You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Added queryPort support for better server querying
Implemented progressive server reveal
Added diff-based rendering for improved performance
Settings & Layout
Configurable server list page size (default 50, range 10–500)
Compact / Comfortable display mode toggle (compact is default)
Compact mode: tighter server table rows, detail rows, mod pills, filters, stats bar, toolbar, settings cards, diagnostics entries, and favorites inputs
Fixed applyTheme wiping compact-mode body class on restart
Settings cards restructured: Performance Tuning in right column, remaining cards in 2-column grid on left
Network Polling fields arranged in two-column row, label shortened
Header padding reduced (20px → 10px) and main content padding reduced (30px → 15px) for tighter layout
Server List
Pagination bar moved inside table card as sticky bottom bar — always visible, never cuts rows
Pagination text changed from "READOUTS" to "SERVERS"
Server rows always display fully without being cut off mid-row
Bug Fixes
Fixed applyServerListMode hoisting issue preventing compact mode from persisting across restarts
Security & Stability Fixes
Replaced exec() with execFile() in get-disk-space, checkGameMode, and game launch handlers — prevents command injection via user-supplied launch params, Proton paths, and directory paths
Added URL scheme validation to openExternal — only http:// and https:// allowed
Added modId regex validation (/^\d+$/) on subscribe-mod before constructing steam:// URLs
Added path traversal protection in deleteMod and openModFolder — modId validated as numeric, resolved path verified to stay within mod directory
Fixed admin token auth bypass in server portal — empty ADMIN_TOKEN now properly denies DELETE (was false && ...), converted DELETE endpoint to async/await
Restricted checkPathExists to known directories (Steam, home, system paths)
Added escapeHtml sanitization on all innerHTML assignments containing user/server-supplied data — prevents XSS via mod names, server names, diagnostic descriptions
Settings merge now only accepts known keys — prevents prototype pollution via corrupted settings file
Bug Fixes
Added mangoHudEnabled: false to default settings — MangoHud feature was permanently disabled (missing from defaults)
Fixed before-quit handler — added 5s timeout on Steamworks shutdown, .catch() guard; app no longer hangs on quit
Fixed showConfirmModal overlay click listener never being removed — no more event listener leak on repeated confirm dialogs
Fixed Steam sync polling interval never clearing on transient errors — added 300-retry max
Fixed _resortTimer race condition — now clears previous timer before scheduling a new one
Fixed empty server (0/0) incorrectly getting "high" population badge
Added 200ms debounce on search input — no more renderServers() on every keystroke
Fixed countryToFlag now validates with /^[A-Za-z]{2}$/ before generating flag characters
Fixed NaN potential in storage map width calculation when space data is missing
Added parseInt radix (10) to all parse calls
Fixed log parser — .MDMP/.LOG files now caught by case-insensitive extension check
Fixed UTF-8 boundary split in log buffer reading — aligns to next newline to avoid corrupting multi-byte characters
Fixed telemetry buffer over-allocation after UTF-8 boundary adjustment (buffer now sized to actual remaining bytes)
Added parseFavKey() helper handling IPv6 addresses ([::1]:2302) — replaces all favKey.split(':') throughout renderer
Fixed two colspan="5" remnants in mod manager dynamic rows — now colspan="6" matching the 6-column table
Added missing .table-scroll wrapper to mod manager table — scrolling now works (matched server browser structure)
Fixed escapeHtml, MAP_NAMES, MAP_NORMALIZE, parseFavKey scope — moved to module level so diagnostics tab can access them
Fixed settings unavailable in loadDiagnostics — stored on window._settings before DOMContentLoaded callback closes
Fixed empty Steam subscription list hiding all installed mods — now treats empty [] differently from null
Added error logging to previously empty catch blocks in servers.js, serverQuery.js
Removed ICMP Ping Fallback
Game servers routinely block ICMP ping, causing "Ping fallback failed" spam on every refresh
pingServer now only delegates to queryServerGameDig — no more ICMP fallback
Removed unused execFile and util imports from serverQuery.js
Steamworks Fixes
Fixed worker init response format — now sends {id, result, error} consistent with manager expectations
Added await on workshop.download() — download failures no longer silently ignored
Added BigInt validation with try/catch — prevents crashes on invalid mod IDs
Added default response for unknown message types — prevents hanging in pending requests
Added 30s timeout to all pending worker requests — no more permanent Promise leaks
Added proper SIGTERM cleanup in worker — Steamworks client now disconnects before exit
Dependency Resolver & Updater Fixes
Dependency cache no longer permanently caches error or truncated results
Cache key now includes depth — prevents stale truncated results at different call depths
getFlatList now uses Set for O(1) duplicate checking (was O(n²))
Version comparison now handles pre-release tags (1.0.0-beta vs 1.0.0) gracefully
Auto-update check errors now logged instead of silently discarded
Added removeServerListeners counterpart for server event cleanup
onUpdateNotAvailable now passes value parameter for API consistency
Server batch events now guard against destroyed event.sender before calling .send()
Code Quality
Moved require('child_process') and require('fs') from inside IPC handlers to top-level imports in main.js
Extracted triplicated mapNames object into shared MAP_NAMES/MAP_NORMALIZE constants in renderer.js
Moved require('fs').promises to module level in modManager.js
Fixed win.loadFile to use path.join(__dirname, 'index.html') — no more relative path loading
Server portal rate limiter now prunes expired entries to prevent unbounded memory growth
Code Review & Performance Optimization
Application Stability: Added isQuitting flag to before-quit handler to fully prevent app freezing on rapid exits.
Settings Integrity: Added autoRefreshEnabled, autoRefreshTime, favoriteNames, and modLoadouts to the default settings whitelist so they are no longer wiped on restart.
UI Architecture: Extracted a massive inline script block from index.html into a new ui-behavior.js file for maintainability.
Renderer Performance: Added a 200ms debounce to updateStatsInline to prevent UI thrashing during high-concurrency server sweeps.
State Management: Fixed a race condition in fetchServers by safely merging new ping data into allServers instead of overwriting the array.
Network Performance: Tuned BG_CONCURRENCY down to 200 to ease the burden on local socket resources and router NAT tables while maintaining high scan speeds.
Audio Reliability: Converted playAudioFeedback to use a lazily-loaded singleton AudioContext with .resume(), permanently fixing UI sounds dropping out after rapid clicking.
Mod Manager Stability: Refactored getFolderSize in modManager.js to use an iterative queue pattern instead of recursion, eliminating EMFILE stack crashes on massive Workshop folders.
Steam Resolver Efficiency: Changed resolveBatchDependencies to use Promise.all for parallel mod metadata lookups instead of slow sequential fetching.
DRY Code Quality: rendererUtils.js is now included globally in index.html, allowing the removal of 60 lines of duplicated utility functions from renderer.js.
Performance Optimization
Optimized server sorting by precomputing favorites Set (replaces O(n) array .includes() with O(1) Set.has())
Optimized favorites lookup and name filtering
Security Fixes
Fixed [HIGH] DOM XSS vulnerability in showToast
Accessibility & UI
Improved accessibility for icon-only buttons and search input
Documentation & Tests
Rewrote and improved main README.md with comprehensive documentation
Added unit tests and significantly improved test coverage
