Seth Van Niekerk
e8e1560106
simplify component structure and improve layout responsiveness
2026-04-10 15:17:01 -04:00
Seth Van Niekerk
2573928e2a
enhance plugin installation and manifest fetching error handling with code review suggestions
2026-04-10 14:44:07 -04:00
Seth Van Niekerk
1cda7b9439
feat: plugin hub
2026-04-10 13:53:45 -04:00
SergeantPanda
192a134c04
changelog: Update changelog for python package updates/additions.
2026-04-10 12:30:58 -05:00
SergeantPanda
9b4d18bc18
Merge branch 'main' of https://github.com/Dispatcharr/Dispatcharr into dev
2026-04-10 12:26:31 -05:00
SergeantPanda
8eb22ce45a
Enhancement: Add python-gnupg to dependencies for plugin store.
Base Image Build / prepare (push) Has been cancelled
Build and Push Multi-Arch Docker Image / build-and-push (push) Has been cancelled
Base Image Build / docker (amd64, ubuntu-24.04) (push) Has been cancelled
Base Image Build / docker (arm64, ubuntu-24.04-arm) (push) Has been cancelled
Base Image Build / create-manifest (push) Has been cancelled
2026-04-10 12:24:19 -05:00
SergeantPanda
ff60005442
chore: Updated python packages.
...
- `Django` 6.0.3 → 6.0.4
- `djangorestframework` 3.16.1 → 3.17.1
- `requests` 2.33.0 → 2.33.1
- `gevent` 25.9.1 → 26.4.0
- `rapidfuzz` 3.14.3 → 3.14.5
- `sentence-transformers` 5.3.0 → 5.4.0
- `lxml` 6.0.2 → 6.0.3
2026-04-10 12:16:49 -05:00
SergeantPanda
06358a0333
Merge pull request #1190 from Dispatcharr/hardening
...
Hardening
2026-04-10 11:34:03 -05:00
SergeantPanda
c3fb9c0073
security: Fixed missing network_access_allowed checks in the VOD proxy. stream_vod, head_vod, stream_xc_movie, and stream_xc_episode were not checking the STREAMS network policy, unlike the equivalent TS proxy endpoints.
2026-04-10 11:09:27 -05:00
SergeantPanda
fa9a7868ff
security: proxy streaming endpoints (stream_ts, stream_xc, stream_vod, head_vod, stream_xc_movie, stream_xc_episode) use @permission_classes([AllowAny]) (access is controlled by the per-stream-type network allow-list inside the view body); the UserAgentViewSet, StreamProfileViewSet, CoreSettingsViewSet, and ProxySettingsViewSet gained get_permissions() methods mapping read actions to IsStandardUser and write actions to IsAdmin; and AuthViewSet.logout was updated to return [Authenticated()].
2026-04-10 10:47:50 -05:00
SergeantPanda
66ee67da30
security: Change from default of "Authenticated" to "IsAdmin"
2026-04-10 10:46:16 -05:00
SergeantPanda
289a8f48d0
security: Update frontend packages to mitigate CVE's.
2026-04-10 08:50:13 -05:00
SergeantPanda
04a684b359
security: Removed CORS_ALLOW_CREDENTIALS = True from CORS configuration. Dispatcharr authenticates via JWT Authorization headers and API keys — not cookies — so credentials are never sent cross-origin by browsers. The setting was also redundant: browsers reject Access-Control-Allow-Credentials: true when Access-Control-Allow-Origin is a wildcard (*), so it had no effect in practice.
2026-04-10 08:34:13 -05:00
SergeantPanda
b535f28ac5
security: Added rate limiting to the login endpoint (POST /api/accounts/token/) using DRF's built-in throttling. A LoginRateThrottle (3 requests/minute per IP, sliding window) is applied to the TokenObtainPairView. Repeated failed attempts from the same IP receive 429 Too Many Requests.
2026-04-09 21:46:50 -05:00
SergeantPanda
47427d4b0f
security:
...
- Set `DEFAULT_PERMISSION_CLASSES` to `Authenticated` in the DRF configuration.
- Explicitly marked the HDHomeRun discovery endpoints (`DiscoverAPIView`, `LineupAPIView`, `LineupStatusAPIView`, `HDHRDeviceXMLAPIView`) and the version endpoint with `permission_classes = [AllowAny]` to document their intentionally public access now that the global default is `Authenticated`.
