Merge remote-tracking branch 'origin/develop' into audio

2026-05-09 05:05:29 +02:00 · 2026-04-28 18:13:07 -07:00 · 2026-04-28 18:13:07 -07:00 · 1a6d23a622
commit 1a6d23a622
parent 0068eb3a31 5f5eab24de
29 changed files with 503 additions and 617 deletions
--- a/.github/workflows/build-compiler.yml
+++ b/.github/workflows/build-compiler.yml
@ -4,7 +4,7 @@ on:
  workflow_dispatch:

 env:
-  COMPILER_IMAGE: ghcr.io/stashapp/compiler:13
+  COMPILER_IMAGE: ghcr.io/stashapp/compiler:14

 jobs:
  build-compiler:
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -15,7 +15,7 @@ concurrency:
  cancel-in-progress: true

 env:
-  COMPILER_IMAGE: ghcr.io/stashapp/compiler:13
+  COMPILER_IMAGE: ghcr.io/stashapp/compiler:14

 jobs:
  # Job 1: Generate code and build UI
@ -30,6 +30,8 @@ jobs:
        fetch-tags: true
    - name: Setup Go
      uses: actions/setup-go@v6
+      with:
+        go-version-file: 'go.mod'

    # pnpm version is read from the packageManager field in package.json
    # very broken (4.3, 4.4)
--- a/.github/workflows/golangci-lint.yml
+++ b/.github/workflows/golangci-lint.yml
@ -17,6 +17,8 @@ jobs:
      # no tags or depth needed for lint
      - uses: actions/checkout@v6
      - uses: actions/setup-go@v6
+        with:
+          go-version-file: 'go.mod'

