15 Releases 15 Tags

RSS Feed

• v1.3.1 20dfe06866

  Compare

  sofarr v1.3.1 Stable

  gronod released this 2026-05-18 06:42:06 +01:00 | 3 commits to main since this release

  sofarr v1.3.1

  Docker

  docker pull docker.i3omb.com/sofarr:1.3.1
  

  Changes

  • Merge branch 'develop'
  • chore: bump version to 1.3.1 (point release)
  • chore: bump version to 1.4.0
  • chore: sync package-lock.json version to 1.3.0
  • docs: update documentation for blocklist & search non-admin eligibility
  • feat: allow non-admin users to blocklist & search under specific conditions
  • feat: show blocklist & search button on all admin downloads (not just import-pending)
  • release: v1.3.0
  • chore: bump to v1.3.0; update CHANGELOG, README, ARCHITECTURE docs
  • fix: thread arr action fields through SSE handler; align import-issue tooltip with themed CSS pattern
  • feat: blocklist & search button for import-pending downloads with caution
  • fix: title link wired via JS goHome() — switches to downloads, closes status, resets showAll
  • fix: title click switches to downloads tab and closes status panel (no page reload)
  • fix: title logo links to /, version footer links to repo
  • fix: use data-tooltip CSS popup for hide-upgrade-failures checkbox, matching episode tooltip style
  • feat: add 'Hide upgrade failures' checkbox to history controls
  • feat: render availableForUpgrade badge on failed history items where episode/movie is already on disk
  • feat: deduplicate history — suppress failed records superseded by successful import, flag failed+hasFile as availableForUpgrade

  Downloads

  • Source (tar.gz): sofarr-v1.3.1.tar.gz
  • Source (zip): sofarr-v1.3.1.zip
  • Docker image: docker.i3omb.com/sofarr:1.3.1

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.2.2 4c9985e01a

  Compare

  sofarr v1.2.2 Stable

  gronod released this 2026-05-17 21:22:05 +01:00 | 21 commits to main since this release

  sofarr v1.2.2

  Docker

  docker pull docker.i3omb.com/sofarr:1.2.2
  

  Changes

  • chore: bump version to 1.2.2, update CHANGELOG
  • fix: correct width typo 56x -> 56px
  • fix: Reduced size of logo to 56px for better balance
  • Increased size of logo to 64px for better balance
  • fix: increase header logo to 40px, use 192px source for crispness
  • feat: use favicon-192 for header logo, scale to 28px for visual parity with title text
  • feat: add logo to header title link

  Downloads

  • Source (tar.gz): sofarr-v1.2.2.tar.gz
  • Source (zip): sofarr-v1.2.2.zip
  • Docker image: docker.i3omb.com/sofarr:1.2.2

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.2.1 205d95e232

  Compare

  sofarr v1.2.1 Stable

  Gandalf released this 2026-05-17 20:55:17 +01:00 | 27 commits to main since this release

  sofarr v1.2.1

  Docker

  docker pull docker.i3omb.com/sofarr:1.2.1
  

  Changes

  • release: sync release/v1.2.1 with main
  • merge: develop -> main (title repo link)
  • feat: link sofarr title to repo
  • merge: develop -> main for v1.2.1 (version footer)
  • Merge branch 'develop' of https://git.i3omb.com/Gandalf/sofarr into develop
  • feat: add version footer to dashboard UI (v1.2.1)
  • Merge pull request 'release/v1.2.0' (#14) from release/v1.2.0 into develop
  • Merge pull request 'release/v1.2.0' (#13) from release/v1.2.0 into main

  Downloads

  • Source (tar.gz): sofarr-v1.2.1.tar.gz
  • Source (zip): sofarr-v1.2.1.zip
  • Docker image: docker.i3omb.com/sofarr:1.2.1

