Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 22 Wiki Activity
334 Commits 23 Branches 22 Tags
05d11975e68ba0e647338e433fa986b1ea211b94
Commit Graph

11 Commits

Author SHA1 Message Date
Gronod
49d66c07ee Update ARCHITECTURE.md, bump version to 1.5.4, add CHANGELOG entry
Some checks failed
CI / Security audit (push) Failing after 23s
Details
Build and Push Docker Image / build (push) Successful in 52s
Details
Docs Check / Markdown lint (push) Successful in 58s
Details
Licence Check / Licence compatibility and copyright header verification (push) Successful in 1m17s
Details
CI / Tests & coverage (push) Successful in 1m36s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m45s
Details
2026-05-19 23:45:37 +01:00
Gronod
3e06bdf8cd Update CHANGELOG.md with 1.5.2 and 1.5.3; update README.md version reference
All checks were successful
Build and Push Docker Image / build (push) Successful in 28s
Details
Create Release / release (push) Successful in 6s
Details
Docs Check / Markdown lint (push) Successful in 56s
Details
Licence Check / Licence compatibility and copyright header verification (push) Successful in 46s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m31s
Details
CI / Security audit (push) Successful in 1m50s
Details
CI / Tests & coverage (push) Successful in 1m55s
Details
2026-05-19 23:11:47 +01:00
Gronod
eeab314a08 chore: bump version to 1.5.1
All checks were successful
Build and Push Docker Image / build (push) Successful in 43s
Details
Create Release / release (push) Successful in 17s
Details
CI / Security audit (push) Successful in 1m24s
Details
CI / Tests & coverage (push) Successful in 1m31s
Details
2026-05-19 19:07:05 +01:00
Gronod
917939a9fc fix(ui): wire status panel close button via addEventListener
Some checks failed
CI / Security audit (push) Failing after 29s
Details
Docs Check / Markdown lint (push) Successful in 47s
Details
Build and Push Docker Image / build (push) Successful in 1m3s
Details
Licence Check / Licence compatibility and copyright header verification (push) Successful in 1m14s
Details
CI / Tests & coverage (push) Successful in 1m39s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m54s
Details 
Inline onclick attribute was silently blocked by the server CSP nonce
policy. Replace with addEventListener after innerHTML is set.

