tesshu
3e6d224550
#1 CVE-2018-1000840
...
stax-api-1.0.1.jar
stax-api-1.0-2.jar
6 年之前
tesshu
6023d4c0bc
fix #748
6 年之前
jo
7327353704
Pull translations from transifex
7 年之前
Frank de Lange
8127b4f7fa
Fix #860 (external database performance) by using connection pooling … ( #864 )
...
* Fix #860 (external database performance) by using connection pooling (using commons-dbcp2)
7 年之前
François-Xavier Thomas
d6ba6de7e1
Run a first defrag before enabling auto defrag on HSQLDB
7 年之前
François-Xavier Thomas
21eff917b6
PlayQueue: Fix broken keyboard shortcuts
...
Using the "space" key to resume playback, as well as +/- to
increase/decrease volume, were not working properly.
7 年之前
Andrew DeMaria
ac0e29bf9c
Remove unused import
7 年之前
Andrew DeMaria
61c0c0d758
Fix import style error
7 年之前
Andrew DeMaria
ee4cb71052
Ignore CVE-2018-8088 related to slf4j ext
7 年之前
François-Xavier Thomas
cff97ea9be
Fix #778 : Defragment embedded HSQLDB database more frequently
7 年之前
Rémi Cocula
ac453883fc
jukebox code quality and unit tests
7 年之前
randomnicode
77ca475fbe
Add additional suppression
7 年之前
randomnicode
f3cc48f8cb
Suppress vulnerabilities file
7 年之前
randomnicode
51f17675d5
Update plugins
7 年之前
Andrew DeMaria
fb18862db4
Fix extraneous closing tag
7 年之前
Benz0X
af93f1eed1
Correct corrupted downloaded zip
...
Prevent the zipping of twice the same file (resulting in an error and a corrupted zip on Linux) when the cover is embedded in tags
7 年之前
Michel Néron
16b22f3501
- Correct test for use not a hardcoded value but the referenced value. The first in select on multi value didn't ordered is not assured.
7 年之前
Arne Schlüter
fec8f0ba95
Update favicons in webapp
7 年之前
Andrew DeMaria
5202845373
Bump version of guava to deal with CVE-2018-10237
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Shawn Bruce
df5f6f2aaf
Display folders as a list in Settings->Users and include the path.
7 年之前
jo
e72147b76b
Update languages from tx
7 年之前
jo
607f4c8720
Clean source i18n file
7 年之前
jo
75410aaea2
Update translation files
7 年之前
Andrew DeMaria
8c6ddb1aba
Dependency tweaks and remove extraneous code
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Rémi Cocula
6b4874f33c
archetype code for rest api integration tests
7 年之前
Andrew DeMaria
f8686d9638
Tweaked logging around servlet container and added warning about jetty
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Andrew DeMaria
f8161f5184
White list jars that are scanned for tlds to prevent spurious logs
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Andrew DeMaria
377f68543d
Added profile to make running within a ide easier
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Andrew DeMaria
609ca71307
Skip another irrelevant CVE
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Carlos Galindo
f6b248495c
Fixed github link opening in frame and not loading
7 年之前
jo
e0746172c5
Pull translations from transifex
7 年之前
Michael Sabin
48c3286766
Allow building without Git
...
If Maven cannot find the git executable
the build fails.
Signed-off-by: Michael Sabin <m35@users.noreply.github.com>
7 年之前
Michael Sabin
32ed46e55e
Fix test failure on Windows
...
Media directories are added to the test database
with the string essentially generated by this code:
new File(MusicFolderTestData.resolveMusicFolderPath()).getPath()
The directories are then queried by the string generated
by this code:
MusicFolderTestData.resolveMusicFolderPath()
On Windows the strings are not identical.
MusicFolderTestData.resolveMusicFolderPath()
is prefixed by an extra slash that is removed
when wrapped by a File()
Signed-off-by: Michael Sabin <m35@users.noreply.github.com>
7 年之前
Andrew DeMaria
995d1fa667
Remove potential cast exception
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
WillyPillow
84144f287a
Add option to disable seeking on transcodes. (Mitigates #548 & #723 )
...
As per #548 , #723 , and tsquillario/Jamstash#131 , the current method of
estimating `Content-Length` creates various problems.
However, if headers such as `Accept-Ranges` is omitted, clients will only
use the first connection, which is `Transfer-Encoding: chunked`, and no
`Content-Length` is necessary.
Doing this has the side effect that (at least on the web player) seeking
to a specific time is no longer possible, thus this was made an opt-in
option.
Signed-off-by: WillyPillow <wp@nerde.pw>
7 年之前
Carlos Galindo
f78b108939
Optionally parse podcast episode duration in seconds to [hh:]mm:ss
7 年之前
Peter Marheine
8b4037b549
Check reCAPTCHA v2 responses when enabled
...
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Peter Marheine
1b833003fb
Bring back an optional reCAPTCHA v2
...
Only showing it in the recovery view, not yet validating the result.
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Peter Marheine
a928b9ee3f
Add settings for CAPTCHA in account recovery.
...
Allowing users to enable it and specify the site and secret key to use
with reCAPTCHA.
The old hard-coded keys were insecure; the secret key must not be
distributed publicly. The current defaults are the test keys provided at
https://developers.google.com/recaptcha/docs/faq#id-like-to-run-automated-tests-with-recaptcha-v2-what-should-i-do
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Peter Marheine
749342f25e
Remove captcha support
...
It uses reCAPTCHA v1, which hasn't worked since March 2018.
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Andrew DeMaria
5281d9ab6e
Fix for false positive node vuln
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
François-Xavier Thomas
caa1dac3a2
Use dark media player theme on groove theme ( #777 )
7 年之前
Peter Marheine
ae7f35a9cd
Don't use HTTPS for scrobbling
...
Turns out HTTPS isn't supported for the old API that we're using, so go
back to using plain HTTP.
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Peter Marheine
69e2ba0825
Use HTTPS and java.net.URI for scrobbling
...
HTTPS will help prevent eavesdropping on the auth token, and using URI
will ensure unusual characters (like spaces, accidental or otherwise)
are escaped correctly.
Fixes #588
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Peter Marheine
cfdedea452
Suppress CVE-2018-13684 for dependency-check
...
False positive matching ant-zip against a CVE for ZIP, an Ethereum
token.
Signed-off-by: Peter Marheine <peter@taricorp.net>
7 年之前
Andrew DeMaria
e3ea7beb96
Fix #764
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Andrew DeMaria
8d3c0ec9a0
Updates
...
- Update Spring boot Version
- Update dependency check version
- Exclude irrelevant nodejs cve
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Andrew DeMaria
3e1ea6f913
Fix #749 Ensure transcode settings are protected
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
Andrew DeMaria
431c98b496
Exclude cve CVE-2018-1115
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 年之前
snw35
6a44c5c815
Handle player id as an Integer instead of String
7 年之前