      # generate-backend runs natively (just go generate + touch-ui) — no Docker needed
      - name: Generate Backend
@ -25,4 +27,6 @@ jobs:
      ## WARN
      ## using v1, update in a later PR
      - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@v6
+        uses: golangci/golangci-lint-action@v8
+        with:
+          version: v2.11.4
--- a/.golangci.yml
+++ b/.golangci.yml
@ -1,87 +1,100 @@
-# options for analysis running
-run:
-  timeout: 5m
-
+version: "2"
 linters:
-  disable-all: true
+  default: none
  enable:
-    # Default set of linters from golangci-lint
-    - errcheck
-    - gosimple
-    - govet
-    - ineffassign
-    - staticcheck
-    - typecheck
-    - unused
-    # Linters added by the stash project.
-    # - contextcheck
    - copyloopvar
    - dogsled
+    - errcheck
    - errchkjson
    - errorlint
-    # - exhaustive
    - gocritic
-    # - goerr113
-    - gofmt
-    # - gomnd
-    # - ifshort
+    - govet
+    - ineffassign
    - misspell
-    # - nakedret
-    - noctx
+    
+    # TODO - fix these in a later PR
+    # - noctx
+    
    - revive
    - rowserrcheck
    - sqlclosecheck
-
-# Project-specific linter overrides
-linters-settings:
-  gofmt:
-    simplify: false
-
-  errorlint:
-    # Disable errorf because there are false positives, where you don't want to wrap
-    #  an error.
-    errorf: false
-    asserts: true
-    comparison: true
-
-  revive:
-    ignore-generated-header: true
-    severity: error
-    confidence: 0.8
-    rules:
-      - name: blank-imports
-        disabled: true
-      - name: context-as-argument
-      - name: context-keys-type
-      - name: dot-imports
-      - name: error-return
-      - name: error-strings
-      - name: error-naming
-      - name: exported
-        disabled: true
-      - name: if-return
-        disabled: true
-      - name: increment-decrement
-      - name: var-naming
-        disabled: true
-      - name: var-declaration
-      - name: package-comments
-      - name: range
-      - name: receiver-naming
-      - name: time-naming
-      - name: unexported-return
-        disabled: true
-      - name: indent-error-flow
-        disabled: true
-      - name: errorf
-      - name: empty-block
-        disabled: true
-      - name: superfluous-else
-      - name: unused-parameter
-        disabled: true
-      - name: unreachable-code
-      - name: redefines-builtin-id
-
-  rowserrcheck:
-    packages:
-      - github.com/jmoiron/sqlx
+    - staticcheck
+    - unused
+  
+  settings:
+    staticcheck:
+      checks:
+        - all
+        
+        # we specify (unnecessary) embedded fields for clarity in many places
+        - -QF1008 
+        
+        # there's lots of misnamed (eg intId instead of intID) fields in the code.
+        # it's not exactly world-ending, so I'm deferring fixing these for now
+        - -ST1003 
+    errorlint:
+      errorf: false
+      asserts: true
+      comparison: true
+    revive:
+      confidence: 0.8
+      severity: error
+      rules:
+        - name: blank-imports
+          disabled: true
+        - name: context-as-argument
+        - name: context-keys-type
+        - name: dot-imports
+        - name: error-return
+        - name: error-strings
+        - name: error-naming
+        - name: exported
+          disabled: true
+        - name: if-return
+          disabled: true
+        - name: increment-decrement
+        - name: var-naming
+          disabled: true
+        - name: var-declaration
+        - name: package-comments
+        - name: range
+        - name: receiver-naming
+        - name: time-naming
+        - name: unexported-return
+          disabled: true
+        - name: indent-error-flow
+          disabled: true
+        - name: errorf
+        - name: empty-block
+          disabled: true
+        - name: superfluous-else
+        - name: unused-parameter
+          disabled: true
+        - name: unreachable-code
+        - name: redefines-builtin-id
+    rowserrcheck:
+      packages:
+        - github.com/jmoiron/sqlx
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  enable:
+    - gofmt
+  settings:
+    gofmt:
+      simplify: false
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
--- a/README.md
+++ b/README.md
@ -36,7 +36,8 @@ Step-by-step instructions are available at [docs.stashapp.cc/installation](https
 > **macOS Users**
 >
 > As of version 0.29.0, Stash requires _macOS 11 Big Sur_ or later.  
-> Stash can still be run through docker on older versions of macOS.
+> As of version 0.32.0, Stash requires _macOS 12 Monterey_ or later.  
+> Stash can still be run through Docker on older versions of macOS.

 <img src="docs/readme_assets/windows_logo.svg" width="100%" height="75"> Windows | <img src="docs/readme_assets/mac_logo.svg" width="100%" height="75"> macOS | <img src="docs/readme_assets/linux_logo.svg" width="100%" height="75"> Linux | <img src="docs/readme_assets/docker_logo.svg" width="100%" height="75"> Docker
 :---:|:---:|:---:|:---:
--- a/cmd/stash/main.go
+++ b/cmd/stash/main.go
@ -148,7 +148,7 @@ func recoverPanic() {
 		exitCode = 1
 		logger.Errorf("panic: %v\n%s", err, debug.Stack())
 		if desktop.IsDesktop() {
-			desktop.FatalError(fmt.Errorf("Panic: %v", err))
+			desktop.FatalError(fmt.Errorf("panic: %v", err))
 		}
 	}
 }
--- a/docker/compiler/Dockerfile
+++ b/docker/compiler/Dockerfile
@ -5,14 +5,14 @@ WORKDIR /tmp/osxcross
 ARG OSXCROSS_REVISION=5e1b71fcceb23952f3229995edca1b6231525b5b
 ADD --checksum=sha256:d3f771bbc20612fea577b18a71be3af2eb5ad2dd44624196cf55de866d008647 https://codeload.github.com/tpoechtrager/osxcross/tar.gz/${OSXCROSS_REVISION} /tmp/osxcross.tar.gz

