#metabrainz

/

      • d4rkie has quit

        • 2025-08-14 22643, 2025

      • d4rkie joined the channel

        • 2025-08-14 22635, 2025

      • d4rkie has quit

        • 2025-08-14 22602, 2025

      • d4rkie joined the channel

        • 2025-08-14 22648, 2025

      • Chris[m]12 has quit

        • 2025-08-14 22606, 2025

      • lusciouslover has quit

        • 2025-08-14 22617, 2025

      • lusciouslover joined the channel

        • 2025-08-14 22637, 2025

      • lusciouslover has quit

        • 2025-08-14 22659, 2025

      • lusciouslover joined the channel

        • 2025-08-14 22616, 2025

      • spynxic has quit

        • 2025-08-14 22639, 2025

      • spynxic joined the channel

        • 2025-08-14 22603, 2025

      • ijc has quit

        • 2025-08-14 22643, 2025

      • ijc joined the channel

        • 2025-08-14 22606, 2025

      • holycow23[m]
        <lucifer[m]> "holycow23: just the one merged..." <- Thanks for reviewing the same, I think we can go to the Era Stats next

        • 2025-08-14 22655, 2025

      • SigHunter has quit

        • 2025-08-14 22652, 2025

      • SigHunter joined the channel

        • 2025-08-14 22625, 2025

      • d4rkie has quit

        • 2025-08-14 22610, 2025

      • d4rkie joined the channel

        • 2025-08-14 22622, 2025

      • milkii has quit

        • 2025-08-14 22639, 2025

      • milkii joined the channel

        • 2025-08-14 22622, 2025

      • __BrainzGit
        [musicbrainz-server] 14reosarevok merged pull request #3609 (03master…break-and-unbreak-selenium): Break and unbreak selenium https://github.com/metabrainz/musicbrainz-server/…

        • 2025-08-14 22650, 2025

      • suvid[m]
        Hi lucifer: in the mean time

        • 2025-08-14 22650, 2025

      • suvid[m]
        Could you pls test the sql queries for fetching track name and album name from Spotify id on staging with the data?

        • 2025-08-14 22650, 2025

      • suvid[m]
        I've committed the latest backend code in the pr

        • 2025-08-14 22632, 2025

      • DjSlash has quit

        • 2025-08-14 22637, 2025

      • lusciouslover has quit

        • 2025-08-14 22659, 2025

      • lusciouslover joined the channel

        • 2025-08-14 22608, 2025

      • lusciouslover has quit

        • 2025-08-14 22627, 2025

      • lusciouslover joined the channel

        • 2025-08-14 22632, 2025

      • DjSlash joined the channel

        • 2025-08-14 22651, 2025

      • duanin2 joined the channel

        • 2025-08-14 22615, 2025

      • SothoTalKer has quit

        • 2025-08-14 22615, 2025

      • SothoTalKer joined the channel

        • 2025-08-14 22648, 2025

      • nobiz has quit

        • 2025-08-14 22635, 2025

      • nobiz joined the channel

        • 2025-08-14 22627, 2025

      • nobiz has quit

        • 2025-08-14 22634, 2025

      • monkey[m]
        suvid: Hi! Can I get a recap please? What issue are you facing, and what did you try to resolve it? Do you have the code up somewhere already?

        • 2025-08-14 22617, 2025

      • monkey[m]
        Overall I think you need to mock the server response to pretend that an import was registered

        • 2025-08-14 22615, 2025

      • duanin2 has quit

        • 2025-08-14 22623, 2025

      • Maxr1998_ joined the channel

        • 2025-08-14 22636, 2025

      • duanin2 joined the channel

        • 2025-08-14 22630, 2025

      • Maxr1998 has quit

        • 2025-08-14 22617, 2025

      • lucifer[m]
        suvid: what tests do you want to exclude? but most probably, no we should not exclude it.

        • 2025-08-14 22651, 2025

      • lucifer[m]
        holycow23: also, related i just realised the PRs (including the one that was merged) are missing tests for the stats apis.

        • 2025-08-14 22603, 2025

      • suvid[m]
        lucifer[m]: That cancel and refresh buttons are visible when listen import is in progress

        • 2025-08-14 22622, 2025

      • suvid[m]
        I just can't get that condition working in test

        • 2025-08-14 22622, 2025

      • suvid[m]
        Getting multiple router errors

        • 2025-08-14 22644, 2025

      • lucifer[m]
        share the error that you are getting in a gist.

