v1.2.0

Security Hardening (56 tasks)

What changed

• Centralized validation module (validation.py) with parameter validators and allowed-value constants
• Shared FFmpeg helpers (ffmpeg_helpers.py) — deduplicated escape, validate, run utilities
• FFmpeg filter injection prevention on all 82 tools — all numeric params sanitized before interpolation
• Color validation hardened — whitelist CSS named colors + hex + 0xRRGGBB format
• Null byte rejection on all input paths across all engines
• Server-side parameter validation on all 82 tools (crf, preset, format, transitions, audio, AI, Remotion)
• except Exception fallback on all tool functions — no raw exceptions leak to MCP framework
• Timeout (600s) on all subprocess.run calls in ai_engine.py

Engine bug fixes

• Fixed _run_ffmpeg_with_progress deadlock (stdout PIPE → DEVNULL)
• Fixed convert() hardcoded /dev/null → os.devnull
• Fixed resize() division by zero on zero-dimension videos
• Fixed _build_pitch_shift_filter() atempo chaining for extreme semitone values
• Fixed generate_subtitles() — validates entries have required keys
• Fixed write_metadata() — removed overly restrictive = check on values
• Fixed extract_audio() — format whitelist validation
• Fixed _auto_output() — prevents overwriting input file
• Fixed audio_waveform() — removed broken ffprobe fallback
• Fixed speed() — caps atempo chain count at 20
• Fixed storyboard() — removed unused tmpdir
• Fixed _escape_ffmpeg_filter_value — backslash handling, added semicolon escaping

AI engine fixes

• Null-byte rejection on all 7 public functions
• Timeout on all subprocess.run calls
• Fixed _match_reference_colors() — narrowed except clause
• Fixed ai_color_grade() — create parent directories for output
• Fixed audio_spatial() — clamped volume value

Tests

• 832 tests total (707 fast, 116 slow/remotion)
• 20 new adversarial and server validation tests

Full Changelog: v1.1.5...v1.2.0