-ARG OSX_SDK_VERSION=11.3
+ARG OSX_SDK_VERSION=12.3
 ARG OSX_SDK_DOWNLOAD_FILE=MacOSX${OSX_SDK_VERSION}.sdk.tar.xz
-ARG OSX_SDK_DOWNLOAD_URL=https://github.com/phracker/MacOSX-SDKs/releases/download/${OSX_SDK_VERSION}/${OSX_SDK_DOWNLOAD_FILE}
-ADD --checksum=sha256:cd4f08a75577145b8f05245a2975f7c81401d75e9535dcffbb879ee1deefcbf4 ${OSX_SDK_DOWNLOAD_URL} /tmp/osxcross/tarballs/${OSX_SDK_DOWNLOAD_FILE}
+ARG OSX_SDK_DOWNLOAD_URL=https://github.com/joseluisq/macosx-sdks/releases/download/${OSX_SDK_VERSION}/${OSX_SDK_DOWNLOAD_FILE}
+ADD --checksum=sha256:3abd261ceb483c44295a6623fdffe5d44fc4ac2c872526576ec5ab5ad0f6e26c ${OSX_SDK_DOWNLOAD_URL} /tmp/osxcross/tarballs/${OSX_SDK_DOWNLOAD_FILE}

 ENV UNATTENDED=yes \
    SDK_VERSION=${OSX_SDK_VERSION} \
-    OSX_VERSION_MIN=10.10
+    OSX_VERSION_MIN=12.0
 RUN apt update && \
  apt install -y --no-install-recommends \
  bash ca-certificates clang cmake git patch libssl-dev bzip2 cpio libbz2-dev libxml2-dev make python3 xz-utils zlib1g-dev
@ -46,7 +46,7 @@ RUN cd /opt/cross-freebsd/usr/lib && \
    ln -s libc++.so libstdc++.so

 ### BUILDER
-FROM golang:1.24.3 AS builder
+FROM golang:1.25.9 AS builder
 ENV PATH=/opt/osx-ndk-x86/bin:$PATH

 # copy in nodejs instead of using nodesource :thumbsup:
--- a/docker/compiler/Makefile
+++ b/docker/compiler/Makefile
@ -1,7 +1,7 @@
 host=ghcr.io
 user=stashapp
 repo=compiler
-version=13
+version=14

 VERSION_IMAGE = ${host}/${user}/${repo}:${version}
 LATEST_IMAGE = ${host}/${user}/${repo}:latest
--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module github.com/stashapp/stash

-go 1.24.3
+go 1.25.0

 require (
 	github.com/99designs/gqlgen v0.17.73
@ -56,12 +56,12 @@ require (
 	github.com/vektra/mockery/v2 v2.10.0
 	github.com/xWTF/chardet v0.0.0-20230208095535-c780f2ac244e
 	github.com/zencoder/go-dash/v3 v3.0.2
-	golang.org/x/crypto v0.45.0
-	golang.org/x/image v0.18.0
-	golang.org/x/net v0.47.0
-	golang.org/x/sys v0.38.0
-	golang.org/x/term v0.37.0
-	golang.org/x/text v0.31.0
+	golang.org/x/crypto v0.48.0
+	golang.org/x/image v0.38.0
+	golang.org/x/net v0.50.0
+	golang.org/x/sys v0.41.0
+	golang.org/x/term v0.40.0
+	golang.org/x/text v0.35.0
 	golang.org/x/time v0.10.0
 	gopkg.in/guregu/null.v4 v4.0.0
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
@ -70,7 +70,7 @@ require (

