* preserve runtime camera toggles across config saves
Runtime toggles (camera on/off, detect, recordings, snapshots, audio) mutate the in-memory config and persist an override to .runtime_state.json. /api/config/set re-parses yaml into a fresh FrigateConfig and swaps it in, re-applying the yaml and profile layers but dropping the runtime layer, so a camera turned off from the dashboard came back on when an unrelated camera was saved. The workers were never notified, so it only appeared to come back: the UI streamed go2rtc while ffmpeg stayed stopped.
Extract the startup replay into Dispatcher.apply_runtime_state() and call it from config_set after the swap, re-layering the overrides and republishing them so workers and the UI reconverge.
Remove the broad clear_runtime_state() from ProfileManager.update_config, which is only ever reached from config_set: with a profile active, every save wiped every camera's overrides from disk. The broad wipe stays in activate_profile, where a real profile switch does invalidate the steady state. Saves still clear the keys they rewrote via clear_runtime_state_for_yaml_keys, so yaml wins where the two disagree.
* sync runtime config on camera delete and prune its overrides
Deleting a camera re-parsed yaml into a fresh FrigateConfig but only rebound app.frigate_config and genai_manager, never dispatcher.config (nor profile_manager, stats_emitter, or the runtime overrides). The API and the dispatcher then drifted onto different config objects until the next config save re-synced them, so the API reported surviving cameras with their yaml enabled state while the dispatcher still acted on their real runtime state.
Extract the config swap that config_set already does into a shared swap_runtime_config helper and call it from both sites, so every collaborator is rebound and the surviving cameras' runtime toggles are re-layered. Also drop the deleted camera's persisted overrides via a new clear_camera so a camera later added under the same name does not inherit them.
* Pin ruff
* Add python upgrade fixes
This enables python upgrade checks in ruff to look for deprecated types and patterns. This namely fixes:
- usage of deprecated `Typing` which is now built in
- some specific exceptions which are caught and have new aliases
Some specific UP checks were also ignored as they are stylistic / unimportant and likely to cause bugs
* Remove async blocking calls
Use asyncio.to_thread on two remaining blocking calls to fix hanging event thread loop. Enable this specific rule to block it in the future.
* Use proper logging mechanism
* Correctly format logs
* Raise with context
When raising an exception include the from context to improve debugging
* Cleanup
Resolve conflicts in the export pipeline where dev's job-queue refactor
met master's chapter-metadata and security work.
- Unify chapter support under ChaptersEnum (none / recording_segments /
review_items); the realtime stream-copy export selects the per-segment
or per-review-item builder by the camera's configured mode. Thread
chapters through ExportRecordingsBody -> _build_export_job -> ExportJob
-> RecordingExporter.
- Keep master's creation_time/comment export metadata and fix a
video_path duplication the textual merge introduced in the preview
command.
- Move the chapters request field to ExportRecordingsBody (the single
export endpoint) where it is actually honored.
Restore security fixes the automatic merge would have reverted:
- frigate/util/services.py: restore the #23493 rename to the public
is_go2rtc_arbitrary_exec_allowed so create_config.py's dynamic-source
exec guard imports and runs (the merge otherwise left a broken import).
- Preserve the export image-path ".." traversal check inside
_sanitize_existing_image, applied to single/custom/batch exports.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* use stable empty object reference for swr metadata default
* version bump
* Refactor get_min_region_size for dimension normalization
Refactor get_min_region_size to normalize dimensions for smaller models and ensure minimum region size is 320 for larger models.
* reject restricted go2rtc stream sources when added via api
* add env var check function
* fix typing
---------
Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>
* sync filter entries with track and listen labels
- Auto-populate `audio.filters` from `audio.listen` instead of the full audio labelmap, matching how `objects.filters` is keyed by `track` (no longer need to populate the full audio labelmap, which was added in #22630)
- Synthesize the matching filter entries in the settings form on load so each track/listen label shows its collapsible after a profile is selected, since the backend's auto-populate only runs at config init
* translate main label for lifecycle description with attribute
* reject restricted go2rtc stream sources when added via api
* add env var check function
* restrict viewer access to logs, labels, and go2rtc stream list
* filter stats data for non admins
* track creator on vlm watch jobs and scope view/cancel to admin or creator
* add shortcut for admins in /stats
* add guards to reject missing sub commands
* mask/zone bugfixes
- fix websocket crash when creating a new mask or zone before a name is assigned
- fix deleted masks and zones not disappearing from the list until navigating away
- fix deleting profile override not reverting to the base mask in the list
- fix inertia defaulting to nan
* disable save button on invalid form state
* fix validation for speed estimation
* ensure polygon is closed before allowing save
* require all masks and zones to be on the base config
* clarify dialog message and tooltip when removing an override
* clarify docs
* Fix jetson stats reading
* Return result
* Avoid unknown class for cover image
* fix double encoding of passwords in camera wizard
* formatting
* empty homekit config fixes
* add locks to jina v1 embeddings
protect tokenizer and feature extractor in jina_v1_embedding with per-instance thread lock to avoid the "Already borrowed" RuntimeError during concurrent tokenization
* Capitalize correctly
* replace deprecated google-generativeai with google-genai
update gemini genai provider with new calls from SDK
provider_options specifies any http options
suppress unneeded info logging
* fix attribute area on detail stream hover
---------
Co-authored-by: Josh Hawkins <32435876+hawkeye217@users.noreply.github.com>
* digest auth backend
* frontend
* i18n
* update field description language to include note about onvif specific credentials
* mask util helper function
* language
* mask passwords in http-flv and others where a url param is password
* backend api endpoint
* don't add no-credentials version of streams to rtsp_candidates
* frontend types
* improve types
* add optional probe dialog to wizard step 1
* i18n
* form description and field change
* add onvif form description
* match onvif probe pane with other steps in the wizard
* refactor to add probe and snapshot as step 2
* consolidate probe dialog
* don't change dialog size
* radio button style
* refactor to select onvif urls via combobox in step 3
* i18n
* add scrollbar container
* i18n cleanup
* fix button activity indicator
* match test parsing in step 3 with step 2
* hide resolution if both width and height are zero
* use drawer for stream selection on mobile in step 3
* suppress double toasts
* api endpoint description
* Migrate camera APIs to separate tag
* Implement reolink detection to handle dynamic URL assignment
* Cleanup codec handling
* Use average framerate not relative framerate
* Add reolink rtsp warning
* Don't return exception
* Use avg_frame_rate in final info
* Clenaup
* Validate host
* Fix overlap