- Introduced @layer directive to ensure base styles have lower priority
than Tailwind utilities.
- Organized CSS resets for box-sizing, figures, headings, paragraphs,
and unordered lists under a single @layer base block for improved
maintainability.
These changes streamline the CSS structure and enhance compatibility
with Tailwind CSS utilities.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- Style
- Wrapped core resets in a base style layer, adjusting cascade with
utility classes.
- Applied global box-sizing within the base layer.
- Consolidated heading and paragraph resets into the layer.
- Added a reset for unordered lists to remove default bullets and
padding.
- Retained the logo figure reset within the layer.
- Updated formatting and header comments to reflect the layering
approach.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Updated the getKeyFile function to catch ENOENT errors when the
specified key file does not exist, returning an empty string instead of
throwing an error.
- Added new tests to verify the behavior of getKeyFile when the key file
is missing and when it exists, ensuring robust error handling and
correct functionality.
These changes improve the reliability of the key file retrieval process
in the application.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- None
- Bug Fixes
- Prevents errors when the key file is missing by returning an empty
value instead of failing, while preserving existing behaviors in other
states.
- Tests
- Refactored tests to use a mocked filesystem with better isolation.
- Added scenarios for missing key files and correctly decoded keys.
- Improved assertions for clearer, deterministic outcomes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
- Introduced a new UnraidToaster component for displaying notifications
with customizable positions.
- Updated the DialogClose component to use a span element for better
semantic structure.
- Enhanced CSS for the sonner component to ensure proper layout and
styling.
These changes improve user feedback through notifications and refine the
dialog close button's implementation.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a toaster notifications component with configurable screen
position, rich colors, and a close button; programmatic and legacy
mounting helpers exposed.
* **Style**
* Updated toast close-button spacing and min-width behavior.
* Simplified dialog close-button rendering and removed redundant style
resets.
* Reduced SSO provider icon size and added SSO button font-size tokens.
* **Tests**
* Added unit tests covering component mounting and global exports.
* **Chores**
* Deployment now performs broader remote cleanup before syncing.
* **Chores**
* Type declarations and tsconfig updated for global mount/utility
typings.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- Bug Fixes
- SSO/OIDC provider changes now take effect immediately by clearing
caches on updates, deletes, and settings changes.
- Updating a provider’s issuer no longer requires an API restart.
- Tests
- Added extensive test coverage for OIDC config caching, including
per‑provider and global invalidation and manual/automatic configuration
paths.
- Chores
- Updated internal module wiring to resolve circular dependencies; no
user-facing changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Adjusted the positioning of the UserProfile component to be absolute, ensuring it aligns correctly within its parent container.
- Modified the clean-unraid.sh script to remove the entire components directory instead of just the standalone apps directory, enhancing cleanup efficiency.
- Added a cleanup step in deploy-dev.sh to clear the remote standalone directory before deployment, ensuring a fresh setup.
These changes improve the layout of the UserProfile component and streamline the deployment process by ensuring no residual files remain.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Version command now supports JSON output via a -j/--json flag,
returning version, build (when available), and a combined value. Default
human-readable output remains unchanged.
* **Tests**
* Added comprehensive tests for version command behavior across
human-readable and JSON modes, including scenarios with and without
build metadata.
* **Chores**
* Bumped API configuration version from 4.18.1 to 4.18.2.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Renamed test case to clarify that the component should mount even when the element is hidden.
- Adjusted assertions to ensure that hidden elements can still mount successfully without triggering warnings.
This change enhances the clarity and reliability of the test suite for the vue-mount-app component.
- Improved validation logic for mounted elements to ensure stable DOM connections and prevent manipulation issues.
- Added cleanup step to clear existing unraid-components directory before installation, ensuring a clean setup.
This update aims to enhance the reliability of component mounting and reduce potential UI issues.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* Bug Fixes
* Prevents duplicate modal instances and remounts, improving stability
across pages.