 require (
 	github.com/agnivade/levenshtein v1.2.1 // indirect
-	github.com/antchfx/xpath v1.3.5 // indirect
+	github.com/antchfx/xpath v1.3.6 // indirect
 	github.com/asticode/go-astikit v0.20.0 // indirect
 	github.com/asticode/go-astits v1.8.0 // indirect
 	github.com/chromedp/sysutil v1.1.0 // indirect
@ -121,9 +121,9 @@ require (
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.yaml.in/yaml/v3 v3.0.3 // indirect
-	golang.org/x/mod v0.29.0 // indirect
-	golang.org/x/sync v0.18.0 // indirect
-	golang.org/x/tools v0.38.0 // indirect
+	golang.org/x/mod v0.33.0 // indirect
+	golang.org/x/sync v0.20.0 // indirect
+	golang.org/x/tools v0.42.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -87,8 +87,9 @@ github.com/andybalholm/cascadia v1.3.3 h1:AG2YHrzJIm4BZ19iwJ/DAua6Btl3IwJX+VI4kk
 github.com/andybalholm/cascadia v1.3.3/go.mod h1:xNd9bqTn98Ln4DwST8/nG+H0yuB8Hmgu1YHNnWw0GeA=
 github.com/antchfx/htmlquery v1.3.5 h1:aYthDDClnG2a2xePf6tys/UyyM/kRcsFRm+ifhFKoU0=
 github.com/antchfx/htmlquery v1.3.5/go.mod h1:5oyIPIa3ovYGtLqMPNjBF2Uf25NPCKsMjCnQ8lvjaoA=
-github.com/antchfx/xpath v1.3.5 h1:PqbXLC3TkfeZyakF5eeh3NTWEbYl4VHNVeufANzDbKQ=
 github.com/antchfx/xpath v1.3.5/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs=
+github.com/antchfx/xpath v1.3.6 h1:s0y+ElRRtTQdfHP609qFu0+c6bglDv20pqOViQjjdPI=
+github.com/antchfx/xpath v1.3.6/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
@ -187,8 +188,6 @@ github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/feederbox826/gosx-notifier v0.2.1 h1:47FdsdfVQUOkAlHdp9qevviVaGnNT152uMcgY91MiGs=
-github.com/feederbox826/gosx-notifier v0.2.1/go.mod h1:R6rqw7VuwuiCuvsr7EOONmWq++CRA5Ijmkmx75/C3Fs=
 github.com/feederbox826/gosx-notifier v0.2.2 h1:26NkaJZ8Wzptx82R46c9pkVAcFwGSU7kxWrOKmRWlC0=
 github.com/feederbox826/gosx-notifier v0.2.2/go.mod h1:R6rqw7VuwuiCuvsr7EOONmWq++CRA5Ijmkmx75/C3Fs=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
@ -669,8 +668,8 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
-golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
+golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -684,8 +683,8 @@ golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMk
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ=
-golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
+golang.org/x/image v0.38.0 h1:5l+q+Y9JDC7mBOMjo4/aPhMDcxEptsX+Tt3GgRQRPuE=
+golang.org/x/image v0.38.0/go.mod h1:/3f6vaXC+6CEanU4KJxbcUZyEePbyKbaLoDOe4ehFYY=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@ -716,8 +715,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
-golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
+golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
+golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -772,8 +771,8 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=
+golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@ -808,8 +807,8 @@ golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
+golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@ -896,8 +895,8 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
+golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@ -907,8 +906,8 @@ golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
-golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
-golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
+golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg=
+golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -925,8 +924,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8=
+golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@ -994,8 +993,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
-golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
+golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/internal/api/check_version.go
+++ b/internal/api/check_version.go
@ -148,12 +148,12 @@ func makeGithubRequest(ctx context.Context, url string, output interface{}) erro
 	response, err := client.Do(req)

 	if err != nil {
-		//lint:ignore ST1005 Github is a proper capitalized noun
+		//nolint:staticcheck // ST1005 Github is a proper capitalized noun
 		return fmt.Errorf("Github API request failed: %w", err)
 	}

 	if response.StatusCode != http.StatusOK {
-		//lint:ignore ST1005 Github is a proper capitalized noun
+		//nolint:staticcheck // ST1005 Github is a proper capitalized noun
 		return fmt.Errorf("Github API request failed: %s", response.Status)
 	}

