Alex
e35b4c47a7
Direct source refactor ( #895 )
...
- Updated mirror selection
- Removed built-in mirror options, users must provide their own
configurations
- Set Universal search to default, added ability to disable direct
source
- Updated documentation
- Updated makefile
2026-04-15 18:50:13 +01:00
blades
18a3f0bf44
Newznab capability ( #867 )
...
I've added a plugin using the same architecture as the prowlarr plugin
to enable Newznab as a source.
I've tested locally with nzbhydra2 and it all seems to work as intended.
I've added some unit tests for this feature, and found that a couple of
other unit tests weren't behaving so fixed those up while I was at it. I
also ran all of the linters in the makefile against it and fixed those
up, too, so hopefully this should be as clean and as compatible as it
can be.
2026-04-14 09:43:03 +01:00
Alex
0f7bcf8fd9
Fix lockfile ( #888 )
2026-04-13 11:40:41 +01:00
Alex
98f891916d
Remove slash cleanup for OIDC discovery URL ( #887 )
...
Fixes #869
2026-04-13 11:21:44 +01:00
Alex
a7694eb8ad
Frontend tooling + Linter pass + React rule enforcement ( #886 )
...
- Added `oxlint`, `oxfmt`, `vitest`, `knip`
- Configured oxlint rules including react best practices (e.g. for
effect usage)
- Full linting pass on frontend code
- Full react rules pass on effect usage
- Full reformatting using oxfmt
- Full dead code cleanup using knip
2026-04-13 10:56:09 +01:00
Alex
87d5f127d6
Add prek + pytest-cov ( #873 )
2026-04-12 12:39:15 +01:00
Alex
d7b9f2e67f
Backend test hardening + quality enforcement ( #872 )
...
- Reworked many tests
- Enforcing lint + type checking for test suite
- Fixed various issues surfaced by the new tests
- CI tweaks
2026-04-12 12:01:52 +01:00
Alex
41c4aa1d72
Updated permissions model and non-root support ( #871 )
...
- Adds a non-root startup path at user 1000:1000 - skips privilege
escalation and ownership checks. Works e.g. for kubernetes deployments
(user 1000:1000 and runAsNonRoot enabled).
- Remove startup check/chown commands for user-owned folders. Checks can
be done with a "Test destination" button in settings which performs a
test write. Users are responsible for fixing their own permissions.
- Update docs
2026-04-12 08:22:32 +01:00
Alex
704da62202
Typecheck enforcement ( #870 )
...
All BasedPyright standard rules enforced and corrected
2026-04-12 07:35:36 +01:00
Alex
8d98e122ec
Linter followup ( #868 )
...
Expanded Ruff rules and completed fixes
2026-04-11 16:18:52 +01:00
Alex
28eef75de0
Update path handling errors ( #864 )
2026-04-11 08:29:21 +01:00
Alex
b3b8f34a13
Fix JSON script blocking behavior + tests ( #862 )
...
Fixes #859
2026-04-10 20:46:07 +01:00
Alex
8e78fea947
Add BasedPyright + Makefile commands ( #858 )
2026-04-10 17:12:54 +01:00
Alex
7bc6a9f8c6
Switch dev builds to nightly schedule ( #856 )
...
- `dev` images generated on a nightly schedule if new commits exist
- lite container smoke test added to PR CI checks
2026-04-10 15:12:23 +01:00
Alex
962e0ec68b
Regenerate frontend lockfile ( #855 )
2026-04-10 14:33:47 +01:00
Alex
3d68b5eb2f
Bump Vite to 8.0.8 + Typescript to 6.0.2 ( #854 )
2026-04-10 14:26:14 +01:00
dependabot[bot]
ba4090aee2
Bump ruff from 0.15.9 to 0.15.10 ( #848 )
...