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.2.0 cb0e61ea36

  Compare

  sofarr v1.2.0 Stable

  Gandalf released this 2026-05-17 20:25:15 +01:00 | 35 commits to main since this release

  sofarr v1.2.0

  Docker

  docker pull docker.i3omb.com/sofarr:1.2.0
  

  Changes

  • Merge branch 'release/v1.2.0' of https://git.i3omb.com/Gandalf/sofarr into release/v1.2.0
  • release: sync release/v1.2.0 with main
  • merge: sync main with remote
  • merge: sync main with develop (licence-check workflow, branch exclusions)
  • ci: exclude main and release/* branches from docs-check and licence-check workflows
  • ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist
  • ci: exclude main and release/* branches from docs-check and licence-check workflows
  • ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist
  • release: sync release/v1.2.0 with main (CI workflow updates)
  • ci: exclude main and release/* branches from docs-check and licence-check workflows
  • ci: add licence-check workflow — validates production dep licences against MIT-compatible allowlist
  • ci: disable MD024 (duplicate headings) — expected in CHANGELOG
  • ci: disable MD024 (duplicate headings) — expected in CHANGELOG
  • Merge pull request 'feat: production hardening — LICENSE, Docker secrets (_FILE), graceful shutdown, URL validation, CHANGELOG (v1.2.0)' (#9) from develop into main
  • feat: production hardening v1.2.0
  • licence file updated
  • licence file added
  • Merge pull request 'ci: add docs-check workflow with Markdown lint and Mermaid diagram parse validation' (#8) from develop into main
  • ci: trigger docs-check workflow
  • ci: fix mermaid parse — use jsdom to provide browser globals required by mermaid.core.mjs
  • ci: trigger docs-check workflow
  • ci: fix mermaid parse check — use mermaid.core.mjs (no Puppeteer/Chromium needed)
  • ci: disable noisy markdownlint rules (table style, blanks, code lang, etc)
  • ci: trigger docs-check workflow
  • ci: add separate docs-check workflow for Markdown lint and Mermaid parse validation
  • merge: fix s8 Mermaid double-space parse error
  • fix: remove double spaces in s8 Mermaid flowchart edge definitions
  • merge: fix Mermaid s8 flowchart Unicode characters
  • fix: remove Unicode arrows and dashes from Mermaid flowchart node labels in s8
  • merge: develop into main (fix Mermaid diagram rendering)
  • fix: repair Mermaid diagrams in ARCHITECTURE.md

  Downloads

  • Source (tar.gz): sofarr-v1.2.0.tar.gz
  • Source (zip): sofarr-v1.2.0.zip
  • Docker image: docker.i3omb.com/sofarr:1.2.0

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.1.2 0e22c5af15

  Compare

  sofarr v1.1.2 Stable

  gronod released this 2026-05-17 17:52:20 +01:00 | 66 commits to main since this release

  sofarr v1.1.2

  Docker

  docker pull docker.i3omb.com/sofarr:1.1.2
  

  Changes

  • merge: develop into main for v1.1.2 release
  • feat: include version number in server startup message

  Downloads

  • Source (tar.gz): sofarr-v1.1.2.tar.gz
  • Source (zip): sofarr-v1.1.2.zip
  • Docker image: docker.i3omb.com/sofarr:1.1.2

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.1.1 716d98e531

  Compare

  sofarr v1.1.1 Stable

  gronod released this 2026-05-17 17:44:18 +01:00 | 68 commits to main since this release

