184 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Gronod	ad024ab87b	ci: exclude main and release/* branches from docs-check and licence-check workflows	2026-05-17 20:20:17 +01:00
Gronod	cc4f420482	ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist	2026-05-17 20:19:19 +01:00
Gronod	c8c46cb9fb	ci: disable MD024 (duplicate headings) — expected in CHANGELOG	2026-05-17 20:10:57 +01:00
Gronod	c0dd93a1ab	feat: production hardening v1.2.0 ... Phase 1 - Licensing & Compliance: - Add MIT LICENSE file - Add copyright headers to server/index.js, poller.js, config.js, sanitizeError.js, and new loadSecrets.js Phase 2 - Security Hardening: - Add server/utils/loadSecrets.js: Docker secrets support via _FILE env var pattern (COOKIE_SECRET_FILE, EMBY_API_KEY_FILE, etc.) - Add SSRF/URL validation in config.js: validates all configured service instance URLs for scheme and well-formedness at startup - Add SIGTERM/SIGINT graceful shutdown: stops poller, drains HTTP connections, 10s force-exit fallback - Warn at startup if COOKIE_SECRET is shorter than 32 characters - Validate EMBY_URL scheme at startup - Improve sanitizeError: redact host:port from axios error URLs while preserving path/query for other redaction patterns Phase 3 - Config Robustness: - Weak COOKIE_SECRET warning (< 32 chars) - EMBY_URL validated via validateInstanceUrl on startup Phase 4 - Docker & Deployment: - .dockerignore: add tests/, coverage/, vitest.config.js, CHANGELOG.md, SECURITY.md, LICENSE, .markdownlint.json - docker-compose.yaml: add commented Option B (Docker secrets _FILE pattern) alongside existing plain-env Option A Phase 5 - Docs & Release Readiness: - Add CHANGELOG.md with entries from v1.0.0 to v1.2.0 - Update SECURITY.md: supported versions table, fix Docker secrets note to reflect _FILE support now implemented - Add public/.well-known/security.txt for responsible disclosure - Bump version to 1.2.0	2026-05-17 19:40:07 +01:00
Gronod	3c4c24d0e4	licence file updated	2026-05-17 19:28:48 +01:00
Gronod	e535da7f91	licence file added	2026-05-17 19:26:25 +01:00
Gronod	fce8a9ece6	ci: trigger docs-check workflow	2026-05-17 18:58:43 +01:00
Gronod	42d01da7f7	ci: fix mermaid parse — use jsdom to provide browser globals required by mermaid.core.mjs	2026-05-17 18:58:43 +01:00
Gronod	43cb3a0d17	ci: trigger docs-check workflow	2026-05-17 18:51:16 +01:00
Gronod	6cf01f5530	ci: fix mermaid parse check — use mermaid.core.mjs (no Puppeteer/Chromium needed)	2026-05-17 18:50:46 +01:00
Gronod	6bf8098265	ci: disable noisy markdownlint rules (table style, blanks, code lang, etc)	2026-05-17 18:40:51 +01:00
Gronod	a42392fec6	ci: trigger docs-check workflow	2026-05-17 18:36:58 +01:00
Gronod	a368636ec4	ci: add separate docs-check workflow for Markdown lint and Mermaid parse validation ... - docs-check.yml runs on push/PR only when .md files change - markdown-lint job: uses markdownlint-cli to check all .md files - mermaid-parse job: extracts all mermaid blocks from .md files and validates each via mmdc (mermaid-js CLI) in headless Chromium - Both jobs use continue-on-error: true so docs failures never block a release or fail the main CI pipeline - .markdownlint.json disables MD013 (line length), MD033 (inline HTML), MD041 (first-line heading) to reduce noise on this repo	2026-05-17 18:36:16 +01:00
Gronod	2cf163dfff	fix: remove double spaces in s8 Mermaid flowchart edge definitions	2026-05-17 18:30:58 +01:00
Gronod	ef89207d9d	fix: remove Unicode arrows and dashes from Mermaid flowchart node labels in s8	2026-05-17 18:28:52 +01:00
Gronod	57bab01855	fix: repair Mermaid diagrams in ARCHITECTURE.md ... Replace \n in stateDiagram transition labels, sequenceDiagram notes, and graph edge labels — these are not valid in those contexts and cause diagrams to fail to render. Also replace Unicode × and → with plain ASCII equivalents to avoid parser issues.	2026-05-17 18:26:19 +01:00
Gronod	2550722446	feat: include version number in server startup message	2026-05-17 17:51:59 +01:00
