2d5958006c
Merge pull request 'release/v1.2.0' ( #14 ) from release/v1.2.0 into develop
...
Build and Push Docker Image / build (push) Has been cancelled
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
Reviewed-on: #14
2026-05-17 20:28:15 +01:00
cb0e61ea36
Merge branch 'release/v1.2.0' of https://git.i3omb.com/Gandalf/sofarr into release/v1.2.0
Build and Push Docker Image / build (push) Successful in 31s
CI / Security audit (push) Successful in 1m10s
CI / Tests & coverage (push) Successful in 1m4s
Create Release / release (push) Successful in 24s
CI / Security audit (pull_request) Successful in 53s
CI / Tests & coverage (pull_request) Successful in 1m12s
2026-05-17 20:24:40 +01:00
bd3b28921d
release: sync release/v1.2.0 with main
2026-05-17 20:24:31 +01:00
1d9e86760b
merge: sync main with remote
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
2026-05-17 20:24:28 +01:00
ae3bf70008
merge: sync main with develop (licence-check workflow, branch exclusions)
2026-05-17 20:24:09 +01:00
fb719141fa
ci: exclude main and release/* branches from docs-check and licence-check workflows
Build and Push Docker Image / build (push) Has been cancelled
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
2026-05-17 20:23:47 +01:00
e45c566fd7
ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist
2026-05-17 20:23:47 +01:00
81d3e0045f
ci: exclude main and release/* branches from docs-check and licence-check workflows
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
CI / Security audit (pull_request) Successful in 1m6s
CI / Tests & coverage (pull_request) Successful in 1m19s
2026-05-17 20:22:59 +01:00
1f3b2adbfe
ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist
2026-05-17 20:22:59 +01:00
5b84e091b0
release: sync release/v1.2.0 with main (CI workflow updates)
Build and Push Docker Image / build (push) Has been cancelled
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
Create Release / release (push) Has been cancelled
2026-05-17 20:21:29 +01:00
ad024ab87b
ci: exclude main and release/* branches from docs-check and licence-check workflows
Build and Push Docker Image / build (push) Successful in 37s
CI / Security audit (push) Successful in 1m5s
CI / Tests & coverage (push) Successful in 1m12s
Docs Check / Markdown lint (push) Successful in 30s
Docs Check / Mermaid diagram parse check (push) Successful in 1m32s
Licence Check / Dependency licence compatibility (push) Successful in 59s
CI / Security audit (pull_request) Successful in 1m5s
CI / Tests & coverage (pull_request) Successful in 1m10s
2026-05-17 20:20:17 +01:00
cc4f420482
ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist
Build and Push Docker Image / build (push) Has been cancelled
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
Licence Check / Dependency licence compatibility (push) Has been cancelled
2026-05-17 20:19:19 +01:00
a435c506f7
ci: disable MD024 (duplicate headings) — expected in CHANGELOG
CI / Security audit (push) Successful in 1m4s
CI / Tests & coverage (push) Successful in 1m13s
2026-05-17 20:12:39 +01:00
c8c46cb9fb
ci: disable MD024 (duplicate headings) — expected in CHANGELOG
Build and Push Docker Image / build (push) Successful in 42s
CI / Security audit (push) Successful in 1m3s
CI / Tests & coverage (push) Successful in 1m27s
CI / Security audit (pull_request) Successful in 1m18s
CI / Tests & coverage (pull_request) Successful in 1m3s
2026-05-17 20:10:57 +01:00
0354531e95
Merge pull request 'feat: production hardening — LICENSE, Docker secrets (_FILE), graceful shutdown, URL validation, CHANGELOG (v1.2.0)' ( #9 ) from develop into main
...
Build and Push Docker Image / build (push) Successful in 43s
CI / Security audit (push) Successful in 56s
CI / Tests & coverage (push) Successful in 1m28s
Create Release / release (push) Successful in 23s
Docs Check / Markdown lint (push) Failing after 38s
Docs Check / Mermaid diagram parse check (push) Successful in 1m21s
Reviewed-on: #9
2026-05-17 19:44:07 +01:00
c0dd93a1ab
feat: production hardening v1.2.0
...