  sofarr v1.1.1

  Docker

  docker pull docker.i3omb.com/sofarr:1.1.1
  

  Changes

  • merge: develop into main for v1.1.1 release
  • chore: bump version to 1.1.1
  • fix: healthcheck respects TLS_ENABLED at runtime
  • merge: develop into main for v1.1.0 release
  • chore: bump version to 1.1.0
  • fix: use --surface for episode tooltip background (--card-bg was undefined)
  • fix: read episodeNumber from nested episode object in Sonarr records
  • feat: show episode info on download and history cards
  • Merge pull request 'feat: Recently Completed downloads history, tab UI, and light theme refresh' (#7) from develop into main
  • merge: resolve ARCHITECTURE.md conflict, keep develop version (Mermaid + history docs)
  • ci: remove v2-develop branch from build pipeline
  • design(light-theme): replace purple scheme with logo-aligned teal palette, WCAG AA compliant
  • feat(ui): split downloads and history into tabs
  • fix(history): add tagBadges to history items in showAll mode
  • fix(history): reload history when showAll toggle changes
  • ci: add v2-develop branch to build pipeline (tags as sofarr:v2-develop)
  • chore: remove legacy .env.example (superseded by .env.sample)
  • docs: update ARCHITECTURE.md and README for history feature (v2)
  • test(history): add unit and integration tests for historyFetcher and /api/history/recent
  • feat(history): add Recently Completed section to frontend dashboard
  • feat(history): add /api/history/recent endpoint with Sonarr/Radarr history fetching, tag filtering, and 5-min cache
  • docs: merge Mermaid diagram migration from develop
  • docs: replace ASCII art diagrams with Mermaid (renders natively in Gitea)
  • feat: native HTTPS support with bundled snakeoil default cert
  • Diagrams etc. (#5)
  • docs: migrate all diagrams from PlantUML to Mermaid
  • ci: render PlantUML diagrams [skip ci]
  • fix(diagrams): replace par/and/end with group in seq-polling
  • docs(diagrams): review + fix all .puml files; touch all to trigger render
  • Merge pull request 'release/1.0.0' (#4) from release/1.0.0 into main
  • merge: fix BOT_TOKEN secret name
  • merge: fix BOT_TOKEN secret name
  • ci: rename secret GITEA_TOKEN → BOT_TOKEN (GITEA_ prefix is reserved)
  • merge: add render-diagrams workflow
  • merge: add render-diagrams workflow
  • ci: add render-diagrams workflow (.puml → .png committed back to repo)
  • merge: develop into release/1.0.0 (doc + UI fixes)
  • merge: develop into main (1.0.x doc + UI fixes)
  • docs: update ARCHITECTURE.md and README for 1.0.x fixes
  • fix: progress bar width collapsed by pill display:inline-flex
  • fix: progress bar not rendering — replace float:left with position:absolute
  • ui: compact pill layout for detail items; red availability warning
  • merge: cookie secure fix from release/1.0.0
  • merge: cookie secure fix from release/1.0.0
  • fix: gate cookie secure flag on TRUST_PROXY not NODE_ENV
  • merge: release/1.0.0 fixes into main
  • merge: release/1.0.0 fixes into develop
  • fix: correct upgradeInsecureRequests in index.js (the actual production config)
  • fix: only emit upgrade-insecure-requests when TRUST_PROXY is set
  • fix: remove nonce from tags — breaks CSS on mobile/caching proxies
  • release: 1.0.0
  • docs: final 1.0.0 documentation pass
  • ci: downgrade upload-artifact to v3 (v4+ not supported on Gitea GHES)
  • ci: lower coverage thresholds to match CI numbers after SSE addition
  • fix(ui): status panel empty on login / requires double-click to open
  • fix: set timing bar widths via JS DOM assignment after innerHTML
  • fix: use CSS custom property for timing bar width to bypass CSP blocking
  • fix: allow inline style= attributes via CSP style-src-attr
  • debug: log task timing data in status panel to diagnose full bars
  • fix: correct status panel cache stats and static asset caching
  • fix(ui): normalise status panel timing bars against slowest task not totalMs
  • feat: replace client polling with Server-Sent Events (SSE)
  • chore: merge develop into main for v0.2.0 release
  • chore: bump version to 0.2.0
  • fix(ci): remove per-file coverage thresholds — V8 counts vary across Node versions
  • docs: audit and update all documentation to reflect current codebase
  • fix(ci): lower requireAuth.js coverage threshold to match CI Node V8 counting
  • test: add comprehensive test suite (115 tests, Vitest + supertest + nock)
  • fix: proxy cover art through server to satisfy CSP img-src 'self'
  • fix: logger.js hardcoded server.log path breaks non-root container user
  • fix: restore missing dotenv dependency
  • fix(docker): replace better-sqlite3 with pure-JS JSON token store
  • fix(docker): switch alpine to node:22-slim for pre-built better-sqlite3
  • fix(docker): compile better-sqlite3 native addon in build stage
  • fix: rebuild package-lock for Node 22; upgrade dev environment
  • feat(security): production hardening for external deployment
  • Merge develop into main for v0.1.5
  • chore: bump version to 0.1.5
  • fix: splash screen hangs after login, never dismisses
  • feat: add 'Keep me logged in' checkbox to login form
  • fix(ci): upgrade nodemon to ^3 to resolve semver ReDoS vulnerability
  • chore: add COOKIE_SECRET to .env, .env.example, .env.sample
  • fix(security #17): add npm audit to CI pipeline and package scripts
  • fix(security #15): read API keys from process.env at request time
