border-solid border-surface-5 p-3 flex flex-col gap-1 shrink-0"
+			>
+				<span class="font-semibold text-contrast">{{ groupPreviewTitle }}</span>
+				<span v-if="attributionKindLabel" class="text-secondary text-sm">{{
+					attributionKindLabel
+				}}</span>
+			</div>
+			<Accordion
+				ref="searchAccordionRef"
+				class="w-full bg-surface-4 border border-solid border-surface-5 rounded-2xl overflow-clip"
+				button-class="p-4 w-full border-b border-solid border-b-surface-5 bg-surface-2 -mb-px hover:brightness-[--hover-brightness] group"
+				open-by-default
+				@on-open="handleSearchPanelOpen"
+			>
+				<template #title>
+					<span class="flex items-center gap-3 text-contrast group-active:scale-[0.98]">
+						Select an external project
+					</span>
+				</template>
+				<div class="flex flex-col bg-surface-4 min-h-0">
+					<form
+						class="flex flex-wrap gap-2 shrink-0 p-4 bg-surface-3 border-0 border-b border-solid border-surface-5"
+						@submit.prevent="executeSearch"
+					>
+						<StyledInput
+							v-model="query"
+							:icon="SearchIcon"
+							type="text"
+							autocomplete="off"
+							placeholder="Search external projects…"
+							clearable
+							wrapper-class="flex-1 min-w-[12rem]"
+							:disabled="addFilesMutation.isPending.value"
+						/>
+						<ButtonStyled color="brand">
+							<button type="submit" :disabled="addFilesMutation.isPending.value">
+								<SearchIcon aria-hidden="true" />
+								Search
+							</button>
+						</ButtonStyled>
+					</form>
+					<div
+						class="flex flex-col min-h-0 max-h-[min(50vh,24rem)] overflow-y-auto overflow-x-hidden"
+					>
+						<div
+							v-if="searchNeedsInput || isLoading || externalProjects.length === 0"
+							class="p-8 flex flex-col gap-2 items-center justify-center"
+						>
+							<span class="text-contrast font-semibold">
+								<template v-if="searchNeedsInput"> Enter a search term to get started </template>
+								<template v-else-if="isLoading"> Loading external projects… </template>
+								<template v-else> No projects matched that search </template>
+							</span>
+							<span class="text-secondary text-sm">
+								<template v-if="searchNeedsInput">
+									Type at least 3 characters of a project's title to begin browsing.
+								</template>
+								<template v-else-if="isLoading"> Loading external projects… </template>
+								<template v-else> No projects matched that search </template>
+							</span>
+						</div>
+						<div v-else-if="externalProjects.length > 0" class="flex flex-col gap-3">
+							<ExternalProjectLookupCard
+								v-for="project in externalProjects"
+								:key="project.id"
+								:title="project.title"
+								:state="project.status"
+								:link="project.link"
+								:notes="project.exceptions"
+								:proof="project.proof"
+								:files="project.files"
+								:cf_id="project.flame_project_id"
+								class="mx-4 mt-3"
+							>
+								<template #actions>
+									<ButtonStyled color="brand">
+										<button
+											type="button"
+											:disabled="
+												selectedProjectId === project.id || addFilesMutation.isPending.value
+											"
+											@click="selectProject(project.id)"
+										>
+											{{ selectedProjectId === project.id ? 'Selected' : 'Select' }}
+										</button>
+									</ButtonStyled>
+								</template>
+							</ExternalProjectLookupCard>
+						</div>
+					</div>
+				</div>
+			</Accordion>
+
+			<Accordion
+				v-if="hasMultipleFiles"
+				ref="filesAccordionRef"
+				class="w-full bg-surface-4 border border-solid border-surface-5 rounded-2xl overflow-clip"
+				button-class="p-4 w-full border-b border-solid border-b-surface-5 bg-surface-2 -mb-px hover:brightness-[--hover-brightness] group"
+				@on-open="handleFilesPanelOpen"
+			>
+				<template #title>
+					<span class="flex items-center gap-3 text-contrast group-active:scale-[0.98]">
+						Select files to add
+					</span>
+				</template>
+				<AttributionGroupFilePicker
+					v-model:selected-sha1s="selectedSha1s"
+					:files="group.files"
+					:disabled="addFilesMutation.isPending.value"
+				/>
+			</Accordion>
+			<div class="flex justify-end gap-2 w-full">
+				<ButtonStyled type="outlined">
+					<button type="button" :disabled="addFilesMutation.isPending.value" @click="hide">
+						<XIcon class="size-4 shrink-0" />
+						Cancel
+					</button>
+				</ButtonStyled>
+				<ButtonStyled color="brand">
+					<button type="button" :disabled="!canSubmit" @click="handleSubmit">
+						<SpinnerIcon
+							v-if="addFilesMutation.isPending.value"
+							class="size-4 shrink-0 animate-spin"
+						/>
+						<PlusIcon v-else class="size-4 shrink-0" />
+						Add files to entry
+					</button>
+				</ButtonStyled>
+			</div>
+		</div>
+	</NewModal>
+</template>
diff --git a/packages/ui/src/components/external_files/AddToGlobalPermissionsDatabaseModal.vue b/packages/ui/src/components/external_files/AddToGlobalPermissionsDatabaseModal.vue
new file mode 100644
index 0000000000..c3a55d80d0
--- /dev/null
+++ b/packages/ui/src/components/external_files/AddToGlobalPermissionsDatabaseModal.vue
@@ -0,0 +1,245 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { PlusIcon, SpinnerIcon, XIcon } from '@modrinth/assets'
+import { useMutation } from '@tanstack/vue-query'
+import { computed, ref, useTemplateRef } from 'vue'
+
+import {
+	Accordion,
+	ButtonStyled,
+	Combobox,
+	type ComboboxOption,
+	NewModal,
+	StyledInput,
+} from '#ui/components'
+
+import { injectModrinthClient, injectNotificationManager } from '../../providers'
+import AttributionGroupFilePicker from './AttributionGroupFilePicker.vue'
+import {
+	attributionKindToDefaultExternalStatus,
+	buildExternalLicenseProofFromAttribution,
+	groupLinkForExternalLicense,
+	moderatorAttributionGroupTitle,
+	parseInitialAttribution,
+} from './external-project-utils'
+import type { ExternalLicenseStatus } from './types.ts'
+
+const props = defineProps<{
+	group: Labrinth.Attribution.Internal.AttributionGroup
+}>()
+
+const emit = defineEmits<{
+	(e: 'success'): void
+}>()
+
+const client = injectModrinthClient()
+const { addNotification } = injectNotificationManager()
+
+const modalRef = useTemplateRef<InstanceType<typeof NewModal>>('modalRef')
+
+const statusOptions: ComboboxOption<ExternalLicenseStatus>[] = [
+	{ value: 'yes', label: 'Yes' },
+	{ value: 'with-attribution-and-source', label: 'With attribution and source' },
+	{ value: 'with-attribution', label: 'With attribution' },
+	{ value: 'no', label: 'No' },
+	{ value: 'permanent-no', label: 'Permanent no' },
+	{ value: 'unidentified', label: 'Unidentified' },
+]
+
+const title = ref('')
+const link = ref('')
+const flameProjectId = ref('')
+const proof = ref('')
+const status = ref<ExternalLicenseStatus | undefined>(undefined)
+const selectedSha1s = ref<Set<string>>(new Set())
+
+const hasMultipleFiles = computed(() => props.group.files.length > 1)
+
+const createMutation = useMutation({
+	mutationFn: async () => {
+		if (!status.value) {
+			throw new Error('Status is required')
+		}
+
+		const parsedFlameProjectId = Number.parseInt(flameProjectId.value.trim(), 10)
+		const hasFlameId = Number.isFinite(parsedFlameProjectId)
+		const trimmedTitle = title.value.trim()
+		const trimmedLink = link.value.trim()
+		const trimmedProof = proof.value.trim()
+		const judgements: Labrinth.Moderation.Internal.ProjectJudgements = {}
+
+		for (const sha1 of selectedSha1s.value) {
+			if (hasFlameId) {
+				judgements[sha1] = {
+					type: 'flame',
+					id: parsedFlameProjectId,
+					status: status.value,
+					link:
+						trimmedLink || `https://www.curseforge.com/minecraft/mc-mods/${parsedFlameProjectId}`,
+					title: trimmedTitle || moderatorAttributionGroupTitle(props.group),
+				}
+			} else {
+				judgements[sha1] = {
+					type: 'unknown',
+					status: status.value,
+					proof: trimmedProof || undefined,
+					link: trimmedLink || undefined,
+					title: trimmedTitle || undefined,
+				}
+			}
+		}
+
+		return client.labrinth.moderation_internal.setProjectJudgements(judgements)
+	},
+})
+
+const canSubmit = computed(
+	() =>
+		selectedSha1s.value.size > 0 && status.value !== undefined && !createMutation.isPending.value,
+)
+
+function resetForm() {
+	const attribution = parseInitialAttribution(props.group.attribution)
+	title.value = moderatorAttributionGroupTitle(props.group)
+	link.value = groupLinkForExternalLicense(props.group, attribution)
+	flameProjectId.value = props.group.flame_project?.id?.toString() ?? ''
+	proof.value = attribution ? buildExternalLicenseProofFromAttribution(attribution) : ''
+	status.value = attribution ? attributionKindToDefaultExternalStatus(attribution.kind) : undefined
+	selectedSha1s.value = new Set(props.group.files.map((file) => file.sha1))
+}
+
+async function handleSubmit() {
+	try {
+		await createMutation.mutateAsync()
+		addNotification({
+			type: 'success',
+			title: 'Added to global database',
+			autoCloseMs: 3000,
+		})
+		hide()
+		emit('success')
+	} catch (error) {
+		addNotification({
+			type: 'error',
+			title: 'Could not add to global database',
+			text: error instanceof Error ? error.message : String(error),
+		})
+	}
+}
+
+function show(event?: MouseEvent) {
+	resetForm()
+	modalRef.value?.show(event)
+}
+
+function hide() {
+	modalRef.value?.hide()
+}
+
+defineExpose({ show, hide })
+</script>
+
+<template>
+	<NewModal
+		ref="modalRef"
+		header="Adding to global permissions database"
+		max-width="640px"
+		:disable-close="createMutation.isPending.value"
+	>
+		<div class="flex flex-col gap-4">
+			<div class="flex flex-col gap-2">
+				<label class="font-semibold text-contrast" for="add-global-title">Title</label>
+				<StyledInput
+					id="add-global-title"
+					v-model="title"
+					type="text"
+					:disabled="createMutation.isPending.value"
+				/>
+			</div>
+			<div class="flex flex-col gap-2">
+				<label class="font-semibold text-contrast" for="add-global-link">Link</label>
+				<StyledInput
+					id="add-global-link"
+					v-model="link"
+					type="text"
+					:disabled="createMutation.isPending.value"
+				/>
+			</div>
+			<div class="grid grid-cols-2 gap-4">
+				<div class="flex flex-col gap-2">
+					<label class="font-semibold text-contrast" for="add-global-flame-id">
+						CurseForge project ID
+					</label>
+					<StyledInput
+						id="add-global-flame-id"
+						v-model="flameProjectId"
+						type="text"
+						placeholder="1234567"
+						input-class="h-[40px]"
+						:disabled="createMutation.isPending.value"
+					/>
+				</div>
+				<div class="flex flex-col gap-2">
+					<label class="font-semibold text-contrast" for="add-global-status">Allowed?</label>
+					<Combobox
+						id="add-global-status"
+						v-model="status"
+						:options="statusOptions"
+						placeholder="Select status"
+						class="!w-full min-w-[18rem]"
+						:disabled="createMutation.isPending.value"
+					/>
+				</div>
+			</div>
+			<div class="flex flex-col gap-2">
+				<label class="font-semibold text-contrast" for="add-global-proof">Proof or notes</label>
+				<StyledInput
+					id="add-global-proof"
+					v-model="proof"
+					type="text"
+					multiline
+					input-class="min-h-[6rem]"
+					resize="vertical"
+					:disabled="createMutation.isPending.value"
+				/>
+			</div>
+			<Accordion
+				v-if="hasMultipleFiles"
+				class="w-full bg-surface-4 border border-solid border-surface-5 rounded-2xl overflow-clip"
+				button-class="p-4 w-full border-b border-solid border-b-surface-5 bg-surface-2 -mb-px hover:brightness-[--hover-brightness] group"
+				open-by-default
+			>
+				<template #title>
+					<span class="flex items-center gap-3 text-contrast group-active:scale-[0.98]">
+						Select files to add
+					</span>
+				</template>
+				<div>
+					<AttributionGroupFilePicker
+						v-model:selected-sha1s="selectedSha1s"
+						:files="group.files"
+						:disabled="createMutation.isPending.value"
+					/>
+				</div>
+			</Accordion>
+			<div class="flex justify-end gap-2 w-full">
+				<ButtonStyled type="outlined">
+					<button type="button" :disabled="createMutation.isPending.value" @click="hide">
+						<XIcon class="size-4 shrink-0" />
+						Cancel
+					</button>
+				</ButtonStyled>
+				<ButtonStyled color="brand">
+					<button type="button" :disabled="!canSubmit" @click="handleSubmit">
+						<SpinnerIcon
+							v-if="createMutation.isPending.value"
+							class="size-4 shrink-0 animate-spin"
+						/>
+						<PlusIcon v-else class="size-4 shrink-0" />
+						Add to global database
+					</button>
+				</ButtonStyled>
+			</div>
+		</div>
+	</NewModal>
+</template>
diff --git a/packages/ui/src/components/external_files/AttributionDisplay.vue b/packages/ui/src/components/external_files/AttributionDisplay.vue
new file mode 100644
index 0000000000..2c28e16898
--- /dev/null
+++ b/packages/ui/src/components/external_files/AttributionDisplay.vue
@@ -0,0 +1,258 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { CheckCircleIcon, ScaleIcon, UserRoundIcon, XCircleIcon } from '@modrinth/assets'
+import { builtinLicenses } from '@modrinth/utils'
+import { computed } from 'vue'
+
+import { IntlFormatted } from '#ui/components'
+import { AutoLink, Avatar } from '#ui/components/base'
+
+import { useFormatDateTime } from '../../composables/format-date-time'
+import { defineMessage, defineMessages, useVIntl } from '../../composables/i18n'
+import type { ProjectPermissionField } from './external-project-utils'
+import {
+	attributionLinkToWork,
+	isAutomaticNoPermissionAttribution,
+	isCustomAttributionLicense,
+	isHttpUrl,
+	PERMISSION_REASONS,
+} from './external-project-utils'
+
+const props = withDefaults(
+	defineProps<{
+		attribution: Labrinth.Attribution.Internal.AttributionResolution
+		attributedAt?: string | null
+		attributedBy?: string | null
+		attributorHref: string | null
+		attributorLabel: string
+		attributorAvatarUrl?: string | null
+		moderator?: boolean
+	}>(),
+	{
+		moderator: false,
+	},
+)
+
+const { formatMessage } = useVIntl()
+const formatDate = useFormatDateTime({ dateStyle: 'long' })
+
+const messages = defineMessages({
+	linkLabel: {
+		id: 'external-files.permissions-card.link-label',
+		defaultMessage: 'Link to work:',
+	},
+	notesLabel: {
+		id: 'external-files.permissions-card.notes-label',
+		defaultMessage: 'Notes:',
+	},
+	licensedAs: {
+		id: 'external-files.permissions-card.licensed-as',
+		defaultMessage: 'Licensed:',
+	},
+	lastUpdated: {
+		id: 'external-files.permissions-card.last-updated',
+		defaultMessage: 'Last updated on {date} by {user}',
+	},
+	proofImagesLabel: {
+		id: 'external-files.permissions-card.proof-images-label',
+		defaultMessage: 'Proof images:',
+	},
+	proofImageThumbnailAlt: {
+		id: 'external-files.permissions-card.proof-image-alt',
+		defaultMessage: 'Proof screenshot {n}',
+	},
+	updatedByModerator: {
+		id: 'external-files.permissions-card.updated-by-moderator',
+		defaultMessage: 'Moderator',
+	},
+})
+
+const unknownLicenseMessage = defineMessage({
+	id: 'external-files.permissions-card.license.unknown',
+	defaultMessage: 'Unknown',
+})
+
+const notesNoneMessage = defineMessage({
+	id: 'external-files.permissions-card.notes-none',
+	defaultMessage: 'None',
+})
+
+const automaticNoPermission = computed(() =>
+	isAutomaticNoPermissionAttribution(props.attribution, props.attributedBy),
+)
+
+const readViewFields = computed(() => {
+	if (automaticNoPermission.value) {
+		return ['link_to_work'] as ProjectPermissionField[]
+	}
+	return PERMISSION_REASONS[props.attribution.kind]?.fields ?? []
+})
+
+const automaticAttributionDescription = computed(() => {
+	if (props.attribution.kind === 'globally_allowed') {
+		return PERMISSION_REASONS.globally_allowed.description
+	}
+	if (automaticNoPermission.value) {
+		return PERMISSION_REASONS.no_permission.automaticDescription ?? null
+	}
+	return null
+})
+
+const licenseReadDisplay = computed(() => {
+	const attr = props.attribution
+	if (attr.kind !== 'license' && attr.kind !== 'my_project') {
+		return null
+	}
+	if (isCustomAttributionLicense(attr.license)) {
+		return { kind: 'custom' as const, value: attr.license.name }
+	}
+	const licenseId = attr.license
+	if (licenseId) {
+		const friendly =
+			builtinLicenses.find((license) => license.short === licenseId)?.friendly ?? licenseId
+		return { kind: 'standard' as const, value: friendly }
+	}
+	return { kind: 'unknown' as const, value: formatMessage(unknownLicenseMessage) }
+})
+
+const linkToWork = computed(() => attributionLinkToWork(props.attribution))
+</script>
+
+<template>
+	<div>
+		<div
+			class="flex flex-col gap-4 rounded-t-2xl p-4 mt-2 bg-surface-3 border border-solid border-surface-4"
+			:class="{ 'rounded-b-2xl': !$slots.footer, 'border-b-0': $slots.footer }"
+		>
+			<div class="flex gap-4">
+				<div class="flex flex-col gap-3 w-full">
+					<div class="flex items-start justify-between gap-3">
+						<span class="text-contrast font-semibold flex items-center gap-2">
+							<CheckCircleIcon
+								v-if="attribution.kind === 'globally_allowed'"
+								class="text-green size-5"
+							/>
+							<XCircleIcon v-else-if="automaticNoPermission" class="text-red size-5" />
+							{{ formatMessage(PERMISSION_REASONS[attribution.kind].label) }}
+						</span>
+					</div>
+					<template v-if="automaticAttributionDescription">
+						<p class="m-0">
+							{{ formatMessage(automaticAttributionDescription) }}
+						</p>
+					</template>
+					<div
+						v-if="!(readViewFields.includes('link_to_work') && !linkToWork)"
+						class="flex flex-col gap-3"
+					>
+						<div class="grid grid-cols-[max-content_1fr] gap-x-4 gap-y-2 items-baseline">
+							<template v-if="attribution.kind === 'license' || attribution.kind === 'my_project'">
+								<span class="text-secondary font-medium">
+									{{ formatMessage(messages.licensedAs) }}
+								</span>
+								<a
+									v-if="
+										licenseReadDisplay?.kind === 'custom' && isHttpUrl(licenseReadDisplay.value)
+									"
+									:href="licenseReadDisplay.value"
+									target="_blank"
+									rel="noopener"
+									class="text-link truncate"
+								>
+									{{ licenseReadDisplay.value }}
+								</a>
+								<span v-else class="text-primary whitespace-pre-wrap break-words">
+									{{ licenseReadDisplay?.value }}
+								</span>
+							</template>
+							<template v-if="readViewFields.includes('link_to_work') && linkToWork">
+								<span class="text-secondary font-medium">
+									{{ formatMessage(messages.linkLabel) }}
+								</span>
+								<a :href="linkToWork" target="_blank" rel="noopener" class="text-link truncate">{{
+									linkToWork
+								}}</a>
+							</template>
+							<template v-if="readViewFields.includes('notes')">
+								<span class="text-secondary font-medium">
+									{{ formatMessage(messages.notesLabel) }}
+								</span>
+								<span class="text-primary whitespace-pre-wrap break-words">
+									{{
+										attribution.notes?.trim() ? attribution.notes : formatMessage(notesNoneMessage)
+									}}
+								</span>
+							</template>
+						</div>
+						<div v-if="attribution.image_urls?.length" class="flex flex-col gap-2">
+							<span class="text-secondary font-medium">
+								{{ formatMessage(messages.proofImagesLabel) }}
+							</span>
+							<div class="flex flex-wrap gap-2">
+								<a
+									v-for="(src, idx) in attribution.image_urls"
+									:key="`${src}-${idx}`"
+									:href="src"
+									target="_blank"
+									rel="noopener"
+									class="block rounded-xl border-[1px] border-solid border-surface-5 overflow-hidden shrink-0"
+								>
+									<img
+										:src="src"
+										:alt="formatMessage(messages.proofImageThumbnailAlt, { n: idx + 1 })"
+										class="max-h-40 max-w-full object-contain"
+									/>
+								</a>
+							</div>
+						</div>
+					</div>
+				</div>
+				<div v-if="$slots.actions">
+					<slot name="actions" />
+				</div>
+			</div>
+
+			<div
+				v-if="attributedAt"
+				class="inline-flex items-center flex-wrap gap-x-2 gap-y-1 pt-3 mt-1 border-0 border-t border-solid border-surface-5"
+			>
+				<IntlFormatted
+					:message-id="messages.lastUpdated"
+					:values="{ date: formatDate(attributedAt) }"
+				>
+					<template #user>
+						<span
+							v-if="!moderator && attribution.updated_by_moderator"
+							class="text-orange flex items-center gap-1"
+						>
+							<ScaleIcon class="size-4 shrink-0" />
+							{{ formatMessage(messages.updatedByModerator) }}
+						</span>
+						<AutoLink
+							v-if="attributedBy && moderator"
+							:to="attributorHref"
+							class="inline-flex items-center gap-1.5 text-primary font-medium hover:underline max-w-full min-w-0"
+						>
+							<Avatar
+								v-if="attributorAvatarUrl"
+								:src="attributorAvatarUrl"
+								:alt="attributorLabel"
+								size="18px"
+								class="shrink-0"
+								circle
+							/>
+							<UserRoundIcon v-else class="size-4 shrink-0" />
+							<span class="truncate">{{ attributorLabel }}</span>
+						</AutoLink>
+					</template>
+				</IntlFormatted>
+			</div>
+		</div>
+		<div
+			v-if="$slots.footer"
+			class="p-4 border-surface-4 border bg-surface-2 border-solid rounded-b-2xl"
+		>
+			<slot name="footer" />
+		</div>
+	</div>
+</template>
diff --git a/packages/ui/src/components/external_files/AttributionEditor.vue b/packages/ui/src/components/external_files/AttributionEditor.vue
new file mode 100644
index 0000000000..3694793a02
--- /dev/null
+++ b/packages/ui/src/components/external_files/AttributionEditor.vue
@@ -0,0 +1,661 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import {
+	CheckIcon,
+	InfoIcon,
+	IssuesIcon,
+	SaveIcon,
+	SpinnerIcon,
+	TrashIcon,
+	UploadIcon,
+	XIcon,
+} from '@modrinth/assets'
+import { builtinLicenses } from '@modrinth/utils'
+import { useMutation, useQueryClient } from '@tanstack/vue-query'
+import { computed, ref, watch } from 'vue'
+
+import { ButtonStyled, Chips, Combobox, type ComboboxOption, StyledInput } from '#ui/components'
+import { FileInput } from '#ui/components/base'
+import { commonMessages } from '#ui/utils'
+
+import { defineMessage, defineMessages, useVIntl } from '../../composables/i18n'
+import { injectModrinthClient } from '../../providers'
+import {
+	attributionLinkToWork,
+	attributionProofValidationError,
+	CUSTOM_LICENSE_VALUE,
+	isHttpUrl,
+	parseAttributionLicense,
+	parseInitialAttribution,
+	PERMISSION_REASONS,
+	permissionKinds,
+	type ProjectPermissionField,
+} from './external-project-utils'
+
+const props = defineProps<{
+	projectId: string
+	groupId: string
+	attribution?: Labrinth.Attribution.Internal.AttributionResolution | null | undefined
+	flameProjectUrl?: string | null
+	/** Increments when the parent resumes editing so local fields reset */
+	resumeKey: number
+}>()
+
+const emit = defineEmits<{
+	(e: 'saved' | 'updated' | 'cancel'): void
+}>()
+
+const { formatMessage } = useVIntl()
+const client = injectModrinthClient()
+const queryClient = useQueryClient()
+
+const initialAttribution = computed<Labrinth.Attribution.Internal.AttributionResolution | null>(
+	() => parseInitialAttribution(props.attribution),
+)
+
+const isAttributed = computed(() => initialAttribution.value !== null)
+
+const messages = defineMessages({
+	typeLabel: {
+		id: 'external-files.permissions-card.editor.type-label',
+		defaultMessage: 'Permission reason',
+	},
+	licenseLabel: {
+		id: 'external-files.permissions-card.editor.license-label',
+		defaultMessage: 'License',
+	},
+	selectLicenseLabel: {
+		id: 'external-files.permissions-card.editor.select-license-label',
+		defaultMessage: 'Select a license...',
+	},
+	linkLabel: {
+		id: 'external-files.permissions-card.editor.link-label',
+		defaultMessage: 'Link to work',
+	},
+	linkToWorkUrlPlaceholder: {
+		id: 'external-files.permissions-card.editor.link-to-work-url-placeholder',
+		defaultMessage: 'link-to-work',
+	},
+	notesLabel: {
+		id: 'external-files.permissions-card.editor.notes-label',
+		defaultMessage: 'Notes',
+	},
+	optional: {
+		id: 'external-files.permissions-card.editor.input-optional',
+		defaultMessage: '(optional)',
+	},
+	notesPlaceholder: {
+		id: 'external-files.permissions-card.editor.notes-placeholder',
+		defaultMessage: 'Write something here...',
+	},
+	proofWarningTitle: {
+		id: 'external-files.permissions-card.editor.proof-warning.title',
+		defaultMessage: 'Modrinth staff may verify submitted proof',
+	},
+	proofWarningBody: {
+		id: 'external-files.permissions-card.editor.proof-warning.body',
+		defaultMessage:
+			'If you are found to have lied or manipulated the images uploaded, your project and account may be terminated.',
+	},
+	saveAttribution: {
+		id: 'external-files.permissions-card.editor.save',
+		defaultMessage: 'Save attribution',
+	},
+	addAttribution: {
