v1.0.6-beta.012 - Implement distributed locking, enhanced security, and improved matching
- Decentralize encryption by generating a persistent DATABASE_ENCRYPTION_KEY in db-init.ts, decoupling 2FA and sensitive data encryption from NEXTAUTH_SECRET.
- Refactor Logger to use standard dynamic imports with Webpack magic comments to resolve client-side bundling errors with Node.js built-ins.
Security Enhancements:
- Resolve plaintext exposure of system secrets (API keys, OIDC secrets) by implementing server-side obfuscation and filtered updates in the configuration API.
- Implement strict path boundary validation in file-serving and reader routes to prevent directory traversal bypasses.
- Update ReadingListItem schema to remove unique constraints on order, preventing transaction crashes during list reordering.
Matching & Importer Improvements:
- Enhance issue number extraction to support variant identifiers (e.g., #1A, #1B), preventing variant cover erasure during import.
- Tighten the Mathematical Matcher threshold to 70% and implement explicit year-conflict rejection rules to prevent cross-run mismatches.
- Require release years for subtitle fallback searches to improve precision during automated metadata matching.
Bug Fixes:
- Clean up accidental console module imports in manga-detector.ts and issue routes and correct invalid variable references in catch blocks.
- Fix KOReader synchronization routes to handle hashed API keys and properly map progress to existing database schema.
- Restore missing authentication logic and update route parameters for Next.js 15 compatibility in KOReader endpoints.