Gronod
c0dd93a1ab
Some checks failed
Build and Push Docker Image / build (push) Successful in 59s
CI / Security audit (push) Successful in 1m5s
CI / Tests & coverage (push) Successful in 1m24s
Docs Check / Markdown lint (push) Failing after 45s
Docs Check / Mermaid diagram parse check (push) Successful in 1m27s
CI / Security audit (pull_request) Successful in 51s
CI / Tests & coverage (pull_request) Successful in 1m1s
Docs Check / Markdown lint (pull_request) Failing after 39s
Docs Check / Mermaid diagram parse check (pull_request) Successful in 1m12s
Phase 1 - Licensing & Compliance: - Add MIT LICENSE file - Add copyright headers to server/index.js, poller.js, config.js, sanitizeError.js, and new loadSecrets.js Phase 2 - Security Hardening: - Add server/utils/loadSecrets.js: Docker secrets support via _FILE env var pattern (COOKIE_SECRET_FILE, EMBY_API_KEY_FILE, etc.) - Add SSRF/URL validation in config.js: validates all configured service instance URLs for scheme and well-formedness at startup - Add SIGTERM/SIGINT graceful shutdown: stops poller, drains HTTP connections, 10s force-exit fallback - Warn at startup if COOKIE_SECRET is shorter than 32 characters - Validate EMBY_URL scheme at startup - Improve sanitizeError: redact host:port from axios error URLs while preserving path/query for other redaction patterns Phase 3 - Config Robustness: - Weak COOKIE_SECRET warning (< 32 chars) - EMBY_URL validated via validateInstanceUrl on startup Phase 4 - Docker & Deployment: - .dockerignore: add tests/, coverage/, vitest.config.js, CHANGELOG.md, SECURITY.md, LICENSE, .markdownlint.json - docker-compose.yaml: add commented Option B (Docker secrets _FILE pattern) alongside existing plain-env Option A Phase 5 - Docs & Release Readiness: - Add CHANGELOG.md with entries from v1.0.0 to v1.2.0 - Update SECURITY.md: supported versions table, fix Docker secrets note to reflect _FILE support now implemented - Add public/.well-known/security.txt for responsible disclosure - Bump version to 1.2.0
45 lines
1.1 KiB
JSON
45 lines
1.1 KiB
JSON
{
|
|
"name": "sofarr",
|
|
"version": "1.2.0",
|
|
"description": "A personal media download dashboard that shows your downloads 'so far' while you relax on the sofa waiting for your *arr services to finish",
|
|
"main": "server/index.js",
|
|
"scripts": {
|
|
"dev": "nodemon server/index.js",
|
|
"start": "node server/index.js",
|
|
"install:all": "npm install",
|
|
"test": "vitest run",
|
|
"test:watch": "vitest",
|
|
"test:coverage": "vitest run --coverage",
|
|
"test:ui": "vitest --ui",
|
|
"audit": "npm audit --audit-level=high",
|
|
"audit:fix": "npm audit fix",
|
|
"audit:critical": "npm audit --audit-level=critical"
|
|
},
|
|
"dependencies": {
|
|
"axios": "^1.6.0",
|
|
"cookie-parser": "^1.4.6",
|
|
"dotenv": "^16.3.1",
|
|
"express": "^4.18.2",
|
|
"express-rate-limit": "^7.0.0",
|
|
"helmet": "^7.0.0",
|
|
"jsdom": "^29.1.1"
|
|
},
|
|
"devDependencies": {
|
|
"@vitest/coverage-v8": "^4.1.6",
|
|
"concurrently": "^7.6.0",
|
|
"nock": "^14.0.15",
|
|
"nodemon": "^3.1.14",
|
|
"supertest": "^7.2.2",
|
|
"vitest": "^4.1.6"
|
|
},
|
|
"keywords": [
|
|
"sabnzbd",
|
|
"sonarr",
|
|
"radarr",
|
|
"emby",
|
|
"dashboard"
|
|
],
|
|
"author": "",
|
|
"license": "MIT"
|
|
}
|