Conversation
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…sy, logout cache, CI perms - database: escape %/_ on SELECT-side LIKE (poster_cache, media_cache) and delete_poster (posters.py) via the repo's esc() + ESCAPE - posters.py: guard poster optimize from overwriting a different pre-existing file - plex_metadata.py: don't negative-cache a transient Plex-DB-copy failure - InputBase.jsx: value ?? '' so a legitimate 0 renders (0-is-falsy) - AuthContext.jsx: clear the apiCore GET cache on logout - stale.yml / repo-events.yml: least-privilege permissions blocks
…ache test) scan_bundles legitimately caches a Metadata-dir walk even when the Plex DB copy is None (test_plex_metadata_scan_job_warms_cache pins this); my change skipped that cache. Reverting to keep CI green — the transient-DB-failure negative-cache needs a dedicated fix that distinguishes a transient copy failure from a genuine no-DB scan and updates the test. Other 7 audit fixes stay.
…iled When the Plex DB copy fails (locked/unwritable) but posters exist on disk, the scan has no in-use data and flags every poster as deletable bloat with a blank title. Caching that for the 5-min TTL let the in-use-unguarded per-variant delete remove active custom artwork. Now returns an unavailable result and skips the cache when db_path is None AND posters are present; an empty Metadata tree can't misclassify anything so it still caches. Regression test added. Refines the earlier reverted change (which over-broadly skipped caching for an empty tree and broke the cache-warming test).
…lim image - branch-isolation-guard now runs on every ref (no job-level if) and no-ops on non-main-bound refs, so it is a satisfiable needs: dependency. Add it to the needs of docker-validate, docker-push, and notify-failure — a develop-only extension leaking to main now blocks (and reports) the publish instead of racing it. - Add pyproject.toml, requirements-*.txt, Makefile and compose.yaml to both CI path filters so config/dependency-only PRs still run the gate. - Drop the builder's npm-ci frontend/node_modules from the runtime image (.dockerignore only filters the host context, not --from=builder) and fix the misleading comment.
Extensions that serve <img>/SSE endpoints need their routes on AuthMiddleware's scope="stream" token allowlist, but STREAM_PATH_PREFIXES is a core (main) file with no extension seam. Add a generic stream_prefixes() manifest hook + the extension_stream_prefixes() aggregate, and have AuthMiddleware merge it into the allowlist. No-op on main (no manifests); lets a develop-only extension serve token-proxied images without hardcoding its prefix in core.
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…f9d (#303) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The delete-local endpoint already authorizes by realpath-membership against gdrive_list, so the deleted path was never arbitrary — but it passed the request-derived realpath (req_real) to shutil.rmtree, which CodeQL flags as py/path-injection and which reuses a path resolved several lines earlier. Delete the matched CONFIGURED location's realpath instead: identical value by the membership match, but a trusted source, re-resolved immediately before the rmtree. Clears the two py/path-injection alerts and tightens the destructive op.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Automated back-merge of
mainintodevelop. Sync direction is main -> develop and shared files are byte-identical, so this should merge cleanly. Review and merge to bring main's changes (releases, fixes, dependency bumps) onto develop. Opened by the sync-develop workflow.