Backup_Repos/Radarr
1
0
Fork 0
mirror of https://github.com/Radarr/Radarr synced 2026-01-24 00:13:43 +01:00
Code Issues Projects Releases Wiki Activity
13455 commits 42 branches 258 tags 385 MiB
Commit graph

13455 commits

This branch
This branch
All branches
Author SHA1 Message Date
admin
809dfdafab Suppress S5145 log injection false positive in editorconfig 2025-12-18 21:15:30 -06:00
admin
c674213d5f Exclude SonarCloud S5145 false positive log injection warnings 2025-12-18 21:08:44 -06:00
admin
fd2f703f52 Exclude additional CodeQL false positives for single-user app 2025-12-18 21:00:20 -06:00
admin
607f9f78b4 Update CodeQL config to exclude path-injection and use security-extended 2025-12-18 20:49:12 -06:00
admin
a01460aaa8 Trigger CI after disabling default CodeQL 2025-12-18 20:39:15 -06:00
admin
13089c8656 Fix CodeQL qlpack.yml - add library: true 2025-12-18 20:32:06 -06:00
admin
adced83df6 Add custom CodeQL config to exclude log-forging false positives 2025-12-18 20:27:33 -06:00
admin
1190d218af Add log sanitization for CodeQL log forging alerts 2025-12-18 20:17:42 -06:00
admin
b1f50bae97 Fix deadlock risk in ReleasePushController with async SemaphoreSlim 2025-12-18 20:02:15 -06:00
admin
2b19ec07ff fix: resolve technical debt and npm vulnerabilities 
NPM Security (0 vulnerabilities remaining):
- Add yarn resolutions for cross-spawn, brace-expansion, color-string, glob, postcss

Bug fixes:
- Bug-002: Use FirstOrDefault with null check (DownloadStationTaskProxyV2)
- Bug-007: Fix inverted exception logic for magnet fallback (TorrentClientBase)
- Bug-008: Fix stale closure using ref (MovieSearchInput)
- Bug-009: Fix Number.Number.parseInt typos across 50+ files
- Bug-010: Add regex timeout and Compiled flag (RegexReplace)
- Bug-011: Add null checks for XML queries (ConfigFileProvider)
- Bug-012: Remove empty touch handler (MovieDetails)
- Bug-013: Use Path.GetFileName for safer check (InstallUpdateService)
- Bug-014: Return Ok instead of Accepted for sync PUT (MovieController)
- Bug-016: Fix double bracket typo in log message (InstallUpdateService)
- Bug-017: Add console.warn to catch block (MovieTagInput)
- Bug-018: Remove stray debug console.log (SignalRConnector)
- Bug-019: Document disabled regex with ReDoS justification (Parser)
 2025-12-18 19:54:02 -06:00
admin
5c51367bec fix(security): sanitize user-controlled strings in log statements 
Add SanitizeForLog() extension method to prevent log forging attacks
by replacing control characters (newlines, etc.) with spaces. Applied
across 30 files that log user-controlled data like paths, titles,
URLs, and usernames.

Fixes CodeQL log-forging alerts.
 2025-12-18 17:17:02 -06:00
admin
4f74e2aa1d docs: remove tech debt tracking from repo (moved to wrapper) 2025-12-18 16:51:17 -06:00
admin
59bb2cf4be docs: add comprehensive technical debt tracking 2025-12-18 16:49:27 -06:00
admin
3202b6bfe8 ci: remove sonarcloud workflow (conflicts with automatic analysis) 2025-12-18 16:47:49 -06:00
admin
9c0e11b40b refactor: remove redundant boolean literals (S1125) 
Replace == false with negation operator, remove == true comparisons
 2025-12-18 16:31:05 -06:00
admin
9526078d16 refactor: use Number.parseInt/parseFloat/isNaN (S7773) 
Use Number static methods instead of global functions for better
clarity and consistency.
 2025-12-18 16:19:34 -06:00
admin
021fd9b55e perf: use char overloads for StartsWith/EndsWith (S6610) 
Use single character overloads instead of single-character string
overloads for better performance.
 2025-12-18 16:17:37 -06:00
admin
6b67a1672c refactor: seal non-derived private classes (S3260) 
63 private nested classes marked as sealed since they have no derived classes.
 2025-12-18 16:05:31 -06:00
admin
b5bcb14d75 refactor: make methods static where instance data not used (S2325) 
~243 methods converted to static where they don't access instance data.
Fixed call sites that needed to use type name instead of instance.
 2025-12-18 16:02:13 -06:00
admin
aa748bfaa6 refactor: reduce LanguageParser cognitive complexity 
Replace 40+ individual if statements with dictionary-based lookup.
Extract helper methods for keyword, case-sensitive regex, and
case-insensitive regex language detection. Original method reduced
from ~400 lines to ~17 lines while preserving all behavior.
 2025-12-18 15:48:31 -06:00
admin
6a4fb133b5 refactor: reduce MyAnonamouseParser cognitive complexity 
Extract helper methods for author parsing, title flags, and freeleech
detection to simplify the main ParseResponse loop.

Addresses #30
 2025-12-18 15:43:56 -06:00
admin
c9c3948af6 refactor(ui): extract PosterDateRow to reduce MovieIndexPoster complexity 
Extract repetitive date display logic into PosterDateRow component.
Reduces cognitive complexity from 30 to ~20 by consolidating 4 similar
conditional blocks into reusable component calls.
 2025-12-18 15:38:29 -06:00
admin
9de2f9a168 refactor: replace ApplicationException with domain-specific exceptions 
Create custom exception classes:
- InvalidDatabaseSchemaException for migration errors
- ServiceInstallationException for service install failures
- DataRetrievalException for repository query mismatches
- InvalidRequestException for HTTP request validation
- InvalidHeaderException for HTTP header validation

Resolves SonarCloud S3988 (ApplicationException usage).
 2025-12-18 15:37:21 -06:00
admin
1b42fe1e25 fix: mark React component props as Readonly 
Bulk update to make all component props immutable at the type level.
This prevents accidental prop mutation and improves type safety.

