github aquantumofdonuts/mixarr v2.3.0

latest release: v2.3.1
4 hours ago

Mixarr v2.3.0

Release date: 2026-07-03

This release publishes the changes merged in PR #61 from dev into prod at commit d94f8b7.

Highlights

  • OIDC SSO provider support with security hardening and reliability follow-up.
  • Network reliability improvements: IPv6 egress probe with IPv4 fallback and socket leak fix.
  • Feed/discovery reliability and performance improvements, including bounded enrichment concurrency and aggregation safety cap.
  • Frontend UX fixes for feed cache updates, WebSocket callback stability, and request timeout/response handling.
  • CI/release process cleanup: staging branch removed in favor of dev -> prod flow.

Added

  • OIDC authentication provider with:
    • Passport OIDC strategy and session integration
    • domain allow-list support
    • admin-configurable OIDC settings

Changed

  • Default OpenAI model updated to gpt-4o-mini.
  • ListenBrainz connections now support an optional custom URL (self-hosted instances).
  • Discover page refactor to shared hooks (useLibrary, useProfiles) and React Query-backed recommendations cache.
  • Queue page now uses server-provided total for truncation awareness.
  • Sidebar version/update-check polling interval changed from 6h to 10m.
  • Release workflow/docs updated for the simplified branch model (dev -> prod).

Fixed

  • Graceful shutdown behavior in API process:
    • deterministic shutdown sequencing
    • proper awaited HTTP close
    • keep-alive connection handling via idle connection close
    • hard deadline to prevent hung shutdowns
  • Rate limiter health-check bypass (/api/health) now correctly checks req.originalUrl.
  • Review queue endpoint now computes and returns total count alongside items.
  • Feed service:
    • bounded concurrency for external enrichment calls
    • aggregation row safety cap to prevent unbounded memory growth
    • Lidarr background add flow extraction and improved async handling
  • Frontend API client:
    • 30s timeout support
    • improved timeout error messaging
    • safer response parsing for non-JSON and 204 No Content
  • Optimistic feed mutations now update all paginated feed cache keys.
  • WebSocket callback handling no longer forces socket teardown/reconnect on rerender.
  • FeedCard touch-hover timer cleanup prevents stale updates on unmounted components.
  • Network preflight:
    • IPv6 egress fallback to IPv4-first DNS ordering when needed
    • socket cleanup in error paths
  • OIDC follow-up hardening:
    • OIDC discovery caching
    • reject unverified emails (email_verified === false)
    • issuer URL validation with HTTPS enforcement
    • allowedDomains consistency improvements

Upgrade Notes

  • No manual migration steps beyond normal image update and redeploy.
  • If using ListenBrainz, optional custom URL configuration is now available.
  • If enabling OIDC, configure issuer/client settings in SSO settings and validate allowed domains.

Container Images

  • ghcr.io/aquantumofdonuts/mixarr:v2.3.0
  • ghcr.io/aquantumofdonuts/mixarr:latest
  • ghcr.io/aquantumofdonuts/mixarr:v2.3.0-slim
  • ghcr.io/aquantumofdonuts/mixarr:slim

Full changelog: v2.2.0...v2.3.0

Don't miss a new mixarr release

NewReleases is sending notifications on new releases.