Commit Graph

1513 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
a5954590ec Fix IntegrityError when updating favourites with stale ROM IDs
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rommapp/romm/sessions/8a6fd3fe-77ab-4f7b-a0e9-1c55e7096e88
2026-03-23 22:19:06 +00:00
Georges-Antoine Assi
f107dc2752 changes from bot rview 2026-03-22 17:17:14 -04:00
Georges-Antoine Assi
4c97eddfc3 fix trunk check 2026-03-22 16:30:14 -04:00
nendo
719b98faaf Batch session inserts into single transaction
Replace per-item add_session with add_sessions using add_all.
No fallback on IntegrityError -- duplicate concurrent submissions
are the client's responsibility.
2026-03-22 21:21:27 +09:00
nendo
75302ed59a Add play session ingest for game time tracking
Backend API for collecting and querying play sessions, modeled after
the Argosy session data format. Clients submit batches per device,
recording both the session window and screen-on time.
2026-03-22 20:22:55 +09:00
Georges-Antoine Assi
5bf3a435ee moer fixes 2026-03-21 22:57:44 -04:00
Georges-Antoine Assi
8e8baef6f6 fix check 2026-03-21 22:52:23 -04:00
Georges-Antoine Assi
4536deff65 more twekas 2026-03-21 22:30:10 -04:00
zurdi
56bc8c58dd feat: update RAHasher to version 1.8.3 and add Wii platform support 2026-03-20 13:24:19 +00:00
nendo
4edb1710a5 fix: address review feedback on session handler and counter
- Restore NoResultFound behavior on update_session, complete_session,
  fail_session when row is missing (scalar returns None, old .one()
  raised -- silent None is a semantic regression)
- Remove redundant get_session call from _increment_session_counter;
  the atomic SQL increment is already a no-op on missing rows
- Log warning when passed session_id is not found in _sync_device
  instead of silently creating an orphan session
2026-03-16 10:59:49 +09:00
nendo
55638d15dc fix: address bugs, security issues, and convention violations in save-sync
- Fix broken path construction in FSSyncHandler: build_* methods now
  return relative paths; sync_watcher uses paths relative to sync base
  instead of CWD (was completely non-functional in production)
- Fix SSH connection leak in push-pull task: conn.close() now in finally
- Add log.warning for disabled SSH host key verification
- Fix race condition in session operation counter: use atomic SQL
  increment instead of read-then-write
- Extract _increment_session_counter helper, add exc_info to warnings
- Replace legacy session.query() with select() in sync_sessions_handler
- Fix orphaned session: trigger_push_pull now passes session_id to job
- Fix wasteful SSH download when no matched_save exists
- Fix BaseModel import collision in sync.py (pydantic -> project base)
- Fix ORM mutation in UserSchema.from_orm_with_request: set field on
  schema instance instead of mutating live ORM object
- Mask ssh_password and ssh_key_path in DeviceSchema API response
- Fix migration PostgreSQL compatibility: condition ON UPDATE clause
  on MySQL, drop enum in downgrade
- Rename copy-paste artifact rom_user_status_enum
2026-03-16 10:56:43 +09:00
Georges-Antoine Assi
e1b07cacfc make devices actually unique 2026-03-15 20:09:33 -04:00
Georges-Antoine Assi
55ca39cacb fix deprecations in pydantic 2026-03-15 09:34:48 -04:00
Georges-Antoine Assi
f13f929d7d tweaks based on self review 2026-03-14 22:26:53 -04:00
Georges-Antoine Assi
e6ddc5da11 bot attempt at save sync 2026-03-14 22:13:38 -04:00
Georges-Antoine Assi
997e2c44aa start pre-4.8 cleanup 2026-03-12 23:02:12 -04:00
Georges-Antoine Assi
a2be62154b Merge pull request #3118 from rommapp/copilot/update-game-status-retroachievements
feat: Auto-update game status from RetroAchievements award kind during progress sync
2026-03-12 20:31:35 -04:00
Georges-Antoine Assi
72e884a83c run fmt 2026-03-12 19:02:24 -04:00
Georges-Antoine Assi
fcfb74a8a2 Merge pull request #3119 from rommapp/copilot/use-pico-8-cover-art
feat: use PICO-8 built-in cover art from .p8.png cartridge files
2026-03-11 21:22:36 -04:00
Georges-Antoine Assi
744d92d6d1 lower fs name 2026-03-11 21:05:01 -04:00
copilot-swe-agent[bot]
24fe5b941f refactor: move get_pico8_cover_url to FSRomsHandler, use validate_path for safe path construction
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-11 22:17:22 +00:00
Zurdi
4c680f4919 Merge pull request #3121 from Bergbok/playable-filter-fix
fix: add missing platforms to playable game filter
2026-03-11 16:24:00 +01:00
Bergbok
99e41cecc2 refactor: create list for playable platforms that don't use EJS 2026-03-11 17:18:13 +02:00
Bergbok
ed61158aee fix: include DOS, Game Boy Color and Sega 32X games in playable filter 2026-03-11 16:40:39 +02:00
Bergbok
cad510a0b0 refactor: remove duplicate C64 entry from EJS_SUPPORTED_PLATFORMS 2026-03-11 16:37:49 +02:00
Bergbok
8517fb9aca fix: include browser games in playable filter 2026-03-11 16:11:08 +02:00
copilot-swe-agent[bot]
2958e6f12b feat: use PICO-8 built-in cover art from .p8.png cartridge files
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-11 02:35:18 +00:00
copilot-swe-agent[bot]
da30e4daf1 feat: auto-update game status from RetroAchievements award kind
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-11 02:27:38 +00:00
Georges-Antoine Assi
6f02a4beff Merge pull request #3114 from tmgast/feature/client-api-tokens
Add client API tokens with QR pairing flow
2026-03-10 22:17:05 -04:00
Georges-Antoine Assi
9b95e85dee Merge pull request #3110 from cciollaro/feat/stats-metadata-coverage-regions
Per-platform metadata coverage and region breakdown to server stats
2026-03-10 21:58:32 -04:00
nendo
ea5b7546aa refactor: address PR #3114 review feedback
- Use atomic getdel for pairing code exchange
- Add cascade="all, delete-orphan" to User.client_tokens
- Move generate/hash_client_token into AuthHandler as static methods
- Extract endpoint helpers to utils/client_tokens.py
2026-03-11 10:56:35 +09:00
nendo
e0b25fbc6c feat(client-tokens): add client API tokens with QR pairing flow
Long-lived, revocable, scope-restricted tokens for external clients
(mobile apps, retro handhelds, third-party tools). Includes:

- Backend: model, migration, DB handler, auth integration (rmm_ prefix
  routing in HybridAuthBackend), CRUD + pairing + exchange endpoints,
  rate limiting, scope intersection enforcement, admin oversight
- Frontend: settings page with token management table, stepped
  create/deliver dialog (config -> copy/pair), QR code with RomM logo,
  admin token table, standalone /pair page for QR scan landing
- /pair page supports custom-scheme callbacks for app deep linking,
  falls back to displaying code for manual entry
- 33 backend tests across 5 classes (CRUD, auth, isolation, pairing,
  admin)
2026-03-11 10:56:35 +09:00
Georges-Antoine Assi
0c18c2588c run fmt 2026-03-10 21:47:27 -04:00
cc
a4e8d9df49 fix: sort without mutating store, move constants to module scope
- Spread allPlatforms before sorting to avoid mutating Pinia store
- Move _METADATA_SOURCE_COLUMNS to module level
- Add optional chain on sourceInfo v-img src

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 20:09:19 -04:00
cc
52c53505a1 refactor: address review feedback
- Derive metadata source columns from Rom model instead of hardcoded list
- Replace getOrderedCoverage() function calls with a computed map to avoid
  redundant sorting on each render

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 19:27:50 -04:00
Georges-Antoine Assi
f6eb686559 fix tests 2026-03-10 08:38:43 -04:00
HydroSulphide
b9ea937373 Merge branch 'master' into fix-oauth-token-expiry-and-refresh-rotation 2026-03-10 08:51:44 +01:00
HydroSulphide
fd788684b9 fix: TOCTOU race condition allows duplicate refresh token use 2026-03-10 08:38:32 +01:00
HydroSulphide
02336974a6 Implemented greptile suggestions 2026-03-10 08:04:07 +01:00
HydroSulphide
8758cb31b7 Tried to fix everything the bot complained about and the failed pytests.
Three tests were also implemented to check initial implementation that now invalidates expired access and refresh tokens and also rotating refresh tokens.

Since I introduced wrapper functions for create_oauth_token to distinguish between access and refresh token there is no need to set the token type in the data dict, since the type is now enforced in the wrapper functions create_access_token and create_refresh_token.

By convention I renamed create_oauth_token to _create_oauth_token as it is considered a private helper function now.
2026-03-10 07:22:02 +01:00
cc
778097f4a0 feat: add per-platform metadata coverage and region breakdown to server stats
Enhances the server stats page with two new per-platform statistics:
- Metadata coverage: shows which sources matched ROMs (ordered by user's scan priority config)
- Region breakdown: shows ROM counts per region with flag emojis

Backend adds two new efficient queries (single GROUP BY for metadata, Python-side aggregation for regions).
Frontend redesigns platform cards with a tabular detail layout, size bar visualization, and expandable region chips.

> This PR was developed with AI assistance (Claude Code) per CONTRIBUTING.md disclosure requirements.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-09 22:15:08 -04:00
copilot-swe-agent[bot]
2a7c86e304 Fix OIDC login downgrading existing user roles when no claims provided
Co-authored-by: pacnpal <183241239+pacnpal@users.noreply.github.com>
2026-03-09 18:26:49 +00:00
HydroSulphide
ad09babce8 fix: catch http exception on code 401 so api call with expired access token doesn't lead to internal server error 2026-03-09 18:29:28 +01:00
HydroSulphide
41f64eb42b fix: oauth token invalidation on expiration date and rotating refresh token 2026-03-09 17:03:29 +01:00
Georges-Antoine Assi
e2ece6b938 run fmt 2026-03-08 22:54:58 -04:00
copilot-swe-agent[bot]
53b0b9021b Switch invite token expiration unit from minutes to seconds
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-09 02:48:21 +00:00
copilot-swe-agent[bot]
5f309639af Make invite token expiration configurable via env var and UI
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-09 01:43:53 +00:00
Georges-Antoine Assi
e3d9bfe9fa fix migration 2026-03-08 20:14:14 -04:00
copilot-swe-agent[bot]
ae73da7c27 Fix 500 error from empty fs_name_no_tags causing mass sibling matching and incorrect ROM grouping
- Add migration 0071 to fix sibling_roms view: add guard against empty string matching for fs_name_no_tags
- Fix group_by_meta_id in filter_roms: use func.nullif to treat empty fs_name_no_tags as NULL in grouping key
- Add group_by_meta_id support to get_roms_scalar
- Add tests for sibling matching behavior with empty/non-empty fs_name_no_tags

Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-08 23:17:51 +00:00
Georges-Antoine Assi
38b311d1ca Merge pull request #3089 from rommapp/copilot/scrape-age-rating-data
Scrape and store age rating data from ScreenScraper.fr
2026-03-08 18:44:42 -04:00