* Improves auto-mount reliability with better DOM validation and
recovery from mount errors.
* Enhances cleanup during unmounts to avoid residual artifacts and
intermittent UI issues.
* More robust handling of shadow DOM and problematic DOM structures,
reducing crashes.
* Style
* Adds extra top margin to the OS version controls for improved spacing.
* Tests
* Introduces a comprehensive test suite covering mounting, unmounting,
error recovery, i18n, and global state behaviors.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Standalone web bundle with auto-mount utilities and a self-contained
test page.
* New responsive modal components for consistent mobile/desktop dialogs.
* Header actions to copy OS/API versions.
* **Improvements**
* Refreshed UI styles (muted borders), accessibility and animation
refinements.
* Theming updates and Tailwind v4–aligned, component-scoped styles.
* Runtime GraphQL endpoint override and CSRF header support.
* **Bug Fixes**
* Safer network fetching and improved manifest/asset loading with
duplicate protection.
* **Tests/Chores**
* Parallel plugin tests, new extractor test suite, and updated
build/test scripts.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Addresses user complaints about light colored notifications in dark
themes.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Introduced type-specific toast color tokens (success, info, warning,
error) for richer, clearer toast styling.
- Applied consistent theming across light, inverted, and dark modes to
improve readability and contrast.
- Enabled compatibility with rich color settings for toasts.
- Bug Fixes
- Corrected a CSS comment block to ensure styles compile and apply
reliably.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Updated the OIDC issuer URL validation to prevent trailing slashes and
whitespace.
- Introduced a utility class `OidcUrlPatterns` for managing URL patterns
and validation logic.
- Added comprehensive tests for the new URL validation logic and
examples to ensure correctness.
- Bumped version to 4.18.1 in the configuration file.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Added strict validation for OIDC issuer URLs in the SSO configuration
form, with clearer guidance to avoid trailing slashes.
- Bug Fixes
- Prevented misconfiguration by rejecting issuer URLs with trailing
slashes (e.g., Google issuer), avoiding double slashes in discovery
URLs.
- Tests
- Introduced comprehensive unit tests covering issuer URL validation,
patterns, and real-world scenarios to ensure reliability.
- Chores
- Bumped version to 4.18.1.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- CPU load metrics now include guest runtime and hypervisor steal time
percentages, exposed as additional fields in CPU load responses
(per‑CPU).
- Tests
- Added comprehensive unit tests for CPU info and load generation,
including edge cases and validation of the new guest and steal metrics.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Replaced the token used for triggering workflows in the build-plugin.yml file from WORKFLOW_TRIGGER_PAT to UNRAID_BOT_GITHUB_ADMIN_TOKEN for improved security and access control.
Override the pm2 daemon's emission of `logs/unraid-api-{out,error}.log`,
which is a duplicate of the stdout appended to
`/var/log/graphql-api.log`.
Correctly implements the sane interpretation of what the `log_file`
configuration does.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Improved process logging by separating standard output and error
streams while supporting merged logs when multiple sources are present.
* Enhances log clarity and troubleshooting without changing application
behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Updated `getRedirectUri` method in `OidcAuthService` to handle various
edge cases for redirect URIs, including full URIs, malformed URLs, and
default ports.
- Added comprehensive tests for `OidcAuthService` to validate redirect
URI construction and error handling.
- Modified `RestController` to utilize `redirect_uri` query parameter
for authorization requests.
- Updated frontend components to include `redirect_uri` in authorization
URLs, ensuring correct handling of different protocols and ports.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Stronger OIDC redirect_uri validation and an admin GraphQL endpoint to
view full OIDC configuration.
* OIDC Debug Logs UI (panel, button, modal), enhanced log viewer with
presets/filters, ANSI-colored rendering, and a File Viewer component.
* New GraphQL queries to list and fetch config files; API Config
Download page.
* **Refactor**
* Centralized, modular OIDC flows and safer redirect handling;
topic-based log subscriptions with a watcher manager for scalable live
logs.