Gronod	27648c78b3	chore: bump version to 1.1.1	2026-05-17 17:44:01 +01:00
Gronod	fa72cfb5ec	fix: healthcheck respects TLS_ENABLED at runtime ... When TLS_ENABLED=false (e.g. behind a reverse proxy) the healthcheck was still hitting https://localhost which fails on plain HTTP, keeping the container perpetually in 'starting' state on TrueNAS SCALE. Use a shell conditional so the correct protocol is used at runtime: - TLS_ENABLED=false -> wget http://localhost:${PORT}/health - TLS_ENABLED=true (default) -> wget --no-check-certificate https://...	2026-05-17 17:42:55 +01:00
Gronod	e4be334ad4	chore: bump version to 1.1.0	2026-05-17 17:31:26 +01:00
Gronod	bdd78407bb	fix: use --surface for episode tooltip background (--card-bg was undefined)	2026-05-17 17:27:13 +01:00
Gronod	37c8229061	fix: read episodeNumber from nested episode object in Sonarr records ... Sonarr queue and history records do not expose episodeNumber at the top level — it is only present inside the nested episode object (record.episode.episodeNumber). Same for seasonNumber. The original extractEpisode() read record.episodeNumber which was always undefined, so gatherEpisodes() always returned an empty array. Fix: prefer the nested episode object fields, falling back to the top-level fields for forward-compatibility.	2026-05-17 17:19:39 +01:00
Gronod	d1496a76e2	feat: show episode info on download and history cards ... - Add includeEpisode:true to Sonarr queue and history API requests in both the poller and historyFetcher - Add extractEpisode() / gatherEpisodes() helpers in dashboard.js and history.js to build a sorted, deduplicated episodes array covering all records matching a download title (handles multi- episode packs and series packs) - Replace episodeInfo: sonarrMatch with episodes: gatherEpisodes() across all 8 assignment sites in dashboard.js - Add episodes field to /api/history/recent response items - Frontend: formatEpisodeInfo() renders S01E05 for single episodes or 'Multiple episodes' with hover tooltip listing all for packs - CSS: .episode-info and .multi-episode tooltip styles - ARCHITECTURE.md: update polling table and download/history schemas	2026-05-17 17:03:23 +01:00
Gronod	c1fb55c5b8	merge: resolve ARCHITECTURE.md conflict, keep develop version (Mermaid + history docs)	2026-05-17 13:49:50 +01:00
Gronod	742f34f6eb	ci: remove v2-develop branch from build pipeline	2026-05-17 13:25:50 +01:00
Gronod	2b089871a0	design(light-theme): replace purple scheme with logo-aligned teal palette, WCAG AA compliant	2026-05-17 13:12:58 +01:00
Gronod	e8ffd7f7dd	feat(ui): split downloads and history into tabs	2026-05-17 13:09:01 +01:00
Gronod	dd7e3e2a90	fix(history): add tagBadges to history items in showAll mode	2026-05-17 13:05:23 +01:00
Gronod	557137421d	fix(history): reload history when showAll toggle changes	2026-05-17 13:02:15 +01:00
Gronod	71880c6298	ci: add v2-develop branch to build pipeline (tags as sofarr:v2-develop)	2026-05-17 12:50:23 +01:00
Gronod	6b995a136d	chore: remove legacy .env.example (superseded by .env.sample)	2026-05-17 12:06:38 +01:00
Gronod	fa3c625fb8	docs: update ARCHITECTURE.md and README for history feature (v2)	2026-05-17 12:05:53 +01:00
Gronod	57b3254f70	test(history): add unit and integration tests for historyFetcher and /api/history/recent	2026-05-17 12:05:45 +01:00
Gronod	eb321312dc	feat(history): add Recently Completed section to frontend dashboard	2026-05-17 12:05:39 +01:00
Gronod	ddcfbda0c2	feat(history): add /api/history/recent endpoint with Sonarr/Radarr history fetching, tag filtering, and 5-min cache	2026-05-17 12:05:30 +01:00
Gronod	ffd9e84a00	docs: merge Mermaid diagram migration from develop	2026-05-17 12:04:00 +01:00
Gronod	2a674c6bcd	docs: replace ASCII art diagrams with Mermaid (renders natively in Gitea)	2026-05-17 12:03:49 +01:00
