siftlode/backend/app
npeter83 4e80e2b39b fix(deferred): close backend correctness/efficiency tails from the hygiene sweep
Verified each deferred per-subsystem item against current source, then fixed the
real ones (tradeoffs left as-is, see siftlode-ops/CODE-HYGIENE.md closeout):

- search BUG-3: don't finalise shorts_probed on un-enriched stubs (enrichment
  failure/omitted rows) — restores the scheduler's enriched_at guard so a real
  Short can't leak into the feed and never get reclassified.
- downloads GC: 4th pass reaps orphaned errored, fileless, unreferenced assets
  (they carry no TTL, so the expiry passes never cleared them).
- downloads B6: quota/edit errors now return a structured {code,reason,limit}
  the trilingual client localises, instead of hardcoded English + dot-decimal GB.
- channels BB1: reset-backfill re-arms deep sync on every subscriber (bulk update)
  instead of 404ing when the admin isn't personally subscribed.
- channels BB2: enrich the stub on BOTH the normal and "already exists" desync
  path (nest the insert try inside the client `with`).
- channels CB3: drop the redundant second _discovery_rows read (identity-mapped
  rows are already enriched; re-sort in Python for the title tie-break).
- playlists PC1: read the live playlist once in push() and share it with plan_push
  + push_playlist (halves read-quota, closes the second TOCTOU window).
- playlists PC2/PC5: batch the cover thumbnails in one window query (was N+1);
  rename combines count+duration into one aggregate + a single cover lookup.
- messages MB2: get_thread only resolves a messageable partner OR one we already
  share a thread with (closes the user-enumeration oracle).
- messages MB3: push a live unread-count to the user's other tabs after mark-read.
- messages MC4: list_conversations uses DISTINCT ON + grouped COUNT instead of
  loading the whole message history into memory.
- config AB3: per-spec allow_empty so smtp_user/youtube_api_proxy can be blanked
  to disable them rather than snapping back to the env default.
2026-07-12 05:59:03 +02:00
..
downloads fix(deferred): close backend correctness/efficiency tails from the hygiene sweep 2026-07-12 05:59:03 +02:00
plex Plex backend pass (#9): watch_sync bugs + backend dedup 2026-07-11 23:48:35 +02:00
routes fix(deferred): close backend correctness/efficiency tails from the hygiene sweep 2026-07-12 05:59:03 +02:00
static chore: rebrand Subfeed -> Siftlode 2026-06-14 04:40:22 +02:00
sync fix(deferred): close backend correctness/efficiency tails from the hygiene sweep 2026-07-12 05:59:03 +02:00
youtube fix(auth): security hardening — token encryption, timing, adoption + isolation 2026-07-11 21:26:39 +02:00
__init__.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
auth.py fix(auth): decrypt the access-token fallback before revoking on account deletion 2026-07-12 04:52:31 +02:00
config.py feat(auth): SA3 — trusted-proxy X-Forwarded-For for rate limiting 2026-07-12 03:42:41 +02:00
db.py fix(plex): image proxy no longer exhausts the DB connection pool 2026-07-06 07:14:28 +02:00
email.py fix(auth): preserve OAuth scopes across re-login + accurate multi-admin request emails 2026-07-12 04:34:07 +02:00
main.py feat(share): rich link previews (Open Graph) for /watch pages 2026-07-07 20:19:30 +02:00
models.py feat(auth): SA4 — server-side session revocation via per-user session epoch 2026-07-12 03:00:16 +02:00
notifications.py feat(notifications): durable per-user inbox (P1) + maintenance schema 2026-06-18 03:20:17 +02:00
progress.py feat(scheduler): admin run-now/run-all triggers + live progress + completion notices 2026-06-18 04:01:10 +02:00
quota.py feat(channels): channel-explore backend — about metadata, ephemeral provenance, cleanup 2026-06-30 02:52:44 +02:00
ratelimit.py feat(demo): demo-account schema + reusable rate limiter 2026-06-16 09:17:14 +02:00
realtime.py feat(messages): end-to-end encrypted real-time direct messaging backend 2026-06-25 22:05:35 +02:00
scheduler.py chore(scheduler): dedup token-user query + drop pointless rss lambda 2026-07-11 19:44:53 +02:00
security.py fix(auth): security hardening — token encryption, timing, adoption + isolation 2026-07-11 21:26:39 +02:00
state.py refactor(auth): centralize token hashing, email validation & admin gating 2026-06-26 03:15:36 +02:00
sysconfig.py fix(deferred): close backend correctness/efficiency tails from the hygiene sweep 2026-07-12 05:59:03 +02:00
titles.py feat(titles): normalize video titles for display (feed, search, downloads) 2026-07-03 03:00:08 +02:00
utils.py refactor(auth): centralize token hashing, email validation & admin gating 2026-06-26 03:15:36 +02:00
worker.py fix(config): honor DB-overridable download layout + retention (env-vs-DB drift) 2026-07-11 19:44:53 +02:00