Bumps [ruff](https://github.com/astral-sh/ruff ) from 0.15.9 to 0.15.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases ">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.10</h2>
<h2>Release Notes</h2>
<p>Released on 2026-04-09.</p>
<h3>Preview features</h3>
<ul>
<li>[<code>flake8-logging</code>] Allow closures in except handlers
(<code>LOG004</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24464 ">#24464</a>)</li>
<li>[<code>flake8-self</code>] Make <code>SLF</code> diagnostics robust
to non-self-named variables (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24281 ">#24281</a>)</li>
<li>[<code>flake8-simplify</code>] Make the fix for
<code>collapsible-if</code> safe in <code>preview</code>
(<code>SIM102</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24371 ">#24371</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Avoid emitting multi-line f-string elements before Python 3.12 (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24377 ">#24377</a>)</li>
<li>Avoid syntax error from <code>E502</code> fixes in f-strings and
t-strings (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24410 ">#24410</a>)</li>
<li>Strip form feeds from indent passed to <code>dedent_to</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24381 ">#24381</a>)</li>
<li>[<code>pyupgrade</code>] Fix panic caused by handling of octals
(<code>UP012</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24390 ">#24390</a>)</li>
<li>Reject multi-line f-string elements before Python 3.12 (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24355 ">#24355</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>ruff</code>] Treat f-string interpolation as potential side
effect (<code>RUF019</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24426 ">#24426</a>)</li>
</ul>
<h3>Server</h3>
<ul>
<li>Add support for custom file extensions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24463 ">#24463</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Document adding fixes in CONTRIBUTING.md (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24393 ">#24393</a>)</li>
<li>Fix JSON typo in settings example (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24517 ">#24517</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a
href="https://github.com/charliermarsh "><code>@charliermarsh</code></a></li>
<li><a href="https://github.com/dylwil3 "><code>@dylwil3</code></a></li>
<li><a
href="https://github.com/silverstein "><code>@silverstein</code></a></li>
<li><a
href="https://github.com/anishgirianish "><code>@anishgirianish</code></a></li>
<li><a
href="https://github.com/shizukushq "><code>@shizukushq</code></a></li>
<li><a href="https://github.com/zanieb "><code>@zanieb</code></a></li>
<li><a
href="https://github.com/AlexWaygood "><code>@AlexWaygood</code></a></li>
</ul>
<h2>Install ruff 0.15.10</h2>
<h3>Install prebuilt binaries via shell script</h3>
<pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf
https://releases.astral.sh/github/ruff/releases/download/0.15.10/ruff-installer.sh
| sh
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md ">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.10</h2>
<p>Released on 2026-04-09.</p>
<h3>Preview features</h3>
<ul>
<li>[<code>flake8-logging</code>] Allow closures in except handlers
(<code>LOG004</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24464 ">#24464</a>)</li>
<li>[<code>flake8-self</code>] Make <code>SLF</code> diagnostics robust
to non-self-named variables (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24281 ">#24281</a>)</li>
<li>[<code>flake8-simplify</code>] Make the fix for
<code>collapsible-if</code> safe in <code>preview</code>
(<code>SIM102</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24371 ">#24371</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Avoid emitting multi-line f-string elements before Python 3.12 (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24377 ">#24377</a>)</li>
<li>Avoid syntax error from <code>E502</code> fixes in f-strings and
t-strings (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24410 ">#24410</a>)</li>
<li>Strip form feeds from indent passed to <code>dedent_to</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24381 ">#24381</a>)</li>
<li>[<code>pyupgrade</code>] Fix panic caused by handling of octals
(<code>UP012</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24390 ">#24390</a>)</li>
<li>Reject multi-line f-string elements before Python 3.12 (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24355 ">#24355</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>ruff</code>] Treat f-string interpolation as potential side
effect (<code>RUF019</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24426 ">#24426</a>)</li>
</ul>
<h3>Server</h3>
<ul>
<li>Add support for custom file extensions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24463 ">#24463</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Document adding fixes in CONTRIBUTING.md (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24393 ">#24393</a>)</li>