Build and Push Docker Image / build (push) Successful in 59s
CI / Security audit (push) Successful in 1m5s
CI / Tests & coverage (push) Successful in 1m24s
Docs Check / Markdown lint (push) Failing after 45s
Docs Check / Mermaid diagram parse check (push) Successful in 1m27s
CI / Security audit (pull_request) Successful in 51s
CI / Tests & coverage (pull_request) Successful in 1m1s
Docs Check / Markdown lint (pull_request) Failing after 39s
Docs Check / Mermaid diagram parse check (pull_request) Successful in 1m12s
Phase 1 - Licensing & Compliance:
- Add MIT LICENSE file
- Add copyright headers to server/index.js, poller.js, config.js,
sanitizeError.js, and new loadSecrets.js
Phase 2 - Security Hardening:
- Add server/utils/loadSecrets.js: Docker secrets support via _FILE
env var pattern (COOKIE_SECRET_FILE, EMBY_API_KEY_FILE, etc.)
- Add SSRF/URL validation in config.js: validates all configured
service instance URLs for scheme and well-formedness at startup
- Add SIGTERM/SIGINT graceful shutdown: stops poller, drains HTTP
connections, 10s force-exit fallback
- Warn at startup if COOKIE_SECRET is shorter than 32 characters
- Validate EMBY_URL scheme at startup
- Improve sanitizeError: redact host:port from axios error URLs
while preserving path/query for other redaction patterns
Phase 3 - Config Robustness:
- Weak COOKIE_SECRET warning (< 32 chars)
- EMBY_URL validated via validateInstanceUrl on startup
Phase 4 - Docker & Deployment:
- .dockerignore: add tests/, coverage/, vitest.config.js,
CHANGELOG.md, SECURITY.md, LICENSE, .markdownlint.json
- docker-compose.yaml: add commented Option B (Docker secrets
_FILE pattern) alongside existing plain-env Option A
Phase 5 - Docs & Release Readiness:
- Add CHANGELOG.md with entries from v1.0.0 to v1.2.0
- Update SECURITY.md: supported versions table, fix Docker secrets
note to reflect _FILE support now implemented
- Add public/.well-known/security.txt for responsible disclosure
- Bump version to 1.2.0
2026-05-17 19:40:07 +01:00
3c4c24d0e4
licence file updated
Build and Push Docker Image / build (push) Successful in 34s
CI / Security audit (push) Successful in 56s
CI / Tests & coverage (push) Successful in 1m11s
2026-05-17 19:28:48 +01:00
e535da7f91
licence file added
Build and Push Docker Image / build (push) Successful in 24s
CI / Security audit (push) Successful in 43s
CI / Tests & coverage (push) Successful in 1m9s
2026-05-17 19:26:25 +01:00
b2d941a767
Merge pull request 'ci: add docs-check workflow with Markdown lint and Mermaid diagram parse validation' ( #8 ) from develop into main
...
CI / Security audit (push) Successful in 54s
CI / Tests & coverage (push) Successful in 1m19s
Docs Check / Markdown lint (push) Successful in 50s
Docs Check / Mermaid diagram parse check (push) Successful in 1m33s
Reviewed-on: #8
2026-05-17 19:03:34 +01:00
fce8a9ece6
ci: trigger docs-check workflow
Build and Push Docker Image / build (push) Successful in 34s
CI / Security audit (push) Successful in 1m11s
CI / Tests & coverage (push) Successful in 1m9s
Docs Check / Markdown lint (push) Successful in 41s
Docs Check / Mermaid diagram parse check (push) Successful in 1m35s
CI / Security audit (pull_request) Successful in 1m17s
CI / Tests & coverage (pull_request) Successful in 1m29s
Docs Check / Markdown lint (pull_request) Successful in 49s
Docs Check / Mermaid diagram parse check (pull_request) Successful in 1m46s
2026-05-17 18:58:43 +01:00
42d01da7f7
ci: fix mermaid parse — use jsdom to provide browser globals required by mermaid.core.mjs
2026-05-17 18:58:43 +01:00
43cb3a0d17
ci: trigger docs-check workflow
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
Docs Check / Markdown lint (push) Successful in 34s
Docs Check / Mermaid diagram parse check (push) Failing after 47s
2026-05-17 18:51:16 +01:00
6cf01f5530
ci: fix mermaid parse check — use mermaid.core.mjs (no Puppeteer/Chromium needed)
CI / Security audit (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
Docs Check / Markdown lint (push) Has been cancelled
Docs Check / Mermaid diagram parse check (push) Has been cancelled
2026-05-17 18:50:46 +01:00
6bf8098265
ci: disable noisy markdownlint rules (table style, blanks, code lang, etc)
Build and Push Docker Image / build (push) Successful in 42s
CI / Security audit (push) Successful in 54s
CI / Tests & coverage (push) Successful in 55s
2026-05-17 18:40:51 +01:00
a42392fec6
ci: trigger docs-check workflow
Build and Push Docker Image / build (push) Successful in 34s
CI / Tests & coverage (push) Has been cancelled
CI / Security audit (push) Has been cancelled
Docs Check / Markdown lint (push) Failing after 31s
Docs Check / Mermaid diagram parse check (push) Failing after 2m38s
2026-05-17 18:36:58 +01:00
a368636ec4
ci: add separate docs-check workflow for Markdown lint and Mermaid parse validation
...