chore: bump version to 1.5.0a
 2026-05-19 18:51:50 +01:00
Gronod
76f0aad453 chore: bump version to 1.5.0
All checks were successful
Build and Push Docker Image / build (push) Successful in 50s
Details
Docs Check / Markdown lint (push) Successful in 41s
Details
CI / Security audit (push) Successful in 1m35s
Details
CI / Tests & coverage (push) Successful in 1m54s
Details
Licence Check / Licence compatibility and copyright header verification (push) Successful in 1m7s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m28s
Details
2026-05-19 18:33:03 +01:00
Gronod
1bef14d590 feat(webhooks): security hardening, tests, full documentation audit & polish (Phase 6)
All checks were successful
Build and Push Docker Image / build (push) Successful in 41s
Details
Docs Check / Markdown lint (push) Successful in 48s
Details
Licence Check / Licence compatibility and copyright header verification (push) Successful in 57s
Details
CI / Security audit (push) Successful in 1m23s
Details
CI / Tests & coverage (push) Successful in 1m36s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m43s
Details
2026-05-19 17:11:45 +01:00
Gronod
cf7008fd54 docs: update documentation for blocklist & search non-admin eligibility
All checks were successful
Build and Push Docker Image / build (push) Successful in 29s
Details
Docs Check / Markdown lint (push) Successful in 50s
Details
CI / Security audit (push) Successful in 1m30s
Details
CI / Tests & coverage (push) Successful in 1m50s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 2m18s
Details 
- CHANGELOG: document button availability changes (all admin downloads, non-admin eligibility)
- README: update blocklist-search endpoint description with non-admin conditions
- ARCHITECTURE.md: update Authorisation Matrix, Download object table (add canBlocklist, addedOn fields), and blocklist-search API reference
 2026-05-18 00:05:31 +01:00
Gronod
aef21d1b50 chore: bump to v1.3.0; update CHANGELOG, README, ARCHITECTURE docs
Some checks failed
Docs Check / Mermaid diagram parse check (push) Failing after 44s
Details
Docs Check / Markdown lint (push) Successful in 1m7s
Details
Build and Push Docker Image / build (push) Successful in 1m15s
Details
Licence Check / Dependency licence compatibility (push) Successful in 1m37s
Details
CI / Security audit (push) Successful in 2m2s
Details
CI / Tests & coverage (push) Successful in 2m27s
Details
2026-05-17 23:29:02 +01:00
Gronod
4c9985e01a chore: bump version to 1.2.2, update CHANGELOG
All checks were successful
Create Release / release (push) Successful in 15s
Details
Build and Push Docker Image / build (push) Successful in 1m12s
Details
CI / Security audit (push) Successful in 2m19s
Details
CI / Tests & coverage (push) Successful in 2m40s
Details
2026-05-17 21:22:02 +01:00
Gronod
6a8ca90fd3 feat: add version footer to dashboard UI (v1.2.1) 
- /health endpoint now includes version field
- Footer displays 'sofarr vX.Y.Z' fetched on page load
- Subtle .app-version styling (smaller, dimmed)
- Bump version to 1.2.1, update CHANGELOG
 2026-05-17 20:34:59 +01:00
Gronod
c0dd93a1ab feat: production hardening v1.2.0
Some checks failed
Build and Push Docker Image / build (push) Successful in 59s
Details
CI / Security audit (push) Successful in 1m5s
Details
CI / Tests & coverage (push) Successful in 1m24s
Details
Docs Check / Markdown lint (push) Failing after 45s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m27s
Details
CI / Security audit (pull_request) Successful in 51s
Details
CI / Tests & coverage (pull_request) Successful in 1m1s
Details
Docs Check / Markdown lint (pull_request) Failing after 39s
Details
Docs Check / Mermaid diagram parse check (pull_request) Successful in 1m12s
Details 
Phase 1 - Licensing & Compliance:
- Add MIT LICENSE file
- Add copyright headers to server/index.js, poller.js, config.js,
  sanitizeError.js, and new loadSecrets.js

Phase 2 - Security Hardening:
- Add server/utils/loadSecrets.js: Docker secrets support via _FILE
  env var pattern (COOKIE_SECRET_FILE, EMBY_API_KEY_FILE, etc.)
- Add SSRF/URL validation in config.js: validates all configured
  service instance URLs for scheme and well-formedness at startup
- Add SIGTERM/SIGINT graceful shutdown: stops poller, drains HTTP
  connections, 10s force-exit fallback
- Warn at startup if COOKIE_SECRET is shorter than 32 characters
- Validate EMBY_URL scheme at startup
- Improve sanitizeError: redact host:port from axios error URLs
  while preserving path/query for other redaction patterns

Phase 3 - Config Robustness:
- Weak COOKIE_SECRET warning (< 32 chars)
- EMBY_URL validated via validateInstanceUrl on startup

Phase 4 - Docker & Deployment:
- .dockerignore: add tests/, coverage/, vitest.config.js,
  CHANGELOG.md, SECURITY.md, LICENSE, .markdownlint.json
- docker-compose.yaml: add commented Option B (Docker secrets
  _FILE pattern) alongside existing plain-env Option A

Phase 5 - Docs & Release Readiness:
- Add CHANGELOG.md with entries from v1.0.0 to v1.2.0
- Update SECURITY.md: supported versions table, fix Docker secrets
  note to reflect _FILE support now implemented
- Add public/.well-known/security.txt for responsible disclosure
- Bump version to 1.2.0
 2026-05-17 19:40:07 +01:00