<li>Fix JSON typo in settings example (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24517 ">#24517</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a
href="https://github.com/charliermarsh "><code>@charliermarsh</code></a></li>
<li><a href="https://github.com/dylwil3 "><code>@dylwil3</code></a></li>
<li><a
href="https://github.com/silverstein "><code>@silverstein</code></a></li>
<li><a
href="https://github.com/anishgirianish "><code>@anishgirianish</code></a></li>
<li><a
href="https://github.com/shizukushq "><code>@shizukushq</code></a></li>
<li><a href="https://github.com/zanieb "><code>@zanieb</code></a></li>
<li><a
href="https://github.com/AlexWaygood "><code>@AlexWaygood</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="252f76102ahttps://redirect.github.com/astral-sh/ruff/issues/24519 ">#24519</a>)</li>
<li><a
href="37a1ec8bb8https://redirect.github.com/astral-sh/ruff/issues/24502 ">#24502</a>)</li>
<li><a
href="f518cc9ca0https://redirect.github.com/astral-sh/ruff/issues/24518 ">#24518</a>)</li>
<li><a
href="16c4090d0ahttps://redirect.github.com/astral-sh/ruff/issues/24517 ">#24517</a>)</li>
<li><a
href="99d97bd72fhttps://redirect.github.com/astral-sh/ruff/issues/2 ">#2</a>...</li>
<li><a
href="2714e345bdhttps://redirect.github.com/astral-sh/ruff/issues/24516 ">#24516</a>)</li>
<li><a
href="d8bc700722https://redirect.github.com/astral-sh/ruff/issues/24463 ">#24463</a>)</li>
<li><a
href="a45f96d65dhttps://redirect.github.com/astral-sh/ruff/issues/24514 ">#24514</a>)</li>
<li><a
href="87a0f01cfdhttps://redirect.github.com/astral-sh/ruff/issues/24426 ">#24426</a>)</li>
<li><a
href="e9ba8489b8https://redirect.github.com/astral-sh/ruff/issues/24354 ">#24354</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.15.9...0.15.10 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 13:40:28 +01:00
dependabot[bot]
03ec7d1c06
Bump the gh-actions group across 1 directory with 2 updates ( #851 )
...
Bumps the gh-actions group with 2 updates in the / directory:
[docker/build-push-action](https://github.com/docker/build-push-action )
and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ).
Updates `docker/build-push-action` from 7.0.0 to 7.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.0</h2>
<ul>
<li>Git context <a
href="https://docs.docker.com/build/concepts/context/#url-queries ">query
format</a> support by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1505 ">docker/build-push-action#1505</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.79.0 to 0.87.0 by
<a href="https://github.com/crazy-max "><code>@crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1505 ">docker/build-push-action#1505</a></li>
<li>Bump brace-expansion from 1.1.12 to 1.1.13 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1500 ">docker/build-push-action#1500</a></li>
<li>Bump fast-xml-parser from 5.4.2 to 5.5.7 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1489 ">docker/build-push-action#1489</a></li>
<li>Bump flatted from 3.3.3 to 3.4.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1491 ">docker/build-push-action#1491</a></li>
<li>Bump glob from 10.3.12 to 10.5.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1490 ">docker/build-push-action#1490</a></li>
<li>Bump handlebars from 4.7.8 to 4.7.9 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1497 ">docker/build-push-action#1497</a></li>
<li>Bump lodash from 4.17.23 to 4.18.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1510 ">docker/build-push-action#1510</a></li>
<li>Bump picomatch from 4.0.3 to 4.0.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1496 ">docker/build-push-action#1496</a></li>
<li>Bump undici from 6.23.0 to 6.24.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1486 ">docker/build-push-action#1486</a></li>
<li>Bump vite from 7.3.1 to 7.3.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1509 ">docker/build-push-action#1509</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v7.0.0...v7.1.0 ">https://github.com/docker/build-push-action/compare/v7.0.0...v7.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bcafcacb16https://redirect.github.com/docker/build-push-action/issues/1509 ">#1509</a>
from docker/dependabot/npm_and_yarn/vite-7.3.2</li>
<li><a
href="18e62f1158https://redirect.github.com/docker/build-push-action/issues/1510 ">#1510</a>
from docker/dependabot/npm_and_yarn/lodash-4.18.1</li>
<li><a
href="46580d2c9d3f80b252caefeec9557chttps://redirect.github.com/docker/build-push-action/issues/1505 ">#1505</a>
from crazy-max/refactor-git-context</li>
<li><a
href="ddf04b08ebhttps://redirect.github.com/docker/build-push-action/issues/1511 ">#1511</a>
from docker/dependabot/github_actions/crazy-max-dot-...</li>
<li><a
href="db08d97a08ef1fb9688fhttps://redirect.github.com/docker/build-push-action/issues/1508 ">#1508</a>
from docker/dependabot/github_actions/docker/login-a...</li>
<li><a
href="2d8f2a1a37919ac7bd7dd08e5c354a...bcafcacb16https://github.com/astral-sh/setup-uv/releases ">astral-sh/setup-uv's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0 🌈 Immutable releases and secure tags</h2>
<h1>This is the first immutable release of <code>setup-uv</code> 🥳 </h1>
