Merge branch 'main' of https://git.i3omb.com/Gandalf/sofarr

Merge develop: Add MIT copyright headers
Add MIT copyright headers to all source files
2026-05-19 09:07:59 +01:00 · 2026-05-19 09:07:51 +01:00 · 2026-05-19 09:07:42 +01:00 · 2026-05-18 13:45:03 +01:00 · 2026-05-18 13:39:59 +01:00 · 2026-05-18 08:02:30 +01:00
47 changed files with 98 additions and 13 deletions
@@ -7,16 +7,24 @@ on:
      - "package.json"
      - "package-lock.json"
      - ".gitea/workflows/licence-check.yml"
      - "**/*.js"
      - "**/*.ts"
      - "**/*.jsx"
      - "**/*.tsx"
  pull_request:
    branches: ["**", "!main", "!release/**"]
    paths:
      - "package.json"
      - "package-lock.json"
      - ".gitea/workflows/licence-check.yml"
      - "**/*.js"
      - "**/*.ts"
      - "**/*.jsx"
      - "**/*.tsx"
 jobs:
  licence-check:
-    name: Dependency licence compatibility
+    name: Licence compatibility and copyright header verification
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
@@ -36,3 +44,40 @@ jobs:
            --onlyAllow "MIT;ISC;MIT-0;BSD-2-Clause;BSD-3-Clause;Apache-2.0;CC0-1.0;BlueOak-1.0.0" \
            --excludePrivatePackages \
            && echo "All production dependency licences are compatible with MIT."
      - name: Check copyright headers in source files
        run: |
          #!/bin/bash
          set -e
          # Find all source files, excluding build artifacts and node_modules
          SOURCE_FILES=$(find . -type f \( -name "*.js" -o -name "*.ts" -o -name "*.jsx" -o -name "*.tsx" \) \
            ! -path "./node_modules/*" \
            ! -path "./.git/*" \
            ! -path "./dist/*" \
            ! -path "./build/*" \
            ! -path "./.gitea/*")
          MISSING_HEADER=0
          # Check each file for MIT-compliant copyright header
          while IFS= read -r file; do
            if [ -z "$file" ]; then
              continue
            fi
            # Check if file starts with a copyright header containing: Copyright, year (4 digits), name, and MIT License
            if ! head -n 5 "$file" | grep -qiE "Copyright.*[0-9]{4}.*MIT"; then
              echo "❌ Missing MIT-compliant copyright header in: $file"
              echo "   Required format: // Copyright (c) YYYY Name. MIT License."
              MISSING_HEADER=$((MISSING_HEADER + 1))
            fi
          done <<< "$SOURCE_FILES"
          if [ $MISSING_HEADER -gt 0 ]; then
            echo ""
            echo "⚠️  Found $MISSING_HEADER file(s) with missing or non-compliant copyright headers."
            exit 1
          else
            echo "✅ All source files have MIT-compliant copyright headers."
          fi
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 import { useState, useEffect } from 'react';
 import axios from 'axios';
 import './App.css';
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 import React from 'react'
 import ReactDOM from 'react-dom/client'
 import App from './App.jsx'
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 import { defineConfig } from 'vite'
 import react from '@vitejs/plugin-react'
@@ -161,7 +161,6 @@ sofarr/
 │   └── integration/            # Supertest integration tests (nock for external HTTP)
 ├── docs/
 │   ├── ARCHITECTURE.md         # This document
 │   └── diagrams/               # PlantUML source files
 ├── .gitea/workflows/
 │   ├── ci.yml                  # Security audit + test/coverage CI jobs
 │   ├── build-image.yml         # Docker image build and push
@@ -901,21 +900,23 @@ volumes:
 ### CI / CD
-The `.gitea/workflows/` directory contains three pipeline definitions:
+The `.gitea/workflows/` directory contains five pipeline definitions:
 | File | Trigger | Purpose |
 |------|---------|--------|
-| `ci.yml` | Every push / PR | Security audit (`npm audit --audit-level=high`) + tests with V8 coverage |
+| `ci.yml` | Every push / PR (all branches) | Security audit (`npm audit --audit-level=high`) + tests with V8 coverage |
-| `build-image.yml` | Push to `main` / `develop` | Build and push Docker image to `docker.i3omb.com` |
+| `build-image.yml` | Push to `release/**` or `develop` | Build and push Docker image to `reg.i3omb.com`. `release/**` pushes versioned + `latest` tags; `develop` pushes a `:develop` tag. |
-| `create-release.yml` | Tag push (`v*`) | Create a Gitea release |
+| `create-release.yml` | Tag push (`v*`) | Generate release notes from git log and create a Gitea release |
 | `docs-check.yml` | Push / PR touching `**.md` (non-main / non-release branches) | Markdown lint + Mermaid diagram parse validation |
 | `licence-check.yml` | Push / PR touching `package.json` or `package-lock.json` | Verify all production dependency licences are compatible with MIT |
-> **Diagrams** are written in Mermaid and render natively in Gitea — no CI workflow required. See [Section 13](#13-diagrams).
