Mixarr v2.3.0
Release date: 2026-07-03
This release publishes the changes merged in PR #61 from dev into prod at commit d94f8b7.
Highlights
- OIDC SSO provider support with security hardening and reliability follow-up.
- Network reliability improvements: IPv6 egress probe with IPv4 fallback and socket leak fix.
- Feed/discovery reliability and performance improvements, including bounded enrichment concurrency and aggregation safety cap.
- Frontend UX fixes for feed cache updates, WebSocket callback stability, and request timeout/response handling.
- CI/release process cleanup: staging branch removed in favor of dev -> prod flow.
Added
- OIDC authentication provider with:
- Passport OIDC strategy and session integration
- domain allow-list support
- admin-configurable OIDC settings
Changed
- Default OpenAI model updated to
gpt-4o-mini. - ListenBrainz connections now support an optional custom URL (self-hosted instances).
- Discover page refactor to shared hooks (
useLibrary,useProfiles) and React Query-backed recommendations cache. - Queue page now uses server-provided
totalfor truncation awareness. - Sidebar version/update-check polling interval changed from 6h to 10m.
- Release workflow/docs updated for the simplified branch model (
dev->prod).
Fixed
- Graceful shutdown behavior in API process:
- deterministic shutdown sequencing
- proper awaited HTTP close
- keep-alive connection handling via idle connection close
- hard deadline to prevent hung shutdowns
- Rate limiter health-check bypass (
/api/health) now correctly checksreq.originalUrl. - Review queue endpoint now computes and returns total count alongside items.
- Feed service:
- bounded concurrency for external enrichment calls
- aggregation row safety cap to prevent unbounded memory growth
- Lidarr background add flow extraction and improved async handling
- Frontend API client:
- 30s timeout support
- improved timeout error messaging
- safer response parsing for non-JSON and
204 No Content
- Optimistic feed mutations now update all paginated feed cache keys.
- WebSocket callback handling no longer forces socket teardown/reconnect on rerender.
- FeedCard touch-hover timer cleanup prevents stale updates on unmounted components.
- Network preflight:
- IPv6 egress fallback to IPv4-first DNS ordering when needed
- socket cleanup in error paths
- OIDC follow-up hardening:
- OIDC discovery caching
- reject unverified emails (
email_verified === false) - issuer URL validation with HTTPS enforcement
allowedDomainsconsistency improvements
Upgrade Notes
- No manual migration steps beyond normal image update and redeploy.
- If using ListenBrainz, optional custom URL configuration is now available.
- If enabling OIDC, configure issuer/client settings in SSO settings and validate allowed domains.
Container Images
ghcr.io/aquantumofdonuts/mixarr:v2.3.0ghcr.io/aquantumofdonuts/mixarr:latestghcr.io/aquantumofdonuts/mixarr:v2.3.0-slimghcr.io/aquantumofdonuts/mixarr:slim
Full changelog: v2.2.0...v2.3.0