Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 16 Wiki Activity
Files
v1.3.1a
sofarr/CHANGELOG.md
Gronod cf7008fd54
All checks were successful
Build and Push Docker Image / build (push) Successful in 29s
Details
Docs Check / Markdown lint (push) Successful in 50s
Details
CI / Security audit (push) Successful in 1m30s
Details
CI / Tests & coverage (push) Successful in 1m50s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 2m18s
Details
docs: update documentation for blocklist & search non-admin eligibility 
- CHANGELOG: document button availability changes (all admin downloads, non-admin eligibility)
- README: update blocklist-search endpoint description with non-admin conditions
- ARCHITECTURE.md: update Authorisation Matrix, Download object table (add canBlocklist, addedOn fields), and blocklist-search API reference
2026-05-18 00:05:31 +01:00

7.0 KiB
Raw Permalink Blame History

Changelog

All notable changes to this project will be documented in this file. Format follows Keep a Changelog. This project adheres to Semantic Versioning.

[1.3.0] - 2026-05-17

Added

  • History tab — new "Recently Completed" tab showing imported and failed downloads from Sonarr/Radarr history for the last N days (configurable via the days input, persisted in localStorage). Auto-refreshes every 5 minutes.
  • History deduplication — when a failed download has subsequently been imported successfully, only the successful record is shown. If the most recent record for an item is a failure but the episode/movie is already on disk (upgrade attempt), the record is flagged as availableForUpgrade.
  • "Upgrade available" badge — failed history cards where the content is already on disk display an amber badge to indicate this is a failed upgrade rather than a missing item.
  • "Hide upgrade failures" toggle — checkbox in the history tab to filter out failed records that are already available on disk. State persists in localStorage. Tooltip explains the behaviour and matches the episode/multi-episode tooltip style.
  • Blocklist & Search button — admin-only button on download cards with an "Import Pending" caution. Removes the download from the client with blocklist=true (preventing re-grab of the same release) then immediately triggers an EpisodeSearch/MoviesSearch command in Sonarr/Radarr. Shows a confirmation dialog, loading/success/error states. Kicks a background poll on success.
  • POST /api/dashboard/blocklist-search — new admin-only endpoint backing the above button. Accepts arrQueueId, arrType, arrInstanceUrl, arrInstanceKey, arrContentId, arrContentType.
  • Title link home navigation — the sofarr logo/title in the header now navigates to the default view (Active Downloads tab, close status panel, reset "Show all users" toggle) without a page reload.
  • Version footer link — the version string in the dashboard footer links to the source repository.

Changed

  • History records are now deduplicated server-side before being sent to the client — only the most relevant record per content item per instance is returned.
  • Import-issue badge tooltip now uses the themed var(--surface) / var(--text-primary) / var(--border) CSS variables, matching the episode and toggle tooltip style.
  • Poller now stores _instanceKey on Sonarr/Radarr queue records in the cache, enabling the backend to look up API credentials for blocklist operations without an additional configuration lookup.
  • Blocklist & Search button — now available on all admin downloads (not just those with import issues), and also available to non-admin users when: import issues are present, OR (for qBittorrent torrents only) the download is more than 1 hour old AND has less than 100% availability.
  • Download object — added canBlocklist boolean field to indicate whether the current user can blocklist a given download.
  • qBittorrent torrent data — added addedOn timestamp field to enable age-based blocklist eligibility checks.

[1.2.2] - 2026-05-17

Changed

  • Header logo — uses the higher-resolution 192px favicon source rendered at 56px for better visual balance alongside the title text.

[1.2.1] - 2026-05-17

Added

  • Version footer — the dashboard footer now displays the running app version (e.g. sofarr v1.2.1), fetched from the /health endpoint on page load.

[1.2.0] - 2025-05-17

Security

  • Docker secrets support — all sensitive environment variables (COOKIE_SECRET, EMBY_API_KEY, SABNZBD_API_KEY, SONARR_API_KEY, RADARR_API_KEY, QBITTORRENT_PASSWORD) now support the standard _FILE variant for loading values from mounted secret files (e.g. COOKIE_SECRET_FILE=/run/secrets/cookie_secret).
  • Weak secret warning — server now warns at startup if COOKIE_SECRET is shorter than 32 characters.
  • EMBY_URL validation — validates the Emby URL scheme at startup and warns on misconfiguration.
  • Improved error sanitizationsanitizeError() now also redacts hostnames from full request URLs that may appear in axios error messages.
  • Graceful shutdownSIGTERM and SIGINT handlers now stop the background poller and drain open HTTP connections before exiting. Prevents data loss and zombie processes on docker stop.

Compliance

  • MIT LICENSE file added to project root.
  • Copyright headers added to key server source files (index.js, poller.js, config.js, sanitizeError.js, loadSecrets.js).
  • security.txt (/.well-known/security.txt) added for responsible disclosure.

Configuration

  • URL validation added to config.js — all configured service instance URLs are validated for scheme (http/https) and well-formedness at startup; malformed URLs emit a warning instead of crashing.

Docker / Deployment

  • docker-compose.yaml updated with commented Option B (Docker secrets _FILE pattern) alongside the existing plain-env Option A.
  • .dockerignore updated — tests/, coverage/, vitest.config.js, CHANGELOG.md, SECURITY.md, LICENSE, .markdownlint.json excluded from the production image.

CI

  • docs-check workflow added — separate Gitea Actions workflow that lints all Markdown files and validates Mermaid diagram syntax on every push that touches .md files. Both jobs use continue-on-error: true so documentation issues never block a release.
  • Mermaid diagrams in docs/ARCHITECTURE.md fixed — replaced invalid \n in stateDiagram transition labels, Unicode arrows/dashes, and double-spaces in flowchart edge definitions.

[1.1.2] - 2025-05-15

Changed

  • Server startup message now includes the current version (sofarr v1.1.2).

[1.1.1] - 2025-05-14

Fixed

  • Docker/TrueNAS SCALE healthcheck: dynamic HTTP/HTTPS selection based on TLS_ENABLED environment variable. Prevents containers from being stuck in "starting" state when TLS_ENABLED=false.

[1.1.0] - 2025-05-13

Added

  • Episode display — TV show download cards now show episode information (S01E01 format with title). Multi-episode packs show a "Multiple episodes" badge with a tooltip listing all episodes.
  • Episode tooltip — solid background colour (theme-dependent) for readability.
  • Sonarr queue and history API requests now include includeEpisode=true.

[1.0.0] - 2025-05-01

Added

  • Initial release.
  • SABnzbd queue and history integration.
  • qBittorrent torrent integration.
  • Sonarr and Radarr queue/history matching with user tag filtering.
  • Emby/Jellyfin authentication.
  • Server-Sent Events (SSE) real-time dashboard.
  • Per-request CSP nonce, CSRF double-submit, HSTS, Permissions-Policy.
  • Background polling with configurable interval and on-demand fallback.
  • Docker multi-stage build, non-root user, read-only filesystem.
  • TLS support with bundled snakeoil certificate.
Reference in New Issue View Git Blame Copy Permalink