* **Documentation**
* Cache TTL guidance clarified to use milliseconds.
* **Chores**
* Added ansi_up and escape-html deps; improved log formatting; added
root codegen script.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Fullscreen dialogs now use dedicated open/close animations for
smoother transitions.
- UX
- Added a “Loading Notifications...” message while notifications are
being fetched.
- Style
- Standardized Tailwind utility class ordering across numerous
components for consistent styling; no functional or visual changes
expected.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Resolve#1614
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Start and Restart commands accept a validated --log-level option (now
includes "fatal"); chosen level is applied to the running/restarted
service and defaults to the LOG_LEVEL environment value when set.
* **Documentation**
* CLI docs updated to list the --log-level option and allowed levels
(including fatal), show LOG_LEVEL as an environment-variable
alternative, and include usage examples.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- CLI now prompts for roles/permissions only when not provided.
- Bug Fixes
- Existing API keys are detected by name during overwrite checks.
- Invalid role inputs are filtered out with clear warnings.
- Refactor
- Centralized role parsing/validation with improved error messages.
- CLI create flow prompts only when minimum info is missing and uses a
sensible default description.
- Tests
- Added comprehensive unit tests for role parsing and CLI flows (create,
retrieve, overwrite).
- Chores
- Updated API configuration version to 4.17.0.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
represent the target server's status instead of whether it's connected to Mothership.
Resolves#1627
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- Bug Fixes
- Ensures the local server is handled consistently as a single server
across views; list views show it as a single-item list when applicable.
- Server status now reliably displays as Online for the local server.
- Documentation
- Added a clearer description for the server status field in the API
schema to improve tooltips and autogenerated docs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- Style
- Unified toast colors with theme variables for consistent light/dark
theming.
- Refined close button colors, borders, and hover state for improved
contrast and clarity.
- Updated loading bar color to better align with muted text tones.
- Visual-only updates; no behavioral changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[prettier-plugin-tailwindcss](https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss)
| devDependencies | pin | [`^0.6.14` ->
`0.6.14`](https://renovatebot.com/diffs/npm/prettier-plugin-tailwindcss/0.6.14/0.6.14)
|
Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/unraid/api).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS44Mi43IiwidXBkYXRlZEluVmVyIjoiNDEuODIuNyIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated code formatting tools to include support for Tailwind
CSS-specific formatting.
* Adjusted code formatting issue reporting from errors to warnings for a
smoother development experience.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: mdatelle <mike@datelle.net>
Co-authored-by: Eli Bosley <ekbosley@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- None.
- Bug Fixes
- Improved reliability of API key updates and clearer errors when keys
are missing or data is invalid.
- More robust initialization to prevent intermittent failures during API
key operations.
- Refactor
- Simplified API key management by unifying lookup flows and adopting
consistent async handling.
- Tests
- Expanded coverage for error scenarios and strengthened test setup for
initialization and file-read issues.
- Chores
- Minor formatting cleanups.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Removed the OnModuleInit interface and its associated initialization logic from DockerService. This change streamlines the service by eliminating unnecessary complexity related to module initialization, while maintaining core functionality.
Remove the confusing API keys that were auto-generated for the CLI &
Connect. Instead, support authentication via a custom `local-session`
header.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Local-session authentication for internal/CLI requests
(x-local-session) with generation, validation, on-disk persistence, and
lifecycle init.
* Internal client gains multi-strategy auth (local session, cookie, or
API key), supports subscriptions/origin, and can be cleared/recreated.
* **Security**
* Embedded development API keys removed from the repository.
* **Refactor**
* Canonical internal client introduced; consumers migrated from legacy
CLI key services.
* **Tests / Chores**
* Tests, env, and gitignore updated for local-session and
canonical-client changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Pujit Mehrotra <pujit@lime-technology.com>
Share names live as section headers in `emhttp/state/shares.ini`.
However, periods in ini section headers typically denote nested
hierarchy. This behavior is disabled in unraid's php setup, but cannot
be disabled/configured in the api's current ini parser.