2026-04-09 21:36:51 -05:00
SergeantPanda
7083c512be
security: Fixed path traversal vulnerability in file uploads. The M3U account upload (apps/m3u/api_views.py), logo upload (apps/channels/api_views.py), and backup upload (apps/backups/api_views.py) all used the uploaded filename directly without sanitization. os.path.join() discards all preceding components when it encounters an absolute path segment, and pathlib's / operator behaves identically; a relative ../ sequence also escapes via OS path resolution at open() time. All three upload paths now strip directory components via Path(name).name and validate the resolved path remains within the intended upload directory. Exploiting any of these required admin credentials.
2026-04-09 21:32:36 -05:00
SergeantPanda
08545b8c92
security: Prevented users from setting xc_password (and other admin-managed keys) on their own account via the PATCH /api/accounts/users/me/ endpoint.
2026-04-09 21:31:38 -05:00
SergeantPanda
dcefc6541c
chore(cleanup): - Removed dead VODConnectionManager class (apps/proxy/vod_proxy/connection_manager.py) and its associated helpers, which had been superseded by MultiWorkerVODConnectionManager. All active code already used the multi-worker implementation. Removed the unused VODConnectionManager import from vod_proxy/views.py, the unscheduled cleanup_vod_connections task from apps/proxy/tasks.py, and the unscheduled cleanup_vod_persistent_connections task from core/tasks.py.
...
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
Frontend Tests / test (push) Waiting to run
- Removed dead VOD URL routes: `VODPlaylistView` (playlist generation), `VODPositionView` (position tracking), and the class-based `VODStatsView` (replaced by the existing function-based `vod_stats` view).
- Removed dead `updateVODPosition()` API method from `frontend/src/api.js`, which called the now-removed position tracking endpoint.
2026-04-09 19:59:50 -05:00
SergeantPanda
7f64642003
security: Hardened the HLS proxy change_stream endpoint by converting it from a plain Django view to a DRF @api_view with @permission_classes([IsAdmin]), ensuring the endpoint actually enforces admin-only access. The previous decorator arrangement (@csrf_exempt + @permission_classes) had no effect on a plain Django view.
2026-04-09 19:58:40 -05:00
SergeantPanda
df6d821135
changelog: Update changelog for refactor PR.
2026-04-09 18:28:20 -05:00
SergeantPanda
bf409fb240
Merge pull request #1187 from nick4810:tests/frontend-unit-tests
...
Tests/frontend unit tests
2026-04-09 18:21:36 -05:00
SergeantPanda
442e2bdc0e
Remove unused starttime24_long from buildTimePlaceholders, simplified formatTime24.
2026-04-09 17:50:59 -05:00
SergeantPanda
10582a3741
Enhancement: Improved the EPG BOM fix from v0.22.1: replaced the lstrip(b'\xef\xbb\xbf') / startswith approach with start.find(b'<?xml'), which locates the XML declaration regardless of any leading bytes BOM, whitespace, or other encoding markers without needing to know what those bytes are.
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
2026-04-09 11:16:04 -05:00
Nick Sandstrom
48734727ad
Syntax formatting
2026-04-08 23:35:43 -07:00
Nick Sandstrom
067a0ce0a9
Refactored form components
2026-04-08 23:35:42 -07:00
Nick Sandstrom
14d1cc26d7
Added tests for form components
2026-04-08 23:35:42 -07:00
Nick Sandstrom
8f8a7e316e
Added utils tests
2026-04-08 23:35:42 -07:00
Nick Sandstrom
30b97c4fc5
Extracted utils
2026-04-08 23:35:42 -07:00
GitHub Actions
93a4846924
Release v0.22.1
CI Pipeline / prepare (push) Has been cancelled
Build and Push Multi-Arch Docker Image / build-and-push (push) Has been cancelled
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Has been cancelled
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Has been cancelled
CI Pipeline / create-manifest (push) Has been cancelled
2026-04-05 19:09:39 +00:00
SergeantPanda
d10599429f
Merge pull request #1184 from Dispatcharr/dev
...
Dispatcharr - v0.22.1
2026-04-05 12:07:28 -07:00
SergeantPanda
29e22d1c0e
changelog: Update for epg fix pr
2026-04-05 13:52:05 -05:00
SergeantPanda
96c3a509a2
Merge pull request #1182 from dwot/main
...