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
Docs Check / Markdown lint (push) Has been cancelled
Docs Check / Mermaid diagram parse check (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
- docs-check.yml runs on push/PR only when .md files change
- markdown-lint job: uses markdownlint-cli to check all .md files
- mermaid-parse job: extracts all mermaid blocks from .md files and
validates each via mmdc (mermaid-js CLI) in headless Chromium
- Both jobs use continue-on-error: true so docs failures never block
a release or fail the main CI pipeline
- .markdownlint.json disables MD013 (line length), MD033 (inline HTML),
MD041 (first-line heading) to reduce noise on this repo
2026-05-17 18:36:16 +01:00
f23117ff7a
merge: fix s8 Mermaid double-space parse error
CI / Security audit (push) Successful in 1m6s
CI / Tests & coverage (push) Successful in 1m8s
2026-05-17 18:31:00 +01:00
2cf163dfff
fix: remove double spaces in s8 Mermaid flowchart edge definitions
Build and Push Docker Image / build (push) Successful in 39s
CI / Security audit (push) Successful in 1m17s
CI / Tests & coverage (push) Successful in 1m23s
2026-05-17 18:30:58 +01:00
6ff97ed246
merge: fix Mermaid s8 flowchart Unicode characters
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
2026-05-17 18:28:54 +01:00
ef89207d9d
fix: remove Unicode arrows and dashes from Mermaid flowchart node labels in s8
Build and Push Docker Image / build (push) Successful in 29s
CI / Security audit (push) Successful in 1m11s
CI / Tests & coverage (push) Has been cancelled
2026-05-17 18:28:52 +01:00
fa5805c6a4
merge: develop into main (fix Mermaid diagram rendering)
CI / Security audit (push) Has been cancelled
CI / Tests & coverage (push) Has been cancelled
2026-05-17 18:26:32 +01:00
57bab01855
fix: repair Mermaid diagrams in ARCHITECTURE.md
...
Build and Push Docker Image / build (push) Successful in 33s
CI / Security audit (push) Successful in 48s
CI / Tests & coverage (push) Has been cancelled
Replace \n in stateDiagram transition labels, sequenceDiagram notes,
and graph edge labels — these are not valid in those contexts and
cause diagrams to fail to render. Also replace Unicode × and → with
plain ASCII equivalents to avoid parser issues.
2026-05-17 18:26:19 +01:00
0e22c5af15
merge: develop into main for v1.1.2 release
Build and Push Docker Image / build (push) Successful in 35s
CI / Security audit (push) Successful in 1m11s
CI / Tests & coverage (push) Successful in 52s
Create Release / release (push) Successful in 20s
2026-05-17 17:52:08 +01:00
2550722446
feat: include version number in server startup message
Build and Push Docker Image / build (push) Successful in 55s
CI / Security audit (push) Successful in 1m14s
CI / Tests & coverage (push) Successful in 1m31s
2026-05-17 17:51:59 +01:00
716d98e531
merge: develop into main for v1.1.1 release
Build and Push Docker Image / build (push) Successful in 42s
CI / Security audit (push) Successful in 1m20s
CI / Tests & coverage (push) Successful in 1m18s
Create Release / release (push) Successful in 30s
2026-05-17 17:44:09 +01:00
27648c78b3
chore: bump version to 1.1.1
Build and Push Docker Image / build (push) Successful in 32s
CI / Security audit (push) Successful in 52s
CI / Tests & coverage (push) Successful in 1m9s
2026-05-17 17:44:01 +01:00
fa72cfb5ec
fix: healthcheck respects TLS_ENABLED at runtime
...
Build and Push Docker Image / build (push) Successful in 30s
CI / Tests & coverage (push) Has been cancelled
CI / Security audit (push) Has been cancelled
When TLS_ENABLED=false (e.g. behind a reverse proxy) the healthcheck
was still hitting https://localhost which fails on plain HTTP, keeping
the container perpetually in 'starting' state on TrueNAS SCALE.
Use a shell conditional so the correct protocol is used at runtime:
- TLS_ENABLED=false -> wget http://localhost:${PORT}/health
- TLS_ENABLED=true (default) -> wget --no-check-certificate https://...
