Critical Web UI fix. Reported by @famewolf in #2 via his browser console: the backup-restore button "did absolutely nothing." The cause was far bigger than backup.
What was broken
The dsBackupImport confirm(...) string in the shared _BASE_JS block was written with a \n. _BASE_JS is a regular (non-raw) Python triple-quoted string, so Python turned that \n into a real newline in the rendered JavaScript:
if (!confirm('Restore from "' + file.name + '"?
This will overwrite...')) { // ← SyntaxError: unescaped line breakAn unescaped line break in a string literal is a hard SyntaxError that aborts the entire <script> block — so every function defined in _BASE_JS silently failed to define:
- Tab switching
- Theme toggle
- Confirm dialogs (delete group, cleanup, selfupdate…)
- Drag-and-drop reorder
- Auto-detect modal
- Webhook test button
- Cron schedule preview
- Toast notifications
- Backup / restore
This affected every browser, from v1.22.0 through v1.23.1. Server-side features (favicon, Discord links, page rendering, the Telegram bot) were completely unaffected, which is why it wasn't obvious — and why the bot half of Docksentry kept working perfectly.
The fix
Removed the newline from the confirm string. Verified with a comment- and regex-aware scanner that no raw control character remains inside any JS string literal across /, /settings, and /groups.
Regression guard
scripts/pre-commit-check.py now parses _BASE_JS and fails the build if any raw newline/CR appears inside a JS string literal — the exact class of bug above. It passes clean now and was verified to catch a deliberately-injected break.
Why our earlier testing missed it
The v1.22.0 backup feature was "tested" three ways: the backend endpoint with curl (worked), a check that the function text was present in the served HTML (it was), and a browser-style upload to the endpoint (worked). None of those execute the page's JavaScript, so none caught that the script block fails to parse. @famewolf's browser console caught in one line what our tests structurally could not. The pre-commit guard closes that gap.
Upgrade
docker pull amayer1983/docksentry:latest
docker compose up -dHard-reload the Web UI (Ctrl+Shift+R) once.