<p>All future releases are also immutable, if you want to know more
about what this means checkout <a
href="https://docs.github.com/en/code-security/concepts/supply-chain-security/immutable-releases ">the
docs</a>.</p>
<p>This release also has two breaking changes</p>
<h2>New format for <code>manifest-file</code></h2>
<p>The previously deprecated way of defining a custom version manifest
to control which <code>uv</code> versions are available and where to
download them from got removed. The functionality is still there but you
have to use the <a
href="https://github.com/astral-sh/setup-uv/blob/main/docs/customization.md#format ">new
format</a>.</p>
<h2>No more major and minor tags</h2>
<p>To increase <strong>security</strong> even more we will <strong>stop
publishing minor tags</strong>. You won't be able to use
<code>@v8</code> or <code>@v8.0</code> any longer. We do this because
pinning to major releases opens up users to supply chain attacks like
what happened to <a
href="https://unit42.paloaltonetworks.com/github-actions-supply-chain-attack/ ">tj-actions</a>.</p>
<blockquote>
<p>[!TIP]
Use the immutable tag as a version
<code>astral-sh/setup-uv@v8.0.0</code>
Or even better the githash
<code>astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57</code></p>
</blockquote>
<h2>🚨 Breaking changes</h2>
<ul>
<li>Remove update-major-minor-tags workflow <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/826 ">#826</a>)</li>
<li>Remove deprecrated custom manifest <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/813 ">#813</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>Shortcircuit latest version from manifest <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/828 ">#828</a>)</li>
<li>Simplify inputs.ts <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/827 ">#827</a>)</li>
<li>Bump release-drafter to v7.1.1 <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/825 ">#825</a>)</li>
<li>Refactor inputs <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/823 ">#823</a>)</li>
<li>Replace inline compile args with tsconfig <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/824 ">#824</a>)</li>
<li>chore: update known checksums for 0.11.2 @<a
href="https://github.com/apps/github-actions ">github-actions[bot]</a>
(<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/821 ">#821</a>)</li>
<li>chore: update known checksums for 0.11.1 @<a
href="https://github.com/apps/github-actions ">github-actions[bot]</a>
(<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/817 ">#817</a>)</li>
<li>chore: update known checksums for 0.11.0 @<a
href="https://github.com/apps/github-actions ">github-actions[bot]</a>
(<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/815 ">#815</a>)</li>
<li>Fix latest-version workflow check <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/812 ">#812</a>)</li>
<li>chore: update known checksums for 0.10.11/0.10.12 @<a
href="https://github.com/apps/github-actions ">github-actions[bot]</a>
(<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/811 ">#811</a>)</li>
</ul>
<h2>v7.6.0 🌈 Fetch uv from Astral's mirror by default</h2>
<h2>Changes</h2>
<p>We now default to download uv from <code>releases.astral.sh</code>.
This means by default we don't hit the GitHub API at all and shouldn't
see any rate limits and timeouts any more.</p>
<h2>🚀 Enhancements</h2>
<ul>
<li>Fetch uv from Astral's mirror by default <a
href="https://github.com/zsol "><code>@zsol</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/809 ">#809</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>Switch to ESM for source and test, use CommonJS for dist <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/806 ">#806</a>)</li>
<li>chore: update known checksums for 0.10.10 @<a
href="https://github.com/apps/github-actions ">github-actions[bot]</a>
(<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/804 ">#804</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cec208311dhttps://redirect.github.com/astral-sh/setup-uv/issues/828 ">#828</a>)</li>
<li><a
href="4dd8ab4520https://redirect.github.com/astral-sh/setup-uv/issues/827 ">#827</a>)</li>
<li><a
href="7fdbe7cf0chttps://redirect.github.com/astral-sh/setup-uv/issues/826 ">#826</a>)</li>
<li><a
href="485abd05e5https://redirect.github.com/astral-sh/setup-uv/issues/825 ">#825</a>)</li>
<li><a
href="f82eb19c06https://redirect.github.com/astral-sh/setup-uv/issues/823 ">#823</a>)</li>
<li><a
href="868d1f74d9https://redirect.github.com/astral-sh/setup-uv/issues/824 ">#824</a>)</li>
<li><a
href="447e6d02b1https://redirect.github.com/astral-sh/setup-uv/issues/821 ">#821</a>)</li>
<li><a
href="5c62c59261https://redirect.github.com/astral-sh/setup-uv/issues/817 ">#817</a>)</li>
<li><a
href="e1a7373adbhttps://redirect.github.com/astral-sh/setup-uv/issues/815 ">#815</a>)</li>
<li><a
href="89709315bbhttps://redirect.github.com/astral-sh/setup-uv/issues/813 ">#813</a>)</li>
<li>Additional commits viewable in <a
href="5a095e7a20...cec208311dsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 13:40:18 +01:00
dependabot[bot]
71ee56b7b7
Bump the npm-deps group across 1 directory with 4 updates ( #852 )
...
