mirror of
https://github.com/wizarrrr/wizarr.git
synced 2026-06-11 15:24:58 -04:00
498886c06a
Security: - Fix XSS in HTMX responses by replacing f-string HTML with Jinja partials - Fix TLS verify_cert not being applied (add Tls config to ldap3 Server) - Fix password_hash NOT NULL conflict for LDAP-only admin accounts - Fix should_create_ldap_user defaulting to True for existing invitations Correctness: - Fix DN reconstruction fragility using escape_rdn for special characters - Fix connection leaks with try/finally in all LDAPClient methods - Fix sync interval logic (check FLASK_ENV not WIZARR_ENABLE_SCHEDULER) - Only register LDAP sync job when LDAP is actually configured - Make find_user_dn and service_connection public API methods Cleanup: - Squash 5 incremental LDAP migrations into single 20251226_add_ldap_support - Remove duplicate imports/queries in auth routes - Replace f-string logging with %s formatting - Extract inline HTML to Jinja template partials