@ -161,7 +161,7 @@ func makeGithubRequest(ctx context.Context, url string, output interface{}) erro

 	data, err := io.ReadAll(response.Body)
 	if err != nil {
-		//lint:ignore ST1005 Github is a proper capitalized noun
+		//nolint:staticcheck // ST1005 Github is a proper capitalized noun
 		return fmt.Errorf("Github API read response failed: %w", err)
 	}

@ -295,10 +295,10 @@ func printLatestVersion(ctx context.Context) {
 		logger.Errorf("Couldn't retrieve latest version: %v", err)
 	} else {
 		_, githash, _ := build.Version()
-		switch {
-		case githash == "":
+		switch githash {
+		case "":
 			logger.Infof("Latest version: %s (%s)", latestRelease.Version, latestRelease.ShortHash)
-		case githash == latestRelease.ShortHash:
+		case latestRelease.ShortHash:
 			logger.Infof("Version %s (%s) is already the latest released", latestRelease.Version, latestRelease.ShortHash)
 		default:
 			logger.Infof("New version available: %s (%s)", latestRelease.Version, latestRelease.ShortHash)
--- a/internal/api/resolver_mutation_package.go
+++ b/internal/api/resolver_mutation_package.go
@ -12,9 +12,10 @@ import (
 func refreshPackageType(typeArg PackageType) {
 	mgr := manager.GetInstance()

-	if typeArg == PackageTypePlugin {
+	switch typeArg {
+	case PackageTypePlugin:
 		mgr.RefreshPluginCache()
-	} else if typeArg == PackageTypeScraper {
+	case PackageTypeScraper:
 		mgr.RefreshScraperCache()
 	}
 }
--- a/internal/api/resolver_mutation_performer.go
+++ b/internal/api/resolver_mutation_performer.go
@ -654,7 +654,7 @@ func (r *mutationResolver) PerformerMerge(ctx context.Context, input PerformerMe
 		}
 		legacyURLs := legacyPerformerURLsFromInput(*input.Values, translator)
 		if legacyURLs.AnySet() {
-			return nil, errors.New("Merging legacy performer URLs is not supported")
+			return nil, errors.New("merging legacy performer URLs is not supported")
 		}

 		if input.Values.Image != nil {
--- a/internal/identify/options.go
+++ b/internal/identify/options.go
@ -33,8 +33,10 @@ type MetadataOptions struct {
 	SetCoverImage *bool `json:"setCoverImage"`
 	SetOrganized  *bool `json:"setOrganized"`
 	// defaults to true if not provided
+
 	// Deprecated: use PerformerGenders instead
 	IncludeMalePerformers *bool `json:"includeMalePerformers"`
+
 	// Filter to only include performers with these genders. If not provided, all genders are included.
 	PerformerGenders []models.GenderEnum `json:"performerGenders"`
 	// defaults to true if not provided
--- a/internal/manager/checksum.go
+++ b/internal/manager/checksum.go
@ -22,7 +22,8 @@ type SceneMissingHashCounter interface {
 // will ensure that all oshash values are set on all scenes.
 func ValidateVideoFileNamingAlgorithm(ctx context.Context, qb SceneMissingHashCounter, newValue models.HashAlgorithm) error {
 	// if algorithm is being set to MD5, then all checksums must be present
-	if newValue == models.HashAlgorithmMd5 {
+	switch newValue {
+	case models.HashAlgorithmMd5:
 		missingMD5, err := qb.CountMissingChecksum(ctx)
 		if err != nil {
 			return err
@ -31,7 +32,7 @@ func ValidateVideoFileNamingAlgorithm(ctx context.Context, qb SceneMissingHashCo
 		if missingMD5 > 0 {
 			return errors.New("some checksums are missing on scenes. Run Scan with calculateMD5 set to true")
 		}
-	} else if newValue == models.HashAlgorithmOshash {
+	case models.HashAlgorithmOshash:
 		missingOSHash, err := qb.CountMissingOSHash(ctx)
 		if err != nil {
 			return err
--- a/internal/manager/generator_interactive_heatmap_speed.go
+++ b/internal/manager/generator_interactive_heatmap_speed.go
@ -408,7 +408,7 @@ func ConvertFunscriptToCSV(funscriptPath string) ([]byte, error) {
 		}