Gronod	da0898f52a	feat: native HTTPS support with bundled snakeoil default cert ... server/index.js: - Import http and https modules - Resolve TLS_ENABLED early (before Helmet) so upgradeInsecureRequests CSP directive fires when TLS is active directly (not only via proxy) - loadTlsCredentials() reads TLS_CERT/TLS_KEY (defaulting to bundled snakeoil) and returns null on failure (graceful HTTP fallback) - Start https.createServer or http.createServer depending on credentials - Startup banner now shows protocol, TLS cert path, and snakeoil warning certs/: - Add bundled snakeoil self-signed certificate (RSA 2048, 10yr, SAN for localhost + 127.0.0.1) for out-of-the-box HTTPS without configuration - .gitignore allows only snakeoil.{crt,key} — real certs must not be committed Dockerfile: - COPY certs/ into image so snakeoil default is always available - HEALTHCHECK updated to https:// with --no-check-certificate docker-compose.yaml: - Port now exposes HTTPS directly by default - TLS_CERT/TLS_KEY/TLS_ENABLED/TRUST_PROXY documented with Option A/B - cert volume mount examples added (commented out) - healthcheck updated to https with --no-check-certificate .env.sample: - New TLS/HTTPS section with TLS_ENABLED, TLS_CERT, TLS_KEY - openssl self-signed cert generation example included docs/ARCHITECTURE.md: - Configuration table: TLS_ENABLED, TLS_CERT, TLS_KEY env vars added - Docker image section: TLS default behaviour documented - Docker Compose example: Option A (direct TLS) / Option B (proxy) layout - Security checklist: HTTPS now first item, updated for TLS modes	2026-05-17 10:50:38 +01:00
Gandalf	5d7b126c5e	Diagrams etc. (#5) ... Co-authored-by: Gronod <gordon@i3omb.com> Co-authored-by: gitea-actions[bot] <gitea-actions[bot]@i3omb.com> Reviewed-on: #5	2026-05-17 10:47:50 +01:00
Gronod	224ec33a14	docs: migrate all diagrams from PlantUML to Mermaid ... - Replace section 13 of ARCHITECTURE.md with 9 inline Mermaid diagrams (component, auth sequence, dashboard SSE sequence, polling sequence, server class, data model, UI state, poller state, matching flowchart) - Diagrams render natively in Gitea/GitHub — no CI job required - Delete docs/diagrams/*.puml (all 9 files) - Delete .gitea/workflows/render-diagrams.yml - Update CI/CD table note and ToC entry	2026-05-17 10:37:46 +01:00
gitea-actions[bot]	cc8de12740	ci: render PlantUML diagrams [skip ci]	2026-05-17 09:31:59 +00:00
Gronod	a05aaf8d71	fix(diagrams): replace par/and/end with group in seq-polling ... par keyword is not supported in the PlantUML version on the Gitea runner. Replace with a group block (universally supported) and a spanning note to convey the parallelism.	2026-05-17 10:28:46 +01:00
Gronod	9751dbf98d	docs(diagrams): review + fix all .puml files; touch all to trigger render ... seq-auth: - startAutoRefresh() -> startSSE(), stopAutoRefresh() -> stopSSE() - Cookie secure flag: 'secure (prod)' -> 'secure (if TRUST_PROXY)' component: - Fix typo creatApp -> createApp - Add GET /csrf, POST /logout to browser->auth arrow - Add GET /stream (SSE) to browser->dashboard arrow class-server: - Add subscribers Set, onPollComplete(), offPollComplete() to Poller class class-data: - Add SSE Event /stream shape alongside API Response /user-downloads - Add sser *-- dl relationship state-ui: - Fix invalid multi-line transition labels with raw Unicode arrows (broke PlantUML parser); replace with valid \n escapes on single line seq-dashboard, seq-polling, state-poller, activity-matching: - Whitespace touch to trigger render-diagrams CI workflow	2026-05-17 10:20:52 +01:00
Gandalf	29d7bdb536	Merge pull request 'release/1.0.0' (#4) from release/1.0.0 into main ... Reviewed-on: #4	2026-05-17 10:16:24 +01:00
Gronod	6c847a26d3	merge: fix BOT_TOKEN secret name	2026-05-17 10:12:57 +01:00
Gronod	7b4ba86435	merge: fix BOT_TOKEN secret name	2026-05-17 10:12:53 +01:00
Gronod	28f2aa17d8	ci: rename secret GITEA_TOKEN → BOT_TOKEN (GITEA_ prefix is reserved)	2026-05-17 10:12:51 +01:00
Gronod	aa8a6a49f4	merge: add render-diagrams workflow	2026-05-17 10:10:05 +01:00
Gronod	341c619d3d	merge: add render-diagrams workflow	2026-05-17 10:10:02 +01:00
Gronod	0ffe62e1ca	ci: add render-diagrams workflow (.puml → .png committed back to repo)	2026-05-17 10:09:59 +01:00