+		id: 'external-files.permissions-card.editor.add',
+		defaultMessage: 'Add attribution',
+	},
+	licenseRequired: {
+		id: 'external-files.permissions-card.editor.error.license-required',
+		defaultMessage: 'Please select a license.',
+	},
+	customLicenseLabel: {
+		id: 'external-files.permissions-card.editor.custom-license-label',
+		defaultMessage: 'Link to license',
+	},
+	customLicenseMyProjectLabel: {
+		id: 'external-files.permissions-card.editor.custom-license-my-project-label',
+		defaultMessage: 'License name, preferably a SPDX identifier',
+	},
+	linkToLicenseUrlPlaceholder: {
+		id: 'external-files.permissions-card.editor.link-to-license-url-placeholder',
+		defaultMessage: 'link-to-license',
+	},
+	linkInvalidUrl: {
+		id: 'external-files.permissions-card.editor.error.link-invalid-url',
+		defaultMessage: 'Link must be a valid URL.',
+	},
+	proofImagesLabel: {
+		id: 'external-files.permissions-card.editor.proof-images-label',
+		defaultMessage: 'Proof images',
+	},
+	proofImagesUploadPrompt: {
+		id: 'external-files.permissions-card.editor.proof-images-upload-prompt',
+		defaultMessage: 'Drag and drop to upload or click to select an image',
+	},
+	proofImageThumbnailAlt: {
+		id: 'external-files.permissions-card.editor.proof-image-alt',
+		defaultMessage: 'Proof screenshot {n}',
+	},
+	proofImageRemove: {
+		id: 'external-files.permissions-card.editor.proof-image-remove',
+		defaultMessage: 'Remove image',
+	},
+	modrinthLinkToWork: {
+		id: 'external-files.permissions-card.editor.modrinth-link-to-work',
+		defaultMessage: `This appears to be a Modrinth link. If this content is available on Modrinth, your pack was likely exported incorrectly. If you downloaded it from another site, try downloading the Modrinth version instead; sometimes they are not identical files.`,
+	},
+	arrLabel: {
+		id: 'external-files.permissions-card.editor.all-rights-reserved',
+		defaultMessage: `All Rights Reserved/No license`,
+	},
+	exampleSpdxLicense: {
+		id: 'external-files.permissions-card.editor.example-spdx-license',
+		defaultMessage: 'e.g. MPL-1.1',
+	},
+})
+
+const MAX_PROOF_IMAGE_BYTES = 1_048_576
+
+const selectedKind = ref<Labrinth.Attribution.Internal.AttributionResolutionKind>(
+	initialAttribution.value?.kind ?? 'license',
+)
+
+const licenseIdInput = ref('')
+const customLicenseInput = ref('')
+const linkInput = ref('')
+const notesInput = ref('')
+const inputError = ref<string | null>(null)
+const proofImageUrls = ref<string[]>([])
+
+function extFromImageFile(file: File): Labrinth.Images.v3.ImageExtension | null {
+	const byMime: Partial<Record<string, Labrinth.Images.v3.ImageExtension>> = {
+		'image/png': 'png',
+		'image/gif': 'gif',
+		'image/webp': 'webp',
+		'image/bmp': 'bmp',
+		'image/jpeg': 'jpg',
+	}
+	const mime = byMime[file.type]
+	if (mime) {
+		return mime
+	}
+	const ext = file.name.toLowerCase().split('.').pop()
+	if (ext === 'jpg' || ext === 'jpeg') {
+		return 'jpg'
+	}
+	if (ext === 'png' || ext === 'gif' || ext === 'webp' || ext === 'bmp') {
+		return ext
+	}
+	return null
+}
+
+function resetInputs() {
+	const payload = initialAttribution.value
+	selectedKind.value = payload?.kind ?? 'license'
+	const license =
+		payload && (payload.kind === 'license' || payload.kind === 'my_project')
+			? parseAttributionLicense(payload.license)
+			: { spdx: '', custom: '' }
+	licenseIdInput.value = license.spdx
+	customLicenseInput.value = license.custom
+	const linkFallback = props.flameProjectUrl ?? ''
+	linkInput.value = attributionLinkToWork(payload) ?? linkFallback
+	notesInput.value = payload?.notes ?? ''
+	proofImageUrls.value = payload?.image_urls ?? []
+	inputError.value = null
+}
+
+resetInputs()
+
+watch(licenseIdInput, (value) => {
+	if (value !== CUSTOM_LICENSE_VALUE) {
+		customLicenseInput.value = ''
+	}
+})
+
+watch(
+	() => props.attribution,
+	() => {
+		resetInputs()
+	},
+	{ deep: true },
+)
+
+watch(
+	() => props.resumeKey,
+	() => {
+		resetInputs()
+	},
+)
+
+watch(selectedKind, () => {
+	inputError.value = null
+})
+
+const permissionReasonFields = computed<ProjectPermissionField[]>(() => {
+	return PERMISSION_REASONS[selectedKind.value]?.fields ?? []
+})
+
+const selectedPermissionReason = computed(() => PERMISSION_REASONS[selectedKind.value])
+
+const notesAfterProofImages = computed(() => selectedKind.value === 'special_permissions')
+
+const notesInputRows = computed(() => (notesAfterProofImages.value ? 2 : 3))
+
+const proofImagesShowOptional = computed(() => {
+	const reason = selectedPermissionReason.value
+	return (
+		reason.proofRequirement === null ||
+		(reason.proofRequirement === 'explanation_or_images' && reason.notesShowsOptional)
+	)
+})
+
+const attributionFieldSections = computed(() => {
+	const fields = permissionReasonFields.value
+	const sections: Array<'notes' | 'image_urls'> = []
+	if (fields.includes('notes') && !notesAfterProofImages.value) {
+		sections.push('notes')
+	}
+	if (fields.includes('image_urls')) {
+		sections.push('image_urls')
+	}
+	if (fields.includes('notes') && notesAfterProofImages.value) {
+		sections.push('notes')
+	}
+	return sections
+})
+
+const isCustomLicense = computed(() => licenseIdInput.value === CUSTOM_LICENSE_VALUE)
+
+const licenseOptions = computed<ComboboxOption<string>[]>(() => [
+	...builtinLicenses
+		.filter((license) => license.short !== '')
+		.map((license) => ({
+			value: license.short,
+			label:
+				license.short === 'All-Rights-Reserved' ? formatMessage(messages.arrLabel) : license.short,
+		})),
+	{
+		value: CUSTOM_LICENSE_VALUE,
+		label: formatMessage(
+			defineMessage({
+				id: 'external-files.permissions-card.custom-license-option',
+				defaultMessage: 'Other',
+			}),
+		),
+	},
+])
+
+function buildAttributionLicense(): Labrinth.Attribution.Internal.AttributionLicense | null {
+	const custom = isCustomLicense.value
+	if (!licenseIdInput.value) {
+		inputError.value = formatMessage(messages.licenseRequired)
+		return null
+	}
+	const customLicense = customLicenseInput.value.trim()
+	if (custom && !customLicense) {
+		inputError.value = formatMessage(
+			defineMessage({
+				id: 'external-files.permissions-card.error.custom-license-required',
+				defaultMessage: `Please include a link to your license. If you have none, you should likely select 'All Rights Reserved/No license'`,
+			}),
+		)
+		return null
+	}
+	return custom ? { name: customLicense } : licenseIdInput.value
+}
+
+function buildEditedData(): Labrinth.Attribution.Internal.AttributionResolution | null {
+	inputError.value = null
+	const notes = notesInput.value.trim()
+	const image_urls = [...proofImageUrls.value]
+	const proofError = attributionProofValidationError(
+		selectedPermissionReason.value.proofRequirement,
+		notes,
+		image_urls,
+		selectedPermissionReason.value.proofValidationError,
+	)
+	if (proofError) {
+		inputError.value = formatMessage(proofError)
+		return null
+	}
+	const base = {
+		notes,
+		image_urls,
+		updated_by_moderator: false,
+	}
+	switch (selectedKind.value) {
+		case 'license': {
+			const license = buildAttributionLicense()
+			if (!license) {
+				return null
+			}
+			const linkRaw = linkInput.value.trim()
+			if (!linkRaw) {
+				inputError.value = formatMessage(
+					defineMessage({
+						id: 'external-files.permissions-card.error.link-required',
+						defaultMessage: 'Please provide a link.',
+					}),
+				)
+				return null
+			}
+			if (!isHttpUrl(linkRaw)) {
+				inputError.value = formatMessage(messages.linkInvalidUrl)
+				return null
+			}
+			return {
+				...base,
+				kind: 'license',
+				license,
+				link_to_work: linkRaw,
+			}
+		}
+		case 'my_project': {
+			const license = buildAttributionLicense()
+			if (!license) {
+				return null
+			}
+			return {
+				...base,
+				kind: 'my_project',
+				license,
+			}
+		}
+		case 'special_permissions': {
+			const linkRaw = linkInput.value.trim()
+			if (!linkRaw) {
+				inputError.value = formatMessage(
+					defineMessage({
+						id: 'external-files.permissions-card.error.link-required',
+						defaultMessage: 'Please provide a link.',
+					}),
+				)
+				return null
+			}
+			if (!isHttpUrl(linkRaw)) {
+				inputError.value = formatMessage(messages.linkInvalidUrl)
+				return null
+			}
+			return {
+				...base,
+				kind: 'special_permissions',
+				link_to_work: linkRaw,
+			}
+		}
+		case 'no_permission':
+			return {
+				...base,
+				kind: 'no_permission',
+			}
+	}
+	return null
+}
+
+const uploadProofImageMutation = useMutation({
+	mutationFn: async (file: File) => {
+		const ext = extFromImageFile(file)
+		if (!ext) {
+			throw new Error(
+				formatMessage(
+					defineMessage({
+						id: 'external-files.permissions-card.error.proof-image-invalid-type',
+						defaultMessage: 'Please upload a PNG, JPEG, GIF, WebP, or BMP image.',
+					}),
+				),
+			)
+		}
+		const result = await client.labrinth.images_v3.uploadImage(file, ext, {
+			context: 'project',
+			project_id: props.projectId,
+		}).promise
+		return result.url
+	},
+	onSuccess(url) {
+		proofImageUrls.value = [...proofImageUrls.value, url]
+	},
+})
+
+function handleProofImagesSelected(files: File[]) {
+	const file = files[0]
+	if (!file) {
+		return
+	}
+	inputError.value = null
+	uploadProofImageMutation.mutate(file)
+}
+
+function removeProofImage(index: number) {
+	proofImageUrls.value = proofImageUrls.value.filter((_, i) => i !== index)
+}
+
+const saveMutation = useMutation({
+	mutationFn: (payload: Labrinth.Attribution.Internal.AttributionResolution) =>
+		client.labrinth.attribution_internal.updateGroup(props.groupId, {
+			attribution: payload,
+		}),
+	onSuccess: async () => {
+		await queryClient.invalidateQueries({ queryKey: ['project-attribution', props.projectId] })
+		emit('updated')
+		emit('saved')
+	},
+})
+
+function handleSave() {
+	const data = buildEditedData()
+	if (!data) {
+		return
+	}
+	saveMutation.mutate(data)
+}
+
+function cancelEditing() {
+	resetInputs()
+	if (isAttributed.value) {
+		emit('cancel')
+	}
+}
+</script>
+
+<template>
+	<div class="flex flex-col gap-3">
+		<span class="text-contrast font-semibold">
+			{{ formatMessage(messages.typeLabel) }}
+		</span>
+		<Chips
+			v-model="selectedKind"
+			:items="permissionKinds.filter((kind) => kind !== 'globally_allowed')"
+			:format-label="(kind) => formatMessage(PERMISSION_REASONS[kind].label)"
+			:capitalize="false"
+		/>
+		<span>{{ formatMessage(PERMISSION_REASONS[selectedKind].description) }}</span>
+		<div v-if="permissionReasonFields.includes('link_to_work')" class="flex flex-col gap-2">
+			<span class="text-contrast font-semibold mt-1">
+				{{ formatMessage(messages.linkLabel) }}
+			</span>
+			<StyledInput
+				v-model="linkInput"
+				type="text"
+				class="max-w-[40rem]"
+				:placeholder="`https://example.com/${formatMessage(messages.linkToWorkUrlPlaceholder)}`"
+			/>
+			<span
+				v-if="
+					linkInput.startsWith('https://modrinth.com/') ||
+					linkInput.startsWith('https://www.modrinth.com/')
+				"
+				class="flex text-orange gap-2 font-medium mt-2"
+			>
+				<IssuesIcon class="shrink-0 mt-0.5" /> {{ formatMessage(messages.modrinthLinkToWork) }}
+			</span>
+		</div>
+		<div v-if="permissionReasonFields.includes('license_id')" class="flex flex-col gap-2">
+			<span class="text-contrast font-semibold mt-1">
+				{{ formatMessage(messages.licenseLabel) }}
+			</span>
+			<Combobox
+				v-model="licenseIdInput"
+				class="max-w-80"
+				:options="licenseOptions"
+				searchable
+				:search-placeholder="formatMessage(messages.selectLicenseLabel)"
+			/>
+		</div>
+		<div
+			v-if="permissionReasonFields.includes('custom_license') && isCustomLicense"
+			class="flex flex-col gap-2"
+		>
+			<span class="text-contrast font-semibold mt-1">
+				{{
+					formatMessage(
+						selectedKind === 'my_project'
+							? messages.customLicenseMyProjectLabel
+							: messages.customLicenseLabel,
+					)
+				}}
+			</span>
+			<StyledInput
+				v-model="customLicenseInput"
+				type="text"
+				class="max-w-[40rem]"
+				:placeholder="
+					selectedKind === 'my_project'
+						? formatMessage(messages.exampleSpdxLicense)
+						: `https://example.com/${formatMessage(messages.linkToLicenseUrlPlaceholder)}`
+				"
+			/>
+		</div>
+		<div class="flex flex-col gap-3">
+			<template v-for="section in attributionFieldSections" :key="section">
+				<div v-if="section === 'notes'" class="flex flex-col gap-2">
+					<div class="flex flex-col gap-1 mt-1">
+						<span class="text-contrast font-semibold">
+							{{ formatMessage(selectedPermissionReason.notesLabel ?? messages.notesLabel) }}
+							<span
+								v-if="selectedPermissionReason.notesShowsOptional"
+								class="font-normal text-primary"
+								>{{ formatMessage(messages.optional) }}</span
+							>
+						</span>
+						<span v-if="selectedPermissionReason.notesDescription">{{
+							formatMessage(selectedPermissionReason.notesDescription)
+						}}</span>
+					</div>
+					<StyledInput
+						v-model="notesInput"
+						type="text"
+						resize="both"
+						multiline
+						:rows="notesInputRows"
+						class="max-w-[40rem]"
+						:placeholder="formatMessage(messages.notesPlaceholder)"
+					/>
+				</div>
+				<div v-else-if="section === 'image_urls'" class="flex flex-col gap-2">
+					<div class="flex flex-col gap-2 mt-1">
+						<div class="flex flex-col gap-1 mt-1">
+							<span class="text-contrast font-semibold">
+								{{ formatMessage(messages.proofImagesLabel) }}
+								<span v-if="proofImagesShowOptional" class="font-normal text-primary">{{
+									formatMessage(messages.optional)
+								}}</span>
+							</span>
+							<span v-if="selectedPermissionReason.proofImagesDescription">{{
+								formatMessage(selectedPermissionReason.proofImagesDescription)
+							}}</span>
+						</div>
+						<div v-if="proofImageUrls.length > 0" class="grid grid-cols-2 gap-4">
+							<div
+								v-for="(src, idx) in proofImageUrls"
+								:key="`${src}-${idx}`"
+								class="relative rounded-xl border-[1px] border-solid border-surface-5 overflow-hidden shrink-0"
+							>
+								<img
+									:src="src"
+									:alt="formatMessage(messages.proofImageThumbnailAlt, { n: idx + 1 })"
+									class="flex w-full object-contain bg-surface-3"
+								/>
+								<div class="absolute top-2 right-2">
+									<ButtonStyled circular>
+										<button
+											v-tooltip="formatMessage(messages.proofImageRemove)"
+											type="button"
+											@click="removeProofImage(idx)"
+										>
+											<TrashIcon />
+										</button>
+									</ButtonStyled>
+								</div>
+							</div>
+						</div>
+						<div class="grid grid-cols-2 gap-4">
+							<FileInput
+								accept="image/png,image/jpeg,image/gif,image/webp,image/bmp"
+								:prompt="formatMessage(messages.proofImagesUploadPrompt)"
+								long-style
+								should-always-reset
+								:max-size="MAX_PROOF_IMAGE_BYTES"
+								:disabled="uploadProofImageMutation.isPending.value || saveMutation.isPending.value"
+								class="!bg-surface-3 !border-surface-5"
+								@change="handleProofImagesSelected"
+							>
+								<UploadIcon class="size-5 shrink-0" />
+							</FileInput>
+						</div>
+						<p v-if="uploadProofImageMutation.isError.value" class="text-red text-sm m-0">
+							{{ String(uploadProofImageMutation.error.value) }}
+						</p>
+					</div>
+				</div>
+			</template>
+		</div>
+		<div
+			v-if="selectedKind === 'my_project' || selectedKind === 'special_permissions'"
+			class="grid grid-cols-[auto_1fr] gap-2"
+		>
+			<div class="flex flex-col items-center">
+				<InfoIcon class="size-5 text-blue" />
+				<div class="w-[2px] flex-grow bg-blue mt-[-1px]"></div>
+			</div>
+			<div class="flex flex-col gap-2">
+				<span class="font-medium leading-[1.25] text-blue">{{
+					formatMessage(messages.proofWarningTitle)
+				}}</span>
+				<span class="text-contrast">{{ formatMessage(messages.proofWarningBody) }}</span>
+			</div>
+		</div>
+
+		<p v-if="inputError" class="text-red m-0">{{ inputError }}</p>
+		<p v-else-if="saveMutation.isError.value" class="text-red m-0">
+			{{ String(saveMutation.error.value) }}
+		</p>
+
+		<hr class="mt-1 bg-surface-5 border-none h-[1px] w-full" />
+		<div class="flex items-center gap-2 justify-end">
+			<ButtonStyled v-if="isAttributed" type="outlined">
+				<button
+					:disabled="saveMutation.isPending.value || uploadProofImageMutation.isPending.value"
+					@click="cancelEditing"
+				>
+					<XIcon /> {{ formatMessage(commonMessages.cancelButton) }}
+				</button>
+			</ButtonStyled>
+			<ButtonStyled color="brand">
+				<button
+					:disabled="saveMutation.isPending.value || uploadProofImageMutation.isPending.value"
+					@click="handleSave"
+				>
+					<template v-if="saveMutation.isPending.value">
+						<SpinnerIcon class="animate-spin" />
+						{{ formatMessage(commonMessages.savingButton) }}
+					</template>
+					<template v-else-if="isAttributed">
+						<SaveIcon /> {{ formatMessage(messages.saveAttribution) }}
+					</template>
+					<template v-else> <CheckIcon /> {{ formatMessage(messages.addAttribution) }} </template>
+				</button>
+			</ButtonStyled>
+		</div>
+	</div>
+</template>
diff --git a/packages/ui/src/components/external_files/AttributionGroupFilePicker.vue b/packages/ui/src/components/external_files/AttributionGroupFilePicker.vue
new file mode 100644
index 0000000000..77a6de72e0
--- /dev/null
+++ b/packages/ui/src/components/external_files/AttributionGroupFilePicker.vue
@@ -0,0 +1,71 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { computed } from 'vue'
+
+import { Checkbox } from '#ui/components'
+
+const props = defineProps<{
+	files: Labrinth.Attribution.Internal.AttributionFile[]
+	disabled?: boolean
+}>()
+
+const selectedSha1s = defineModel<Set<string>>('selectedSha1s', { required: true })
+
+const allSelected = computed(
+	() => props.files.length > 0 && props.files.every((file) => selectedSha1s.value.has(file.sha1)),
+)
+
+const someSelected = computed(
+	() => props.files.some((file) => selectedSha1s.value.has(file.sha1)) && !allSelected.value,
+)
+
+function displayName(file: Labrinth.Attribution.Internal.AttributionFile) {
+	return file.name.split('/').pop() ?? file.name
+}
+
+function setAllSelected(selected: boolean) {
+	const next = new Set(selectedSha1s.value)
+	for (const file of props.files) {
+		if (selected) {
+			next.add(file.sha1)
+		} else {
+			next.delete(file.sha1)
+		}
+	}
+	selectedSha1s.value = next
+}
+
+function toggleFile(sha1: string, selected: boolean) {
+	const next = new Set(selectedSha1s.value)
+	if (selected) {
+		next.add(sha1)
+	} else {
+		next.delete(sha1)
+	}
+	selectedSha1s.value = next
+}
+</script>
+
+<template>
+	<div v-if="files.length > 1" class="flex flex-col gap-2">
+		<Checkbox
+			:model-value="allSelected"
+			:indeterminate="someSelected"
+			label="Select files to add"
+			:disabled="disabled"
+			@update:model-value="setAllSelected"
+		/>
+		<div class="flex flex-col [&>*:nth-child(even)]:bg-surface-3">
+			<Checkbox
+				v-for="file in files"
+				:key="file.sha1"
+				:model-value="selectedSha1s.has(file.sha1)"
+				:label="displayName(file)"
+				:disabled="disabled"
+				class="w-full px-4 py-2 hover:bg-surface-4 text-primary"
+				@update:model-value="(selected) => toggleFile(file.sha1, selected)"
+				@click.stop
+			/>
+		</div>
+	</div>
+</template>
diff --git a/packages/ui/src/components/external_files/AttributionModerationDbBadge.vue b/packages/ui/src/components/external_files/AttributionModerationDbBadge.vue
new file mode 100644
index 0000000000..ca413cce84
--- /dev/null
+++ b/packages/ui/src/components/external_files/AttributionModerationDbBadge.vue
@@ -0,0 +1,70 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { ScaleIcon } from '@modrinth/assets'
+import { sortByIndex } from '@modrinth/utils'
+import { computed } from 'vue'
+
+import { TagItem } from '#ui/components'
+
+import { MODERATION_DB_BADGE } from './external-project-utils'
+
+const props = defineProps<{
+	files?: Labrinth.Attribution.Internal.AttributionGroup['files']
+}>()
+
+const MODERATION_STATUS_PRIORITY: Labrinth.ExternalProjects.Internal.ExternalLicenseStatus[] = [
+	'permanent-no',
+	'no',
+	'yes',
+	'with-attribution',
+	'with-attribution-and-source',
+	'unidentified',
+]
+
+function statusLabel(status: Labrinth.ExternalProjects.Internal.ExternalLicenseStatus): string {
+	return MODERATION_DB_BADGE[status]?.label ?? status
+}
+
+const moderationStatuses = computed<{
+	primary: Labrinth.ExternalProjects.Internal.ExternalLicenseStatus
+	others?: Labrinth.ExternalProjects.Internal.ExternalLicenseStatus[]
+}>(() => {
+	const statuses = (props.files ?? []).map((file) => {
+		const status = file.moderation_external_license?.status
+		if (!status) {
+			return 'unidentified'
+		} else {
+			return status
+		}
+	})
+	const sorted = sortByIndex(MODERATION_STATUS_PRIORITY, [...new Set(statuses)])
+	const primary = sorted[0] ?? 'unidentified'
+	return {
+		primary,
+		...(sorted.length > 1 ? { others: sorted.slice(1) } : {}),
+	}
+})
+
+const otherStatusesTooltip = computed(() => {
+	const others = moderationStatuses.value.others
+	if (!others?.length) {
+		return undefined
+	}
+	return others.map((status) => statusLabel(status)).join(', ')
+})
+</script>
+
+<template>
+	<TagItem
+		v-tooltip="`Other statuses: ${otherStatusesTooltip}`"
+		:style="{ color: MODERATION_DB_BADGE[moderationStatuses.primary]?.color }"
+	>
+		<ScaleIcon class="size-4 shrink-0" />
+		{{ statusLabel(moderationStatuses.primary) }}
+		<span class="text-primary">
+			{{
+				moderationStatuses.others?.length > 0 ? `+ ${moderationStatuses.others?.length} more` : ''
+			}}
+		</span>
+	</TagItem>
+</template>
diff --git a/packages/ui/src/components/external_files/AttributionStatusTag.vue b/packages/ui/src/components/external_files/AttributionStatusTag.vue
new file mode 100644
index 0000000000..0ba5d47850
--- /dev/null
+++ b/packages/ui/src/components/external_files/AttributionStatusTag.vue
@@ -0,0 +1,67 @@
+<script setup lang="ts">
+import { computed } from 'vue'
+
+import { TagItem } from '#ui/components'
+
+import { defineMessage, useVIntl } from '../../composables/i18n'
+
+const props = defineProps<{
+	variant: 'pending' | 'attributed' | 'no_permission' | 'proof_rejected' | 'not_allowed'
+}>()
+
+const { formatMessage } = useVIntl()
+
+const badge = computed(() => {
+	switch (props.variant) {
+		case 'no_permission':
+			return {
+				style: { '--_bg-color': 'var(--color-red-bg)', '--_color': 'var(--color-red)' },
+				message: defineMessage({
+					id: 'external-files.permissions-card.badge.no-permission',
+					defaultMessage: 'No permission',
+				}),
+			}
+		case 'proof_rejected':
+			return {
+				style: { '--_bg-color': 'var(--color-orange-bg)', '--_color': 'var(--color-orange)' },
+				message: defineMessage({
+					id: 'external-files.permissions-card.badge.proof-rejected',
+					defaultMessage: 'Information rejected',
+				}),
+			}
+		case 'not_allowed':
+			return {
+				style: { '--_bg-color': 'var(--color-red-bg)', '--_color': 'var(--color-red)' },
+				message: defineMessage({
+					id: 'external-files.permissions-card.badge.not-allowed',
+					defaultMessage: 'Not allowed',
+				}),
+			}
+		case 'attributed':
+			return {
+				style: { '--_bg-color': 'var(--color-green-bg)', '--_color': 'var(--color-green)' },
+				message: defineMessage({
+					id: 'external-files.permissions-card.badge.attributed',
+					defaultMessage: 'Completed',
+				}),
+			}
+		default:
+			return {
+				style: {
+					'--_bg-color': 'var(--color-orange-bg)',
+					'--_color': 'var(--color-orange)',
+				},
+				message: defineMessage({
+					id: 'external-files.permissions-card.badge.pending',
+					defaultMessage: 'Pending',
+				}),
+			}
+	}
+})
+</script>
+
+<template>
+	<TagItem :style="badge.style">
+		{{ formatMessage(badge.message) }}
+	</TagItem>
+</template>
diff --git a/packages/ui/src/components/external_files/ExternalProjectPermissionsCard.vue b/packages/ui/src/components/external_files/ExternalProjectPermissionsCard.vue
index 965dcfdda5..a2bd339065 100644
--- a/packages/ui/src/components/external_files/ExternalProjectPermissionsCard.vue
+++ b/packages/ui/src/components/external_files/ExternalProjectPermissionsCard.vue
@@ -1,176 +1,804 @@
 <script setup lang="ts">
-import { ChevronDownIcon, ListBulletedIcon, SaveIcon, VersionIcon, XIcon } from '@modrinth/assets'
-import { ref } from 'vue'
+import type { Labrinth } from '@modrinth/api-client'
+import {
+	CheckCircleIcon,
+	ChevronDownIcon,
+	EditIcon,
+	FileIcon,
+	PlusIcon,
+	ReportIcon,
+	ScaleIcon,
+	SpinnerIcon,
+	VersionIcon,
+	XCircleIcon,
+	XIcon,
+} from '@modrinth/assets'
+import { renderString } from '@modrinth/utils'
+import { useMutation, useQueryClient } from '@tanstack/vue-query'
+import { computed, ref, useTemplateRef, watch } from 'vue'
 