 		// I don't know whether the csv format requires int or float, so for now we'll use int
-		buffer.WriteString(fmt.Sprintf("%d,%d\r\n", int(math.Round(action.At)), pos))
+		fmt.Fprintf(&buffer, "%d,%d\r\n", int(math.Round(action.At)), pos)
 	}
 	return buffer.Bytes(), nil
 }
--- a/internal/manager/import.go
+++ b/internal/manager/import.go
@ -76,9 +76,10 @@ func performImport(ctx context.Context, i importer, duplicateBehaviour ImportDup
 	var id int

 	if existing != nil {
-		if duplicateBehaviour == ImportDuplicateEnumFail {
+		switch duplicateBehaviour {
+		case ImportDuplicateEnumFail:
 			return fmt.Errorf("existing object with name '%s'", name)
-		} else if duplicateBehaviour == ImportDuplicateEnumIgnore {
+		case ImportDuplicateEnumIgnore:
 			logger.Infof("Skipping existing object %q", name)
 			return nil
 		}
--- a/internal/manager/task_optimise.go
+++ b/internal/manager/task_optimise.go
@ -35,7 +35,7 @@ func (j *OptimiseDatabaseJob) Execute(ctx context.Context, progress *job.Progres
 		return nil
 	}
 	if err != nil {
-		return fmt.Errorf("Error analyzing database: %w", err)
+		return fmt.Errorf("error analyzing database: %w", err)
 	}

 	progress.ExecuteTask("Vacuuming database", func() {
--- a/internal/manager/task_plugin.go
+++ b/internal/manager/task_plugin.go
@ -20,12 +20,12 @@ func (s *Manager) RunPluginTask(
 		pluginProgress := make(chan float64)
 		task, err := s.PluginCache.CreateTask(ctx, pluginID, taskName, args, pluginProgress)
 		if err != nil {
-			return fmt.Errorf("Error creating plugin task: %w", err)
+			return fmt.Errorf("error creating plugin task: %w", err)
 		}

 		err = task.Start()
 		if err != nil {
-			return fmt.Errorf("Error running plugin task: %w", err)
+			return fmt.Errorf("error running plugin task: %w", err)
 		}

 		done := make(chan bool)
--- a/pkg/ffmpeg/codec_hardware.go
+++ b/pkg/ffmpeg/codec_hardware.go
@ -45,13 +45,13 @@ func (f *FFMpeg) InitHWSupport(ctx context.Context) {

 	// log if the initialization takes too long
 	const hwInitLogTimeoutSecondsDefault = 5
-	hwInitLogTimeoutSeconds := hwInitLogTimeoutSecondsDefault * time.Second
-	timer := time.NewTimer(hwInitLogTimeoutSeconds)
+	hwInitLogTimeout := hwInitLogTimeoutSecondsDefault * time.Second
+	timer := time.NewTimer(hwInitLogTimeout)

 	go func() {
 		select {
 		case <-timer.C:
-			logger.Warnf("[InitHWSupport] Hardware codec initialization is taking longer than %s...", hwInitLogTimeoutSeconds)
+			logger.Warnf("[InitHWSupport] Hardware codec initialization is taking longer than %s...", hwInitLogTimeout)
 			logger.Info("[InitHWSupport] Hardware encoding will not be available until initialization is complete.")
 		case <-done:
 			if !timer.Stop() {
@ -96,16 +96,16 @@ func (f *FFMpeg) initHWSupport(ctx context.Context) {