+> **Diagrams** are written in Mermaid and render natively in Gitea — no separate diagram files or CI render step required. See [Section 13](#13-diagrams).
 ---
 ## 13. Diagrams
-All diagrams are written in [Mermaid](https://mermaid.js.org/) and render natively in Gitea and GitHub markdown.
+All diagrams are written in [Mermaid](https://mermaid.js.org/) and render natively in Gitea and GitHub markdown. No external tooling or PNG exports are required — the source is the diagram.
 ### 13.1 Component Diagram
@@ -1302,6 +1303,13 @@ classDiagram
        +availability string
        +hash string
        +completedAt string
        +canBlocklist boolean
        +addedOn number
        +arrQueueId number
        +arrType string
        +arrInstanceUrl string
        +arrContentId number
        +arrContentType string
    }
    class TagBadge {
        +label string
@@ -1346,6 +1354,7 @@ classDiagram
        +num_seeds number
        +num_leechs number
        +availability number
        +added_on number
    }
    class SonarrQueueRecord {
        +seriesId number
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 let currentUser = null;
 let downloads = [];
 let isAdmin = false;
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Express application factory — imported by both server/index.js (production)
 * and the test suite. Keeping app creation separate from app.listen() means
@@ -1,4 +1,4 @@
-// Copyright (c) 2025 Gordon Bolton. MIT License.
+// Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const path = require('path');
 const cookieParser = require('cookie-parser');
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 function requireAuth(req, res, next) {
  const signed = !!process.env.COOKIE_SECRET;
  const raw = signed ? req.signedCookies.emby_user : req.cookies.emby_user;
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * CSRF protection using the double-submit cookie pattern.
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const axios = require('axios');
 const crypto = require('crypto');
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const router = express.Router();
 const requireAuth = require('../middleware/requireAuth');
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const axios = require('axios');
 const router = express.Router();
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const router = express.Router();
 const axios = require('axios');
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const axios = require('axios');
 const router = express.Router();
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const axios = require('axios');
 const router = express.Router();
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const express = require('express');
 const axios = require('axios');
 const router = express.Router();
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const { logToFile } = require('./logger');
 class MemoryCache {
@@ -1,4 +1,4 @@
-// Copyright (c) 2025 Gordon Bolton. MIT License.
+// Copyright (c) 2026 Gordon Bolton. MIT License.
 const { logToFile } = require('./logger');
 // Validate that a configured service URL is well-formed and uses http(s).
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const axios = require('axios');
 const cache = require('./cache');
 const { getSonarrInstances, getRadarrInstances } = require('./config');
@@ -1,4 +1,4 @@
-// Copyright (c) 2025 Gordon Bolton. MIT License.
+// Copyright (c) 2026 Gordon Bolton. MIT License.
 //
 // Docker secrets support: if an environment variable named FOO_FILE is set,
 // read its contents from the file at that path and expose it as FOO.
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const fs = require('fs');
 const path = require('path');
@@ -1,4 +1,4 @@
-// Copyright (c) 2025 Gordon Bolton. MIT License.
+// Copyright (c) 2026 Gordon Bolton. MIT License.
 const axios = require('axios');
 const cache = require('./cache');
 const { getTorrents } = require('./qbittorrent');
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 const axios = require('axios');
 const { logToFile } = require('./logger');
 const { getQbittorrentInstances } = require('./config');
@@ -1,4 +1,4 @@
-// Copyright (c) 2025 Gordon Bolton. MIT License.
+// Copyright (c) 2026 Gordon Bolton. MIT License.
 // Query-param secrets (SABnzbd apikey, generic token/password params)
 const QUERY_SECRET_PATTERN = /([?&](?:apikey|token|password|api_key|key|secret)=)[^&\s#]*/gi;
 // HTTP auth header values (X-Api-Key, X-MediaBrowser-Token, Authorization, X-Emby-Authorization)
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Persistent token store backed by a JSON file.