  • fix(security #13,#14): revoke Emby token on logout; stable DeviceId prevents unbounded sessions
  • fix(security #12): add helmet security response headers
  • fix(security #11): remove unused node-cron dependency
  • fix(security #10): sanitize error details to prevent API key leakage
  • fix(security #7,#8,#9): signed cookies, isAdmin tamper-proof, schema validation
  • fix(security #6): add rate limiting to POST /api/auth/login
  • fix(security #5): remove plaintext logging of Emby auth response and user object
  • docs: update architecture docs and diagrams for recent changes
  • feat: add favicon from sofarr-logoonly.png
  • fix: proper multi-user tag badges using full Emby user list
  • fix: extractUserTag now correctly finds the tag matching the current user
  • fix: always show matched user tag badge, not just in showAll mode
  • feat: multi-tag badges for showAll — amber for unmatched, accent for matched
  • security: ensure log files excluded recursively from git and Docker builds (issue #16)
  • security: fix issues #1-4 from security audit
  • Merge develop into main for v0.1.4
  • chore: bump version to 0.1.4
  • fix: improve mobile layout and prevent text overflow on small screens
  • Merge main back into develop (v0.1.3)
  • chore: bump version to 0.1.3
  • docs: comprehensive architecture documentation with PlantUML diagrams
  • Revert "perf: split into fast poll + slow-cached library fetches"
  • perf: split into fast poll + slow-cached library fetches
  • perf: drop includeSeries/includeMovie from history fetches
  • perf: reduce history page sizes and drop includeEpisode
  • fix: crash from stale references to removed sonarrSeries/radarrMovies
  • perf: eliminate full Sonarr Series + Radarr Movies library fetches
  • feat: status page shows effective refresh mode across all active clients
  • feat: live-updating status panel with per-task poll timings
  • feat: add admin-only status page with cache stats
  • docs: add POLL_INTERVAL to README, .env.sample, and .env.example
  • feat: make background polling disablable with on-demand fallback
  • perf: background poller for near-instant dashboard responses
  • perf: reduce history page size from 100 to 20
  • perf: persist qBittorrent clients between requests
  • perf: cache slow-changing data (series, movies, tags) with 60s TTL
  • feat: show import-pending red lozenge when Sonarr/Radarr has issues
  • feat: revise login screen with logo and smooth transition to splash
  • feat: add splash screen with logo on app load and after login
  • fix: handle Ombi-mangled tags for email-style usernames
  • feat: link series/movie titles to Sonarr/Radarr for admin users
  • fix: show full download path (content_path) for qBittorrent
  • ci: remove arm builds, amd64 only for now
  • ci: build develop tag on every push to develop branch
  • feat: show download/target paths for admin users
  • docs: comprehensive architecture documentation with PlantUML diagrams
  • Revert "perf: split into fast poll + slow-cached library fetches"
  • perf: split into fast poll + slow-cached library fetches
  • perf: drop includeSeries/includeMovie from history fetches
  • perf: reduce history page sizes and drop includeEpisode
  • fix: crash from stale references to removed sonarrSeries/radarrMovies
  • perf: eliminate full Sonarr Series + Radarr Movies library fetches
  • feat: status page shows effective refresh mode across all active clients
  • feat: live-updating status panel with per-task poll timings
  • feat: add admin-only status page with cache stats
  • docs: add POLL_INTERVAL to README, .env.sample, and .env.example
  • feat: make background polling disablable with on-demand fallback
  • perf: background poller for near-instant dashboard responses
  • perf: reduce history page size from 100 to 20
  • perf: persist qBittorrent clients between requests
  • perf: cache slow-changing data (series, movies, tags) with 60s TTL
  • feat: show import-pending red lozenge when Sonarr/Radarr has issues
  • feat: revise login screen with logo and smooth transition to splash
  • feat: add splash screen with logo on app load and after login
  • fix: handle Ombi-mangled tags for email-style usernames
  • feat: link series/movie titles to Sonarr/Radarr for admin users
  • fix: show full download path (content_path) for qBittorrent
  • ci: remove arm builds, amd64 only for now
  • ci: build develop tag on every push to develop branch
  • feat: show download/target paths for admin users
  • Merge pull request 'ci: build multi-arch images (amd64, arm64, arm/v7)' (#2) from develop into main
  • ci: build multi-arch images (amd64, arm64, arm/v7)
  • chore: bump version to 0.1.2
  • feat: admin users can view all downloads with user badges
  • docs: add docker-compose.yaml with sample configuration
  • chore: bump version to 0.1.1
  • Merge pull request 'develop' (#1) from develop into main
  • feat: compact UI with theme switcher (light/dark/mono)
  • ci: add automated release creation on tag push
  • docs: add Docker deployment instructions and OCI labels
  • ci: remove registry login step (Distribution registry has no auth by default)
  • ci: use distribution registry at reg.i3omb.com
  • ci: add Dockerfile and Gitea Actions workflow for automated image builds
  • chore: set version to 0.1.0
  • feat: fix download-to-user matching, add cover art to downloads
  • Initial commit: Media Download Dashboard with SABnzbd, Sonarr, Radarr, and Emby integration