 		// #6064 - add timeout to context to prevent hangs
 		const hwTestTimeoutSecondsDefault = 10
-		hwTestTimeoutSeconds := hwTestTimeoutSecondsDefault * time.Second
+		hwTestTimeout := hwTestTimeoutSecondsDefault * time.Second

 		// allow timeout to be overridden with environment variable
 		if timeout := os.Getenv("STASH_HW_TEST_TIMEOUT"); timeout != "" {
 			if seconds, err := strconv.Atoi(timeout); err == nil {
-				hwTestTimeoutSeconds = time.Duration(seconds) * time.Second
+				hwTestTimeout = time.Duration(seconds) * time.Second
 			}
 		}

-		testCtx, cancel := context.WithTimeout(ctx, hwTestTimeoutSeconds)
+		testCtx, cancel := context.WithTimeout(ctx, hwTestTimeout)
 		defer cancel()

 		cmd := f.Command(testCtx, args)
@ -117,7 +117,7 @@ func (f *FFMpeg) initHWSupport(ctx context.Context) {

 		if err := cmd.Run(); err != nil {
 			if testCtx.Err() != nil {
-				logger.Debugf("[InitHWSupport] Codec %s test timed out after %s", codec, hwTestTimeoutSeconds)
+				logger.Debugf("[InitHWSupport] Codec %s test timed out after %s", codec, hwTestTimeout)
 				continue
 			}

--- a/pkg/file/stashignore.go
+++ b/pkg/file/stashignore.go
@ -142,6 +142,8 @@ func (f *StashIgnoreFilter) collectIgnoreEntries(dir string, libraryRoot string)
 	current := dir
 	for {
 		// Check if we're still within the library root.
+		// nolint:staticcheck // QF1006 - we could make this the for condition
+		// but I don't think it improves readability
 		if !isPathInOrEqual(libraryRoot, current) {
 			break
 		}
--- a/pkg/image/scan.go
+++ b/pkg/image/scan.go
@ -69,19 +69,19 @@ type ScanHandler struct {

 func (h *ScanHandler) validate() error {
 	if h.CreatorUpdater == nil {
-		return errors.New("CreatorUpdater is required")
+		return errors.New("internal error: CreatorUpdater is required")
 	}
 	if h.ScanGenerator == nil {
-		return errors.New("ScanGenerator is required")
+		return errors.New("internal error: ScanGenerator is required")
 	}
 	if h.GalleryFinder == nil {
-		return errors.New("GalleryFinder is required")
+		return errors.New("internal error: GalleryFinder is required")
 	}
 	if h.ScanConfig == nil {
-		return errors.New("ScanConfig is required")
+		return errors.New("internal error: ScanConfig is required")
 	}
 	if h.Paths == nil {
-		return errors.New("Paths is required")
+		return errors.New("internal error: Paths is required")
 	}

 	return nil
@ -375,13 +375,13 @@ func (h *ScanHandler) getOrCreateGallery(ctx context.Context, f models.File) (*m
 	if _, err := os.Stat(filepath.Join(folderPath, ".forcegallery")); err == nil {
 		forceGallery = true
 	} else if !errors.Is(err, os.ErrNotExist) {
-		return nil, fmt.Errorf("Could not test Path %s: %w", folderPath, err)
+		return nil, fmt.Errorf("could not test Path %s: %w", folderPath, err)
 	}
 	exemptGallery := false
 	if _, err := os.Stat(filepath.Join(folderPath, ".nogallery")); err == nil {
 		exemptGallery = true
 	} else if !errors.Is(err, os.ErrNotExist) {
-		return nil, fmt.Errorf("Could not test Path %s: %w", folderPath, err)
+		return nil, fmt.Errorf("could not test Path %s: %w", folderPath, err)
 	}

 	if forceGallery || (h.ScanConfig.GetCreateGalleriesFromFolders() && !exemptGallery) {
--- a/pkg/job/job.go
+++ b/pkg/job/job.go
@ -97,9 +97,10 @@ func (j *Job) TimeElapsed() time.Duration {
 }

 func (j *Job) cancel() {
-	if j.Status == StatusReady {
+	switch j.Status {
+	case StatusReady:
 		j.Status = StatusCancelled
-	} else if j.Status == StatusRunning {
+	case StatusRunning:
 		j.Status = StatusStopping
 	}