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Integration tests for authentication routes.
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Integration tests for health and readiness endpoints.
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Integration tests for GET /api/history/recent
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 import { vi, beforeEach, afterEach } from 'vitest';
 import os from 'os';
 import path from 'path';
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Tests for server/utils/config.js
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Unit tests for server/utils/historyFetcher.js
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Tests for server/utils/qbittorrent.js pure utility functions.
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Tests for server/middleware/requireAuth.js
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Tests for server/utils/sanitizeError.js
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Tests for server/utils/tokenStore.js
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 /**
 * Tests for server/middleware/verifyCsrf.js
 *
@@ -1,3 +1,4 @@
 // Copyright (c) 2026 Gordon Bolton. MIT License.
 import { defineConfig } from 'vitest/config';
 export default defineConfig({
Author	SHA1	Message	Date
gronod	ae9e877445	Merge branch 'main' of https://git.i3omb.com/Gandalf/sofarr Create Release / release (push) Successful in 30s Details CI / Security audit (push) Successful in 1m38s Details CI / Tests & coverage (push) Successful in 1m52s Details	2026-05-19 09:07:59 +01:00
gronod	853b205c46	Merge develop: Add MIT copyright headers	2026-05-19 09:07:51 +01:00
gronod	8c4cc20551	Add MIT copyright headers to all source files Build and Push Docker Image / build (push) Successful in 48s Details Licence Check / Licence compatibility and copyright header verification (push) Successful in 1m21s Details CI / Security audit (push) Successful in 1m47s Details CI / Tests & coverage (push) Successful in 2m1s Details	2026-05-19 09:07:42 +01:00
Gandalf	da77f083fe	Merge pull request 'Update .gitea/workflows/licence-check.yml' (#17 ) from develop-workflow into develop Build and Push Docker Image / build (push) Successful in 40s Details Licence Check / Licence compatibility and copyright header verification (push) Failing after 54s Details CI / Security audit (push) Successful in 1m25s Details CI / Tests & coverage (push) Successful in 1m39s Details Reviewed-on: #17	2026-05-18 13:45:03 +01:00
Gandalf	71feaf0175	Update .gitea/workflows/licence-check.yml Licence Check / Licence compatibility and copyright header verification (push) Failing after 56s Details CI / Security audit (push) Successful in 1m7s Details CI / Tests & coverage (push) Successful in 1m18s Details Licence Check / Licence compatibility and copyright header verification (pull_request) Failing after 39s Details CI / Security audit (pull_request) Successful in 1m13s Details CI / Tests & coverage (pull_request) Successful in 1m23s Details	2026-05-18 13:39:59 +01:00
Gandalf	65b9f0f395	Merge pull request 'fix: documentation update' (#15 ) from develop into main Build and Push Docker Image / build (push) Successful in 35s Details CI / Security audit (push) Successful in 47s Details CI / Tests & coverage (push) Successful in 54s Details Reviewed-on: #15	2026-05-18 08:02:30 +01:00
Gandalf	b41f943407	fix: Remove reference to PlantUML diagrams Build and Push Docker Image / build (push) Successful in 1m3s Details CI / Security audit (pull_request) Successful in 1m31s Details CI / Tests & coverage (pull_request) Successful in 1m39s Details Docs Check / Markdown lint (push) Failing after 18s Details CI / Tests & coverage (push) Has been cancelled Details CI / Security audit (push) Has been cancelled Details Docs Check / Mermaid diagram parse check (push) Successful in 1m48s Details	2026-05-18 07:47:56 +01:00
gronod	9debd77392	docs: update ARCHITECTURE.md - fix CI/CD table, remove stale diagram refs, update data models Build and Push Docker Image / build (push) Successful in 45s Details Docs Check / Markdown lint (push) Successful in 1m2s Details CI / Security audit (push) Successful in 1m25s Details CI / Tests & coverage (push) Successful in 1m41s Details Docs Check / Mermaid diagram parse check (push) Successful in 1m48s Details - CI/CD table: add docs-check.yml and licence-check.yml, correct build-image.yml trigger (release/** + develop, not main) - Section 13 intro: clarify no PNG exports or external tooling required - Download class diagram: add canBlocklist, addedOn, arrQueueId, arrType, arrInstanceUrl, arrContentId, arrContentType fields - qBittorrentTorrent class diagram: add added_on field - Remove docs/diagrams/ directory (PNG exports superseded by embedded Mermaid)	2026-05-18 07:44:41 +01:00