So, we perform post-processing to reconcile nested objects into dot
notation.
Known issue: trailing and leading periods will not be treated as
distinct from shares without them.
i.e. `.share.name.` will conflict with `share.name`, `.share.name`, or
`share.name.`. The last of the conflicting names will be used/exposed.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Support shares with periods and emoji in their names across parsing
and listings.
- Bug Fixes
- Fixed configuration parsing for section names containing periods to
ensure affected shares load and display correctly.
- Standardized reporting of encryption status for all shares.
- Tests
- Expanded coverage to validate parsing and retrieval of shares with
special characters (periods and emoji), ensuring consistent behavior
across modules.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* API Key Authorization flow with consent screen, callback support, and
a Tools page.
* Schema-driven API Key creation UI with permission presets, templates,
and Developer Authorization Link.
* Effective Permissions preview and a new multi-select permission
control.
* **UI Improvements**
* Mask/toggle API keys, copy-to-clipboard with toasts, improved select
labels, new label styles, tab wrapping, and accordionized color
controls.
* **Documentation**
* Public guide for the API Key authorization flow and scopes added.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This change removes the line that sources `/etc/profile` from the
`rc.unraid-api` script. This is done to prevent unexpected side effects
and improve the script's isolation.
Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Responds with a ParityCheck:
```ts
type ParityCheck {
"""Date of the parity check"""
date: DateTime
"""Duration of the parity check in seconds"""
duration: Int
"""Speed of the parity check, in MB/s"""
speed: String
"""Status of the parity check"""
status: ParityCheckStatus!
"""Number of errors during the parity check"""
errors: Int
"""Progress percentage of the parity check"""
progress: Int
"""Whether corrections are being written to parity"""
correcting: Boolean
"""Whether the parity check is paused"""
paused: Boolean
"""Whether the parity check is running"""
running: Boolean
}
enum ParityCheckStatus {
NEVER_RUN = 'never_run',
RUNNING = 'running',
PAUSED = 'paused',
COMPLETED = 'completed',
CANCELLED = 'cancelled',
FAILED = 'failed',
}
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Exposes a structured parity-check status for arrays with detailed
fields (status enum: NEVER_RUN, RUNNING, PAUSED, COMPLETED, CANCELLED,
FAILED), date, duration, speed, progress, errors, and running/paused
flags.
- Tests
- Adds comprehensive unit tests covering all parity-check states,
numeric edge cases, speed/date/duration/progress calculations, and
real-world scenarios.
- Refactor
- Safer numeric/date parsing and a new numeric-conversion helper; minor
formatting/cleanup in shared utilities.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Resolve#1615 -- lingering wanport caused issue with LAN Access via
Connect, because those URL's are constructed using `wanport`, but since
WAN access would be disabled, NGINX would not listen on the port.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* WAN access settings now correctly gate related options; UPnP only
enables when WAN access is Always.
* Static WAN port is applied only when eligible and is cleared when WAN
access is disabled to avoid unintended overrides.
* Dynamic remote access migration uses sanitized URLs to prevent
propagation of user-provided addressing.
* **Chores**
* Minor ordering and formatting adjustments to reflect updated
precedence and clarify behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- View OS release notes directly for the currently displayed version,
with a link to open in a new tab.
- Changelog modal supports viewing a specific release outside the update
flow.
- Improvements
- Changelog modal prioritizes a prettier docs view when available, with
fallback to raw notes.
- Enhanced theming with better dark mode support, including Azure theme
alignment.
- Clearer modal behavior: consistent open/close handling and titles
based on the selected release.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Revised language to clarify that the API is built into Unraid OS v7.2 and does not require plugin installation.
- Updated sections for earlier versions to reflect the Unraid Connect plugin's role and access to newer API features.
- Enhanced clarity in the "Get Started" section with step-by-step instructions for both v7.2 and pre-7.2 users.
Eli Bosley