v0.7.1

Security Fixes

• Addressed multiple vulnerabilities identified in the v0.7.0 security audit.
• Moved yt-dlp credential passing from CLI arguments to secure temporary configuration files to prevent process list leakage.
• Enforced strict 0o600 POSIX permissions on aria2c temporary configuration files to protect generated RPC secrets.
• Replaced the unauthenticated local connection protocol with a secure HMAC-SHA256 signature validation.
• Excluded sensitive properties like rpcSecret and rpcPort from DownloadItem serialization so they are never saved to disk in plaintext.
• Mitigated SSRF (Server-Side Request Forgery) by strictly validating metadata fetch requests against private IP addresses and loopback ranges.
• Prevented potential path traversal vulnerabilities by validating destination file URLs during duplicate resolution.
• Sanitized custom HTTP headers to prevent CR/LF injection vectors.
• Re-architected aria2c port-finding with POSIX sockets to eliminate a known race-condition window.
• Applied rate-limiting and text length bounds to the custom firelink:// scheme to mitigate DoS and injection attempts.

Fixes

• Fixed a metadata extraction timeout when downloading from YouTube by preventing child processes from holding process pipes open.
• Resolved an issue to correctly assign filenames for auto-captured downloads.
• Restored the UUID fallback for token generation to prevent silent failures if secure random byte generation fails.
• Hardened local API security by immediately rejecting requests if the expected pairing token is completely empty.
• Implemented a thread-safe cleanup mechanism for temporary directories to resolve a concurrency race condition during engine cancellation.
• Increased the yt-dlp metadata extraction timeout to 120 seconds to properly handle YouTube's new JavaScript Proof-of-Work bot protection challenges.
• Improved the AddDownloadsView UI to display the exact underlying error message during extraction failures rather than a generic masked string.