        • 2025-08-14 22646, 2025

      • suvid[m]
        And many other errors as well... (full message at <https://matrix.chatbrainz.org/_matrix/media/v3/download/chatbrainz.org/nQPgDziiLrZaMocsnJNlHelF>)

        • 2025-08-14 22658, 2025

      • suvid[m]
        I'm traveling right now

        • 2025-08-14 22658, 2025

      • suvid[m]
        Will share by tonight

        • 2025-08-14 22617, 2025

      • suvid[m]
        Like I tried many things

        • 2025-08-14 22617, 2025

      • suvid[m]
        But none seemed to work

        • 2025-08-14 22621, 2025

      • monkey[m]
        suvid[m]: And that's why we won't be replaced just yet

        • 2025-08-14 22649, 2025

      • suvid[m]
        <monkey[m]> "Overall I think you need to mock..." <- Yes I also thought this only

        • 2025-08-14 22649, 2025

      • suvid[m]
        I tried mocking the state as well

        • 2025-08-14 22602, 2025

      • suvid[m]
        It also gave some ts errors when I try to import the globalappcontext

        • 2025-08-14 22624, 2025

      • suvid[m]
        It was getting a bit complicated

        • 2025-08-14 22632, 2025

      • monkey[m]
        I tried running the test file, i get an error about rendering Router inside another Router

        • 2025-08-14 22635, 2025

      • suvid[m]
        And this is my first time writing frontend tests

        • 2025-08-14 22651, 2025

      • monkey[m]
        See renderWithProviders renders a router by default

        • 2025-08-14 22642, 2025

      • monkey[m]
        There is an option to not render with a router if you want to provide your own

        • 2025-08-14 22617, 2025

      • monkey[m]
        So either do that, or instead of rendering a RouterProvider, you can render the importListens conponent directly

        • 2025-08-14 22648, 2025

      • suvid[m]
        I think rendering importlistens directly would be better ig?

        • 2025-08-14 22606, 2025

      • suvid[m]
        I will provide the imports array with one import completed and one ongoing

        • 2025-08-14 22617, 2025

      • suvid[m]
        But that also seems to not display the cancel and refresh buttons

        • 2025-08-14 22625, 2025

      • suvid[m]
        It just says not found on text matching

        • 2025-08-14 22639, 2025

      • nobiz joined the channel

        • 2025-08-14 22625, 2025

      • monkey[m]
        suvid: Your router setup and server mocks don't use the correct paths:

        • 2025-08-14 22625, 2025

      • monkey[m]
        For the router, the initialEntry should be the page URL, which is "/settings/import/" and not "/settings/import-listens/" which is the API endpoint.

        • 2025-08-14 22625, 2025

      • monkey[m]
        The first API mock should be "/settings/import-listens/list" and not "/settings/import-listens" which doesn't exist as a GET endpoint.

        • 2025-08-14 22605, 2025

      • monkey[m]
        Seeing another unrelated issue, let me look into it quick

        • 2025-08-14 22607, 2025

      • suvid[m]
        Yes I had fixed it afterwards

        • 2025-08-14 22615, 2025

      • suvid[m]
        Would push latest code tonight

        • 2025-08-14 22640, 2025

      • monkey[m]
        Ah. Best to push before asking for help so we don't duplicate efforts

        • 2025-08-14 22613, 2025

      • monkey[m]
        The issue I'm hitting is an issue with JSDom I think: TypeError: RequestInit: Expected signal ("AbortSignal {}") to be an instance of AbortSignal

        • 2025-08-14 22633, 2025

      • holycow23[m]
        <lucifer[m]> "holycow23: also, related i..." <- Will look into it, and create a PR for the same

        • 2025-08-14 22638, 2025

      • mamanullah7[m]
        lucifer: can you restart the funkwhale server?

        • 2025-08-14 22630, 2025

      • lucifer[m]
        done

        • 2025-08-14 22649, 2025

      • mamanullah7[m]
        Thanks!

