Skip to content

BirdNET-Go 20260716

Latest

Choose a tag to compare

@tphakala tphakala released this 16 Jul 19:52
e783b54

This is primarily a bug-fix release. It restores the range filter for arm64 (Raspberry Pi) Docker users whose species list had blown open to thousands of out-of-region species, closes an authentication middleware gap where a malformed Authorization header could let a protected handler run anyway, and fixes two database-migration edge cases that could delete a migrated database or crash-loop a fully migrated install on startup. It also adds cross-host install migration over SSH, stops the media API from showing broken audio/spectrogram players while an extended-capture clip is still being written, and corrects CPU temperature reporting on the Health page.

New Features

Cross-Host Install Migration over SSH

Moving BirdNET-Go to a new machine (for example a Raspberry Pi 4 to a Pi 5) no longer means copying files by hand and redoing the service setup. Run install.sh --migrate (or --migrate-from <host> to name the source non-interactively) on the new host and it pulls your config, SQLite database, and audio clips from the old host over SSH, then reconfigures the systemd service for the new machine while preserving your web port, TLS, metrics, and timezone settings. It verifies the old service is stopped, checks free disk space before the transfer, runs a SQLite integrity check, and never overwrites existing data on the target (any existing install is moved aside to a timestamped backup). apt + systemd Linux only; no macOS or Windows (#3934).

Security

  • Auth middleware now fails closed on bad credentials. A request to an auth-protected API route carrying a malformed Authorization header or an invalid token wrote a 401 but then still ran the route handler, because the abort was not propagated. The middleware now terminates the chain so protected handlers never execute after an authentication failure (#3930, fixes #3929).

Bug Fixes

Detection & Classification

  • Range filter restored on arm64 / Raspberry Pi Docker. On ONNX-only arm64 images the default rangefilter.model: latest silently failed to load, so the active species list jumped from around 100 for your location to 6000+ and out-of-range species started showing up. The latest default now auto-selects the shipped ONNX range-filter model, restoring the same regional filtering as before with no download. If you had gotten used to the unfiltered results, out-of-range species will be suppressed again (#3933, fixes #3932).

Audio & Streaming

  • FFmpeg RTSP timeouts now trigger the audio-only fallback. An RTSP source whose FFmpeg connection timed out without ever delivering data was treated as a clean end-of-stream, so the audio-only capture fallback never engaged and the stream went silent. That timeout is now detected and recorded so the fallback kicks in correctly (#3937, fixes #3936).

Media

  • Audio and spectrogram players no longer break for extended-capture clips. Detections that use Extended Capture emit their database entry and live update before the audio clip finishes writing, so the media API briefly raced the file: audio and spectrogram requests returned 404, the detections list showed a broken player until a manual reload, and the transient errors spammed the logs. Clips that are still within their capture window now return 503 with a Retry-After and the player waits them out on its own, while genuinely missing clips still return 404 (#3946).

System & Health

  • Correct CPU sensor used for the critical-temperature check. The Overview and Health pages could raise a false "Critical Temperature" alert when a non-CPU sensor read hotter than the CPU. Both pages now read the CPU thermal sensor specifically (#3941, fixes #3940).
  • Health page shows CPU temperature in the configured unit. The System > Health page always printed the CPU temperature in Celsius even when the dashboard was set to Fahrenheit; it now uses the configured unit, read per request so a unit change takes effect without a restart. As a side effect of consolidating the thermal readers, the cpu.temperature metric now reports the hottest valid zone, so on multi-zone or multi-socket systems it may read slightly higher after upgrade (#3945).

Database

  • Migration state detected correctly on startup. A leftover marker from an old bug (PR #2165) could make a legacy database look like a fully migrated v2 database, which deleted the real migrated sidecar and dropped the app back to legacy mode. That misdetection is fixed, and the detection now discriminates by row count so a completed-v2 install that still carries empty legacy tables is recognized as v2 instead of crash-looping on startup, while a genuinely legacy database with unmigrated data is still protected (#3926, #3947, fixes #3924).

🛡️ VirusTotal Results: