When a series has no equivalent in TheTVDB used by Sonarr, a popup is displayed to select the series
on TheTVDB. The images in this popup come from artworks.thetvdb.com, which was not an authorized
domain for Next.js images.
fix#1075
* fix: use less strict validation for external URLs
Default url validation from the Yup module doesn't allow URLs like "http://custom-host", while it is
a correct value for an external URL.
fix#1068
* fix: resolve GitHub CodeQL review
* feat: improve discord notifications
Added a field in the general notification settings to allow a role to be mentioned in the webhook
message via discord notification agent
* feat: add discord role id notification - locales
* Update reverse-proxy.mdx
Fix posters not showing up when using sub-folder (at least with NPM)
* Update docs/extending-jellyseerr/reverse-proxy.mdx
Added `avatarproxy` support
Co-authored-by: Gauthier <mail@gauthierth.fr>
---------
Co-authored-by: Gauthier <mail@gauthierth.fr>
This commit improves the logging of jellyfin api. This will also fix the wrong logging of throwing
an invalid credentials when jellyfin/emby is unreachable.
re #1053
* perf: remove eager load of Blacklist entity from Media entity
Try to resolve some performance issues by removing the eager loading of Blacklist items from the
Media entity
* fix: fix ManageSlideOver for blacklist
* perf(blacklist): request data only when modal is shown
For admin users, the button to blacklist a media (used on every media card) was displaying a Modal,
that was requesting data BEFORE the modal was displayed. This resulted in dozens of additional
requests everytime media cards were displayed.
* perf(blacklist): remove useless ratelimit
This PR fix a bug when a translation message has two single quote like "message": "hello 'world'",
the extractMessages function was escaping the message correcly.
This commit adds extraction of basic authentication credentials from the URL and then pass the
credentials as the `Authorization` header. And then credentials are removed from the URL before
being passed to fetch. This is done because fetch request cannot be constructed using a URL with
credentials
fix#1027
* fix: use fs/promises for settings
This PR switches from synchronous operations with the 'fs' module to asynchronous operations with
the 'fs/promises' module. It also corrects a small error with hostname migration.
* fix: add missing merge function of default and current config
* feat: add bypass list, bypass local addresses and username/password to proxy setting
This PR adds more options to the proxy setting, like username/password authentication, bypass list
of domains and bypass local addresses. The UX is taken from *arrs.
* fix: add error handling for proxy creating
* fix: remove logs
* fix: use fs/promises for settings
This PR switches from synchronous operations with the 'fs' module to asynchronous operations with
the 'fs/promises' module. It also corrects a small error with hostname migration.
* fix: add missing merge function of default and current config
* refactor: add more logs to migration
Currently, the language profiles removed with Sonarr v4 are still available for compatibility
reasons. However, Jellyseerr still queries and displays language profiles (marking them as
“Deprecated”). This PR hides and does not query language profiles unless Sonarr v3 is used.
fix#207
* feat: add more logs to migrations and create a settings backup
* fix: avoid backup to be replaced at next startup
* fix: resolve review comments
* fix: try to fix CodeQL warnings
* fix: cache Jellyfin/Emby avatars from API
Previously, avatars were cached using image links from Jellyfin/Emby. Now, avatar images are
obtained directly from the API to avoid some configuration bugs.
* fix: update avatar on new login
* fix: rewrite avatarproxy and CachedImage
Avatar proxy was allowing every request to be proxied, no matter the original ressource's origin or
filetype. This PR fixes it be allowing only relevant resources to be cached, i.e. Jellyfin/Emby
images and TMDB images.
fix#1012, #1013
* fix: resolve CodeQL error
* fix: resolve CodeQL error
* fix: resolve review comments
* fix: resolve review comment
* fix: resolve CodeQL error
* fix: update imageproxy path
During the migration from Axios to fetch, we overlooked the fact that Axios automatically handled
CSRF tokens, while fetch does not. When CSRF protection was turned on, requests were failing with an
"invalid CSRF token" error for users accessing the app even via HTTPS. This commit
overrides fetch to ensure that the CSRF token is included in all requests.
fix#1011
Currently, we sync with sonarr/radarr with whatever value those return. Radarr/Sonarr syncs the
activity from the download clients every few minutes. This leads to inaccurate estimated download
times, because of the refresh delay with Jellyseerr and the *arrs.
This PR fixes this by making a request to the *arrs to refresh the monitored downloads just before
we get these downloads information.
re #866
The time-to-live (TTL) of cookies stored in the database was incorrect because the connect-typeorm
library takes a TTL in seconds and not milliseconds, making cookies valid for ~82 years instead of
30 days.
fix#991
* feat: allow requests managers to delete media files
* fix(i18n): add missing translations
* fix(i18n): remove french translation
* refactor: use fetch API
* fix(blacklist): add blacklist to mobile menu
The "Blacklist" menu was only available in the desktop sidebar, not in the mobile menu.
fix#979
* fix: export translations
* refactor: proxy and cache user avatar images
* fix: extract keys
* fix: set avatar image URL
* fix: show the correct avatar in the list of available users in advanced request
* fix(s): set correct src URL for cached image
* fix: remove unexpired unused image when a user changes their avatar
* fix: requested changes
* refactor: use 'mime' package to detmerine file extension
* style: grammar
* refactor: checks if the default avatar is cached to avoid creating duplicates for different users
* fix: fix vulnerability
* fix: fix incomplete URL substring sanitization
* refactor: only cache avatar with http url protocol
* fix: remove log and correctly set the if statement for the cached image component
* fix: avatar images not showing on issues page
* style: formatting
---------
Co-authored-by: JoaquinOlivero <joaquin.olivero@hotmail.com>
* feat: blacklist media items
re #490
* feat: blacklist media items
* feat: blacklist media items
* style: formatting
* refactor: close the manage slide-over when the media item is removed from the blacklist
* fix: fix media data in the db when blacklisting an item
* refactor: refactor component to accept show boolean
* refactor: hide watchlist button in the media page when it's blacklisted. Also add a blacklist button
* style: formatting
---------
Co-authored-by: JoaquinOlivero <joaquin.olivero@hotmail.com>
This fix changes the behavior of how Overseerr requests series data from Sonarr. Previously, when adding new seasons to a partially available series, Overseerr would initiate a SeriesSearch, causing Sonarr to search for all monitored seasons of the series, including those already available. This behavior is now corrected by executing a MissingEpisodeSearchCommand for the specific seriesId, which aligns with the intended behavior of only searching for and adding the newly requested seasons that are not already available.
Resolves: https://github.com/Fallenbagel/jellyseerr/issues/710
* Added the ability to set the API key with the env var API_KEY
* Adding debug statements
* Updating
* feat: adding env var for API key
* feat: update
* fix(settings/index.ts): remove a print statement that logs the API key to the console
* Update en.json
* docs: added documentation about API_KEY environment variable
* feat: add a check to ensure API key always uses env var if provided
* feat: always check the API_KEY env var at startup
* chore: add back the gitkeeps under ./config, accidentally deleted in prev commit
* chore: revert change made to docker-compose that was accidentally committed
When the email is modified in the user settings and it is already taken by someone else, a generic
message saying that something wrong happened, without saying that it is because the email is already
taken by another user. This PR adds this error message for the email.