        • 2025-08-14 22653, 2025

      • kellnerd[m] has quit

        • 2025-08-14 22658, 2025

      • __BrainzGit
        [listenbrainz-server] 14MonkeyDo opened pull request #3343 (03master…artist-similarity-algorithms): Use AlgorithmEnum in artist similarity labs API https://github.com/metabrainz/listenbrainz-server…

        • 2025-08-14 22606, 2025

      • bitmap[m] has quit

        • 2025-08-14 22634, 2025

      • bwebbo[m] has quit

        • 2025-08-14 22636, 2025

      • lucifer[m]
        monkey: do you still have a copy of extended streaming history around? need some files to test.

        • 2025-08-14 22650, 2025

      • monkey[m]
        Yes, can send you mine if you want

        • 2025-08-14 22605, 2025

      • lucifer[m]
        that'd be great, yes.

        • 2025-08-14 22644, 2025

      • monkey[m]
        lucifer: Do you need the whole zipfil? It's 8MB. Otherwise I can send one file

        • 2025-08-14 22606, 2025

      • lucifer[m]
        whole zipfile would be best

        • 2025-08-14 22626, 2025

      • monkey[m]
        OK. Email?

        • 2025-08-14 22623, 2025

      • lucifer[m]
        sounds good.

        • 2025-08-14 22642, 2025

      • lucifer[m]
        thanks!

        • 2025-08-14 22642, 2025

      • mamanullah7[m]
        lucifer: wanna ask you about how should we handle salts for navidrome? worst we can do is to store salta in db and update each time?

        • 2025-08-14 22642, 2025

      • mamanullah7[m]
        When i tried to store `md5(password+random salt)` in db as `access token` and tried sending request with ramdom salt then it fails as their end the password is not matching because salt is mismatching ?

        • 2025-08-14 22630, 2025

      • lucifer[m]
        m.amanullah7: push the code and i'll take a look.

        • 2025-08-14 22654, 2025

      • lucifer[m]
        monkey: it seems spotify has changed at least the file name format in the last year or so in their dumps.

        • 2025-08-14 22624, 2025

      • rayyan_seliya123
        Hey monkey: can u pleas have a look to my frontend pr as mentioned earlier I have updated some code !! Would love to know if anything is lacking! Thx

        • 2025-08-14 22634, 2025

      • mamanullah7[m]
        lucifer: i've removed above mentioned approch tried new approch by encrypting the password and then decrypt using key before sending request and then `md5(pass+salt)` and thats resolve the above problem of mismacthing of salt? what you say is it correct approch?

        • 2025-08-14 22631, 2025

      • lucifer[m]
        m.amanullah7: i don't think encrypting + decrypting the password is affecting the salt authentication, there's likely a different bug in your code.

        • 2025-08-14 22605, 2025

      • lucifer[m]
        but i am fine storing the password in encrypted form.

        • 2025-08-14 22614, 2025

      • lucifer[m]
        add the key as a config variable.

        • 2025-08-14 22603, 2025

      • mamanullah7[m]
        lucifer: its not affecting its working fine? but storing a md5(pass+salt) in db affecting because we are not hardcoding salt creating random one, the salt we use to while connecting and while requesting is different thats mismatch and the we get wrong password in response!

        • 2025-08-14 22640, 2025

      • lucifer[m]
        yes that is right, but i assumed you were storing the password itself and not the md5(pass+salt).

        • 2025-08-14 22606, 2025

      • lucifer[m]
        the subsonic auth recommends that you use a random salt everytime but then you would need to store the password itself.

        • 2025-08-14 22607, 2025

      • mamanullah7[m]
        lucifer[m]: Sure i'm doing same!

        • 2025-08-14 22612, 2025

      • lucifer[m]
        either is fine by me.

        • 2025-08-14 22647, 2025

      • mamanullah7[m]
        lucifer: the current approach i'm using is storing a encrypted pass and while sending request we decrypt pass and the hash (md5+random salt) and then sending request which is working fine for me! not using a hardcoded salt for security resaons!

        • 2025-08-14 22608, 2025

      • lucifer[m]
        okay, let me know when you have pushed the code and i'll check it out

        • 2025-08-14 22636, 2025

      • mamanullah7[m]
        lucifer: Sure i'll test once and then will push!! i've setup navidrome locally its working fine for me but will be better if you create a nav server as well like fw!

        • 2025-08-14 22652, 2025

      • lucifer[m]
        will do.

        • 2025-08-14 22659, 2025

      • rayyan_seliya123
        Hey lucifer: any updates on my pr and anything more need to refactored do ping me !!