Bumps the npm-deps group with 4 updates in the /src/frontend directory:
[react](https://github.com/facebook/react/tree/HEAD/packages/react ),
[react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom ),
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node )
and [postcss](https://github.com/postcss/postcss ).
Updates `react` from 19.2.4 to 19.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases ">react's
releases</a>.</em></p>
<blockquote>
<h2>19.2.5 (April 8th, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Add more cycle protections (<a
href="https://redirect.github.com/facebook/react/pull/36236 ">#36236</a>
by <a href="https://github.com/eps1lon "><code>@eps1lon</code></a> and
<a
href="https://github.com/unstubbable "><code>@unstubbable</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="23f4f9f30dhttps://github.com/facebook/react/commits/v19.2.5/packages/react ">compare
view</a></li>
</ul>
</details>
<br />
Updates `react-dom` from 19.2.4 to 19.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases ">react-dom's
releases</a>.</em></p>
<blockquote>
<h2>19.2.5 (April 8th, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Add more cycle protections (<a
href="https://redirect.github.com/facebook/react/pull/36236 ">#36236</a>
by <a href="https://github.com/eps1lon "><code>@eps1lon</code></a> and
<a
href="https://github.com/unstubbable "><code>@unstubbable</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="23f4f9f30dhttps://github.com/facebook/react/commits/v19.2.5/packages/react-dom ">compare
view</a></li>
</ul>
</details>
<br />
Updates `@types/node` from 25.5.0 to 25.6.0
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node ">compare
view</a></li>
</ul>
</details>
<br />
Updates `postcss` from 8.5.8 to 8.5.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases ">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.9</h2>
<ul>
<li>Speed up source map encoding paring in case of the error.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md ">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.9</h2>
<ul>
<li>Speed up source map encoding paring in case of the error.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fe88ac29c0c55163249689a6b744066ceb8a46af02ccae6bc32c36658c7cb90600361f04d32cdc69df86cdfff082bec0dd8ehttps://github.com/postcss/postcss/compare/8.5.8...8.5.9 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 13:40:08 +01:00
Alex
e3d5bd91fc
Bump node to 24 LTS ( #853 )
2026-04-10 13:29:48 +01:00
Alex
af38540991
Group dependabot PRs ( #849 )
2026-04-10 13:07:59 +01:00
Alex
3a3a3ce449
Add new python tooling + apply ruff linter cleanup ( #845 )
...
- Adds `uv`, `ruff`, `pyright`, `vulture` and `pytest-xdist`
- Move project, lockfile, docker build etc to uv
- Align python tooling on 3.14
- Huge bulk of ruff linter fixes applied. Still in progress but all the
core types are now enforced
- Update CI and test helpers
2026-04-10 13:03:25 +01:00
Alex
ff094bed56
Fix: Orchestrator timeout and exception handling ( #832 )
...
Fixes #823
2026-04-03 09:38:58 +01:00
Alex
c1143f808a
Batch dependency updates ( #831 )
...
