mirror/seerr
1
0
Fork 0
mirror of https://github.com/seerr-team/seerr.git synced 2026-04-17 22:07:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,989 Commits 30 Branches 141 Tags
7c8ec00cef8f2895337c4ff22336dc93113d2075
Commit Graph

826 Commits

Author SHA1 Message Date
Michael Thomas
7c8ec00cef fix: add indexes and constraints for linked accounts 2026-04-15 13:17:30 -04:00
Michael Thomas
4ae6514a38 test(auth): add tests for OpenID Connect endpoints 2026-04-15 13:17:28 -04:00
Michael Thomas
86f1b4452d feat: support login with OpenID Connect 2026-04-15 13:05:18 -04:00
Michael Thomas
f12a6b2994 feat: support linking OpenID Connect accounts to users 2026-04-15 13:05:17 -04:00
Michael Thomas
78a2055bf0 feat: add OpenID Connect provider settings 2026-04-15 13:05:08 -04:00
fallenbagel
66130beded fix(settings): persist new settings defaults to disk on startup (#2884) 2026-04-15 16:42:36 +02:00
0xsysr3ll
ff469cb6d7 feat(settings): add blocklist region and language options (#1802) 2026-04-15 16:42:52 +08:00
0xsysr3ll
15b31093c0 fix(auth): resolve Plex OAuth client ID mismatch (#2746) 2026-04-14 18:35:29 +08:00
Gauthier
9c4c674dc9 chore(deps): fix axios security vulnerability (#2872) 2026-04-14 00:19:13 +08:00
fallenbagel
43eff257e1 fix(overseerr-merge): sanitise corrupt quota values during overseerr migration (#2863) 2026-04-12 17:37:32 +02:00
fallenbagel
20ccd4bd38 fix(request): record modifiedBy on retry and add route tests (#2824) 2026-04-12 16:52:45 +02:00
fallenbagel
061121c326 fix(generate-password): await setPassword to fix race condition (#2845) 2026-04-09 21:32:28 +08:00
Ludovic Ortega
2432e8dd7b feat(webhook): add imdbid to webhook notification (#2658) 
Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>
 2026-04-08 22:41:42 +02:00
fallenbagel
fe2c0416ef fix(emby): use static version in auth header for emby only (#2821) 2026-04-07 23:12:54 +02:00
Doug Rathbone
6aeab38ad6 fix(request): correct delete permission check and await movie save (#2742) 2026-04-07 07:48:24 +00:00
fallenbagel
0b8f872828 fix(entities): replace MySQL-only onUpdate with @UpdateDateColumn (#2823) 2026-04-05 21:53:30 +08:00
v3DJG6GL
77f2c13cfb feat(notifications): add ntfy markdown formatting (#2602) 2026-04-04 17:51:41 +08:00
Robbin "Roboroads" Schepers
6d8b2b7393 feat(quota): added support for unlimited quota days (#2797) 2026-04-04 10:42:46 +08:00
0xsysr3ll
1bb638e175 fix: await missing repository saves (#2760) 2026-04-01 15:16:30 +02:00
fallenbagel
685cb449b1 refactor(watchlistsync): log media request creation after success instead of before (#2790) 2026-04-01 15:07:34 +02:00
fallenbagel
036d000f26 refactor(imageproxy): reduce noisy image cache logging (#2789) 2026-04-01 14:40:14 +02:00
0xsysr3ll
993ae4c58e feat(blocklist): add support for collections (#1841) 2026-03-30 06:19:45 +08:00
Shyam
56b79ff38c feat(i18n): add Estonian language support (#2611) 2026-03-29 02:54:52 +08:00
Angelo Olivera
865396fd28 fix(watchlist-sync): handle empty watchlists on PostgreSQL (#2718) 2026-03-23 18:55:40 +05:00
0xsysr3ll
eaf397a021 feat(userlist): add sortable columns to User List (#1615) 2026-03-21 04:45:00 +05:00
YakGravity
10f23f009d fix(jellyfin-scanner): add TheMovieDb provider fallback for Jellyfin scanner (#2605) 2026-03-17 16:18:43 +01:00
0xsysr3ll
90d407d410 fix(movie,tv): respect display language for trailers (#2674) 2026-03-16 18:29:40 +01:00
Michael Thomas
36243a0deb chore: upgrade to eslint v9 (#2574) 2026-03-16 21:12:30 +05:00
fallenbagel
