* Initial plan
* feat(ci): Add secret scanning with secretlint to pre-commit hooks
- Install secretlint and @secretlint/secretlint-rule-preset-recommend
- Configure secretlint with .secretlintrc.json
- Add secretlint to lint-staged configuration
- Update CONTRIBUTING.md to document secret scanning
- Resolves#55
Co-authored-by: cheir-mneme <176430037+cheir-mneme@users.noreply.github.com>
* feat(privacy): Disable telemetry and analytics by default
- Set SentryEnabled to false by default in SentryTarget
- Update English localization to clarify error reporting is opt-in
- Update README with detailed privacy information
- Machine fingerprinting already removed (returns "anonymous")
- Piwik analytics already removed
- AnalyticsEnabled defaults to false in config
This ensures no telemetry is sent without explicit user consent.
Resolves#8
Co-authored-by: cheir-mneme <176430037+cheir-mneme@users.noreply.github.com>
* refactor: Address code review feedback for pre-commit and telemetry changes
- Optimize secretlint to only scan relevant file types (not all files)
- Add ignoreFiles configuration to secretlint to exclude build artifacts
- Clarify comment in SentryTarget about reconfiguration location
Co-authored-by: cheir-mneme <176430037+cheir-mneme@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: cheir-mneme <176430037+cheir-mneme@users.noreply.github.com>
PerlRegexFactory: static Regex field should be readonly to
prevent accidental reassignment.
Closes#36
Co-authored-by: admin <admin@ardentleatherworks.com>
Convert blocking GetAwaiter().GetResult() to proper await pattern
in the API controller method.
Partial fix for #32
Co-authored-by: admin <admin@ardentleatherworks.com>
Add guard clauses to prevent InvalidOperationException when
movieFiles list is empty in bulk update/delete operations
Co-authored-by: admin <admin@ardentleatherworks.com>
Replace .Single() with .SingleOrDefault() when reading Config element
from XML to prevent InvalidOperationException on malformed config files
Co-authored-by: admin <admin@ardentleatherworks.com>
- FileStationProxy: throw if no file info returned from API
- NzbVortex: return outputPath if no files in response
- RTorrent: use FirstOrDefault() for validation errors
Prevents InvalidOperationException on empty collections
Co-authored-by: admin <admin@ardentleatherworks.com>
- MoreInfo: point to Aletheia GitHub instead of Radarr resources
- UpdateChanges: link issue numbers to Aletheia repo
- Add "Upstream" translation key for Radarr reference link
Closes#53
Co-authored-by: admin <admin@ardentleatherworks.com>
* fix: SonarCloud null safety and struct comparison issues
- OsPath.cs: Remove ReferenceEquals checks on struct (always false)
- SkyHookProxy.cs: Add null-conditional operators for Credits.Cast/Crew
* fix: remaining React index-as-key issues and backend null safety
Frontend:
- Fix 8 remaining index-as-key violations using content-based keys
- ImportMovieSelectFolder.js: use errorMessage as key
- ImportMovieFooter.js: use errorMessage as key
- CustomFormat.js: use item.name as key
- AddSpecificationItem.js: use preset.name as key
- QualityProfileItems.js: use message as key
- QualityProfileFormatItems.js: use message as key
Backend (cherry-picked from batch-3):
- OsPath.cs: Remove ReferenceEquals on struct
- SkyHookProxy.cs: Add null-conditional for Credits
* refactor(notifications): consolidate GetPosterUrl to base class
* docs: add architectural decisions log
* fix(sonar): enable path traversal suppressions for media management app
---------
Co-authored-by: admin <admin@ardentleatherworks.com>
- ManagedHttpDispatcher: Dispose quickFailCts and linkedTokenSource in finally block
- CommandExecutor: Dispose _cancellationTokenSource on shutdown
- Scheduler: Dispose _cancellationTokenSource on shutdown
- IntegrationTestBase: Store CTS as field and dispose in TearDown
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Convert _semaphore.Wait() to async pattern with WaitAsync()
to prevent thread blocking during image resizing operations.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Bug-001: Add null check for SingleOrDefault() in TorrentRssParser
- Bug-006: Replace generic Exception with PathCombinationException in OsPath
- Bug-006: Replace generic Exception with NotSupportedException in IMDbListRequestGenerator
Add SanitizeForLog() extension method to prevent log forging attacks
by replacing control characters (newlines, etc.) with spaces. Applied
across 30 files that log user-controlled data like paths, titles,
URLs, and usernames.
Fixes CodeQL log-forging alerts.
Replace 40+ individual if statements with dictionary-based lookup.
Extract helper methods for keyword, case-sensitive regex, and
case-insensitive regex language detection. Original method reduced
from ~400 lines to ~17 lines while preserving all behavior.