-import { Admonition, ButtonStyled, Chips, Collapsible, Combobox, StyledInput } from '#ui/components'
+import { ButtonStyled, Collapsible, OverflowMenu } from '#ui/components'
+import type { OverflowMenuOption } from '#ui/components/base'
+import { commonMessages } from '#ui/utils'
 
-defineProps<{
-	title: string
+import { defineMessage, defineMessages, useVIntl } from '../../composables/i18n'
+import {
+	injectAttributionModeration,
+	injectModrinthClient,
+	injectNotificationManager,
+	injectProjectPageContext,
+} from '../../providers'
+import type { QuickReply } from '../../providers/attribution-moderation'
+import StyledInput from '../base/StyledInput.vue'
+import AddFilesToAttributionGroupModal from './AddFilesToAttributionGroupModal.vue'
+import AddToExistingExternalProjectModal from './AddToExistingExternalProjectModal.vue'
+import AddToGlobalPermissionsDatabaseModal from './AddToGlobalPermissionsDatabaseModal.vue'
+import AttributionDisplay from './AttributionDisplay.vue'
+import AttributionEditor from './AttributionEditor.vue'
+import AttributionModerationDbBadge from './AttributionModerationDbBadge.vue'
+import AttributionStatusTag from './AttributionStatusTag.vue'
+import {
+	attributionLinkToWork,
+	createAttributionGroupTitle,
+	MODERATION_DB_BADGE,
+	parseInitialAttribution,
+} from './external-project-utils'
+import OriginalPageLink from './OriginalPageLink.vue'
+
+const props = withDefaults(
+	defineProps<{
+		projectId: string
+		group: Labrinth.Attribution.Internal.AttributionGroup
+		isModerator?: boolean
+	}>(),
+	{
+		isModerator: false,
+	},
+)
+
+const collapsedModel = defineModel<boolean>('collapsed')
+
+const collapsed = computed({
+	get: () =>
+		collapsedModel.value ??
+		(!props.isModerator &&
+			!!props.group.attribution &&
+			props.group.attribution?.moderation_status?.kind !== 'bad_proof'),
+	set: (value) => {
+		collapsedModel.value = value
+	},
+})
+
+const emit = defineEmits<{
+	(e: 'updated'): void
 }>()
 
-const collapsed = ref(true)
+const addFilesModalRef = useTemplateRef<typeof AddFilesToAttributionGroupModal>('addFilesModalRef')
+const addToGlobalModalRef =
+	useTemplateRef<typeof AddToGlobalPermissionsDatabaseModal>('addToGlobalModalRef')
+const addToExistingModalRef =
+	useTemplateRef<typeof AddToExistingExternalProjectModal>('addToExistingModalRef')
+
+const { formatMessage } = useVIntl()
+const client = injectModrinthClient()
+const queryClient = useQueryClient()
+const { addNotification } = injectNotificationManager()
+const { allMembers } = injectProjectPageContext()
+const attributionModeration = injectAttributionModeration(null)
+
+const attributorMember = computed(() => {
+	const userId = props.group.attributed_by
+	if (!userId || !allMembers.value) {
+		return null
+	}
+	return allMembers.value.find((member) => member.user.id === userId) ?? null
+})
+
+const attributorLink = computed(() => {
+	const id = props.group.attributed_by
+	if (!id) {
+		return null
+	}
+	const slug = attributorMember.value?.user?.username ?? id
+	return `/user/${slug}`
+})
+
+const attributorLabel = computed(() => {
+	if (attributorMember.value) {
+		return attributorMember.value.user.username
+	}
+	return props.group.attributed_by ?? 'unknown'
+})
+
+const messages = defineMessages({
+	fileCount: {
+		id: 'external-files.permissions-card.file-count',
+		defaultMessage: '{count, plural, one {# file} other {# files}}',
+	},
+	includedInVersions: {
+		id: 'external-files.permissions-card.included-in-versions',
+		defaultMessage: 'Included in {count, plural, one {# version} other {# versions}}:',
+	},
+	includedFiles: {
+		id: 'external-files.permissions-card.included-files',
+		defaultMessage: 'Included files:',
+	},
+	notUsedInVersions: {
+		id: 'external-files.permissions-card.not-used-in-versions',
+		defaultMessage: 'These files are not currently used by any version.',
+	},
+	splitFile: {
+		id: 'external-files.permissions-card.split-file',
+		defaultMessage: 'Remove from group',
+	},
+	addFilesToGroup: {
+		id: 'external-files.permissions-card.add-files-to-group',
+		defaultMessage: 'Add files...',
+	},
+	moderationReasonLabel: {
+		id: 'external-files.permissions-card.moderation-reason',
+		defaultMessage: 'Reason',
+	},
+})
+
+type EditingMode = 'attribution' | 'moderation_review'
+
+const editingMode = ref<EditingMode | null>(null)
+const editorResumeKey = ref(0)
+
+const isEditingAttribution = computed(() => editingMode.value === 'attribution')
+const isEditingModerationReview = computed(() => editingMode.value === 'moderation_review')
+
+const initialAttribution = computed<Labrinth.Attribution.Internal.AttributionResolution | null>(
+	() => parseInitialAttribution(props.group.attribution),
+)
+
+const isAttributed = computed(() => initialAttribution.value !== null)
+const attributionStatusVariant = computed<
+	'pending' | 'attributed' | 'no_permission' | 'proof_rejected' | 'not_allowed'
+>(() => {
+	if (isAttributed.value && props.group.attribution?.kind === 'no_permission') {
+		return 'no_permission'
+	} else if (
+		isAttributed.value &&
+		props.group.attribution?.moderation_status?.kind === 'not_allowed'
+	) {
+		return 'not_allowed'
+	} else if (
+		isAttributed.value &&
+		props.group.attribution?.moderation_status?.kind === 'bad_proof'
+	) {
+		return 'proof_rejected'
+	} else if (isAttributed.value) {
+		return 'attributed'
+	}
+	return 'pending'
+})
+
+const title = computed(() => createAttributionGroupTitle(props.group, formatMessage))
+const fileCount = computed(() => props.group.files?.length ?? 0)
+
+const containingVersions = computed(() => {
+	const versionIds = new Set<string>()
+	for (const file of props.group.files ?? []) {
+		for (const versionId of file.versions ?? []) {
+			versionIds.add(versionId)
+		}
+	}
+	return props.group.versions?.filter((v) => versionIds.has(v.id))
+})
+
+const pendingSplitSha1 = ref<string | null>(null)
+
+const assignFilesMutation = useMutation({
+	mutationFn: async (sha1s: string[]) => {
+		for (const sha1 of sha1s) {
+			await client.labrinth.attribution_internal.assignFileToGroup({
+				sha1,
+				target_group_id: props.group.id,
+				project_id: props.projectId,
+			})
+		}
+	},
+	onSuccess: async () => {
+		await queryClient.invalidateQueries({ queryKey: ['project-attribution', props.projectId] })
+		emit('updated')
+	},
+	onError: (error: Error) => {
+		addNotification({
+			type: 'error',
+			title: formatMessage(
+				defineMessage({
+					id: 'external-files.permissions-card.assign-files-error.title',
+					defaultMessage: 'Could not add files',
+				}),
+			),
+			text: error.message,
+		})
+	},
+})
+
+const splitFileMutation = useMutation({
+	mutationFn: (sha1: string) =>
+		client.labrinth.attribution_internal.splitFile({
+			sha1,
+			project_id: props.projectId,
+		}),
+	onMutate(sha1) {
+		pendingSplitSha1.value = sha1
+	},
+	onSettled() {
+		pendingSplitSha1.value = null
+	},
+	onSuccess: async () => {
+		await queryClient.invalidateQueries({ queryKey: ['project-attribution', props.projectId] })
+		emit('updated')
+	},
+	onError: (error: Error) => {
+		addNotification({
+			type: 'error',
+			title: formatMessage(
+				defineMessage({
+					id: 'external-files.permissions-card.split-file-error.title',
+					defaultMessage: 'Could not split file',
+				}),
+			),
+			text: error.message,
+		})
+	},
+})
+
+function startEditingAttribution() {
+	editingMode.value = 'attribution'
+	collapsed.value = false
+	editorResumeKey.value += 1
+}
+
+function startEditingModerationReview() {
+	syncReviewReasonInput()
+	editingMode.value = 'moderation_review'
+}
+
+function stopEditing() {
+	editingMode.value = null
+}
+
+function cancelModerationReviewEditing() {
+	syncReviewReasonInput()
+	stopEditing()
+}
+
+function handleEditorUpdated() {
+	emit('updated')
+}
+
+function handleSplitFile(sha1: string) {
+	splitFileMutation.mutate(sha1)
+}
+
+function handleConfirmAddFiles(sha1s: string[]) {
+	assignFilesMutation.mutate(sha1s)
+}
+
+async function handleAddFilesToGroup(event: MouseEvent) {
+	try {
+		const groups = await queryClient.ensureQueryData({
+			queryKey: ['project-attribution', props.projectId],
+			queryFn: () => client.labrinth.attribution_internal.listProjectAttribution(props.projectId),
+		})
+		addFilesModalRef.value?.show(event, groups)
+	} catch (error) {
+		addNotification({
+			type: 'error',
+			title: formatMessage(
+				defineMessage({
+					id: 'external-files.permissions-card.add-files-modal.load-error.title',
+					defaultMessage: 'Could not load files',
+				}),
+			),
+			text: error instanceof Error ? error.message : String(error),
+		})
+	}
+}
+
+async function handleModerationDbUpdated() {
+	await queryClient.invalidateQueries({ queryKey: ['project-attribution', props.projectId] })
+	emit('updated')
+}
+
+function handleAddToGlobalDatabase(event: MouseEvent) {
+	addToGlobalModalRef.value?.show(event)
+}
+
+function handleAddToExistingEntry(event: MouseEvent) {
+	addToExistingModalRef.value?.show(event)
+}
+
+const originalProjectUrl = computed(
+	() => attributionLinkToWork(initialAttribution.value) ?? props.group.flame_project?.url,
+)
+
+const moderationStatusKind = computed(
+	() => props.group.attribution?.moderation_status?.kind ?? null,
+)
+
+const moderationStatusIndicator = computed(() => {
+	if (!moderationStatusKind.value) {
+		return null
+	}
+	switch (moderationStatusKind.value) {
+		case 'approved':
+			return {
+				icon: CheckCircleIcon,
+				class: 'text-green',
+				name: defineMessage({
+					id: 'external-files.permissions-card.attribution.moderation-status.passed',
+					defaultMessage: 'Passed',
+				}),
+			}
+		case 'bad_proof':
+			return {
+				icon: XCircleIcon,
+				class: 'text-red',
+				name: defineMessage({
+					id: 'external-files.permissions-card.attribution.moderation-status.rejected-proof',
+					defaultMessage: 'Proof rejected',
+				}),
+			}
+		case 'not_allowed':
+			return {
+				icon: ReportIcon,
+				class: 'text-red',
+				name: defineMessage({
+					id: 'external-files.permissions-card.attribution.moderation-status.content-not-allowed',
+					defaultMessage: 'Content not allowed',
+				}),
+			}
+	}
+	return null
+})
+
+const reviewReasonInput = ref('')
+
+function syncReviewReasonInput() {
+	reviewReasonInput.value = props.group.attribution?.moderation_status?.reason ?? ''
+}
+
+syncReviewReasonInput()
+
+watch(
+	() => props.group.attribution?.moderation_status,
+	() => {
+		if (!isEditingModerationReview.value) {
+			syncReviewReasonInput()
+		}
+	},
+	{ deep: true },
+)
+
+const pendingModerationStatusKind =
+	ref<Labrinth.Attribution.Internal.AttributionModerationStatusKind | null>(null)
+
+const setModerationStatusMutation = useMutation({
+	mutationFn: (kind: Labrinth.Attribution.Internal.AttributionModerationStatusKind) => {
+		if (!initialAttribution.value) {
+			throw new Error('Attribution is required')
+		}
+		return client.labrinth.attribution_internal.updateGroup(props.group.id, {
+			attribution: {
+				...initialAttribution.value,
+				moderation_status: {
+					kind,
+					reason: reviewReasonInput.value.trim(),
+				},
+			},
+		})
+	},
+	onMutate(kind) {
+		pendingModerationStatusKind.value = kind
+	},
+	onSettled() {
+		pendingModerationStatusKind.value = null
+	},
+	onSuccess: async () => {
+		await queryClient.invalidateQueries({ queryKey: ['project-attribution', props.projectId] })
+		stopEditing()
+		collapsed.value = true
+		emit('updated')
+	},
+	onError: (error: Error) => {
+		addNotification({
+			type: 'error',
+			title: formatMessage(
+				defineMessage({
+					id: 'external-files.permissions-card.moderation.error.title',
+					defaultMessage: 'Could not save moderation review',
+				}),
+			),
+			text: error.message,
+		})
+	},
+})
+
+function handleSetModerationStatus(
+	kind: Labrinth.Attribution.Internal.AttributionModerationStatusKind,
+) {
+	setModerationStatusMutation.mutate(kind)
+}
+
+async function handleQuickReply(reply: QuickReply) {
+	const message =
+		typeof reply.message === 'function' ? await reply.message(undefined) : reply.message
+	reviewReasonInput.value = message
+}
+
+const visibleQuickReplies = computed<OverflowMenuOption[]>(() => {
+	const replies = attributionModeration?.attributionQuickReplies
 