2026-05-17 17:42:55 +01:00
b3edd442f5
merge: develop into main for v1.1.0 release
Build and Push Docker Image / build (push) Successful in 28s
CI / Security audit (push) Successful in 41s
CI / Tests & coverage (push) Successful in 44s
Create Release / release (push) Successful in 21s
2026-05-17 17:31:47 +01:00
e4be334ad4
chore: bump version to 1.1.0
Build and Push Docker Image / build (push) Successful in 28s
CI / Security audit (push) Successful in 31s
CI / Tests & coverage (push) Successful in 1m15s
2026-05-17 17:31:26 +01:00
bdd78407bb
fix: use --surface for episode tooltip background (--card-bg was undefined)
Build and Push Docker Image / build (push) Successful in 44s
CI / Security audit (push) Successful in 1m6s
CI / Tests & coverage (push) Successful in 1m27s
2026-05-17 17:27:13 +01:00
37c8229061
fix: read episodeNumber from nested episode object in Sonarr records
...
Build and Push Docker Image / build (push) Successful in 25s
CI / Security audit (push) Successful in 45s
CI / Tests & coverage (push) Successful in 1m9s
Sonarr queue and history records do not expose episodeNumber at the
top level — it is only present inside the nested episode object
(record.episode.episodeNumber). Same for seasonNumber. The original
extractEpisode() read record.episodeNumber which was always undefined,
so gatherEpisodes() always returned an empty array.
Fix: prefer the nested episode object fields, falling back to the
top-level fields for forward-compatibility.
2026-05-17 17:19:39 +01:00
d1496a76e2
feat: show episode info on download and history cards
...
Build and Push Docker Image / build (push) Successful in 37s
CI / Security audit (push) Successful in 59s
CI / Tests & coverage (push) Successful in 54s
- Add includeEpisode:true to Sonarr queue and history API requests
in both the poller and historyFetcher
- Add extractEpisode() / gatherEpisodes() helpers in dashboard.js
and history.js to build a sorted, deduplicated episodes array
covering all records matching a download title (handles multi-
episode packs and series packs)
- Replace episodeInfo: sonarrMatch with episodes: gatherEpisodes()
across all 8 assignment sites in dashboard.js
- Add episodes field to /api/history/recent response items
- Frontend: formatEpisodeInfo() renders S01E05 for single episodes
or 'Multiple episodes' with hover tooltip listing all for packs
- CSS: .episode-info and .multi-episode tooltip styles
- ARCHITECTURE.md: update polling table and download/history schemas
2026-05-17 17:03:23 +01:00
80d43fbaa8
Merge pull request 'feat: Recently Completed downloads history, tab UI, and light theme refresh' ( #7 ) from develop into main
...
CI / Security audit (push) Successful in 39s
CI / Tests & coverage (push) Successful in 43s
Reviewed-on: #7
2026-05-17 13:55:07 +01:00
c1fb55c5b8
merge: resolve ARCHITECTURE.md conflict, keep develop version (Mermaid + history docs)
CI / Security audit (pull_request) Successful in 44s
CI / Tests & coverage (pull_request) Successful in 47s
Build and Push Docker Image / build (push) Successful in 24s
CI / Security audit (push) Successful in 43s
CI / Tests & coverage (push) Successful in 45s
2026-05-17 13:49:50 +01:00
742f34f6eb
ci: remove v2-develop branch from build pipeline
Build and Push Docker Image / build (push) Successful in 20s
CI / Security audit (push) Successful in 37s
CI / Tests & coverage (push) Successful in 41s
CI / Security audit (pull_request) Successful in 34s
CI / Tests & coverage (pull_request) Successful in 39s
2026-05-17 13:25:50 +01:00
2b089871a0
design(light-theme): replace purple scheme with logo-aligned teal palette, WCAG AA compliant
Build and Push Docker Image / build (push) Successful in 21s
CI / Security audit (push) Successful in 39s
CI / Tests & coverage (push) Successful in 42s
2026-05-17 13:12:58 +01:00
e8ffd7f7dd
feat(ui): split downloads and history into tabs
2026-05-17 13:09:01 +01:00
dd7e3e2a90
fix(history): add tagBadges to history items in showAll mode
2026-05-17 13:05:23 +01:00
557137421d
fix(history): reload history when showAll toggle changes
2026-05-17 13:02:15 +01:00
71880c6298
ci: add v2-develop branch to build pipeline (tags as sofarr:v2-develop)
Build and Push Docker Image / build (push) Successful in 22s
CI / Security audit (push) Successful in 38s
CI / Tests & coverage (push) Successful in 39s
2026-05-17 12:50:23 +01:00
