- logoCacheService.ts: download script logos to public/logos/ for local serving
- cache-logos.ts: build-time script caching 500+ logos from PocketBase
- scripts.ts router: resolve local logo paths, resyncScripts now caches logos
- autoSyncService.js: cache logos during background auto-sync
- ScriptDetailModal: show config_path per install method
- ResyncButton: renamed 'Sync Json Files' to 'Sync Scripts'
- GeneralSettingsModal: updated auto-sync description text
- .gitignore: ignore public/logos/ and data/*.db
* feat: migrate from JSON files to PocketBase public API
- Remove all community JSON files from json/ folder (folder kept for user scripts)
- Add pocketbase npm package
- Add pbService.ts: PocketBase singleton client (unauthenticated)
- Add pbScripts.ts: PocketBase queries mirroring the website's API
- Update localScripts.ts: use PocketBase as primary source, local JSON as fallback
- Rewrite scripts.ts router: all data fetching via PocketBase
- Update scriptDownloader.js: derive script paths by convention (type+slug)
instead of relying on explicit JSON paths
- Update autoSyncService.js: fetch scripts from PocketBase instead of JSON files
- Update env.js: add PB_URL, remove JSON_FOLDER requirement
- Update .env.example: document new PB_URL variable
* fix: correct PocketBase URL to db.community-scripts.org
* fix: downgrade @vitejs/plugin-react to ^5 (compatible with vitest@4/vite@6), add .npmrc
* fix: resolve all npm audit vulnerabilities via overrides
- @hono/node-server: >=1.19.10 (authorization bypass fix)
- lodash: ^4.17.23 (prototype pollution fix)
All vulns were transitive deps of prisma CLI internals (@prisma/dev)
* fix: remove .js extensions from TS imports for webpack compatibility
* fix: remove 'source' from ScriptCard literal, fix pbScripts import extension
* fix: restore repository_url as optional in ScriptCard, remove dead repo filters
* fix: resolve all remaining build errors
- resyncScripts: add error field to return type
- ScriptsGrid.tsx: remove 'source' from ScriptCard literal
- autoSyncService.js: add JSDoc types for implicit any params
- githubJsonService.ts: use process.env.JSON_FOLDER directly
- localScripts.ts: fix PB->Script mapping (interface_port, default_credentials,
date_created, logo as null); add website field to getScriptCards()
* fix: use dbUrl fallback for Prisma adapter and align default DB path with prisma.config.ts
- db.ts / db.js: use dbUrl variable (with fallback to pve-scripts.db) instead
of process.env.DATABASE_URL! directly, prevents crash when DATABASE_URL is
not set in environment
- autoSyncService.js: suppress ENOENT error log in loadSettings when .env file
does not exist (return defaults silently instead of printing error)
* fix: align .env.example DATABASE_URL db filename with prisma.config.ts default
- Add resolveServerForSSH() to load full server (including ssh_key_path) from DB
when WebSocket server has id but key auth without valid ssh_key_path
- Call resolver in handleMessage for all start flows (clone, backup, update,
shell, script) so Shell and Update over SSH work with key auth
- Extend ServerInfo typedef with auth_type, ssh_key_path for TypeScript
- Add deleteLocalFilesRemovedFromRepo() to remove local script JSON files
that belong to the synced repo but are no longer in the remote list
- Call it in syncJsonFilesForRepo() before find/sync so stale scripts
no longer appear and download attempts don't 404
- Extend sync return types with deletedFiles; aggregate in syncJsonFiles()
and include removed count in success message
- Use sshpass -f with temp file in transferScriptsFolder so password/passphrase
never go through shell; safe for {, $, ", etc.
- Pass password via SSH_PASSWORD env in testWithExpect instead of embedding
in script
- Add ServerForm hint: SSH key recommended; special chars supported
- Defer resolve in autoDetectLXCContainers (pct/qm list) so stdout is complete
- Pass containerType when opening shell; use qm terminal for VMs, pct enter for LXC
- Add UI hint for VM shell (serial console, Ctrl+O, serial port requirement)
- Rename auto-detect to Containers & VMs and update help text
Fixes#362
- Pass stored pbs_fingerprint as PBS_FINGERPRINT in login, snapshot list, and restore
- Allow empty fingerprint so trusted-CA PBS works without entering one
- Make fingerprint field optional in PBSCredentialsModal with updated helper text
Fixes#438
- Add validateHostname and validateAptCacherAddress (IPv4 or hostname)
- Use new validator for var_apt_cacher_ip; error message: Invalid IPv4 or hostname
- Label: APT Cacher host or IP; placeholder shows IP or hostname example
Fixes#404
- Add repository URL validation for GitHub, GitLab, Bitbucket, and custom hosts
- Add git provider layer (listDirectory, downloadRawFile) for all providers
- Wire githubJsonService and scriptDownloader to use provider; sync/download from any supported source
- Update GeneralSettingsModal placeholder and help text; .env.example and env schema for GITLAB_TOKEN, BITBUCKET_APP_PASSWORD
Closes#406
- Add var_tun to advanced defaults (default: no)
- Add TUN/TAP (VPN) dropdown in Container Features section for /dev/net/tun
- Enables Tailscale, WireGuard, OpenVPN in LXC containers via GUI
- Add bulk update button on Downloaded Scripts tab
- Use existing loadMultipleScripts API for all downloaded script slugs
- Confirmation modal before running (may take several minutes)
- Inline result: success/fail counts, hover for failed slugs
- Invalidate getAllDownloadedScripts and getScriptCardsWithCategories on success