-const selectedPermissionsType = ref('My project')
+	if (!replies) return []
+
+	return replies
+		.filter((reply) => {
+			if (reply.shouldShow === undefined) return true
+			return reply.shouldShow(undefined)
+		})
+		.map(
+			(reply) =>
+				({
+					id: reply.label,
+					action: () => handleQuickReply(reply),
+				}) as OverflowMenuOption,
+		)
+})
 </script>
+
 <template>
 	<div
 		class="bg-surface-2 p-0 rounded-2xl flex flex-col border-[1px] border-solid border-surface-5 overflow-hidden"
 	>
-		<div class="flex items-center bg-surface-3">
+		<div class="flex items-center bg-surface-3 gap-3">
 			<button
-				class="flex grow m-0 appearance-none p-4 bg-transparent group transition-all"
+				class="flex grow items-center m-0 appearance-none p-4 bg-transparent group transition-all gap-3 text-left min-w-0 outline-offset-[-3px] rounded-2xl"
+				:class="{
+					'rounded-b-none': !collapsed,
+					'rounded-r-none': group.flame_project?.url || isModerator,
+				}"
 				@click="collapsed = !collapsed"
 			>
-				<span class="flex items-center gap-3 group-active:scale-[0.98]">
-					<ChevronDownIcon
-						class="size-6 text-primary transition-transform duration-300"
-						:class="{ 'rotate-180': !collapsed }"
-					/>
-					<span class="text-contrast font-semibold">{{ title }}</span>
+				<ChevronDownIcon
+					class="size-6 text-primary transition-transform duration-300 shrink-0 mb-auto"
+					:class="{ 'rotate-180': !collapsed }"
+				/>
+				<span class="flex flex-col items-start min-w-0 group-active:scale-[0.98]">
+					<span class="flex items-center gap-2 min-w-0 flex-wrap">
+						<span class="text-contrast truncate font-semibold">{{ title }}</span>
+						<component
+							:is="moderationStatusIndicator.icon"
+							v-if="moderationStatusIndicator"
+							v-tooltip="formatMessage(moderationStatusIndicator.name)"
+							:class="moderationStatusIndicator.class"
+							class="size-5 shrink-0"
+							aria-hidden="true"
+						/>
+						<AttributionStatusTag :variant="attributionStatusVariant" />
+						<OriginalPageLink v-if="originalProjectUrl && isModerator" :href="originalProjectUrl" />
+					</span>
+					<span v-if="fileCount > 1" class="text-secondary text-sm font-normal">
+						{{ formatMessage(messages.fileCount, { count: fileCount }) }}
+					</span>
 				</span>
 			</button>
-			<div class="flex items-center gap-2 m-4 ml-0">
-				<ButtonStyled type="outlined">
-					<button>
-						<ListBulletedIcon />
-						Versions
-					</button>
-				</ButtonStyled>
+			<div class="mr-4 flex items-center gap-2">
+				<AttributionModerationDbBadge v-if="isModerator" :files="group.files" />
+				<OriginalPageLink v-else-if="originalProjectUrl" :href="originalProjectUrl" />
 			</div>
 		</div>
+
 		<Collapsible
 			:collapsed="collapsed"
 			class="border-0 border-solid border-t border-surface-5 rounded-b-2xl"
 		>
-			<div class="flex flex-col gap-2 p-4">
-				<span class="text-contrast font-semibold">Included in versions:</span>
-				<div class="flex flex-wrap gap-2">
-					<template v-for="version in ['4.0.0', '3.5.15', '3.5.14']" :key="version">
-						<div
-							class="px-3 py-2 rounded-xl flex items-center gap-2 border-[1px] border-solid border-surface-5"
+			<div class="flex flex-col gap-3 p-4">
+				<span class="text-contrast font-semibold">
+					{{ formatMessage(messages.includedFiles) }}
+				</span>
+				<div class="grid grid-cols-2 gap-2">
+					<span
+						v-for="file in group.files"
+						:key="file.sha1"
+						class="pl-3 rounded-xl grid grid-cols-[auto_1fr_auto] gap-2 items-start border-[1px] border-solid border-surface-5 bg-surface-2"
+						:style="{
+							'border-color':
+								isModerator && file.moderation_external_license
+									? MODERATION_DB_BADGE[file.moderation_external_license?.status]?.color
+									: undefined,
+							color:
+								isModerator && file.moderation_external_license
+									? MODERATION_DB_BADGE[file.moderation_external_license?.status]?.color
+									: undefined,
+						}"
+					>
+						<FileIcon class="size-4 shrink-0 mt-2.5" />
+						<div class="max-w-[22rem] min-w-0 flex flex-col gap-1 py-2">
+							<span class="truncate">
+								{{ file.name.split('/').pop() }}
+							</span>
+						</div>
+						<div class="flex items-center gap-1 my-auto">
+							<ButtonStyled v-if="group.files.length > 1" circular size="small">
+								<button
+									v-tooltip="formatMessage(messages.splitFile)"
+									class="m-1"
+									:disabled="splitFileMutation.isPending.value"
+									@click="handleSplitFile(file.sha1)"
+								>
+									<SpinnerIcon
+										v-if="splitFileMutation.isPending.value && pendingSplitSha1 === file.sha1"
+										class="size-4 shrink-0 animate-spin"
+									/>
+									<XIcon v-else class="size-4 shrink-0" />
+								</button>
+							</ButtonStyled>
+						</div>
+					</span>
+					<div>
+						<ButtonStyled>
+							<button @click="handleAddFilesToGroup($event)">
+								<PlusIcon class="size-4 shrink-0" /> {{ formatMessage(messages.addFilesToGroup) }}
+							</button>
+						</ButtonStyled>
+					</div>
+				</div>
+				<template v-if="(containingVersions?.length ?? 0) > 0">
+					<span class="text-contrast font-semibold">
+						{{
+							formatMessage(messages.includedInVersions, { count: containingVersions?.length ?? 0 })
+						}}
+					</span>
+					<div class="flex flex-wrap gap-2">
+						<nuxt-link
+							v-for="version in containingVersions"
+							:key="version.id"
+							:to="`/project/${projectId}/version/${version.id}`"
+							target="_blank"
+							class="px-3 py-2 rounded-xl flex items-center gap-2 border-[1px] border-solid border-surface-5 bg-surface-3 hover:bg-surface-4"
 						>
-							<VersionIcon />
-							{{ version }}
+							<VersionIcon class="size-4 shrink-0" />
+							<span class="max-w-[22rem] truncate">
+								{{ version.version_number }}
+							</span>
+						</nuxt-link>
+					</div>
+				</template>
+				<template v-else>
+					<span class="text-secondary text-sm">
+						{{ formatMessage(messages.notUsedInVersions) }}
+					</span>
+				</template>
+				<AttributionDisplay
+					v-if="!isEditingAttribution && initialAttribution"
+					:attribution="initialAttribution"
+					:attributed-at="group.attributed_at"
+					:attributed-by="group.attributed_by"
+					:attributor-href="attributorLink"
+					:attributor-label="attributorLabel"
+					:attributor-avatar-url="attributorMember?.user.avatar_url"
+					:moderator="isModerator"
+				>
+					<template
+						v-if="
+							group.attribution?.kind !== 'globally_allowed' &&
+							(group.attribution?.moderation_status?.kind !== 'not_allowed' || isModerator)
+						"
+						#actions
+					>
+						<ButtonStyled>
+							<button @click="startEditingAttribution">
+								<EditIcon /> {{ formatMessage(commonMessages.editButton) }}
+							</button>
+						</ButtonStyled>
+					</template>
+					<template
+						v-if="
+							(isModerator || group.attribution?.moderation_status) &&
+							group.attribution?.kind !== 'globally_allowed'
+						"
+						#footer
+					>
+						<div class="flex gap-4 flex-wrap">
+							<div>
+								<p
+									class="font-semibold m-0 flex items-center gap-2"
+									:class="isModerator ? 'text-orange' : moderationStatusIndicator?.class"
+								>
+									<template v-if="isModerator">
+										<ScaleIcon class="size-5 shrink-0" />
+										Review attribution
+									</template>
+									<template v-else-if="moderationStatusIndicator">
+										<component
+											:is="moderationStatusIndicator.icon"
+											class="size-5 shrink-0"
+											aria-hidden="true"
+										/>
+										{{ formatMessage(moderationStatusIndicator.name) }}
+									</template>
+								</p>
+								<template v-if="isModerator">
+									<template
+										v-if="group.attribution?.moderation_status && !isEditingModerationReview"
+									>
+										<div class="grid grid-cols-[auto_1fr] gap-y-3 gap-x-4 mt-3">
+											<div>Status:</div>
+											<div
+												class="flex items-center gap-1"
+												:class="moderationStatusIndicator ? moderationStatusIndicator.class : ''"
+											>
+												<template v-if="moderationStatusIndicator">
+													<component
+														:is="moderationStatusIndicator.icon"
+														class="size-4 shrink-0"
+														aria-hidden="true"
+													/>
+													{{ formatMessage(moderationStatusIndicator.name) }}
+												</template>
+											</div>
+											<div class="leading-[1.5]">Reason:</div>
+											<div>
+												<div
+													class="markdown-body"
+													v-html="
+														renderString(group.attribution?.moderation_status?.reason || 'N/A')
+													"
+												/>
+											</div>
+										</div>
+									</template>
+									<template v-else>
+										<StyledInput
+											v-model="reviewReasonInput"
+											multiline
+											placeholder="Explanation of review (optional)"
+											class="mt-3"
+										/>
+										<div class="flex items-center gap-2 flex-wrap mt-3">
+											<ButtonStyled v-if="visibleQuickReplies.length > 0">
+												<OverflowMenu :options="visibleQuickReplies">
+													Reply presets
+													<ChevronDownIcon />
+												</OverflowMenu>
+											</ButtonStyled>
+											<ButtonStyled color="green" color-fill="text">
+												<button
+													:disabled="setModerationStatusMutation.isPending.value"
+													@click="handleSetModerationStatus('approved')"
+												>
+													<SpinnerIcon
+														v-if="
+															setModerationStatusMutation.isPending.value &&
+															pendingModerationStatusKind === 'approved'
+														"
+														class="size-4 shrink-0 animate-spin"
+													/>
+													<CheckCircleIcon v-else />
+													Approve
+												</button>
+											</ButtonStyled>
+											<ButtonStyled color="red" color-fill="text">
+												<button
+													:disabled="setModerationStatusMutation.isPending.value"
+													@click="handleSetModerationStatus('bad_proof')"
+												>
+													<SpinnerIcon
+														v-if="
+															setModerationStatusMutation.isPending.value &&
+															pendingModerationStatusKind === 'bad_proof'
+														"
+														class="size-4 shrink-0 animate-spin"
+													/>
+													<XCircleIcon v-else />
+													Reject: Insufficient proof
+												</button>
+											</ButtonStyled>
+											<ButtonStyled color="red" color-fill="text">
+												<button
+													:disabled="setModerationStatusMutation.isPending.value"
+													@click="handleSetModerationStatus('not_allowed')"
+												>
+													<SpinnerIcon
+														v-if="
+															setModerationStatusMutation.isPending.value &&
+															pendingModerationStatusKind === 'not_allowed'
+														"
+														class="size-4 shrink-0 animate-spin"
+													/>
+													<ReportIcon v-else />
+													Reject: Not allowed
+												</button>
+											</ButtonStyled>
+											<ButtonStyled v-if="isEditingModerationReview" type="outlined">
+												<button
+													:disabled="setModerationStatusMutation.isPending.value"
+													@click="cancelModerationReviewEditing"
+												>
+													<XIcon />
+													{{ formatMessage(commonMessages.cancelButton) }}
+												</button>
+											</ButtonStyled>
+										</div>
+										<div class="flex items-center gap-2 flex-wrap mt-3">
+											<ButtonStyled>
+												<button @click="handleAddToGlobalDatabase">
+													<ScaleIcon /> Add files to database...
+												</button>
+											</ButtonStyled>
+											<ButtonStyled>
+												<button @click="handleAddToExistingEntry">
+													<ScaleIcon /> Add to existing entry...
+												</button>
+											</ButtonStyled>
+										</div>
+									</template>
+								</template>
+								<div
+									v-else-if="group.attribution?.moderation_status?.reason"
+									class="flex flex-col gap-2 mt-3"
+								>
+									<div
+										class="markdown-body"
+										v-html="renderString(group.attribution?.moderation_status?.reason)"
+									/>
+								</div>
+							</div>
+							<div
+								v-if="
+									isModerator && !isEditingModerationReview && group.attribution?.moderation_status
+								"
+								class="ml-auto"
+							>
+								<ButtonStyled color="orange">
+									<button @click="startEditingModerationReview">
+										<ScaleIcon />
+										{{ formatMessage(commonMessages.editButton) }}
+									</button>
+								</ButtonStyled>
+							</div>
 						</div>
 					</template>
-				</div>
+				</AttributionDisplay>
+
 				<div
+					v-else
 					class="rounded-2xl p-4 mt-2 border-[1px] border-solid border-surface-5 flex flex-col gap-3"
 				>
-					<span class="text-contrast font-semibold">Type</span>
-					<Chips
-						v-model="selectedPermissionsType"
-						:items="['License', 'My project', 'Special permission', 'No permission']"
+					<AttributionEditor
+						:project-id="projectId"
+						:group-id="group.id"
+						:attribution="group.attribution"
+						:flame-project-url="group.flame_project?.url"
+						:resume-key="editorResumeKey"
+						@updated="handleEditorUpdated"
+						@saved="stopEditing"
+						@cancel="stopEditing"
 					/>
-					<template v-if="selectedPermissionsType === 'License'">
-						<span>The license of this work permits you to redistribute it in your modpack.</span>
-						<span class="text-contrast font-semibold mt-1">License</span>
-						<Combobox
-							class="max-w-80"
-							:options="[{ label: 'MIT', value: 'MIT' }]"
-							:model-value="'MIT'"
-						/>
-						<span class="text-contrast font-semibold mt-1"> Link to work </span>
-						<StyledInput
-							type="text"
-							class="max-w-[30rem]"
-							placeholder="https://example.com/link-to-work"
-						/>
-						<span class="text-contrast font-semibold mt-1">
-							Notes
-							<span class="font-normal text-primary">(optional)</span>
-						</span>
-						<StyledInput
-							type="text"
-							resize="both"
-							multiline
-							class="max-w-[40rem]"
-							placeholder="Write something here..."
-						/>
-					</template>
-					<template v-else-if="selectedPermissionsType === 'My project'">
-						<span>Original work created by you.</span>
-						<span class="text-contrast font-semibold mt-1">License</span>
-						<Combobox
-							class="max-w-80"
-							:options="[{ label: 'MIT', value: 'MIT' }]"
-							:model-value="'MIT'"
-						/>
-						<span class="text-contrast font-semibold mt-1">
-							Notes
-							<span class="font-normal text-primary">(optional)</span>
-						</span>
-						<StyledInput
-							type="text"
-							resize="both"
-							multiline
-							class="max-w-[40rem]"
-							placeholder="Write something here..."
-						/>
-					</template>
-					<template v-else-if="selectedPermissionsType === 'Special permission'">
-						<span>
-							You have obtained special permission to redistribute this work in your modpack.
-						</span>
-						<span class="text-contrast font-semibold mt-1"> Link to work </span>
-						<StyledInput
-							type="text"
-							class="max-w-[30rem]"
-							placeholder="https://example.com/link-to-work"
-						/>
-						<div class="flex flex-col gap-1 mt-1">
-							<span class="text-contrast font-semibold"> Proof and explanation </span>
-							<span>
-								Include screenshots of messages, emails, or replies from the copyright owner showing
-								that they granted you permission to redistribute their work in your modpack.
-							</span>
-						</div>
-						<StyledInput
-							type="text"
-							resize="both"
-							multiline
-							class="max-w-[40rem]"
-							placeholder="Write something here..."
-						/>
-						<Admonition
-							type="warning"
-							header="Modrinth staff may attempt to verify submitted proof"
-						>
-							If you are found to have lied or manipulated the images uploaded, your project and
-							account may be terminated.
-						</Admonition>
-					</template>
-					<template v-else-if="selectedPermissionsType === 'No permission'">
-						<span>You don't have permission to use this work.</span>
-						<span class="text-contrast font-semibold mt-1">
-							Notes
-							<span class="font-normal text-primary">(optional)</span>
-						</span>
-						<StyledInput
-							type="text"
-							resize="both"
-							multiline
-							class="max-w-[40rem]"
-							placeholder="Write something here..."
-						/>
-					</template>
-					<hr class="mt-1 bg-surface-5 border-none h-[1px] w-full" />
-					<div class="flex items-center gap-2 justify-end">
-						<ButtonStyled type="outlined">
-							<button>
-								<XIcon />
-								Cancel
-							</button>
-						</ButtonStyled>
-						<ButtonStyled color="brand">
-							<button>
-								<SaveIcon />
-								Save
-							</button>
-						</ButtonStyled>
-					</div>
 				</div>
 			</div>
 		</Collapsible>
+		<AddFilesToAttributionGroupModal
+			ref="addFilesModalRef"
+			:group-id="group.id"
+			:pending="assignFilesMutation.isPending.value"
+			@confirm="handleConfirmAddFiles"
+		/>
+		<AddToGlobalPermissionsDatabaseModal
+			ref="addToGlobalModalRef"
+			:group="group"
+			@success="handleModerationDbUpdated"
+		/>
+		<AddToExistingExternalProjectModal
+			ref="addToExistingModalRef"
+			:group="group"
+			@success="handleModerationDbUpdated"
+		/>
 	</div>
 </template>
diff --git a/packages/ui/src/components/external_files/OriginalPageLink.vue b/packages/ui/src/components/external_files/OriginalPageLink.vue
new file mode 100644
index 0000000000..dfcc126788
--- /dev/null
+++ b/packages/ui/src/components/external_files/OriginalPageLink.vue
@@ -0,0 +1,27 @@
+<script setup lang="ts">
+import { ExternalIcon } from '@modrinth/assets'
+
+import { defineMessage, useVIntl } from '../../composables/i18n'
+
+defineProps<{
+	href: string
+}>()
+
+const { formatMessage } = useVIntl()
+
+const label = defineMessage({
+	id: 'external-files.permissions-card.original-project-page',
+	defaultMessage: 'Original project',
+})
+</script>
+<template>
+	<a
+		class="text-link flex items-center outline-offset-[4px] rounded-sm truncate"
+		target="_blank"
+		rel="noopener"
+		:href="href"
+	>
+		<span class="truncate">{{ formatMessage(label) }}</span>
+		<ExternalIcon class="size-3 shrink-0 mb-2 ml-1" />
+	</a>
+</template>
diff --git a/packages/ui/src/components/external_files/external-project-utils.ts b/packages/ui/src/components/external_files/external-project-utils.ts
new file mode 100644
index 0000000000..a095b00482
--- /dev/null
+++ b/packages/ui/src/components/external_files/external-project-utils.ts
@@ -0,0 +1,391 @@
+import type { Labrinth } from '@modrinth/api-client'
+
+import { defineMessage, type MessageDescriptor } from '../../composables/i18n'
+
+export const permissionKinds: Labrinth.Attribution.Internal.AttributionResolutionKind[] = [
+	'license',
+	'my_project',
+	'special_permissions',
+	'no_permission',
+	'globally_allowed',
+]
+
+/** Combobox value when the user picks a non-SPDX custom license (stored as `{ name }`). */
+export const CUSTOM_LICENSE_VALUE = '__custom__'
+
+export type ProjectPermissionField =
+	| 'license_id'
+	| 'custom_license'
+	| 'link_to_work'
+	| 'notes'
+	| 'image_urls'
+
+export type AttributionProofRequirement = 'explanation_or_images' | 'images' | null
+
+type PermissionReasonConfig = {
+	label: MessageDescriptor
+	description: MessageDescriptor
+	notesLabel: MessageDescriptor | null
+	notesDescription: MessageDescriptor | null
+	notesShowsOptional: boolean
+	proofImagesDescription: MessageDescriptor | null
+	proofRequirement: AttributionProofRequirement
+	proofValidationError?: MessageDescriptor
+	automaticDescription?: MessageDescriptor
+	fields: ProjectPermissionField[]
+}
+
+export const PERMISSION_REASONS: Record<
+	Labrinth.Attribution.Internal.AttributionResolutionKind,
+	PermissionReasonConfig
+> = {
+	license: {
+		label: defineMessage({
+			id: 'external-files.permissions-card.reason.license',
+			defaultMessage: 'License',
+		}),
+		description: defineMessage({
+			id: 'external-files.permissions-card.reason.license.description',
+			defaultMessage: 'The license of this work permits you to redistribute it in your modpack.',
+		}),
+		notesLabel: defineMessage({
+			id: 'external-files.permissions-card.explanation-label',
+			defaultMessage: 'Explanation',
+		}),
+		notesDescription: null,
+		notesShowsOptional: true,
+		proofImagesDescription: defineMessage({
+			id: 'external-files.permissions-card.reason.license.proof-images-description',
+			defaultMessage: 'Upload supporting documentation related to this license.',
+		}),
+		proofRequirement: null,
+		fields: ['license_id', 'custom_license', 'link_to_work', 'notes', 'image_urls'] as const,
+	},
+	my_project: {
+		label: defineMessage({
+			id: 'external-files.permissions-card.reason.my-project',
+			defaultMessage: 'My project',
+		}),
+		description: defineMessage({
+			id: 'external-files.permissions-card.reason.my-project.description',
+			defaultMessage: 'Original work created by you.',
+		}),
+		notesLabel: defineMessage({
+			id: 'external-files.permissions-card.explanation-label',
+			defaultMessage: 'Explanation',
+		}),
+		notesDescription: defineMessage({
+			id: 'external-files.permissions-card.explanation-description',
+			defaultMessage: 'A short explanation or proof images are required.',
+		}),
+		notesShowsOptional: false,
+		proofImagesDescription: defineMessage({
+			id: 'external-files.permissions-card.reason.my-project.proof-images-description',
+			defaultMessage: 'Upload files that help verify you created this work.',
+		}),
+		proofRequirement: 'explanation_or_images',
+		fields: ['license_id', 'custom_license', 'notes', 'image_urls'] as const,
+	},
+	special_permissions: {
+		label: defineMessage({
+			id: 'external-files.permissions-card.reason.special-permission',
+			defaultMessage: 'Special permission',
+		}),
+		description: defineMessage({
+			id: 'external-files.permissions-card.reason.special-permission.description',
+			defaultMessage:
+				'You have obtained special permission to redistribute this work in your modpack.',
+		}),
+		notesLabel: null,
+		notesDescription: null,
+		notesShowsOptional: true,
+		proofImagesDescription: null,
+		proofRequirement: 'explanation_or_images',
+		proofValidationError: defineMessage({
+			id: 'external-files.permissions-card.error.notes-or-images-required',
+			defaultMessage: 'Please provide a note or upload at least one proof image.',
+		}),
+		fields: ['link_to_work', 'notes', 'image_urls'] as const,
+	},
+	no_permission: {
+		label: defineMessage({
+			id: 'external-files.permissions-card.reason.no-permission',
+			defaultMessage: 'No permission',
+		}),
+		description: defineMessage({
+			id: 'external-files.permissions-card.reason.no-permission.description',
+			defaultMessage: "You don't have permission to use this work.",
+		}),
+		notesLabel: null,
+		notesDescription: null,
+		notesShowsOptional: true,
+		proofImagesDescription: null,
+		proofRequirement: null,
+		automaticDescription: defineMessage({
+			id: 'external-files.permissions-card.reason.no-permission.automatic.description',
+			defaultMessage:
+				"We've seen this file before and its license does not normally allow redistribution.",
+		}),
+		fields: ['notes'] as const,
+	},
+	globally_allowed: {
+		label: defineMessage({
+			id: 'external-files.permissions-card.reason.globally-allowed',
+			defaultMessage: 'Automatically attributed',
+		}),
+		description: defineMessage({
+			id: 'external-files.permissions-card.reason.globally-allowed.description',
+			defaultMessage:
+				"We've seen this file before and have prepared an attribution for you. If something seems wrong, please contact Modrinth Support via the Help Center",
+		}),
+		notesLabel: null,
+		notesDescription: null,
+		notesShowsOptional: false,
+		proofImagesDescription: null,
+		proofRequirement: null,
+		fields: ['link_to_work'] as const,
+	},
+}
+
+export function isAttributionProofValid(
+	requirement: AttributionProofRequirement,
+	notes: string,
+	imageUrls: readonly string[],
+): boolean {
+	switch (requirement) {
+		case 'explanation_or_images':
+			return notes.trim().length > 0 || imageUrls.length > 0
+		case 'images':
+			return imageUrls.length > 0
+		default:
+			return true
+	}
+}
+
+export function attributionProofValidationError(
+	requirement: AttributionProofRequirement,
+	notes: string,
+	imageUrls: readonly string[],
+	validationError?: MessageDescriptor,
+): MessageDescriptor | null {
+	if (isAttributionProofValid(requirement, notes, imageUrls)) {
+		return null
+	}
+	if (validationError) {
+		return validationError
+	}
+	switch (requirement) {
+		case 'explanation_or_images':
+			return defineMessage({
+				id: 'external-files.permissions-card.error.explanation-or-images-required',
+				defaultMessage: 'Please provide an explanation or upload at least one proof image.',
+			})
+		case 'images':
+			return defineMessage({
+				id: 'external-files.permissions-card.error.proof-images-required',
+				defaultMessage: 'Please upload at least one proof image.',
+			})
+		default:
+			return null
+	}
+}
+
+export function isHttpUrl(raw: string): boolean {
+	const s = raw.trim()
+	if (!s) return false
+	let parsed: URL
+	try {
+		parsed = new URL(s)
+	} catch {
+		return false
+	}
+	return parsed.protocol === 'http:' || parsed.protocol === 'https:'
+}
+
+export function isCustomAttributionLicense(
+	license: Labrinth.Attribution.Internal.AttributionLicense,
+): license is { name: string } {
+	return typeof license === 'object' && license !== null && 'name' in license
+}
+
+export function parseAttributionLicense(
+	license: Labrinth.Attribution.Internal.AttributionLicense | undefined,
+): {
+	spdx: string
+	custom: string
+} {
+	if (!license) {
+		return { spdx: '', custom: '' }
+	}
+	if (isCustomAttributionLicense(license)) {
+		return { spdx: CUSTOM_LICENSE_VALUE, custom: license.name }
+	}
+	return { spdx: license, custom: '' }
+}
+
+export function isAutomaticNoPermissionAttribution(
+	attribution: Labrinth.Attribution.Internal.AttributionResolution | null | undefined,
+	attributedBy: string | null | undefined,
+): boolean {
+	return attribution?.kind === 'no_permission' && attributedBy == null
+}
+
+export function attributionLinkToWork(
+	attribution: Labrinth.Attribution.Internal.AttributionResolution | null | undefined,
+): string | undefined {
+	if (!attribution) {
+		return undefined
+	}
+	switch (attribution.kind) {
+		case 'license':
+		case 'special_permissions':
+		case 'globally_allowed':
+			return attribution.link_to_work
+		case 'no_permission':
+			return attribution.link_to_work
+		default:
+			return undefined
+	}
+}
+
+export function parseInitialAttribution(
+	raw: unknown,
+): Labrinth.Attribution.Internal.AttributionResolution | null {
+	if (!raw || typeof raw !== 'object') {
+		return null
+	}
+	const obj = raw as Record<string, unknown>
+	const kind = obj.kind
+	if (typeof kind !== 'string' || !(permissionKinds as string[]).includes(kind)) {
+		return null
+	}
+	return obj as Labrinth.Attribution.Internal.AttributionResolution
+}
+
+const unnamedMultiAttributionGroupTitle = defineMessage({
+	id: 'external-files.permissions-card.unnamed-multi-group-title',
+	defaultMessage: '{filename} + {count} more',
+})
+
+const fallbackAttributionGroupTitle = defineMessage({
+	id: 'external-files.permissions-card.fallback-group-title',
+	defaultMessage: 'Attribution group {id}',
+})
+
+export function createAttributionGroupTitle(
+	group: Labrinth.Attribution.Internal.AttributionGroup,
+	formatMessage: (descriptor: MessageDescriptor, values?: Record<string, unknown>) => string,
+): string {
+	const fileCount = group.files?.length ?? 0
+	if (group.flame_project?.title) {
+		return group.flame_project.title
+	}
+	const firstFileName = group.files?.[0]?.name ?? group.files?.[0]?.sha1 ?? ''
+	if (firstFileName) {
+		const base = firstFileName.split('/').pop() ?? firstFileName
+		if (fileCount === 1) {
+			return base
+		}
+		return formatMessage(unnamedMultiAttributionGroupTitle, {
+			filename: base,
+			count: fileCount - 1,
+		})
+	}
+	return formatMessage(fallbackAttributionGroupTitle, { id: group.id })
+}
+
+export function moderatorAttributionGroupTitle(
+	group: Labrinth.Attribution.Internal.AttributionGroup,
+): string {
+	const fileCount = group.files?.length ?? 0
+	if (group.flame_project?.title) {
+		return group.flame_project.title
+	}
+	const firstFileName = group.files?.[0]?.name ?? group.files?.[0]?.sha1 ?? ''
+	if (firstFileName) {
+		const base = firstFileName.split('/').pop() ?? firstFileName
+		if (fileCount === 1) {
+			return base
+		}
+		return `${base} + ${fileCount - 1} more`
+	}
+	return `Attribution group ${group.id}`
+}
+
+export const MODERATOR_ATTRIBUTION_KIND_LABELS: Record<
+	Labrinth.Attribution.Internal.AttributionResolutionKind,
+	string
+> = {
+	license: 'License',
+	my_project: 'My project',
+	special_permissions: 'Special permission',
+	no_permission: 'No permission',
+	globally_allowed: 'Automatically attributed',
+}
+
+export type ExternalLicenseStatus = Labrinth.ExternalProjects.Internal.ExternalLicenseStatus
+
+export function attributionKindToDefaultExternalStatus(
+	kind: Labrinth.Attribution.Internal.AttributionResolutionKind,
+): ExternalLicenseStatus | undefined {
+	if (kind === 'no_permission') {
+		return 'no'
+	}
+	if (kind === 'license') {
+		return 'yes'
+	}
+	return undefined
+}
+
+export function buildExternalLicenseProofFromAttribution(
+	attribution: Labrinth.Attribution.Internal.AttributionResolution,
+): string {
+	const parts: string[] = []
+	const notes = attribution.notes?.trim()
+	if (notes) {
+		parts.push(notes)
+	}
+	for (const url of attribution.image_urls ?? []) {
+		parts.push(`![proof image](${url})`)
+	}
+	return parts.join('\n\n')
+}
+
+export function groupLinkForExternalLicense(
+	group: Labrinth.Attribution.Internal.AttributionGroup,
+	attribution: Labrinth.Attribution.Internal.AttributionResolution | null,
+): string {
+	return attributionLinkToWork(attribution) ?? group.flame_project?.url ?? ''
+}
+
+export const MODERATION_DB_BADGE: Record<
+	Labrinth.ExternalProjects.Internal.ExternalLicenseStatus,
+	{
+		color?: string
+		label: string
+	}
+> = {
+	no: {
+		color: 'var(--color-red)',
+		label: 'Restrictive license',
+	},
+	'permanent-no': {
+		color: 'var(--color-purple)',
+		label: 'Prohibited content',
+	},
+	yes: {
+		color: 'var(--color-green)',
+		label: 'Permissive license',
+	},
+	'with-attribution': {
+		color: 'var(--color-green)',
+		label: 'Permissive license',
+	},
+	'with-attribution-and-source': {
+		color: 'var(--color-green)',
+		label: 'Permissive license',
+	},
+	unidentified: {
+		label: 'Unidentified',
+	},
+}
diff --git a/packages/ui/src/components/external_files/index.ts b/packages/ui/src/components/external_files/index.ts
index e0ec715662..fa12eed576 100644
--- a/packages/ui/src/components/external_files/index.ts
+++ b/packages/ui/src/components/external_files/index.ts
@@ -1,3 +1,10 @@
-export { default as ExternalProjectLicenseStateTag } from './ExternalProjectLicenseStateTag.vue'
+export { default as AddFilesToAttributionGroupModal } from './AddFilesToAttributionGroupModal.vue'
+export { default as AddToExistingExternalProjectModal } from './AddToExistingExternalProjectModal.vue'
+export { default as AddToGlobalPermissionsDatabaseModal } from './AddToGlobalPermissionsDatabaseModal.vue'
+export { default as AttributionDisplay } from './AttributionDisplay.vue'
+export { default as AttributionEditor } from './AttributionEditor.vue'
+export { default as AttributionModerationDbBadge } from './AttributionModerationDbBadge.vue'
+export { default as AttributionStatusTag } from './AttributionStatusTag.vue'
 export { default as ExternalProjectLookupCard } from './ExternalProjectLookupCard.vue'
+export { default as ExternalProjectPermissionsCard } from './ExternalProjectPermissionsCard.vue'
 export type { ExternalLicenseStatus } from './types.ts'
diff --git a/packages/ui/src/components/external_files/types.ts b/packages/ui/src/components/external_files/types.ts
deleted file mode 100644
index 331d41bf95..0000000000
--- a/packages/ui/src/components/external_files/types.ts
+++ /dev/null
@@ -1,7 +0,0 @@
-export type ExternalLicenseStatus =
-	| 'yes'
-	| 'with-attribution-and-source'
-	| 'with-attribution'
-	| 'no'
-	| 'permanent-no'
-	| 'unidentified'
diff --git a/packages/ui/src/components/modal/NewModal.vue b/packages/ui/src/components/modal/NewModal.vue
index 04be73d0f2..b9af98524f 100644
--- a/packages/ui/src/components/modal/NewModal.vue
+++ b/packages/ui/src/components/modal/NewModal.vue
@@ -123,7 +123,11 @@
 						<slot> You just lost the game.</slot>
 					</div>
 