--- a/pkg/scene/generate/preview.go
+++ b/pkg/scene/generate/preview.go
@ -232,7 +232,7 @@ func (g Generator) generateConcatFile(chunkFiles []string) (fn string, err error
 	for _, f := range chunkFiles {
 		// files in concat file should be relative to concat
 		relFile := filepath.Base(f)
-		if _, err := w.WriteString(fmt.Sprintf("file '%s'\n", relFile)); err != nil {
+		if _, err := fmt.Fprintf(w, "file '%s'\n", relFile); err != nil {
 			return concatFile.Name(), fmt.Errorf("writing concat file: %w", err)
 		}
 	}
--- a/pkg/scene/scan.go
+++ b/pkg/scene/scan.go
@ -57,19 +57,19 @@ type ScanHandler struct {

 func (h *ScanHandler) validate() error {
 	if h.CreatorUpdater == nil {
-		return errors.New("CreatorUpdater is required")
+		return errors.New("internal error: CreatorUpdater is required")
 	}
 	if h.ScanGenerator == nil {
-		return errors.New("ScanGenerator is required")
+		return errors.New("internal error: ScanGenerator is required")
 	}
 	if h.CaptionUpdater == nil {
-		return errors.New("CaptionUpdater is required")
+		return errors.New("internal error: CaptionUpdater is required")
 	}
 	if !h.FileNamingAlgorithm.IsValid() {
-		return errors.New("FileNamingAlgorithm is required")
+		return errors.New("internal error: FileNamingAlgorithm is required")
 	}
 	if h.Paths == nil {
-		return errors.New("Paths is required")
+		return errors.New("internal error: Paths is required")
 	}

 	return nil
--- a/pkg/sqlite/record.go
+++ b/pkg/sqlite/record.go
@ -93,7 +93,7 @@ func (r *updateRecord) setTimestamp(destField string, v models.OptionalTime) {
 	}
 }

-//nolint:golint,unused
+//nolint:unused
 func (r *updateRecord) setNullTimestamp(destField string, v models.OptionalTime) {
 	if v.Set {
 		r.set(destField, NullTimestampFromTimePtr(v.Ptr()))
--- a/ui/v2.5/package.json
+++ b/ui/v2.5/package.json
@ -54,7 +54,7 @@
    "graphql-ws": "^5.14.3",
    "i18n-iso-countries": "^7.14.0",
    "localforage": "^1.10.0",
-    "lodash-es": "^4.17.23",
+    "lodash-es": "^4.18.1",
    "moment": "^2.30.1",
    "mousetrap": "^1.6.5",
    "mousetrap-pause": "^1.0.0",
@ -129,7 +129,7 @@
    "terser": "^5.46.1",
    "ts-node": "~10.9.2",
    "typescript": "~5.9.3",
-    "vite": "^7.3.1",
+    "vite": "^7.3.2",
    "vite-plugin-compression": "^0.5.1",
    "vite-tsconfig-paths": "^6.1.1"
  }
--- a/ui/v2.5/pnpm-lock.yaml
+++ b/ui/v2.5/pnpm-lock.yaml
--- a/ui/v2.5/pnpm-workspace.yaml
+++ b/ui/v2.5/pnpm-workspace.yaml
@ -2,3 +2,7 @@ onlyBuiltDependencies:
  - '@parcel/watcher'
  - core-js
  - esbuild
+overrides:
+  "yaml@1.10.2": "~1.10.3"
+  "brace-expansion@1.1.12": "~1.1.13"
+  "@xmldom/xmldom@0.8.12": "~0.8.13"