  Downloads

  • Source (tar.gz): sofarr-v1.1.1.tar.gz
  • Source (zip): sofarr-v1.1.1.zip
  • Docker image: docker.i3omb.com/sofarr:1.1.1

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.1.0 b3edd442f5

  Compare

  sofarr v1.1.0 Stable

  gronod released this 2026-05-17 17:32:14 +01:00 | 71 commits to main since this release

  sofarr v1.1.0

  Docker

  docker pull docker.i3omb.com/sofarr:1.1.0
  

  Changes

  • merge: develop into main for v1.1.0 release
  • chore: bump version to 1.1.0
  • fix: use --surface for episode tooltip background (--card-bg was undefined)
  • fix: read episodeNumber from nested episode object in Sonarr records
  • feat: show episode info on download and history cards
  • Merge pull request 'feat: Recently Completed downloads history, tab UI, and light theme refresh' (#7) from develop into main
  • merge: resolve ARCHITECTURE.md conflict, keep develop version (Mermaid + history docs)
  • ci: remove v2-develop branch from build pipeline
  • design(light-theme): replace purple scheme with logo-aligned teal palette, WCAG AA compliant
  • feat(ui): split downloads and history into tabs
  • fix(history): add tagBadges to history items in showAll mode
  • fix(history): reload history when showAll toggle changes
  • ci: add v2-develop branch to build pipeline (tags as sofarr:v2-develop)
  • chore: remove legacy .env.example (superseded by .env.sample)
  • docs: update ARCHITECTURE.md and README for history feature (v2)
  • test(history): add unit and integration tests for historyFetcher and /api/history/recent
  • feat(history): add Recently Completed section to frontend dashboard
  • feat(history): add /api/history/recent endpoint with Sonarr/Radarr history fetching, tag filtering, and 5-min cache
  • docs: merge Mermaid diagram migration from develop
  • docs: replace ASCII art diagrams with Mermaid (renders natively in Gitea)
  • feat: native HTTPS support with bundled snakeoil default cert
  • Diagrams etc. (#5)
  • docs: migrate all diagrams from PlantUML to Mermaid
  • ci: render PlantUML diagrams [skip ci]
  • fix(diagrams): replace par/and/end with group in seq-polling
  • docs(diagrams): review + fix all .puml files; touch all to trigger render
  • Merge pull request 'release/1.0.0' (#4) from release/1.0.0 into main
  • merge: fix BOT_TOKEN secret name
  • merge: fix BOT_TOKEN secret name
  • ci: rename secret GITEA_TOKEN → BOT_TOKEN (GITEA_ prefix is reserved)
  • merge: add render-diagrams workflow
  • merge: add render-diagrams workflow
  • ci: add render-diagrams workflow (.puml → .png committed back to repo)
  • merge: develop into release/1.0.0 (doc + UI fixes)
  • merge: develop into main (1.0.x doc + UI fixes)
  • docs: update ARCHITECTURE.md and README for 1.0.x fixes
  • fix: progress bar width collapsed by pill display:inline-flex
  • fix: progress bar not rendering — replace float:left with position:absolute
  • ui: compact pill layout for detail items; red availability warning
  • merge: cookie secure fix from release/1.0.0
  • merge: cookie secure fix from release/1.0.0
  • fix: gate cookie secure flag on TRUST_PROXY not NODE_ENV
  • merge: release/1.0.0 fixes into main
  • merge: release/1.0.0 fixes into develop
  • fix: correct upgradeInsecureRequests in index.js (the actual production config)
  • fix: only emit upgrade-insecure-requests when TRUST_PROXY is set
  • fix: remove nonce from tags — breaks CSS on mobile/caching proxies

  Downloads

  • Source (tar.gz): sofarr-v1.1.0.tar.gz
  • Source (zip): sofarr-v1.1.0.zip
  • Docker image: docker.i3omb.com/sofarr:1.1.0