-					<div v-if="$slots.actions" class="p-4 pt-0">
+					<div
+						v-if="$slots.actions"
+						:class="{ 'pt-4 border-0 border-t border-solid border-surface-5': actionsDivider }"
+						class="p-4 pt-0"
+					>
 						<slot name="actions" />
 					</div>
 				</div>
@@ -178,6 +182,7 @@ const props = withDefaults(
 		width?: string
 		/** Disables all close actions (close button, ESC key, click outside). */
 		disableClose?: boolean
+		actionsDivider?: boolean
 	}>(),
 	{
 		type: true,
@@ -200,6 +205,7 @@ const props = withDefaults(
 		maxWidth: undefined,
 		width: undefined,
 		disableClose: false,
+		actionsDivider: false,
 	},
 )
 
diff --git a/packages/ui/src/components/project/EnvironmentTags.vue b/packages/ui/src/components/project/EnvironmentTags.vue
new file mode 100644
index 0000000000..fa1199bd07
--- /dev/null
+++ b/packages/ui/src/components/project/EnvironmentTags.vue
@@ -0,0 +1,97 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { ClientIcon, MonitorSmartphoneIcon, ServerIcon, UserIcon } from '@modrinth/assets'
+import { type Component, computed } from 'vue'
+
+import { defineMessage, type MessageDescriptor, useVIntl } from '#ui/composables/i18n.ts'
+
+import TagItem from '../base/TagItem.vue'
+
+const { formatMessage } = useVIntl()
+
+const props = defineProps<{
+	environment: Labrinth.Projects.v3.Environment
+}>()
+
+type EnvironmentTag = {
+	icon: Component
+	message: MessageDescriptor
+	environments: Labrinth.Projects.v3.Environment[]
+}
+
+const environmentTags: EnvironmentTag[] = [
+	{
+		icon: ClientIcon,
+		message: defineMessage({
+			id: `project.about.compatibility.environments.client-side`,
+			defaultMessage: 'Client-side',
+		}),
+		environments: [
+			'client_only',
+			'client_only_server_optional',
+			'client_or_server',
+			'client_or_server_prefers_both',
+		],
+	},
+	{
+		icon: ServerIcon,
+		message: defineMessage({
+			id: `project.about.compatibility.environments.server-side`,
+			defaultMessage: 'Server-side',
+		}),
+		environments: [
+			'server_only',
+			'server_only_client_optional',
+			'client_or_server',
+			'client_or_server_prefers_both',
+		],
+	},
+	{
+		icon: ServerIcon,
+		message: defineMessage({
+			id: `project.about.compatibility.environments.dedicated-servers-only`,
+			defaultMessage: 'Dedicated servers only',
+		}),
+		environments: ['dedicated_server_only'],
+	},
+	{
+		icon: UserIcon,
+		message: defineMessage({
+			id: `project.about.compatibility.environments.singleplayer-only`,
+			defaultMessage: 'Singleplayer only',
+		}),
+		environments: ['singleplayer_only'],
+	},
+	{
+		icon: UserIcon,
+		message: defineMessage({
+			id: `project.about.compatibility.environments.singleplayer`,
+			defaultMessage: 'Singleplayer',
+		}),
+		environments: ['server_only'],
+	},
+	{
+		icon: MonitorSmartphoneIcon,
+		message: defineMessage({
+			id: `project.about.compatibility.environments.client-and-server`,
+			defaultMessage: 'Client and server',
+		}),
+		environments: [
+			'client_and_server',
+			'client_only_server_optional',
+			'server_only_client_optional',
+			'client_or_server_prefers_both',
+		],
+	},
+]
+
+const tags = computed(() => {
+	return environmentTags.filter((x) => x.environments.includes(props.environment ?? 'unknown'))
+})
+</script>
+<template>
+	<TagItem v-for="tag in tags" :key="`environment-tag-${tag.message.id}`">
+		<component :is="tag.icon" />
+		{{ formatMessage(tag.message) }}
+	</TagItem>
+</template>
diff --git a/packages/ui/src/components/project/ProjectPageVersions.vue b/packages/ui/src/components/project/ProjectPageVersions.vue
index a2a8f3208b..ea643e1c0f 100644
--- a/packages/ui/src/components/project/ProjectPageVersions.vue
+++ b/packages/ui/src/components/project/ProjectPageVersions.vue
@@ -110,14 +110,27 @@
 							</div>
 						</div>
 						<div
-							class="pointer-events-none relative z-[1] flex flex-col justify-center overflow-hidden min-w-32"
+							class="pointer-events-none relative z-[1] flex flex-col gap-1 justify-center overflow-hidden min-w-32"
 							:class="{
 								'group-hover:underline': !!versionLink,
 							}"
 							title="`${version.version_number} - ${version.name}`"
 						>
-							<div class="font-bold text-contrast text-ellipsis overflow-hidden">
-								{{ version.version_number }}
+							<div class="flex items-center gap-2">
+								<div class="font-bold text-contrast text-ellipsis overflow-hidden">
+									{{ version.version_number }}
+								</div>
+								<div
+									v-if="version.files_missing_attribution"
+									v-tooltip="formatMessage(messages.withheldTooltip)"
+									class="z-[1]"
+									:style="{
+										'--_bg-color': 'var(--color-orange-bg)',
+										'--_color': 'var(--color-orange)',
+									}"
+								>
+									<TagItem> <CircleAlertIcon /> {{ formatMessage(messages.withheld) }}</TagItem>
+								</div>
 							</div>
 							<div class="text-xs font-medium text-ellipsis overflow-hidden">
 								{{ version.name }}
@@ -260,7 +273,14 @@
 </template>
 <script setup lang="ts">
 import type { Labrinth } from '@modrinth/api-client'
-import { CalendarIcon, DownloadIcon, getLoaderIcon, PlusIcon, StarIcon } from '@modrinth/assets'
+import {
+	CalendarIcon,
+	CircleAlertIcon,
+	DownloadIcon,
+	getLoaderIcon,
+	PlusIcon,
+	StarIcon,
+} from '@modrinth/assets'
 import {
 	AutoLink,
 	ButtonStyled,
@@ -279,7 +299,7 @@ import { computed, type Ref, ref } from 'vue'
 import { useRoute, useRouter } from 'vue-router'
 
 import { useRelativeTime } from '../../composables'
-import { useVIntl } from '../../composables/i18n'
+import { defineMessages, useVIntl } from '../../composables/i18n'
 import { getEnvironmentTags } from './settings/environment/environments'
 
 const { formatMessage } = useVIntl()
@@ -446,6 +466,17 @@ function updateQuery(newQueries: Record<string, string | string[] | undefined |
 		},
 	})
 }
+
+const messages = defineMessages({
+	withheld: {
+		id: 'project.versions.version.withheld',
+		defaultMessage: 'Withheld',
+	},
+	withheldTooltip: {
+		id: 'project.versions.version.withheld.tooltip',
+		defaultMessage: 'Version withheld due to missing permissions',
+	},
+})
 </script>
 <style scoped>
 .versions-grid-row {
diff --git a/packages/ui/src/components/project/ProjectSidebarCompatibility.vue b/packages/ui/src/components/project/ProjectSidebarCompatibility.vue
index 7049b6257b..c0cbaa4902 100644
--- a/packages/ui/src/components/project/ProjectSidebarCompatibility.vue
+++ b/packages/ui/src/components/project/ProjectSidebarCompatibility.vue
@@ -2,7 +2,9 @@
 	<div v-if="project.versions?.length > 0" class="flex flex-col gap-3">
 		<h2 class="text-lg m-0">{{ formatMessage(messages.title) }}</h2>
 		<section class="flex flex-col gap-2">
-			<h3 class="text-primary text-base m-0">{{ formatMessage(messages.minecraftJava) }}</h3>
+			<h3 class="text-primary !font-normal text-base m-0">
+				{{ formatMessage(messages.minecraftJava) }}
+			</h3>
 			<div class="flex flex-wrap gap-1">
 				<TagItem
 					v-for="version in getVersionsToDisplay(project, tags.gameVersions)"
@@ -13,7 +15,9 @@
 			</div>
 		</section>
 		<section v-if="project.project_type !== 'resourcepack'" class="flex flex-col gap-2">
-			<h3 class="text-primary text-base m-0">{{ formatMessage(messages.platforms) }}</h3>
+			<h3 class="text-primary !font-normal text-base m-0">
+				{{ formatMessage(messages.platforms) }}
+			</h3>
 			<div class="flex flex-wrap gap-1">
 				<template v-if="noModpackLoader">
 					<TagItem class="border !border-solid border-surface-5 hover:no-underline">
@@ -34,12 +38,11 @@
 			</div>
 		</section>
 		<section v-if="showEnvironments" class="flex flex-col gap-2">
-			<h3 class="text-primary text-base m-0">{{ formatMessage(messages.environments) }}</h3>
+			<h3 class="text-primary !font-normal text-base m-0">
+				{{ formatMessage(messages.environments) }}
+			</h3>
 			<div class="flex flex-wrap gap-1">
-				<TagItem v-for="tag in primaryEnvironmentTags" :key="`environment-tag-${tag.message.id}`">
-					<component :is="tag.icon" />
-					{{ formatMessage(tag.message) }}
-				</TagItem>
+				<EnvironmentTags :environment="primaryEnvironment" />
 			</div>
 		</section>
 		<section
@@ -100,18 +103,14 @@ import {
 	ServerIcon,
 	UserIcon,
 } from '@modrinth/assets'
-import { FormattedTag, TagItem } from '@modrinth/ui'
-import type { EnvironmentV3, GameVersionTag, PlatformTag } from '@modrinth/utils'
+import { FormattedTag, projectCompatibilityMessages, TagItem } from '@modrinth/ui'
+import type { GameVersionTag, PlatformTag } from '@modrinth/utils'
 import { getVersionsToDisplay } from '@modrinth/utils'
-import { type Component, computed } from 'vue'
+import { computed } from 'vue'
 import { useRouter } from 'vue-router'
 
-import {
-	defineMessage,
-	defineMessages,
-	type MessageDescriptor,
-	useVIntl,
-} from '../../composables/i18n'
+import { useVIntl } from '../../composables/i18n'
+import EnvironmentTags from './EnvironmentTags.vue'
 
 const { formatMessage } = useVIntl()
 // TODO: anything in this component that uses the router will not work in the app. and this component is used in the app.
@@ -153,104 +152,9 @@ const showEnvironments = computed(
 		primaryEnvironment.value,
 )
 
-const primaryEnvironment = computed<EnvironmentV3 | undefined>(() =>
-	props.projectV3?.environment?.find((x) => x !== 'unknown'),
+const primaryEnvironment = computed<Labrinth.Projects.v3.Environment>(
+	() => props.projectV3?.environment?.find((x) => x !== 'unknown') ?? 'unknown',
 )
 