Resolves ~50 SonarCloud code smells.
 2025-12-18 15:31:40 -06:00
Cody Kickertz
1bfa716745
Merge pull request #29 from cheir-mneme/feature/indexer-management 
feat: Sprint 3 - Multi-media indexer support
 2025-12-18 15:13:59 -06:00
admin
f7a196dec6 fix: add timeout to regex for DoS prevention 2025-12-18 15:02:41 -06:00
admin
fb6e131d68 fix: address code review findings 
- Fix Torznab default definition protocol (Usenet -> Torrent)
- Add try-catch around JSON deserialization in MAM parser
- Add logging for author info parse failures
- Add null check for JSON response
 2025-12-18 14:51:22 -06:00
admin
2045f39037 feat(ui): add media type badge to poster view 2025-12-18 14:42:42 -06:00
admin
bd6f7ece9c feat(indexer): enable book and audiobook support in Newznab/Torznab 2025-12-18 14:37:01 -06:00
admin
2bf1fe4367 feat(indexer): add MyAnonamouse indexer for books and audiobooks 2025-12-18 14:34:50 -06:00
Cody Kickertz
0d48db980e
Merge pull request #27 from cheir-mneme/fix/remove-super-linter 
ci: remove super-linter workflow
 2025-12-18 14:22:37 -06:00
admin
6328e72c96 Merge remote-tracking branch 'origin/develop' into feature/indexer-management 2025-12-18 14:22:33 -06:00
Cody Kickertz
62c388c294
Merge pull request #26 from cheir-mneme/fix/cla-branding 
docs: update CLA to reference Aletheia
 2025-12-18 14:22:25 -06:00
Cody Kickertz
8bd8902a79
Merge pull request #25 from cheir-mneme/dependabot/nuget/src/NzbDrone.Common/nuget-aac1d960c1 
Bump the nuget group with 1 update
 2025-12-18 14:16:18 -06:00
Cody Kickertz
0ca49a2288
Merge pull request #23 from cheir-mneme/dependabot/github_actions/dessant/label-actions-5 
ci(deps): bump dessant/label-actions from 3 to 5
 2025-12-18 14:16:05 -06:00
Cody Kickertz
fe6fdb3bf4
Merge pull request #22 from cheir-mneme/dependabot/github_actions/codecov/codecov-action-5 
ci(deps): bump codecov/codecov-action from 4 to 5
 2025-12-18 14:15:38 -06:00
admin
5d143f8f98 ci: remove super-linter workflow 
Linting covered by existing tools:
- C#: StyleCop during build
- GitHub Actions: CodeQL
- Frontend: eslint in package.json
 2025-12-18 14:14:40 -06:00
Cody Kickertz
95c6244f8f
Merge pull request #21 from cheir-mneme/dependabot/github_actions/actions/cache-5 
ci(deps): bump actions/cache from 4 to 5
 2025-12-18 14:14:30 -06:00
Cody Kickertz
c46ea17745
Merge pull request #20 from cheir-mneme/dependabot/github_actions/actions/checkout-6 
ci(deps): bump actions/checkout from 4 to 6
 2025-12-18 14:13:49 -06:00
admin
1f75442436 docs: update CLA to reference Aletheia 2025-12-18 14:10:59 -06:00
dependabot[bot]
f5bee00f7c
Bump the nuget group with 1 update 
Bumps System.Private.Uri from 4.3.0 to 4.3.2

---
updated-dependencies:
- dependency-name: System.Private.Uri
  dependency-version: 4.3.2
  dependency-type: direct:production
  dependency-group: nuget
- dependency-name: System.Private.Uri
  dependency-version: 4.3.2
  dependency-type: direct:production
  dependency-group: nuget
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-18 20:00:46 +00:00
dependabot[bot]
59c18967cc
ci(deps): bump dessant/label-actions from 3 to 5 
Bumps [dessant/label-actions](https://github.com/dessant/label-actions) from 3 to 5.
- [Release notes](https://github.com/dessant/label-actions/releases)
- [Changelog](https://github.com/dessant/label-actions/blob/main/CHANGELOG.md)
- [Commits](https://github.com/dessant/label-actions/compare/v3...v5)

---
updated-dependencies:
- dependency-name: dessant/label-actions
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-18 19:57:10 +00:00
dependabot[bot]
16aef7e900
ci(deps): bump codecov/codecov-action from 4 to 5 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4 to 5.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-18 19:57:07 +00:00
dependabot[bot]
f483306517
ci(deps): bump actions/cache from 4 to 5 
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-18 19:57:03 +00:00
dependabot[bot]
ff176f6c2e
ci(deps): bump actions/checkout from 4 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-18 19:56:59 +00:00
Cody Kickertz
aad9030ac3
Merge pull request #19 from cheir-mneme/fix/ci-workflow-configs 
ci: fix workflow configs and add Dependabot
 2025-12-18 13:56:13 -06:00
admin
d2da953d27 fix(ci): disable checkov and github_actions linters in super-linter 2025-12-18 13:46:50 -06:00
admin
1119dfaf56 fix(ci): use exclusion-only config for super-linter 2025-12-18 13:42:17 -06:00
admin
f7098a3a49 fix(ci): use filesystem scan instead of image scan for Trivy 2025-12-18 13:39:07 -06:00
admin
4fe3c5f483 fix(ci): correct Dockerfile path and skip SonarCloud when token missing 2025-12-18 13:37:45 -06:00