- github/codeql-action 3.32.6 → 4.35.1
- seleniumbase 4.47.3 → 4.47.9
- react-router-dom 7.13.1 → 7.14.0
- docker/login-action 3.7.0 → 4.1.0
- tailwindcss 4.2.1 → 4.2.2
- @tailwindcss/vite 4.2.1 → 4.2.2
- @tailwindcss/postcss 4.2.1 → 4.2.2
- actions/setup-python 5.6.0 → 6.2.0
- docker/setup-buildx-action 3.12.0 → 4.0.0
2026-04-03 09:36:31 +01:00
Alex
9bfcf828ea
Fixes: Env variable config usage, retry availability, Entrypoint permissions ( #817 )
...
- Clean up a few uses of config options that may miss the env variable
if this is set
- Add enhanced retry availability utilising the DB to persist download
errors / retries across restarts, request failures, and pass Prowlarr
detail through the download task to maintain retry data.
- Strip back entrypoint permissions for less intensive chown operations.
Fixes #796
2026-03-29 16:39:40 +01:00
Alex
678c54cba2
Fixes: Entrypoint, seedtime, request policy flow ( #805 )
...
- Added a path for rootless permissions in the entrypoint script
- Routed prowlarr searches through torznab for seedtime info
- Added additional request flow for download permissions
2026-03-25 18:34:42 +00:00
Alex
019d36b27e
Rename Booklore to Grimmory 2 ( #792 )
2026-03-21 15:48:06 +00:00
Alex
698eb07e71
Rename Booklore to Grimmory ( #791 )
2026-03-21 15:38:38 +00:00
Alex
8f949a73d5
Remove audible provider ( #778 )
2026-03-18 18:29:13 +00:00
Alex
2c6f46fc88
Combined mode follow-up ( #777 )
2026-03-18 18:27:39 +00:00
Alex
3f90c3805f
Use title+author query for whitelisted indexers ( #774 )
2026-03-16 19:52:43 +00:00
Alex
cb093f61c6
Feature: Combined book+audiobook downloads ( #773 )
...
- Adds a combined search option in the search bar selector
- Choose both a book and audiobook file in a two-step release modal, and
download both simultaneously from a single search result.
- Works for requests. Request both a book+audiobook at once, or works
seamlessly with request policies that differ between book + audiobook
(E.g. automatically download the ebook portion, while the audiobook gets
sent as a request)
- Hidden for users who have book or audiobooks blocked.
Closes #611
2026-03-16 18:34:46 +00:00
Alex
b464d62672
Fix entrypoint gosu test write ( #772 )
...
- Let gosu run the full test write
- Delete stale compose
Fixes #771 - gosu pipe broken on Proxmox LXC installs
2026-03-15 18:04:41 +00:00
Alex
f3f26488b1
Fix TS error ( #770 )
2026-03-15 10:27:03 +00:00
Alex
fec9d31c8a
Frontend improvements for Audible provider ( #769 )
...
- Added square artwork support
- Added dedicated length and narrator icons
- Added audiobook info to release and details modals
- Moved search options button to accommodate larger Audible search
fields
2026-03-15 10:17:37 +00:00
cadric
3295be82a7
Add Audible metadata provider via Audimeta ( #762 )
...
Closes #515
## Summary
This adds a new `audible` metadata provider backed by the Audimeta API.
The provider supports:
- Audible/Audimeta metadata lookup without authentication
- region selection (`us`, `ca`, `uk`, `au`, `fr`, `de`, `jp`, `it`,
`in`, `es`, `br`)
- ASIN book lookup
- ISBN lookup with fallback search
- series suggestions and series-order browsing
- richer audiobook metadata such as narrators, runtime, rating,
subtitle, cover, publisher, and series info
- configurable Audimeta base URL, timeout, cache usage, default sort,
and unreleased filtering
## Notes
A few Audimeta-specific integration details were needed:
- send a meaningful `User-Agent`, otherwise Audimeta rejects requests
with `403`
- send the `cache` parameter in the format Audimeta expects
- use `keywords` for general search instead of `query`, which gave
poor/irrelevant results for title-style
searches
## Validation
Tested locally with:
- `python -m py_compile shelfmark/metadata_providers/audible.py`
- `python -m pytest tests/metadata/test_audible.py -v`
- `python -m pytest
tests/metadata/test_metadata_provider_capabilities.py -v`
Also verified manually in a Podman test container:
- searching for `Discount Dan` returns Audible title `B0DXLXRNGG`
- book details and series metadata load correctly
## Scope
This PR intentionally keeps the change localized to the provider layer
and docs:
- new Audible provider
- provider registration
- provider docs
- generated environment variable docs
2026-03-15 10:09:24 +00:00
Alex
fff0fd07a1
Fix stale activity dismiss handling ( #768 )
...