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
Fix for #1173 ErsatzTV EPG not populating / fix for UTF-8 BOM processing
2026-04-04 21:19:29 -07:00
dwot
b01ec466f1
Fix for #1173 ErsatzTV EPG not populating / fix for UTF-8 BOM processing
2026-04-04 22:15:28 -04:00
GitHub Actions
872725023b
Release v0.22.0
CI Pipeline / prepare (push) Has been cancelled
Build and Push Multi-Arch Docker Image / build-and-push (push) Has been cancelled
Frontend Tests / test (push) Has been cancelled
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Has been cancelled
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Has been cancelled
CI Pipeline / create-manifest (push) Has been cancelled
2026-04-01 02:39:44 +00:00
SergeantPanda
56ff3a78b8
Merge pull request #1162 from Dispatcharr/dev
...
Dispatcharr - v0.22.0
2026-03-31 21:38:34 -05:00
SergeantPanda
a881373e4f
Merge pull request #1161 from CodeBormen/fix/1160-modular-mtls-postgres-connection
...
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
fix: pass TLS parameters to all external connection points in modular mode
2026-03-31 19:57:39 -05:00
SergeantPanda
1d41433ddc
Fix: Ensure absolute URL is used for stream in FloatingVideo component to resolve relative URLs in WorkerGlobalScope.
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
Frontend Tests / test (push) Has been cancelled
2026-03-31 10:35:17 -05:00
SergeantPanda
6f8ca243af
fix: ensure PGSSL* environment variables are explicitly set by stripping inherited values
...
fix: use psycopg2.sql for safe database drop and create commands
fix: Also check POSTGRES_SSL is true before skipping default POSTGRES_PASSWORD
fix: update usage comment to reflect correct script path
fix: improve cleanup logic to conditionally remove certificate directory
2026-03-31 09:51:09 -05:00
None
763f42cfff
fix: pass TLS parameters to all external connection points in modular mode
...
- Add setup_pg_ssl_env() to export libpq PGSSL* env vars; all child psql/pg_dump/pg_isready commands inherit TLS automatically
- Move TLS client key permission fix before external PG connections (was running after, defeating the fix)
- Enhance key fix to trigger on ownership mismatch (root-owned 0600 key unreadable by app user)
- Extract key fix to shared script (docker/init/00-fix-pg-ssl-key.sh) sourced by both entrypoints
- Default POSTGRES_PASSWORD to empty in modular mode (cert-only auth sends no spurious password)
- Propagate TLS OPTIONS to backup pg_dump/pg_restore subprocess calls via _get_pg_env()
- Pass SSL kwargs to dropdb management command's psycopg2.connect()
- Add REDIS_SSL_PARAMS to VOD proxy Redis connections missed in original TLS PR
- Add 8-scenario TLS integration test suite (PG mTLS, Redis TLS, verify-full, key fix, Celery, regression)
- Add 6 unit tests for _get_pg_env() and dropdb TLS parameter passing
2026-03-30 20:19:27 -05:00
SergeantPanda
344ff78c79
Merge pull request #1158 from Dispatcharr/html-entity-with-lxml
...
CI Pipeline / prepare (push) Has been cancelled
Build and Push Multi-Arch Docker Image / build-and-push (push) Has been cancelled
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Has been cancelled
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Has been cancelled
CI Pipeline / create-manifest (push) Has been cancelled
Html-entity-with-lxml
2026-03-29 20:56:50 -05:00
SergeantPanda
70e229a433
Refactor HTML entity handling in XMLTV files: replace regex-based entity resolution with lxml's html.entities for improved accuracy and performance. Inject DOCTYPE declaration to ensure proper parsing of HTML entities, avoiding silent drops during recovery mode.
2026-03-29 20:43:27 -05:00
SergeantPanda
d4ecf45bc2
Bug Fix/Enhancement:
...
- EPG refresh tasks (`refresh_epg_data`) were being killed mid-transaction on large EPG sources. The `soft_time_limit=1700s` introduced in v0.21.0 raised `SoftTimeLimitExceeded`, a subclass of `Exception`, which was swallowed by the existing `except Exception` handler in `parse_programs_for_source`, leaving the database in a partial state with no logged error. The underlying cause is that the HTML entity preprocessing step added in v0.21.0 adds 2–10+ minutes on multi-gigabyte EPG files, pushing total task duration past the 1700s limit for large sources. `soft_time_limit` has been removed from `refresh_epg_data` and `time_limit` raised to 14400s (4 hours) as a true last-resort ceiling; the existing `TaskLockRenewer` daemon thread continues to renew the Redis lock every 120s for legitimately long-running tasks.