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v1.0.0 c86694fc8f

  Compare

  sofarr v1.0.0 Stable

  gronod released this 2026-05-17 09:19:45 +01:00 | 118 commits to main since this release

  sofarr v1.0.0

  Docker

  docker pull docker.i3omb.com/sofarr:1.0.0
  

  Changes

  • release: 1.0.0
  • docs: final 1.0.0 documentation pass
  • ci: downgrade upload-artifact to v3 (v4+ not supported on Gitea GHES)
  • ci: lower coverage thresholds to match CI numbers after SSE addition
  • fix(ui): status panel empty on login / requires double-click to open
  • fix: set timing bar widths via JS DOM assignment after innerHTML
  • fix: use CSS custom property for timing bar width to bypass CSP blocking
  • fix: allow inline style= attributes via CSP style-src-attr
  • debug: log task timing data in status panel to diagnose full bars
  • fix: correct status panel cache stats and static asset caching
  • fix(ui): normalise status panel timing bars against slowest task not totalMs
  • feat: replace client polling with Server-Sent Events (SSE)

  Downloads

  • Source (tar.gz): sofarr-v1.0.0.tar.gz
  • Source (zip): sofarr-v1.0.0.zip
  • Docker image: docker.i3omb.com/sofarr:1.0.0

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.2.0 80a6d559c9

  Compare

  sofarr v0.2.0 Pre-Release

  gronod released this 2026-05-17 08:13:25 +01:00 | 130 commits to main since this release

  sofarr v0.2.0

  Docker

  docker pull docker.i3omb.com/sofarr:0.2.0
  

  Changes

  • chore: merge develop into main for v0.2.0 release
  • chore: bump version to 0.2.0
  • fix(ci): remove per-file coverage thresholds — V8 counts vary across Node versions
  • docs: audit and update all documentation to reflect current codebase
  • fix(ci): lower requireAuth.js coverage threshold to match CI Node V8 counting
  • test: add comprehensive test suite (115 tests, Vitest + supertest + nock)
  • fix: proxy cover art through server to satisfy CSP img-src 'self'
  • fix: logger.js hardcoded server.log path breaks non-root container user
  • fix: restore missing dotenv dependency
  • fix(docker): replace better-sqlite3 with pure-JS JSON token store
  • fix(docker): switch alpine to node:22-slim for pre-built better-sqlite3
  • fix(docker): compile better-sqlite3 native addon in build stage
  • fix: rebuild package-lock for Node 22; upgrade dev environment
  • feat(security): production hardening for external deployment

  Downloads

  • Source (tar.gz): sofarr-v0.2.0.tar.gz
  • Source (zip): sofarr-v0.2.0.zip
  • Docker image: docker.i3omb.com/sofarr:0.2.0

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.1.5 8eb49f64b6

  Compare

  sofarr v0.1.5 Pre-Release

  gronod released this 2026-05-16 17:18:21 +01:00 | 144 commits to main since this release

  sofarr v0.1.5

  Docker

  docker pull docker.i3omb.com/sofarr:0.1.5
  

  Changes

  • Merge develop into main for v0.1.5
  • chore: bump version to 0.1.5
  • fix: splash screen hangs after login, never dismisses
  • feat: add 'Keep me logged in' checkbox to login form
  • fix(ci): upgrade nodemon to ^3 to resolve semver ReDoS vulnerability
  • chore: add COOKIE_SECRET to .env, .env.example, .env.sample
  • fix(security #17): add npm audit to CI pipeline and package scripts
  • fix(security #15): read API keys from process.env at request time
  • fix(security #13,#14): revoke Emby token on logout; stable DeviceId prevents unbounded sessions
  • fix(security #12): add helmet security response headers
  • fix(security #11): remove unused node-cron dependency
  • fix(security #10): sanitize error details to prevent API key leakage
  • fix(security #7,#8,#9): signed cookies, isAdmin tamper-proof, schema validation
  • fix(security #6): add rate limiting to POST /api/auth/login
  • fix(security #5): remove plaintext logging of Emby auth response and user object
  • docs: update architecture docs and diagrams for recent changes
  • feat: add favicon from sofarr-logoonly.png
  • fix: proper multi-user tag badges using full Emby user list
  • fix: extractUserTag now correctly finds the tag matching the current user
  • fix: always show matched user tag badge, not just in showAll mode
  • feat: multi-tag badges for showAll — amber for unmatched, accent for matched
  • security: ensure log files excluded recursively from git and Docker builds (issue #16)
  • security: fix issues #1-4 from security audit

  Downloads

  • Source (tar.gz): sofarr-v0.1.5.tar.gz
  • Source (zip): sofarr-v0.1.5.zip
  • Docker image: docker.i3omb.com/sofarr:0.1.5

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)