Fixes #764
2026-03-15 10:08:45 +00:00
Alex
3f1a14843b
Update to React 19 ( #766 )
...
Supersedes the React dependabot patches
- `react`
- `react-dom`
- `@types/react`
- `@types/react-dom`
Left out Vite / tooling updates
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 18:46:56 +00:00
Alex
21a11b06b9
Dependency updates roll-up ( #765 )
...
Supersedes the dependabot PRs after testing:
- `actions/attest-build-provenance`
- `docker/build-push-action`
- `actions/checkout`
- `seleniumbase`
- `docker/metadata-action`
- `actions/setup-node`
- `python:3.14-slim`
- `@types/node`
- `postcss`
- `react-router-dom`
Left out for now:
- `node:25-alpine`
- `vite@8`
- `@vitejs/plugin-react@6`
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 18:41:02 +00:00
Alex
0d856a3ef5
CodeQL fixes ( #763 )
...
- Block SSRF in image cover proxy (validate URL scheme and reject
private IPs)
- Sanitize settings tab name to prevent path traversal
2026-03-13 17:47:34 +00:00
Alex
ebf4312174
Repo spring cleaning ( #746 )
...
- Add CI workflow (pytest + frontend typecheck/tests) on PRs
- Add CodeQL static analysis for Python and JS/TS
- Add Dependabot for pip, npm, Docker, and GitHub Actions
- Tighten workflow permissions
2026-03-13 17:09:49 +00:00
Alex
685c35d552
Hardcover list separation + Browser download fix ( #745 )
...
- Added full Hardcover reading status types into the list selector
- Split reading status entries from dedicated lists
- Added option to disable the automatic removal of books when downloaded
from a Hardcover list
- Fixed browser download not firing when the completed state was
triggered in specific cases
2026-03-13 14:33:10 +00:00
Alex
3d72f9e258
Various requested small features ( #741 )
...
- Added torrent removal option
- Pass Prowlarr seedtimes to download clients (excluding rTorrent)
- Split default release source option by content type
- Split download to browser option by content type
- Add "hide links" option
2026-03-12 17:36:07 +00:00
Alex
7f79da11e6
Activity routes logging ( #736 )
...
- Added specific logging for activity routes errors
- Fixed scrollbars
2026-03-11 19:59:12 +00:00
Alex
c59ea46540
Frontend update + Misc fixes ( #735 )
...
- Updated frontend CSS to Tailwind v4
- Reverted socket IO origin restriction
- Fixed search queries not persisting after auth redirect
- Move advanced search options to left UI selector
- Unlock IRC source to be used for audiobook content_type
- Tweaked security settings env var syncing to be prioritised
- Fix AA "all languages" query generation
- Added language-free AA query as second fallback in case of no results
- Testing moving SeleniumBase scratch files to /tmp via symlink
- Added enhanced logging for activity dismissals and other events
- Removed iFrame restrictions
2026-03-11 18:16:34 +00:00
Alex
a2a5a22324
Fix theming bug ( #722 )
2026-03-07 19:13:28 +00:00
Alex
a7db7f04e9
Hardcover tweaks ( #720 )
2026-03-07 18:16:40 +00:00
Alex
9d08bb3ef1
Expanded Hardcover list features ( #719 )
...
- Adds full interaction with Hardcover lists, including adding and
removing from lists + want to read status
- List selection exposed in search results, details modal and release
modal
- Added automatic list dropdown when selecting "list" search
- Added auto-removal of books from a list when downloading from that
specific list page
- Changed search selector to hover-activated
2026-03-07 15:33:46 +00:00
Alex
80aa289a64
Misc fixes ( #718 )
...
- Update file movement to prefer copy
- Improved mirror config overwriting on app updates
- Request / user DB hardening
2026-03-07 10:30:47 +00:00
Alex
edb437e905
Fix sorting + update readme ( #715 )
...
- Harden default sort preference use + fix series ordering use
- Update readme with contribution and project scope disclaimers
2026-03-06 17:06:20 +00:00