-type EnvironmentTag = {
-	icon: Component
-	message: MessageDescriptor
-	environments: EnvironmentV3[]
-}
-
-const environmentTags: EnvironmentTag[] = [
-	{
-		icon: ClientIcon,
-		message: defineMessage({
-			id: `project.about.compatibility.environments.client-side`,
-			defaultMessage: 'Client-side',
-		}),
-		environments: [
-			'client_only',
-			'client_only_server_optional',
-			'client_or_server',
-			'client_or_server_prefers_both',
-		],
-	},
-	{
-		icon: ServerIcon,
-		message: defineMessage({
-			id: `project.about.compatibility.environments.server-side`,
-			defaultMessage: 'Server-side',
-		}),
-		environments: [
-			'server_only',
-			'server_only_client_optional',
-			'client_or_server',
-			'client_or_server_prefers_both',
-		],
-	},
-	{
-		icon: ServerIcon,
-		message: defineMessage({
-			id: `project.about.compatibility.environments.dedicated-servers-only`,
-			defaultMessage: 'Dedicated servers only',
-		}),
-		environments: ['dedicated_server_only'],
-	},
-	{
-		icon: UserIcon,
-		message: defineMessage({
-			id: `project.about.compatibility.environments.singleplayer-only`,
-			defaultMessage: 'Singleplayer only',
-		}),
-		environments: ['singleplayer_only'],
-	},
-	{
-		icon: UserIcon,
-		message: defineMessage({
-			id: `project.about.compatibility.environments.singleplayer`,
-			defaultMessage: 'Singleplayer',
-		}),
-		environments: ['server_only'],
-	},
-	{
-		icon: MonitorSmartphoneIcon,
-		message: defineMessage({
-			id: `project.about.compatibility.environments.client-and-server`,
-			defaultMessage: 'Client and server',
-		}),
-		environments: [
-			'client_and_server',
-			'client_only_server_optional',
-			'server_only_client_optional',
-			'client_or_server_prefers_both',
-		],
-	},
-]
-
-const primaryEnvironmentTags = computed(() => {
-	return primaryEnvironment.value
-		? environmentTags.filter((x) => x.environments.includes(primaryEnvironment.value ?? 'unknown'))
-		: []
-})
-
-const messages = defineMessages({
-	title: {
-		id: `project.about.compatibility.title`,
-		defaultMessage: 'Compatibility',
-	},
-	minecraftJava: {
-		id: `project.about.compatibility.game.minecraftJava`,
-		defaultMessage: 'Minecraft: Java Edition',
-	},
-	platforms: {
-		id: `project.about.compatibility.platforms`,
-		defaultMessage: 'Platforms',
-	},
-	environments: {
-		id: `project.about.compatibility.environments`,
-		defaultMessage: 'Supported environments',
-	},
-})
+const messages = projectCompatibilityMessages
 </script>
diff --git a/packages/ui/src/components/project/ProjectSidebarCreators.vue b/packages/ui/src/components/project/ProjectSidebarCreators.vue
index 1ebf460b6a..f0196e1850 100644
--- a/packages/ui/src/components/project/ProjectSidebarCreators.vue
+++ b/packages/ui/src/components/project/ProjectSidebarCreators.vue
@@ -1,6 +1,6 @@
 <template>
 	<div class="flex flex-col gap-3">
-		<h2 class="text-lg m-0">{{ formatMessage(messages.title) }}</h2>
+		<h2 class="text-lg font-semibold m-0">{{ formatMessage(messages.title) }}</h2>
 		<div class="flex flex-col gap-3 font-semibold">
 			<template v-if="organization">
 				<AutoLink
@@ -10,10 +10,10 @@
 				>
 					<Avatar :src="organization.icon_url" :alt="organization.name" size="32px" />
 					<div class="flex flex-col flex-nowrap justify-center">
-						<span class="group-hover:underline">
+						<span class="group-hover:underline font-normal text-contrast">
 							{{ organization.name }}
 						</span>
-						<span class="text-secondary text-sm font-medium flex items-center gap-1"
+						<span class="text-sm font-normal flex items-center gap-1"
 							><OrganizationIcon /> {{ formatMessage(messages.organization) }}</span
 						>
 					</div>
@@ -30,7 +30,9 @@
 				<Avatar :src="member.user.avatar_url" :alt="member.user.username" size="32px" circle />
 				<div class="flex flex-col">
 					<span class="flex w-full flex-nowrap items-center gap-1 group-hover:underline">
-						<span class="min-w-0 overflow-hidden truncate">{{ member.user.username }}</span>
+						<span class="min-w-0 overflow-hidden font-normal text-contrast truncate">{{
+							member.user.username
+						}}</span>
 						<CrownIcon
 							v-if="member.is_owner"
 							v-tooltip="formatMessage(messages.owner)"
@@ -38,7 +40,7 @@
 						/>
 						<ExternalIcon v-if="linkTarget === '_blank'" />
 					</span>
-					<span class="text-secondary text-sm font-medium">{{ member.role }}</span>
+					<span class="text-sm font-normal">{{ member.role }}</span>
 				</div>
 			</AutoLink>
 		</div>
diff --git a/packages/ui/src/components/search/SearchSidebarFilter.vue b/packages/ui/src/components/search/SearchSidebarFilter.vue
index 4e644365cc..144a26305d 100644
--- a/packages/ui/src/components/search/SearchSidebarFilter.vue
+++ b/packages/ui/src/components/search/SearchSidebarFilter.vue
@@ -9,7 +9,7 @@
 	>
 		<template #title>
 			<slot name="header" :filter="filterType">
-				<h2>{{ filterType.formatted_name }}</h2>
+				<h2 class="font-semibold">{{ filterType.formatted_name }}</h2>
 			</slot>
 		</template>
 		<template
diff --git a/packages/ui/src/components/version/VersionChannelTag.vue b/packages/ui/src/components/version/VersionChannelTag.vue
new file mode 100644
index 0000000000..7bf45eb131
--- /dev/null
+++ b/packages/ui/src/components/version/VersionChannelTag.vue
@@ -0,0 +1,44 @@
+<script setup lang="ts">
+import type { VersionChannel } from '@modrinth/utils'
+import { computed } from 'vue'
+
+import { commonMessages } from '#ui/utils/common-messages.ts'
+
+import { useVIntl } from '../../composables/i18n'
+import TagItem from '../base/TagItem.vue'
+
+const { formatMessage } = useVIntl()
+
+const props = defineProps<{
+	channel: VersionChannel
+}>()
+
+const RELEASE_CHANNELS = {
+	release: {
+		message: commonMessages.release,
+		bgColor: 'var(--color-green-bg)',
+		color: 'var(--color-green)',
+	},
+	beta: {
+		message: commonMessages.beta,
+		bgColor: 'var(--color-orange-bg)',
+		color: 'var(--color-orange)',
+	},
+	alpha: {
+		message: commonMessages.alpha,
+		bgColor: 'var(--color-red-bg)',
+		color: 'var(--color-red)',
+	},
+}
+
+const releaseChannel = computed(() => RELEASE_CHANNELS[props.channel])
+</script>
+
+<template>
+	<TagItem
+		class="py-1.5"
+		:style="{ '--_bg-color': releaseChannel.bgColor, '--_color': releaseChannel.color }"
+	>
+		{{ formatMessage(releaseChannel.message) }}
+	</TagItem>
+</template>
diff --git a/packages/ui/src/components/version/VersionDependencyItem.vue b/packages/ui/src/components/version/VersionDependencyItem.vue
new file mode 100644
index 0000000000..b3514fa39c
--- /dev/null
+++ b/packages/ui/src/components/version/VersionDependencyItem.vue
@@ -0,0 +1,95 @@
+<script setup lang="ts">
+import { InfoIcon } from '@modrinth/assets'
+
+import { defineMessages, useVIntl } from '#ui/composables/i18n.ts'
+
+import AutoLink from '../base/AutoLink.vue'
+import Avatar from '../base/Avatar.vue'
+import type { DependencyContext } from './index.ts'
+
+const { formatMessage } = useVIntl()
+
+withDefaults(
+	defineProps<{
+		context: DependencyContext
+		dependencyLink?: string
+		linkTabbable?: boolean
+	}>(),
+	{
+		dependencyLink: undefined,
+		linkTabbable: false,
+	},
+)
+
+const messages = defineMessages({
+	anyVersion: {
+		id: 'version.section.dependencies.any-version',
+		defaultMessage: 'Any version',
+	},
+	anyCompatibleVersion: {
+		id: 'version.section.dependencies.any-compatible-version',
+		defaultMessage: 'Any compatible version',
+	},
+	unavailableVersion: {
+		id: 'version.section.dependencies.unavailable-version',
+		defaultMessage: 'Unavailable version',
+	},
+	unavailableVersionDescription: {
+		id: 'version.section.dependencies.unavailable-version.description',
+		defaultMessage: 'This version may have been deleted or is being reviewed by moderators.',
+	},
+	unavailableRequiredVersionDescription: {
+		id: 'version.section.dependencies.unavailable-version.description.required',
+		defaultMessage:
+			'The required version may have been deleted or is being reviewed by moderators.',
+	},
+})
+</script>
+<template>
+	<div class="flex gap-3 items-center">
+		<AutoLink
+			:to="dependencyLink"
+			class="flex gap-3 items-center group"
+			:tabindex="linkTabbable ? undefined : '-1'"
+		>
+			<Avatar :src="context.project?.icon_url" alt="" size="48px" no-shadow />
+			<div class="flex flex-col gap-1">
+				<span
+					class="text-contrast font-medium"
+					:class="{ 'group-hover:underline': !!dependencyLink }"
+					>{{ context.project?.title ?? context.dependency.file_name }}</span
+				>
+				<span class="text-secondary flex items-center gap-1">
+					<template v-if="!context.dependency.version_id">
+						{{
+							formatMessage(
+								context.dependency.dependency_type === 'incompatible'
+									? messages.anyVersion
+									: messages.anyCompatibleVersion,
+							)
+						}}
+					</template>
+					<template v-else-if="context.version">
+						{{ context.version.version_number }}
+					</template>
+					<template v-else>
+						{{ formatMessage(messages.unavailableVersion) }}
+						<InfoIcon
+							v-tooltip="
+								formatMessage(
+									context.dependency.dependency_type === 'required'
+										? messages.unavailableRequiredVersionDescription
+										: messages.unavailableVersionDescription,
+								)
+							"
+							class="shrink-0"
+						/>
+					</template>
+				</span>
+			</div>
+		</AutoLink>
+		<div class="flex items-center gap-2 ml-auto">
+			<slot />
+		</div>
+	</div>
+</template>
diff --git a/packages/ui/src/components/version/VersionPage.vue b/packages/ui/src/components/version/VersionPage.vue
new file mode 100644
index 0000000000..015b153212
--- /dev/null
+++ b/packages/ui/src/components/version/VersionPage.vue
@@ -0,0 +1,491 @@
+<script setup lang="ts">
+import type { Labrinth } from '@modrinth/api-client'
+import { DownloadIcon, FileIcon, SearchIcon } from '@modrinth/assets'
+import { capitalizeString, renderHighlightedString } from '@modrinth/utils'
+import { useQuery } from '@tanstack/vue-query'
+import { computed, ref } from 'vue'
+
+import { useFormatBytes } from '#ui/composables/format-bytes.ts'
+import { useFormatDateTime } from '#ui/composables/format-date-time.ts'
+import { useCompactNumber, useFormatNumber } from '#ui/composables/format-number.ts'
+import { useRelativeTime } from '#ui/composables/how-ago.ts'
+import { defineMessage, defineMessages, useVIntl } from '#ui/composables/i18n.ts'
+import { injectModrinthClient } from '#ui/providers/api-client.ts'
+import {
+	commonMessages,
+	fileTypeMessages,
+	projectCompatibilityMessages,
+} from '#ui/utils/common-messages.ts'
+
+import AutoLink from '../base/AutoLink.vue'
+import Avatar from '../base/Avatar.vue'
+import StyledInput from '../base/StyledInput.vue'
+import Table from '../base/Table.vue'
+import TagItem from '../base/TagItem.vue'
+import TagTagItem from '../base/TagTagItem.vue'
+import EnvironmentTags from '../project/EnvironmentTags.vue'
+import VersionChannelTag from './VersionChannelTag.vue'
+import VersionDependencyItem from './VersionDependencyItem.vue'
+
+const { formatMessage } = useVIntl()
+
+const formatRelativeTime = useRelativeTime()
+const formatDateTime = useFormatDateTime({
+	timeStyle: 'short',
+	dateStyle: 'long',
+})
+const formatBytes = useFormatBytes()
+const formatNumber = useFormatNumber()
+const { formatCompactNumber } = useCompactNumber()
+
+const props = defineProps<{
+	version: Labrinth.Versions.v3.Version
+	enrichment?: Labrinth.Projects.v2.DependencyInfo
+	dependencyLinkCreator: (context: DependencyContext) => string | undefined
+	members?: Labrinth.Projects.v3.TeamMember[]
+	userLinkCreator?: (user: Labrinth.Users.v3.User) => string | undefined
+}>()
+
+const api = injectModrinthClient()
+
+const versionNumber = computed(() => props.version.version_number)
+const versionSubtitle = computed(() => props.version.name)
+const publishDate = computed(() => formatRelativeTime(props.version.date_published))
+const publishDateTooltip = computed(() => formatDateTime(props.version.date_published))
+
+const isModpack = computed(() => props.version.loaders.includes('mrpack'))
+const platforms = computed(() =>
+	isModpack.value ? props.version.mrpack_loaders : props.version.loaders,
+)
+const noModpackLoader = computed(
+	() =>
+		(isModpack.value &&
+			props.version.mrpack_loaders?.length === 1 &&
+			props.version.mrpack_loaders?.[0] === 'minecraft') ||
+		props.version.mrpack_loaders?.length === 0,
+)
+const primaryFile = computed(
+	() => props.version.files?.find((file) => file.primary) ?? props.version.files?.[0] ?? {},
+)
+const promotedSupplementaryFiles = computed(() =>
+	props.version.files.filter(
+		(file) =>
+			file.file_type &&
+			['required-resource-pack', 'optional-resource-pack'].includes(file.file_type),
+	),
+)
+
+type DependencyContext = {
+	dependency: Labrinth.Versions.v3.Dependency
+	project?: Labrinth.Projects.v2.Project
+	version?: Labrinth.Versions.v2.Version
+}
+
+const dependencies = computed<DependencyContext[]>(() =>
+	props.version.dependencies.map(
+		(dep) =>
+			({
+				dependency: dep,
+				project: props.enrichment?.projects.find((x) => x.id === dep.project_id),
+				version: props.enrichment?.versions.find((x) => x.id === dep.version_id),
+			}) satisfies DependencyContext,
+	),
+)
+
+const requiredContent = computed(() =>
+	dependencies.value.filter((dep) => dep.dependency.dependency_type === 'required'),
+)
+const optionalContent = computed(() =>
+	dependencies.value.filter((dep) => dep.dependency.dependency_type === 'optional'),
+)
+const incompatibleContent = computed(() =>
+	dependencies.value.filter((dep) => dep.dependency.dependency_type === 'incompatible'),
+)
+const includedContent = computed(() =>
+	dependencies.value
+		.filter((context) => context.dependency.dependency_type === 'embedded')
+		.map((context) => ({
+			icon_url: context.project
+				? context.project.icon_url
+				: context.dependency.attribution?.icon_url,
+			name: context.project ? context.project.title : context.dependency.file_name,
+			version: context.version ? context.version.version_number : undefined,
+			link: context.project
+				? props.dependencyLinkCreator(context)
+				: context.dependency.attribution?.link,
+			hasProject: !!context.project,
+		})),
+)
+
+const contentTableColumns = computed(() => {
+	const cols = [
+		{
+			key: 'icon',
+			width: '3.75rem',
+		},
+		{
+			key: 'name',
+			label: formatMessage(defineMessage({ id: 'version.content.name', defaultMessage: 'Name' })),
+		},
+	]
+	if (includedContent.value.some((x) => x.version)) {
+		cols.push({
+			key: 'version',
+			label: formatMessage(
+				defineMessage({ id: 'version.content.version', defaultMessage: 'Version' }),
+			),
+		})
+	}
+	return cols
+})
+
+const supplementaryResourcesTableColumns = computed(() => [
+	{
+		key: 'file',
+		label: formatMessage(
+			defineMessage({ id: 'version.supplementary-resources.file', defaultMessage: 'File' }),
+		),
+		width: '20rem',
+	},
+	{
+		key: 'type',
+		label: formatMessage(
+			defineMessage({ id: 'version.supplementary-resources.type', defaultMessage: 'Type' }),
+		),
+		width: '14rem',
+	},
+	{
+		key: 'size',
+		label: formatMessage(
+			defineMessage({ id: 'version.supplementary-resources.size', defaultMessage: 'Size' }),
+		),
+		width: '5rem',
+	},
+	{
+		key: 'actions',
+		label: '',
+		width: '14rem',
+	},
+])
+
+const supplementaryResources = computed(() =>
+	props.version.files
+		.filter((file) => file.primary === false && file !== primaryFile.value)
+		.map((file) => ({
+			file: file,
+		})),
+)
+
+const messages = defineMessages({
+	compatibility: {
+		id: 'version.section.compatibility',
+		defaultMessage: 'Compatibility',
+	},
+	required: {
+		id: 'version.section.required-content',
+		defaultMessage: 'Required content',
+	},
+	optionalDeps: {
+		id: 'version.section.optional-dependencies',
+		defaultMessage: 'Optional dependencies',
+	},
+	knownIncompatibilities: {
+		id: 'version.section.known-incompatibilities',
+		defaultMessage: 'Known incompatibilities',
+	},
+	content: {
+		id: 'version.section.content',
+		defaultMessage: 'Content',
+	},
+	includedContent: {
+		id: 'version.section.included-content',
+		defaultMessage: 'Included content',
+	},
+	noModpackLoader: {
+		id: 'version.section.no-modpack-mod-loader',
+		defaultMessage: 'No mod loader',
+	},
+	changes: {
+		id: 'version.section.changes',
+		defaultMessage: 'Changes',
+	},
+	noChanges: {
+		id: 'version.section.no-changes',
+		defaultMessage: 'No changelog was provided.',
+	},
+	files: {
+		id: 'version.section.files',
+		defaultMessage: 'Files',
+	},
+	supplementaryResources: {
+		id: 'version.section.supplementary-resources',
+		defaultMessage: 'Supplementary resources',
+	},
+	searchContent: {
+		id: 'version.section.content.search-placeholder',
+		defaultMessage: 'Search content...',
+	},
+})
+
+const contentSearchQuery = ref('')
+
+const formattedDownloads = computed(() => formatNumber(props.version.downloads))
+const compactDownloads = computed(() => formatCompactNumber(props.version.downloads))
+
+const authorMember = computed(
+	() => props.members?.find((member) => member.user.id === props.version.author_id)?.user,
+)
+const { data: externalAuthor, isLoading: loadingAuthor } = useQuery({
+	queryKey: ['user', props.version.author_id],
+	queryFn: () => api.labrinth.users_v3.get(props.version.author_id),
+	enabled: computed(() => !authorMember.value),
+})
+
+const author = computed(() => authorMember.value ?? externalAuthor.value)
+const authorLink = computed(() =>
+	author.value ? props.userLinkCreator?.(author.value) : undefined,
+)
+</script>
+<template>
+	<div class="flex flex-col gap-4">
+		<div class="flex flex-wrap gap-4 justify-between items-center">
+			<div class="flex flex-col gap-1.5">
+				<div class="flex flex-wrap gap-2 items-center">
+					<h2 class="m-0 leading-tight font-semibold">{{ versionNumber }}</h2>
+					<div>
+						<VersionChannelTag :channel="version.version_type" />
+					</div>
+				</div>
+				<div class="flex items-center gap-2 flex-col sm:flex-row">
+					<span>{{ versionSubtitle }}</span>
+					<span class="bg-surface-5 size-1.5 rounded-full hidden sm:block" />
+					<span class="flex items-center gap-2 sm:content">
+						<span v-tooltip="publishDateTooltip">{{ publishDate }}</span>
+						<span class="bg-surface-5 size-1.5 rounded-full" />
+						<span
+							v-tooltip="
+								compactDownloads !== formattedDownloads
+									? capitalizeString(
+											formatMessage(commonMessages.projectDownloads, {
+												count: props.version.downloads,
+											}),
+										)
+									: undefined
+							"
+							class="flex items-center gap-1"
+						>
+							<DownloadIcon class="size-5" /> {{ compactDownloads }}
+						</span>
+					</span>
+				</div>
+				<div
+					v-if="(author && authorLink) || loadingAuthor"
+					class="flex items-center gap-1 text-secondary"
+				>
+					Uploaded by
+					<AutoLink
+						v-if="author && authorLink"
+						:to="authorLink"
+						class="flex items-center gap-1 hover:underline"
+					>
+						<Avatar :src="author?.avatar_url" size="1.5rem" circle />
+						{{ author?.username }}
+					</AutoLink>
+					<div
+						v-else-if="loadingAuthor"
+						class="w-32 h-6 bg-surface-3 rounded-md animate-pulse flex"
+					></div>
+				</div>
+			</div>
+			<div class="flex gap-2 flex-wrap items-center">
+				<slot
+					name="headerActions"
+					:primary-file="primaryFile"
+					:promoted-files="promotedSupplementaryFiles"
+				/>
+			</div>
+		</div>
+		<hr class="w-full border-none h-[1px] bg-surface-4 m-0" />
+		<section v-if="requiredContent.length > 0" id="dependencies">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">{{ formatMessage(messages.required) }}</h3>
+			<div class="grid md:grid-cols-2 gap-4">
+				<VersionDependencyItem
+					v-for="depContext in requiredContent"
+					:key="`required-dep-${depContext.dependency.version_id ?? depContext.dependency.project_id ?? depContext.dependency.file_name}`"
+					:context="depContext"
+					:dependency-link="dependencyLinkCreator(depContext)"
+					target="_blank"
+					class="bg-surface-3 border border-solid border-surface-4 p-4 rounded-2xl"
+				>
+					<slot name="dependencyActions" :dependency="depContext" />
+				</VersionDependencyItem>
+			</div>
+		</section>
+		<section id="compatibility">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">{{ formatMessage(messages.compatibility) }}</h3>
+			<div
+				class="grid gap-3 md:gap-4 bg-surface-3 border border-solid border-surface-4 p-4 rounded-2xl md:p-0 md:border-0 md:bg-transparent"
+				:class="version.environment ? 'md:grid-cols-3' : 'md:grid-cols-2'"
+			>
+				<div
+					class="md:bg-surface-3 md:border md:border-solid md:border-surface-4 md:p-4 md:rounded-2xl"
+				>
+					{{ formatMessage(projectCompatibilityMessages.minecraftJava) }}
+					<div class="flex gap-1 flex-wrap mt-2">
+						<TagItem
+							v-for="gameVersion in version.game_versions"
+							:key="`version-compat-game-version-${gameVersion}`"
+							>{{ gameVersion }}</TagItem
+						>
+					</div>
+				</div>
+				<div
+					class="md:bg-surface-3 md:border md:border-solid md:border-surface-4 md:p-4 md:rounded-2xl"
+				>
+					{{
+						formatMessage(projectCompatibilityMessages.platformsPlural, {
+							count: platforms?.length ?? 0,
+						})
+					}}
+					<div class="flex gap-1 flex-wrap mt-2">
+						<template v-if="isModpack && noModpackLoader">
+							<TagItem class="border !border-solid border-surface-5 hover:no-underline">
+								{{ formatMessage(messages.noModpackLoader) }}
+							</TagItem>
+						</template>
+						<template v-else>
+							<TagTagItem
+								v-for="platform in platforms"
+								:key="`version-compat-platform-${platform}`"
+								:tag="platform"
+							/>
+						</template>
+					</div>
+				</div>
+				<div
+					v-if="version.environment"
+					class="md:bg-surface-3 md:border md:border-solid md:border-surface-4 md:p-4 md:rounded-2xl"
+				>
+					{{ formatMessage(projectCompatibilityMessages.environments) }}
+					<div class="flex gap-1 flex-wrap mt-2">
+						<EnvironmentTags :environment="version.environment" />
+					</div>
+				</div>
+			</div>
+		</section>
+		<section id="changes">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">{{ formatMessage(messages.changes) }}</h3>
+			<div class="p-4 bg-surface-3 rounded-2xl flex border-solid border border-surface-4">
+				<div
+					v-if="version.changelog"
+					class="markdown-body"
+					v-html="renderHighlightedString(version.changelog)"
+				/>
+				<div v-else class="text-secondary">{{ formatMessage(messages.noChanges) }}</div>
