Skip to content

fix: resolve warnings and dependency vulnerabilities#636

Merged
therobbiedavis merged 1 commit into
Listenarrs:canaryfrom
mailz23:ray-security-build-fixes
Jun 6, 2026
Merged

fix: resolve warnings and dependency vulnerabilities#636
therobbiedavis merged 1 commit into
Listenarrs:canaryfrom
mailz23:ray-security-build-fixes

Conversation

@mailz23

@mailz23 mailz23 commented Jun 1, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Update SharpCompress from 0.47.4 to 0.49.1 to resolve a known NuGet vulnerability.
  • Add the missing FfmpegException namespace import so XML documentation resolves cleanly.
  • Refresh root and frontend package locks with npm audit fixes.

Verification

  • dotnet build -c Release: passed with 0 warnings and 0 errors
  • dotnet test --no-build -c Release: 675 passed
  • npm run test:frontend: 361 passed
  • npm run lint:frontend: passed
  • npm run build:web: passed
  • dotnet list package --vulnerable --include-transitive: no vulnerable packages
  • npm audit: 0 vulnerabilities
  • fe npm audit: 0 vulnerabilities

@mailz23 mailz23 requested a review from a team June 1, 2026 12:27
@therobbiedavis therobbiedavis added the patch patch version bump - backward compatible bug fixes label Jun 6, 2026
@therobbiedavis therobbiedavis force-pushed the ray-security-build-fixes branch from 3c9e542 to 74930bc Compare June 6, 2026 16:45
therobbiedavis
therobbiedavis approved these changes Jun 6, 2026
View reviewed changes

@therobbiedavis therobbiedavis left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@therobbiedavis therobbiedavis merged commit ed4d682 into Listenarrs:canary Jun 6, 2026
6 checks passed
kevinheneveld added a commit to kevinheneveld/Listenarr that referenced this pull request Jun 9, 2026
@kevinheneveld @claude
Merge canary (v1.0.7 -> v1.0.11) into kevin/live
8d56404 
Catch-up merge bringing upstream canary up to v1.0.11. Net-new from canary:
System Storage available-space (Listenarrs#656), Title-folder persistence (Listenarrs#646), sort
series by reading order (Listenarrs#626/Listenarrs#660), audiobooks-under-all-series + Primary-series
toggle (Listenarrs#658/Listenarrs#659), dependency/vulnerability + lint-config updates (Listenarrs#636).

Conflict resolutions of note (series work overlapped kevin/live's series suite):
- LibraryListService: kept kevin's importedAt (Recently-Imported) AND adopted
  canary's series memberships, using canary's sequential shared-DbContext awaits.
- SeriesCatalogService: kept kevin's richer GetSeriesCandidates/owned-book
  ResolveSeriesAsync; added canary's PrioritizeCatalogSeries/FindCatalogSeries.
- AudiobooksView: merged kevin's narrator grouping with canary's multi-series
  grouping (getBookSeriesNames) + formatSeriesMemberships display.
- CollectionView: adopted canary's proper series-position sort + multi-series
  membership matching, superseding kevin's interim "Series Order" relabel, but
  kept kevin's article/apostrophe-aware normalizeSeriesName for slug matching.
- SeriesMonitoringServiceTests: kept both kevin's (old path, +enhancements) and
  canary's relocated copy (different namespaces, no collision).
- Test files: unioned both sides' added cases; dropped kevin's now-superseded
  "Series Order" option test, adapted the default-sort test to series-position.
- Fixed pre-existing unused-var lint now surfaced by canary's stricter config.

Validated on the throwaway branch: 1093 backend + 501 frontend tests pass;
backend + frontend build, FE lint, and type-check all clean.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@therobbiedavis therobbiedavis therobbiedavis approved these changes

Assignees

No one assigned

Labels

patch patch version bump - backward compatible bug fixes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mailz23 @therobbiedavis