netfelix-audio-fix

felixfoertsch/netfelix-audio-fix

Fork 0

Commit Graph

Author	SHA1	Message	Date
felixfoertsch	1de5b8a89e	address audit findings: subtitle rescan decisions, scan limit, parseId, setup gate Build and Push Docker Image / build (push) Successful in 1m30s Details worked through AUDIT.md. triage: - finding 2 (subtitle rescan wipes decisions): confirmed. /:id/rescan now snapshots custom_titles and calls reanalyze() after the stream delete/ insert, mirroring the review rescan flow. exported reanalyze + titleKey from review.ts so both routes share the logic. - finding 3 (scan limit accepts NaN/negatives): confirmed. extracted parseScanLimit into a pure helper, added unit tests covering NaN, negatives, floats, infinity, numeric strings. invalid input 400s and releases the scan_running lock. - finding 4 (parseId lenient): confirmed. tightened the regex to /^\d+$/ so "42abc", "abc42", "+42", "42.0" all return null. rewrote the test that codified the old lossy behaviour. - finding 5 (setup_complete set before jellyfin test passes): confirmed. the /jellyfin endpoint still persists url+key unconditionally, but now only flips setup_complete=1 on a successful connection test. - finding 6 (swallowed errors): partial. the mqtt restart and version- fetch swallows are intentional best-effort with downstream surfaces (getMqttStatus, UI fallback). only the scan.ts db-update swallow was a real visibility gap — logs via logError now. - finding 1 (auth): left as-is. redacting secrets on GET without auth on POST is security theater; real fix is an auth layer, which is a design decision not a bugfix. audit removed from the tree. - lint fail on ffmpeg.test.ts: formatted. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-14 17:41:36 +02:00
felixfoertsch	4f1433437b	dedupe pending jobs to stop rapid-fire approvals from spawning ghost ffmpeg runs Build and Push Docker Image / build (push) Successful in 1m35s Details root cause: all five job-insert sites in review.ts blindly inserted a 'pending' row, so a double-click on approve (or an overlap between /approve-all and individual /approve) wrote N jobs for the same item. job 1 stripped subtitles + reordered audio; jobs 2..N then ran the same stale stream-index command against the already-processed file and ffmpeg bailed with 'Stream map matches no streams'. fix: funnel every insert through enqueueAudioJob(), which only writes when no pending job already exists for that item. covers approve, retry, approve-all, season approve-all, series approve-all.	2026-04-14 07:36:15 +02:00

Author

SHA1

Message

Date

felixfoertsch

1de5b8a89e

address audit findings: subtitle rescan decisions, scan limit, parseId, setup gate

Build and Push Docker Image / build (push) Successful in 1m30s

Details

worked through AUDIT.md. triage:
- finding 2 (subtitle rescan wipes decisions): confirmed. /:id/rescan now
  snapshots custom_titles and calls reanalyze() after the stream delete/
  insert, mirroring the review rescan flow. exported reanalyze + titleKey
  from review.ts so both routes share the logic.
- finding 3 (scan limit accepts NaN/negatives): confirmed. extracted
  parseScanLimit into a pure helper, added unit tests covering NaN,
  negatives, floats, infinity, numeric strings. invalid input 400s and
  releases the scan_running lock.
- finding 4 (parseId lenient): confirmed. tightened the regex to /^\d+$/
  so "42abc", "abc42", "+42", "42.0" all return null. rewrote the test
  that codified the old lossy behaviour.
- finding 5 (setup_complete set before jellyfin test passes): confirmed.
  the /jellyfin endpoint still persists url+key unconditionally, but now
  only flips setup_complete=1 on a successful connection test.
- finding 6 (swallowed errors): partial. the mqtt restart and version-
  fetch swallows are intentional best-effort with downstream surfaces
  (getMqttStatus, UI fallback). only the scan.ts db-update swallow was
  a real visibility gap — logs via logError now.
- finding 1 (auth): left as-is. redacting secrets on GET without auth
  on POST is security theater; real fix is an auth layer, which is a
  design decision not a bugfix. audit removed from the tree.
- lint fail on ffmpeg.test.ts: formatted.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-14 17:41:36 +02:00

felixfoertsch

4f1433437b

dedupe pending jobs to stop rapid-fire approvals from spawning ghost ffmpeg runs

Build and Push Docker Image / build (push) Successful in 1m35s

Details

root cause: all five job-insert sites in review.ts blindly inserted a
'pending' row, so a double-click on approve (or an overlap between
/approve-all and individual /approve) wrote N jobs for the same item.
job 1 stripped subtitles + reordered audio; jobs 2..N then ran the
same stale stream-index command against the already-processed file
and ffmpeg bailed with 'Stream map matches no streams'.

fix: funnel every insert through enqueueAudioJob(), which only writes
when no pending job already exists for that item. covers approve,
retry, approve-all, season approve-all, series approve-all.

2026-04-14 07:36:15 +02:00

2 Commits