        • 2025-08-14 22615, 2025

      • lucifer[m]
        haven't reviewed it yet. will try to do soon.

        • 2025-08-14 22645, 2025

      • rayyan_seliya123
        lucifer[m]: Sure ! Eager to know !

        • 2025-08-14 22622, 2025

      • mamanullah7[m]
        lucifer[m]: lucifer: Thanks!! it will be easy for testing if i add frontend also! i'll add both and push and let you know!

        • 2025-08-14 22606, 2025

      • lucifer[m]
        mayhem: how comfortable are you with adding a zip bomb generator or zip bomb file to the codebase? 🤔

        • 2025-08-14 22615, 2025

      • lucifer[m]
        for testing purposes ofc...

        • 2025-08-14 22640, 2025

      • mayhem[m]
        I would like to defer that question to zas please.

        • 2025-08-14 22643, 2025

      • lucifer[m]
        additional context for zas, we are accepting user uploads for importing listens and i want to add one of the above to validate that the code rejects malicious attacks.

        • 2025-08-14 22640, 2025

      • lucifer[m]
        the docker container in production will be updated to have memory limits but still the code should try to reject as many cases as possible before trying to extract.

        • 2025-08-14 22642, 2025

      • mayhem[m]
        could we add a zip that is not a zip bomb, but quite large, so large that it exceeds the max unzip limit we set?

        • 2025-08-14 22605, 2025

      • lucifer[m]
        would make it difficult to clone the repo.

        • 2025-08-14 22608, 2025

      • mayhem[m]
        bbbbbbbb

        • 2025-08-14 22625, 2025

      • mayhem[m] cleans his keyboard

        • 2025-08-14 22605, 2025

      • lucifer[m]
        could use git lfs but its a hassle to set it up for just one file/test case.

        • 2025-08-14 22628, 2025

      • mayhem[m]
        get AI to setup it up for you?

        • 2025-08-14 22614, 2025

      • lucifer[m]
        sure but i think everyone who wants to run the tests locally would need to set it up locally.

        • 2025-08-14 22648, 2025

      • lucifer[m]
        we could move the zip bomb tests behind a mark so that it is not run by default.

        • 2025-08-14 22624, 2025

      • lucifer[m]
        but i think we'd want to run all tests in CI and that downloading a large file would slow it down somewhat too.

        • 2025-08-14 22625, 2025

      • lucifer[m]
        the script is the easiest way tbh, just repeat the same text in a couple of files a million times and compress it to a in memory file and pass it to the code to asset that it rejects it.

        • 2025-08-14 22606, 2025

      • mayhem[m]
        what if we made the zip bomb checker an entirely different project in a single container with a single API call?

        • 2025-08-14 22657, 2025

      • mayhem[m]
        still has the download problem.

        • 2025-08-14 22616, 2025

      • mayhem[m]
        is a binary zip bomb checker available for download? why if so, include that in the docker container?

        • 2025-08-14 22626, 2025

      • mayhem[m]
        s/why//

        • 2025-08-14 22658, 2025

      • lucifer[m]
        a test would still be needed to check that it works/is being used by the relevant code. and as for the checker one can't really be sure until during the decompression, i've added the basic defense layers in the code and will test manually for now.

        • 2025-08-14 22614, 2025

      • lucifer[m]
        and will impose memory restrictions on the background tasks container in production if there are any cases that aren't caught yet.

        • 2025-08-14 22639, 2025

      • prout has quit

        • 2025-08-14 22637, 2025

      • prout joined the channel

        • 2025-08-14 22645, 2025

      • julian45[m] has quit

        • 2025-08-14 22627, 2025

      • Techman has quit

        • 2025-08-14 22628, 2025

      • yvanzo has quit

        • 2025-08-14 22628, 2025

      • mruszczyk has quit

        • 2025-08-14 22628, 2025

      • \- has quit

        • 2025-08-14 22629, 2025

      • saumon has quit

        • 2025-08-14 22629, 2025

      • kepstin has quit

        • 2025-08-14 22630, 2025

      • tykling has quit

        • 2025-08-14 22631, 2025

      • Hobbyboy has quit

        • 2025-08-14 22632, 2025

      • spynxic has quit

        • 2025-08-14 22633, 2025

      • RetroPunk has quit

        • 2025-08-14 22634, 2025

      • irimi1 has quit

        • 2025-08-14 22634, 2025

      • djl has quit