+			</div>
+		</section>
+		<section v-if="optionalContent.length > 0" id="optional-dependencies">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">{{ formatMessage(messages.optionalDeps) }}</h3>
+			<div class="grid md:grid-cols-2 gap-4">
+				<VersionDependencyItem
+					v-for="depContext in optionalContent"
+					:key="`optional-dep-${depContext.dependency.version_id ?? depContext.dependency.project_id ?? depContext.dependency.file_name}`"
+					:context="depContext"
+					:dependency-link="dependencyLinkCreator(depContext)"
+					target="_blank"
+					class="bg-surface-3 border border-solid border-surface-4 p-4 rounded-2xl"
+				>
+					<slot name="dependencyActions" :dependency="depContext" />
+				</VersionDependencyItem>
+			</div>
+		</section>
+		<section v-if="incompatibleContent.length > 0" id="known-incompatibilities">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">
+				{{ formatMessage(messages.knownIncompatibilities) }}
+			</h3>
+			<div class="grid md:grid-cols-2 gap-4">
+				<VersionDependencyItem
+					v-for="depContext in incompatibleContent"
+					:key="`incompatible-dep-${depContext.dependency.version_id ?? depContext.dependency.project_id ?? depContext.dependency.file_name}`"
+					:context="depContext"
+					:dependency-link="dependencyLinkCreator(depContext)"
+					target="_blank"
+					class="bg-surface-3 border border-solid border-surface-4 p-4 rounded-2xl"
+				/>
+			</div>
+		</section>
+		<section v-if="includedContent?.length > 0" id="content">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">
+				{{
+					formatMessage(
+						version.loaders.includes('mrpack') ? messages.content : messages.includedContent,
+					)
+				}}
+			</h3>
+			<Table :columns="contentTableColumns" :data="includedContent">
+				<template #header-actions>
+					<StyledInput
+						v-model="contentSearchQuery"
+						:icon="SearchIcon"
+						:placeholder="formatMessage(messages.searchContent)"
+						clearable
+						wrapper-class="w-full sm:w-64"
+					/>
+				</template>
+				<template #cell-icon="{ row }">
+					<AutoLink :to="row.link" tabindex="-1" class="flex" target="_blank">
+						<Avatar v-if="row.icon_url" :src="row.icon_url" alt="" size="2rem" />
+						<div v-else class="size-[2rem] flex items-center justify-center">
+							<FileIcon class="size-5 text-secondary" />
+						</div>
+					</AutoLink>
+				</template>
+				<template #cell-name="{ row }">
+					<AutoLink
+						:to="row.link"
+						class="flex w-fit"
+						link-class="hover:underline hover:text-contrast"
+						target="_blank"
+					>
+						{{ row.name }}
+					</AutoLink>
+				</template>
+				<template #cell-version="{ row }">
+					{{ (row.version ?? row.hasProject) ? formatMessage(commonMessages.unknownLabel) : '—' }}
+				</template>
+			</Table>
+		</section>
+		<section v-if="supplementaryResources?.length > 0" id="supplementary-resources">
+			<h3 class="mt-0 mb-2 text-lg font-semibold">
+				{{ formatMessage(messages.supplementaryResources) }}
+			</h3>
+			<Table :columns="supplementaryResourcesTableColumns" :data="supplementaryResources">
+				<template #cell-file="{ row }">
+					{{ row.file.filename }}
+				</template>
+				<template #cell-type="{ row }">
+					{{
+						formatMessage(
+							!row.file.file_type || row.file.file_type === 'unknown'
+								? commonMessages.unknownLabel
+								: fileTypeMessages[row.file.file_type],
+						)
+					}}
+				</template>
+				<template #cell-size="{ row }">
+					{{ formatBytes(row.file.size) }}
+				</template>
+				<template #cell-actions="{ row }">
+					<div class="flex items-center justify-end gap-2">
+						<slot name="supplementaryResourceActions" :file="row.file" />
+					</div>
+				</template>
+			</Table>
+		</section>
+	</div>
+</template>
+<style>
+.markdown-body ul {
+	padding-left: 1.25rem;
+}
+</style>
diff --git a/packages/ui/src/components/version/index.ts b/packages/ui/src/components/version/index.ts
index 67b33bde19..36c0469b69 100644
--- a/packages/ui/src/components/version/index.ts
+++ b/packages/ui/src/components/version/index.ts
@@ -1,3 +1,13 @@
+import type { Labrinth } from '@modrinth/api-client'
+
 export { default as VersionChannelIndicator } from './VersionChannelIndicator.vue'
+export { default as VersionDependencyItem } from './VersionDependencyItem.vue'
 export { default as VersionFilterControl } from './VersionFilterControl.vue'
+export { default as VersionPage } from './VersionPage.vue'
 export { default as VersionSummary } from './VersionSummary.vue'
+
+export type DependencyContext = {
+	dependency: Labrinth.Versions.v3.Dependency
+	project?: Labrinth.Projects.v2.Project
+	version?: Labrinth.Versions.v2.Version
+}
diff --git a/packages/ui/src/layouts/shared/browse-tab/sidebar.vue b/packages/ui/src/layouts/shared/browse-tab/sidebar.vue
index 34a1ef0fe4..e5b77422ec 100644
--- a/packages/ui/src/layouts/shared/browse-tab/sidebar.vue
+++ b/packages/ui/src/layouts/shared/browse-tab/sidebar.vue
@@ -143,7 +143,7 @@ function getFilterOpenByDefault(filterId: string): boolean {
 				:open-by-default="getFilterOpenByDefault(filterType.id)"
 			>
 				<template #header>
-					<h3 :class="isApp ? 'text-base m-0' : 'm-0 text-lg'">
+					<h3 :class="isApp ? 'text-base m-0' : 'm-0 text-lg font-semibold'">
 						{{ filterType.formatted_name }}
 					</h3>
 				</template>
@@ -165,7 +165,7 @@ function getFilterOpenByDefault(filterId: string): boolean {
 				:open-by-default="getFilterOpenByDefault(filter.id)"
 			>
 				<template #header>
-					<h3 :class="isApp ? 'text-base m-0' : 'm-0 text-lg'">
+					<h3 :class="isApp ? 'text-base m-0' : 'm-0 text-lg font-semibold'">
 						{{ filter.formatted_name }}
 					</h3>
 				</template>
diff --git a/packages/ui/src/locales/en-US/index.json b/packages/ui/src/locales/en-US/index.json
index c6141ef749..bbcb2e479d 100644
--- a/packages/ui/src/locales/en-US/index.json
+++ b/packages/ui/src/locales/en-US/index.json
@@ -50,6 +50,9 @@
   "badge.new": {
     "defaultMessage": "New"
   },
+  "badge.release": {
+    "defaultMessage": "Release"
+  },
   "billing.resubscribe-modal.cancel": {
     "defaultMessage": "Cancel"
   },
@@ -866,6 +869,258 @@
   "creation-flow.title.set-up-server": {
     "defaultMessage": "Set up server"
   },
+  "external-files.permissions-card.add-files-modal.confirm": {
+    "defaultMessage": "{count, plural, one {Add file} other {Add files}}"
+  },
+  "external-files.permissions-card.add-files-modal.description": {
+    "defaultMessage": "Select any files that should be moved into this group."
+  },
+  "external-files.permissions-card.add-files-modal.empty": {
+    "defaultMessage": "There are no files in other groups that can be moved here."
+  },
+  "external-files.permissions-card.add-files-modal.load-error.title": {
+    "defaultMessage": "Could not load files"
+  },
+  "external-files.permissions-card.add-files-modal.no-search-results": {
+    "defaultMessage": "No files match your search."
+  },
+  "external-files.permissions-card.add-files-modal.search-placeholder": {
+    "defaultMessage": "Search files…"
+  },
+  "external-files.permissions-card.add-files-modal.selected-count": {
+    "defaultMessage": "{count, plural, one {# file selected} other {# files selected}}"
+  },
+  "external-files.permissions-card.add-files-modal.title": {
+    "defaultMessage": "Add files to this group"
+  },
+  "external-files.permissions-card.add-files-to-group": {
+    "defaultMessage": "Add files..."
+  },
+  "external-files.permissions-card.assign-files-error.title": {
+    "defaultMessage": "Could not add files"
+  },
+  "external-files.permissions-card.attribution.moderation-status.content-not-allowed": {
+    "defaultMessage": "Content not allowed"
+  },
+  "external-files.permissions-card.attribution.moderation-status.passed": {
+    "defaultMessage": "Passed"
+  },
+  "external-files.permissions-card.attribution.moderation-status.rejected-proof": {
+    "defaultMessage": "Proof rejected"
+  },
+  "external-files.permissions-card.badge.attributed": {
+    "defaultMessage": "Completed"
+  },
+  "external-files.permissions-card.badge.no-permission": {
+    "defaultMessage": "No permission"
+  },
+  "external-files.permissions-card.badge.not-allowed": {
+    "defaultMessage": "Not allowed"
+  },
+  "external-files.permissions-card.badge.pending": {
+    "defaultMessage": "Pending"
+  },
+  "external-files.permissions-card.badge.proof-rejected": {
+    "defaultMessage": "Information rejected"
+  },
+  "external-files.permissions-card.custom-license-option": {
+    "defaultMessage": "Other"
+  },
+  "external-files.permissions-card.editor.add": {
+    "defaultMessage": "Add attribution"
+  },
+  "external-files.permissions-card.editor.all-rights-reserved": {
+    "defaultMessage": "All Rights Reserved/No license"
+  },
+  "external-files.permissions-card.editor.custom-license-label": {
+    "defaultMessage": "Link to license"
+  },
+  "external-files.permissions-card.editor.custom-license-my-project-label": {
+    "defaultMessage": "License name, preferably a SPDX identifier"
+  },
+  "external-files.permissions-card.editor.error.license-required": {
+    "defaultMessage": "Please select a license."
+  },
+  "external-files.permissions-card.editor.error.link-invalid-url": {
+    "defaultMessage": "Link must be a valid URL."
+  },
+  "external-files.permissions-card.editor.example-spdx-license": {
+    "defaultMessage": "e.g. MPL-1.1"
+  },
+  "external-files.permissions-card.editor.input-optional": {
+    "defaultMessage": "(optional)"
+  },
+  "external-files.permissions-card.editor.license-label": {
+    "defaultMessage": "License"
+  },
+  "external-files.permissions-card.editor.link-label": {
+    "defaultMessage": "Link to work"
+  },
+  "external-files.permissions-card.editor.link-to-license-url-placeholder": {
+    "defaultMessage": "link-to-license"
+  },
+  "external-files.permissions-card.editor.link-to-work-url-placeholder": {
+    "defaultMessage": "link-to-work"
+  },
+  "external-files.permissions-card.editor.modrinth-link-to-work": {
+    "defaultMessage": "This appears to be a Modrinth link. If this content is available on Modrinth, your pack was likely exported incorrectly. If you downloaded it from another site, try downloading the Modrinth version instead; sometimes they are not identical files."
+  },
+  "external-files.permissions-card.editor.notes-label": {
+    "defaultMessage": "Notes"
+  },
+  "external-files.permissions-card.editor.notes-placeholder": {
+    "defaultMessage": "Write something here..."
+  },
+  "external-files.permissions-card.editor.proof-image-alt": {
+    "defaultMessage": "Proof screenshot {n}"
+  },
+  "external-files.permissions-card.editor.proof-image-remove": {
+    "defaultMessage": "Remove image"
+  },
+  "external-files.permissions-card.editor.proof-images-label": {
+    "defaultMessage": "Proof images"
+  },
+  "external-files.permissions-card.editor.proof-images-upload-prompt": {
+    "defaultMessage": "Drag and drop to upload or click to select an image"
+  },
+  "external-files.permissions-card.editor.proof-warning.body": {
+    "defaultMessage": "If you are found to have lied or manipulated the images uploaded, your project and account may be terminated."
+  },
+  "external-files.permissions-card.editor.proof-warning.title": {
+    "defaultMessage": "Modrinth staff may verify submitted proof"
+  },
+  "external-files.permissions-card.editor.save": {
+    "defaultMessage": "Save attribution"
+  },
+  "external-files.permissions-card.editor.select-license-label": {
+    "defaultMessage": "Select a license..."
+  },
+  "external-files.permissions-card.editor.type-label": {
+    "defaultMessage": "Permission reason"
+  },
+  "external-files.permissions-card.error.custom-license-required": {
+    "defaultMessage": "Please include a link to your license. If you have none, you should likely select 'All Rights Reserved/No license'"
+  },
+  "external-files.permissions-card.error.explanation-or-images-required": {
+    "defaultMessage": "Please provide an explanation or upload at least one proof image."
+  },
+  "external-files.permissions-card.error.link-required": {
+    "defaultMessage": "Please provide a link."
+  },
+  "external-files.permissions-card.error.notes-or-images-required": {
+    "defaultMessage": "Please provide a note or upload at least one proof image."
+  },
+  "external-files.permissions-card.error.proof-image-invalid-type": {
+    "defaultMessage": "Please upload a PNG, JPEG, GIF, WebP, or BMP image."
+  },
+  "external-files.permissions-card.error.proof-images-required": {
+    "defaultMessage": "Please upload at least one proof image."
+  },
+  "external-files.permissions-card.explanation-description": {
+    "defaultMessage": "A short explanation or proof images are required."
+  },
+  "external-files.permissions-card.explanation-label": {
+    "defaultMessage": "Explanation"
+  },
+  "external-files.permissions-card.fallback-group-title": {
+    "defaultMessage": "Attribution group {id}"
+  },
+  "external-files.permissions-card.file-count": {
+    "defaultMessage": "{count, plural, one {# file} other {# files}}"
+  },
+  "external-files.permissions-card.included-files": {
+    "defaultMessage": "Included files:"
+  },
+  "external-files.permissions-card.included-in-versions": {
+    "defaultMessage": "Included in {count, plural, one {# version} other {# versions}}:"
+  },
+  "external-files.permissions-card.last-updated": {
+    "defaultMessage": "Last updated on {date} by {user}"
+  },
+  "external-files.permissions-card.license.unknown": {
+    "defaultMessage": "Unknown"
+  },
+  "external-files.permissions-card.licensed-as": {
+    "defaultMessage": "Licensed:"
+  },
+  "external-files.permissions-card.link-label": {
+    "defaultMessage": "Link to work:"
+  },
+  "external-files.permissions-card.moderation-reason": {
+    "defaultMessage": "Reason"
+  },
+  "external-files.permissions-card.moderation.error.title": {
+    "defaultMessage": "Could not save moderation review"
+  },
+  "external-files.permissions-card.not-used-in-versions": {
+    "defaultMessage": "These files are not currently used by any version."
+  },
+  "external-files.permissions-card.notes-label": {
+    "defaultMessage": "Notes:"
+  },
+  "external-files.permissions-card.notes-none": {
+    "defaultMessage": "None"
+  },
+  "external-files.permissions-card.original-project-page": {
+    "defaultMessage": "Original project"
+  },
+  "external-files.permissions-card.proof-image-alt": {
+    "defaultMessage": "Proof screenshot {n}"
+  },
+  "external-files.permissions-card.proof-images-label": {
+    "defaultMessage": "Proof images:"
+  },
+  "external-files.permissions-card.reason.globally-allowed": {
+    "defaultMessage": "Automatically attributed"
+  },
+  "external-files.permissions-card.reason.globally-allowed.description": {
+    "defaultMessage": "We've seen this file before and have prepared an attribution for you. If something seems wrong, please contact Modrinth Support via the Help Center"
+  },
+  "external-files.permissions-card.reason.license": {
+    "defaultMessage": "License"
+  },
+  "external-files.permissions-card.reason.license.description": {
+    "defaultMessage": "The license of this work permits you to redistribute it in your modpack."
+  },
+  "external-files.permissions-card.reason.license.proof-images-description": {
+    "defaultMessage": "Upload supporting documentation related to this license."
+  },
+  "external-files.permissions-card.reason.my-project": {
+    "defaultMessage": "My project"
+  },
+  "external-files.permissions-card.reason.my-project.description": {
+    "defaultMessage": "Original work created by you."
+  },
+  "external-files.permissions-card.reason.my-project.proof-images-description": {
+    "defaultMessage": "Upload files that help verify you created this work."
+  },
+  "external-files.permissions-card.reason.no-permission": {
+    "defaultMessage": "No permission"
+  },
+  "external-files.permissions-card.reason.no-permission.automatic.description": {
+    "defaultMessage": "We've seen this file before and its license does not normally allow redistribution."
+  },
+  "external-files.permissions-card.reason.no-permission.description": {
+    "defaultMessage": "You don't have permission to use this work."
+  },
+  "external-files.permissions-card.reason.special-permission": {
+    "defaultMessage": "Special permission"
+  },
+  "external-files.permissions-card.reason.special-permission.description": {
+    "defaultMessage": "You have obtained special permission to redistribute this work in your modpack."
+  },
+  "external-files.permissions-card.split-file": {
+    "defaultMessage": "Remove from group"
+  },
+  "external-files.permissions-card.split-file-error.title": {
+    "defaultMessage": "Could not split file"
+  },
+  "external-files.permissions-card.unnamed-multi-group-title": {
+    "defaultMessage": "{filename} + {count} more"
+  },
+  "external-files.permissions-card.updated-by-moderator": {
+    "defaultMessage": "Moderator"
+  },
   "external-project-license-status.no": {
     "defaultMessage": "No"
   },
@@ -2603,6 +2858,9 @@
   "project.about.compatibility.platforms": {
     "defaultMessage": "Platforms"
   },
+  "project.about.compatibility.platforms-plural": {
+    "defaultMessage": "{count, plural, one {Platform} other {Platforms}}"
+  },
   "project.about.compatibility.title": {
     "defaultMessage": "Compatibility"
   },
@@ -3185,6 +3443,15 @@
   "project.versions.channel.release.symbol": {
     "defaultMessage": "R"
   },
+  "project.versions.version.withheld": {
+    "defaultMessage": "Withheld"
+  },
+  "project.versions.version.withheld.tooltip": {
+    "defaultMessage": "Version withheld due to missing permissions"
+  },
+  "project.versions.withheld-versions-warning.resolve-button": {
+    "defaultMessage": "Resolve"
+  },
   "project.visibility.archived": {
     "defaultMessage": "Archived"
   },
@@ -5320,5 +5587,95 @@
   },
   "user.profile.badge.staff.name": {
     "defaultMessage": "Modrinth Team"
+  },
+  "version.content.name": {
+    "defaultMessage": "Name"
+  },
+  "version.content.version": {
+    "defaultMessage": "Version"
+  },
+  "version.file-type.dev-jar": {
+    "defaultMessage": "Dev jar"
+  },
+  "version.file-type.javadoc-jar": {
+    "defaultMessage": "Javadoc jar"
+  },
+  "version.file-type.optional-resource-pack": {
+    "defaultMessage": "Optional resource pack"
+  },
+  "version.file-type.primary": {
+    "defaultMessage": "Primary"
+  },
+  "version.file-type.required-resource-pack": {
+    "defaultMessage": "Required resource pack"
+  },
+  "version.file-type.signature": {
+    "defaultMessage": "Signature file"
+  },
+  "version.file-type.sources-jar": {
+    "defaultMessage": "Source jar"
+  },
+  "version.file-type.unknown": {
+    "defaultMessage": "Other"
+  },
+  "version.section.changes": {
+    "defaultMessage": "Changes"
+  },
+  "version.section.compatibility": {
+    "defaultMessage": "Compatibility"
+  },
+  "version.section.content": {
+    "defaultMessage": "Content"
+  },
+  "version.section.content.search-placeholder": {
+    "defaultMessage": "Search content..."
+  },
+  "version.section.dependencies.any-compatible-version": {
+    "defaultMessage": "Any compatible version"
+  },
+  "version.section.dependencies.any-version": {
+    "defaultMessage": "Any version"
+  },
+  "version.section.dependencies.unavailable-version": {
+    "defaultMessage": "Unavailable version"
+  },
+  "version.section.dependencies.unavailable-version.description": {
+    "defaultMessage": "This version may have been deleted or is being reviewed by moderators."
+  },
+  "version.section.dependencies.unavailable-version.description.required": {
+    "defaultMessage": "The required version may have been deleted or is being reviewed by moderators."
+  },
+  "version.section.files": {
+    "defaultMessage": "Files"
+  },
+  "version.section.included-content": {
+    "defaultMessage": "Included content"
+  },
+  "version.section.known-incompatibilities": {
+    "defaultMessage": "Known incompatibilities"
+  },
+  "version.section.no-changes": {
+    "defaultMessage": "No changelog was provided."
+  },
+  "version.section.no-modpack-mod-loader": {
+    "defaultMessage": "No mod loader"
+  },
+  "version.section.optional-dependencies": {
+    "defaultMessage": "Optional dependencies"
+  },
+  "version.section.required-content": {
+    "defaultMessage": "Required content"
+  },
+  "version.section.supplementary-resources": {
+    "defaultMessage": "Supplementary resources"
+  },
+  "version.supplementary-resources.file": {
+    "defaultMessage": "File"
+  },
+  "version.supplementary-resources.size": {
+    "defaultMessage": "Size"
+  },
+  "version.supplementary-resources.type": {
+    "defaultMessage": "Type"
   }
 }
diff --git a/packages/ui/src/providers/attribution-moderation.ts b/packages/ui/src/providers/attribution-moderation.ts
new file mode 100644
index 0000000000..97b6d09b8d
--- /dev/null
+++ b/packages/ui/src/providers/attribution-moderation.ts
@@ -0,0 +1,15 @@
+import { createContext } from './create-context'
+
+export interface QuickReply<T = undefined> {
+	label: string
+	message: string | ((context: T) => Promise<string> | string)
+	shouldShow?: (context: T) => boolean
+	private?: boolean
+}
+
+export interface AttributionModerationContext {
+	attributionQuickReplies: ReadonlyArray<QuickReply>
+}
+
+export const [injectAttributionModeration, provideAttributionModeration] =
+	createContext<AttributionModerationContext>('AttributionModeration')
diff --git a/packages/ui/src/providers/index.ts b/packages/ui/src/providers/index.ts
index 5a5d8982c3..9f7801eaf0 100644
--- a/packages/ui/src/providers/index.ts
+++ b/packages/ui/src/providers/index.ts
@@ -1,5 +1,6 @@
 export * from './api-client'
 export * from './app-backup'
+export * from './attribution-moderation'
 export * from './auth'
 export * from './content-manager'
 export { createContext } from './create-context'
diff --git a/packages/ui/src/utils/auto-icons.ts b/packages/ui/src/utils/auto-icons.ts
index e6094446f7..03976cdcdd 100644
--- a/packages/ui/src/utils/auto-icons.ts
+++ b/packages/ui/src/utils/auto-icons.ts
@@ -5,6 +5,7 @@ import {
 	CalendarIcon,
 	CardIcon,
 	CheckCircleIcon,
+	CircleAlertIcon,
 	CurrencyIcon,
 	DiscordIcon,
 	FileArchiveIcon,
@@ -72,6 +73,7 @@ export const SEVERITY_ICONS: Record<string, Component> = {
 	critical: XCircleIcon,
 	success: CheckCircleIcon,
 	moderation: ScaleIcon,
+	'circle-warning': CircleAlertIcon,
 }
 
