Listenarrs/Listenarr 0.2.49 on GitHub

Fixed

Settings save CSRF failure: Ensure antiforgery token is refreshed and tied to the authenticated session; added tokenReadyPromise in ApiService and block unsafe requests until token is available. Removed manual CSRF fetch from saveApplicationSettings. See fe/src/services/api.ts.
Token export: Properly export ensureImageCached and removed stray/unused code that caused build errors. See fe/src/services/api.ts.
Startup cache logging: Added missing logger import and removed unsafe console usage. See fe/src/services/api.ts.
Save rollback: StartupConfigService.SaveAsync now preserves previous in-memory _config and restores it on write failures; rollback exceptions are logged. See listenarr.api/Services/StartupConfigService.cs.

Logging cleanup: Converted remaining console.log calls in ApiService to logger.debug and tidied comments. See fe/src/services/api.ts.
Frontend type imports: Added missing types (QualityScore, StartupConfig) to the generated API client to fix TS errors. See fe/src/services/api.ts.
StartupConfig typing: Added PascalCase AuthenticationRequired to accept both authenticationRequired and AuthenticationRequired payload shapes. See fe/src/types/index.ts.
CI-friendly type-check: Limited frontend type-check script to tsconfig.app.json (excludes tests) to avoid test-only typings breaking dotnet publish. See fe/package.json.
Antiforgery whitelist: Allowed /api/configuration/startupconfig in antiforgery middleware so the SPA can persist config.json in development.
Development ContentRoot resolution: Prefer repo config/config.json and config/database/listenarr.db in Development (with LISTENARR_CONTENT_ROOT override); added Serilog messages that report resolved paths.
Code quality: Replaced generic/empty catches and Path.Combine usages with narrower catches and Path.Join where applicable.

Fix...

Automated canary build