- HTML entity preprocessing (`_resolve_html_entities`) now performs a fast binary pre-scan before any file read or write. The pre-scan reads the file in 4 MB chunks without text decoding and exits immediately on the first non-XML named entity found. For EPG sources that contain no HTML entities — the common case — the full line-by-line read+rewrite pass (which takes 2–10+ minutes on a 2.5 GB file) is skipped entirely.
2026-03-29 19:51:57 -05:00
SergeantPanda
086cc74959
Bug Fix: M3U profile URL rewriting now uses the regex module instead of re across all URL transform code paths (url_utils.transform_url, core/views.py, vod_proxy/_transform_url, tasks.get_transformed_credentials, and the WebSocket live-preview handler in consumers.py). The regex module natively accepts JavaScript/PCRE-style named capture groups ((?<name>...)) without any conversion, eliminating the root cause of patterns that matched in the frontend live preview but failed on the backend with a re.error. As a further improvement, regex also supports variable-length lookbehind assertions (e.g. (?<=a+)), which re rejects with an error; patterns using these will now work correctly on the backend as well. Replace-pattern JS tokens are still normalised before calling regex.sub: $<name> → \g<name> and $1/$2/… → \1/\2/… (Python replacement syntax). Also fixed a bug in the WebSocket preview handler where a pattern error was incorrectly returning the search pattern string as the preview output instead of the original URL. ( Fixes #1005 )
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
Frontend Tests / test (push) Has been cancelled
2026-03-29 17:55:08 -05:00
SergeantPanda
9579248485
Enhancement: M3U Profile form (XC accounts): added a **Simple / Advanced** mode toggle for credential-based URL rewriting. In Simple mode users enter just a new username and password; the search and replace patterns are built automatically from the account's current credentials. In Advanced mode the full regex fields are shown as before. The selected mode is saved to custom_properties.xcMode and auto-detected on existing profiles (a profile whose search pattern matches the account's current username/password is recognised as Simple automatically). The Live Regex Demonstration panel is hidden in Simple mode.
2026-03-29 17:04:56 -05:00
SergeantPanda
698f9ff4c0
Enhancement: Add descriptions and placeholders to input fields for better user guidance
2026-03-29 16:33:08 -05:00
SergeantPanda
2e0c136796
fix: update dependency in useEffect to include sendMessage for WebSocket handling
2026-03-29 16:22:44 -05:00
SergeantPanda
121199de9c
refactor: remove unused playlist store imports and update Text component to use 'div' as the component type
2026-03-29 16:20:04 -05:00
SergeantPanda
6d06422ddd
Enhancement: client_connect and client_disconnect system events now include the **username** of the connected user. The username is stored alongside the client metadata in Redis and included in the event payload for log_system_event calls (making it available to webhook and script integrations).
2026-03-29 16:06:14 -05:00
SergeantPanda
1d3cd5fd75
tests: Update floating video test.
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
Frontend Tests / test (push) Waiting to run
2026-03-28 18:14:25 -05:00
SergeantPanda
f00d1fe63c
Bug Fix/Enhancement:
...
- Web UI stream preview (`FloatingVideo`) was calling `mpegts.createPlayer()` with all `Config` options (e.g. `enableWorker`, `liveSync`, `headers`) merged into the first `MediaDataSource` argument. mpegts.js only reads `Config` from the optional second argument; unrecognised fields in the first are silently ignored. As a result all player configuration was effectively the library defaults — worker offloading was disabled, latency management had no effect, and the `Authorization: Bearer` header (required for user identification) was never sent. Fixed by splitting into the correct two-argument call. Both `liveBufferLatencyChasing` and `liveSync` have been disabled, eliminating playback-rate fluctuations that caused audible stuttering on live streams. SourceBuffer cleanup thresholds were also relaxed from 10s/5s to 120s/60s to prevent frequent SourceBuffer pauses.
- Web UI stream preview now sends an `Authorization: Bearer` header with each mpegts.js request, identifying the logged-in user. Live channel previews initiated from the web UI now appear on the Stats page with the correct username rather than as unknown user.
2026-03-28 18:04:11 -05:00