6c52a2f3ad fix(settings): serialize settings writes and prevent partial overwrites (#2696) 2026-03-16 11:29:41 +01:00
fallenbagel
0be18968b4 fix: disambiguate tmdb ids by media type across lookups (#2577) 2026-03-14 23:47:21 +05:00
Gauthier
d25d0ca570 fix(requests): mark requests as completed when media is already available (#2462) 
Co-authored-by: fallenbagel <98979876+Fallenbagel@users.noreply.github.com>
 2026-03-14 17:45:41 +05:00
0xsysr3ll
f40323c7c5 fix(migration): repair postgres blocklist id sequence (#2686) 2026-03-12 21:58:11 +05:00
0xsysr3ll
dccdc95927 feat(i18n): add Luxembourgish language support (#2671) 2026-03-12 19:07:58 +05:00
Michael Thomas
8563362588 test: support server-side unit testing (#2485) 2026-03-12 18:39:41 +05:00
0xsysr3ll
40edaea43f feat(i18n): add Vietnamese language support (#2670) 2026-03-12 15:59:56 +05:00
Jerra94
ff4ab21a9e feat(webhook): add jellyfinMediaId and jellyfinUserId to webhook notification (#1959) 2026-03-06 12:04:13 +01:00
0xsysr3ll
15489486cb fix(plex): set 4K Plex URLs whenever ratingKey4k is set (#2635) 2026-03-05 22:51:42 +01:00
bogo22
4ce0db1959 feat(trending): add filter options (#2137) 
Signed-off-by: Florian Hoech <code@florians-web.de>
 2026-03-05 15:24:55 +05:00
0xsysr3ll
3152f727ef feat(notifications): webhook custom headers (#2230) 
Signed-off-by: 0xsysr3ll <0xsysr3ll@pm.me>
 2026-03-05 15:23:47 +05:00
fallenbagel
9ec3d585d1 fix(email): correctly classify final MIME header in PGP email encryption (#2618) 2026-03-04 03:17:56 +05:00
fallenbagel
a16d0464a6 fix(issues): update issue timestamp when adding comments (#2616) 2026-03-02 12:35:18 +01:00
Lachlan Wisdom
3557745b62 feat(jellyfin): allow Jellyfin Guids with dashes for import-from-jellyfin endpoint (#2340) 2026-03-02 16:22:33 +05:00
0xsysr3ll
c23117eb6b feat(requests): mark requests as failed when Radarr/Sonarr unreachable (#2171) 
Signed-off-by: 0xsysr3ll <0xsysr3ll@pm.me>
 2026-03-02 04:41:27 +05:00
fallenbagel
61e0377361 feat(notifications): add priority setting for ntfy agent (#2306) 2026-03-02 04:37:57 +05:00
0xsysr3ll
001f6b1a34 fix(media): exclude null mediaAddedAt entries (#2607) 2026-03-01 22:51:51 +05:00
fallenbagel
5c34c91257 feat(sonarr): add monitorNewItems option to sonarr settings & modal (#2071) 2026-02-28 02:08:44 +05:00
ventiph
a2d1e1b06f refactor(notifications): move event from author to title field in Discord Embed (#2119) 2026-02-28 01:48:11 +05:00
Rin
e086081b19 fix(proxy): add path validation guardrail to imageproxy (#2531) 2026-02-28 00:14:05 +05:00
Gauthier
946bdecec5 Merge commit from fork 
This PR fixes a security issue where authenticated users could access and modify data belonging to
other users. The isOwnProfileOrAdmin() middleware was missing from several push subscription API
routes. As a result, any authenticated user on the instance could manipulate the userId parameter in
the URL to view or delete the push subscriptions of other users.
 2026-02-28 00:58:50 +08:00
fallenbagel
4f089b29d0 Merge commit from fork 
Add ownership check to GET /api/v1/user/:id so the full user object(including eager-loaded settings
with notification credentials) is onlyreturned to the user themselves or MANAGE_USERS admins. All
otherauthenticated users receive a stripped response (which is the intended behaviour as
https://github.com/sct/overseerr/pull/3695#issuecomment-1817827774). Also expands
User.filteredFields to strip sensitive fileds to prevent leaking credentials
 2026-02-28 00:58:28 +08:00