Skip to content

v1.6.0 — Guided subgen setup

Choose a tag to compare

@coaxk coaxk released this 15 Jun 15:42
42e769f

subarr now configures Whisper for your hardware. No migrations, no config changes for existing installs — just a smoother first run.

Highlights

🎯 Guided subgen setup (#231)

A detect → guide → apply flow in the onboarding wizard, plus a new Settings → Subgen tuning panel. subarr:

  • Detects your GPU — its own nvidia-smi, falling back to a Docker-runtime probe, then a paste-the-output manual path.
  • Recommends a Whisper model from your VRAM.
  • Derives the compute type from compute capability (float16 on Volta+, int8 on older cards, int8_float16 when VRAM is tight) — with the reasoning shown, not hidden.
  • Delivers the config either as a copy-paste compose/env block (works with any subgen) or applied live via the subarr-subgen runtime endpoint.

Pairs with subarr-subgen r9, which bakes the tuned kwargs + strongpad regroup, adds an entrypoint device-guard, and exposes the runtime-config endpoint.

🔓 No-auth warning banner (#238)

subarr ships with no authentication by default. The dashboard now warns (dismissible) when none is configured — a default install is an informed choice, not a silent exposure. Backed by a new unauthenticated GET /api/auth-status that reports only the boolean.

📊 Aftercare score breakdown

Hover a flagged subtitle's composite score to see the contributing signals — looping, hallucination, ad/boilerplate, sync overrun — and readability counts.

Fixed

  • Log injection (CWE-117, #239) — webhook fields and canonical paths are scrubbed of control characters before logging.
  • Dev images no longer nag a backward update (#233)dev-<sha> subgen tags are treated as unreleased.
  • Tautulli/Ollama versions now show in Settings; the Updates page compares versions v-prefix-insensitively (no more 1.6.0 → v1.6.0 phantom upgrade).

Security / ops

  • Hardened compose example (cap_drop: ALL, no-new-privileges), documented Swagger/OpenAPI at /docs, CodeQL added as a gate, and a daily security-drift check that fails on any open HIGH code-scanning alert.

Full changelog: https://github.com/coaxk/subarr/blob/main/CHANGELOG.md