 export const PROJECT_STATUS_ICONS: Record<ProjectStatus, Component> = {
diff --git a/packages/ui/src/utils/common-messages.ts b/packages/ui/src/utils/common-messages.ts
index e3350f2e1c..0932dedd51 100644
--- a/packages/ui/src/utils/common-messages.ts
+++ b/packages/ui/src/utils/common-messages.ts
@@ -1,4 +1,6 @@
-import { defineMessages, type MessageDescriptor } from '../composables/i18n'
+import type { Labrinth } from '@modrinth/api-client'
+
+import { defineMessage, defineMessages, type MessageDescriptor } from '../composables/i18n'
 
 export const commonMessages = defineMessages({
 	acceptButton: {
@@ -25,6 +27,10 @@ export const commonMessages = defineMessages({
 		id: 'badge.beta',
 		defaultMessage: 'Beta',
 	},
+	release: {
+		id: 'badge.release',
+		defaultMessage: 'Release',
+	},
 	allProjectType: {
 		id: 'project-type.all',
 		defaultMessage: 'All',
@@ -1124,6 +1130,10 @@ export const commonProjectSettingsMessages = defineMessages({
 		id: 'project.settings.view.title',
 		defaultMessage: 'View',
 	},
+	withheldVersionsWarningResolve: {
+		id: 'project.versions.withheld-versions-warning.resolve-button',
+		defaultMessage: 'Resolve',
+	},
 })
 
 export const languageSelectorMessages = defineMessages({
@@ -1285,3 +1295,64 @@ export const externalProjectLicenseStatusMessages = defineMessages({
 		defaultMessage: 'Unidentified',
 	},
 })
+
+export const projectCompatibilityMessages = defineMessages({
+	title: {
+		id: `project.about.compatibility.title`,
+		defaultMessage: 'Compatibility',
+	},
+	minecraftJava: {
+		id: `project.about.compatibility.game.minecraftJava`,
+		defaultMessage: 'Minecraft: Java Edition',
+	},
+	platforms: {
+		id: `project.about.compatibility.platforms`,
+		defaultMessage: 'Platforms',
+	},
+	platformsPlural: {
+		id: `project.about.compatibility.platforms-plural`,
+		defaultMessage: '{count, plural, one {Platform} other {Platforms}}',
+	},
+	environments: {
+		id: `project.about.compatibility.environments`,
+		defaultMessage: 'Supported environments',
+	},
+})
+
+export const fileTypeMessages: Record<
+	Labrinth.Versions.v3.FileType | 'primary',
+	MessageDescriptor
+> = {
+	primary: defineMessage({
+		id: 'version.file-type.primary',
+		defaultMessage: 'Primary',
+	}),
+	unknown: defineMessage({
+		id: 'version.file-type.unknown',
+		defaultMessage: 'Other',
+	}),
+	'required-resource-pack': defineMessage({
+		id: 'version.file-type.required-resource-pack',
+		defaultMessage: 'Required resource pack',
+	}),
+	'optional-resource-pack': defineMessage({
+		id: 'version.file-type.optional-resource-pack',
+		defaultMessage: 'Optional resource pack',
+	}),
+	'sources-jar': defineMessage({
+		id: 'version.file-type.sources-jar',
+		defaultMessage: 'Source jar',
+	}),
+	'dev-jar': defineMessage({
+		id: 'version.file-type.dev-jar',
+		defaultMessage: 'Dev jar',
+	}),
+	'javadoc-jar': defineMessage({
+		id: 'version.file-type.javadoc-jar',
+		defaultMessage: 'Javadoc jar',
+	}),
+	signature: defineMessage({
+		id: 'version.file-type.signature',
+		defaultMessage: 'Signature file',
+	}),
+}
diff --git a/packages/ui/src/utils/index.ts b/packages/ui/src/utils/index.ts
index 7688e567ee..541b999cf9 100644
--- a/packages/ui/src/utils/index.ts
+++ b/packages/ui/src/utils/index.ts
@@ -1,3 +1,4 @@
+export { createAttributionGroupTitle } from '../components/external_files/external-project-utils'
 export * from './auto-icons'
 export * from './common-messages'
 export * from './events'
diff --git a/packages/utils/projects.ts b/packages/utils/projects.ts
index 639e7dfd81..3176c940a4 100644
--- a/packages/utils/projects.ts
+++ b/packages/utils/projects.ts
@@ -1,4 +1,6 @@
 import type { Labrinth } from '@modrinth/api-client'
+
+import { compareByIndex } from './utils'
 // noinspection JSUnusedGlobalSymbols
 
 export const isApproved = (project) => {
@@ -29,6 +31,10 @@ export const isDraft = (project) => {
 	return project && DRAFT_PROJECT_STATUSES.includes(project.status)
 }
 
+export const showDownloadCount = (project) => {
+	return project && !['draft', 'processing', 'rejected'].includes(project.status)
+}
+
 export const APPROVED_PROJECT_STATUSES = ['approved', 'archived', 'unlisted', 'private']
 export const LISTED_PROJECT_STATUSES = ['approved', 'archived']
 export const UNLISTED_PROJECT_STATUSES = ['unlisted', 'withheld']
@@ -255,7 +261,7 @@ export function getPrimaryProjectType(project: Labrinth.Projects.v3.Project): Di
 	} else {
 		const sorted = project.project_types
 			.slice()
-			.sort((a, b) => PROJECT_TYPE_PRECEDENCE.indexOf(a) - PROJECT_TYPE_PRECEDENCE.indexOf(b))
+			.sort((a, b) => compareByIndex(PROJECT_TYPE_PRECEDENCE, a, b))
 		if (sorted.length > 0) {
 			return sorted[0]
 		} else {
diff --git a/packages/utils/utils.ts b/packages/utils/utils.ts
index 286c823460..ccc9c4266b 100644
--- a/packages/utils/utils.ts
+++ b/packages/utils/utils.ts
@@ -289,3 +289,33 @@ export function arrayBufferToBase64(buffer: Uint8Array | ArrayBuffer): string {
 }
 export const DEFAULT_CREDIT_EMAIL_MESSAGE =
 	"We're really sorry about the recent issues with your server."
+
+/**
+ * Comparator for sorting values by first occurrence index in {@link order}.
+ * Values absent from {@link order} behave as tied after listed values (`order.length`).
+ */
+export function compareByIndex<T>(order: readonly T[], a: T, b: T): number {
+	const ia = order.indexOf(a)
+	const ib = order.indexOf(b)
+	const ra = ia === -1 ? order.length : ia
+	const rb = ib === -1 ? order.length : ib
+	return ra - rb
+}
+
+/**
+ * Sort {@link items} in place according to {@link order}, returning the same array reference.
+ *
+ * If the array should not be mutated, use {@link sortedByIndex}.
+ */
+export function sortByIndex<T>(order: readonly T[], items: T[]): T[] {
+	items.sort((a, b) => compareByIndex(order, a, b))
+	return items
+}
+
+/**
+ * Creates a sorted copy of {@link items} according to {@link order}.
+ *
+ */
+export function sortedByIndex<T>(order: readonly T[], items: T[]): T[] {
+	return items.slice().sort((a, b) => compareByIndex(order, a, b))
+}