Medialyze

v0.11.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 16d Media Servers

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Affected surfaces

deps

Summary

AI summary

Added sortable/filterable tag fields, technical audio metadata, statistics/comparison dimensions, embedded cover detection, and support for additional audio formats.

Changes in this release

Type	Severity	Summary	CVE
Security	High	Update vulnerable frontend and desktop development dependencies via Dependabot Update vulnerable frontend and desktop development dependencies via Dependabot Source: granite4.1:30b@2026-05-19-audit Confidence: low	—
Security	Medium	update vulnerable frontend and desktop development dependencies reported by Dependabot, including Vite, Undici, PostCSS, Picomatch, xmldom, Lodash, and related transitive packages update vulnerable frontend and desktop development dependencies reported by Dependabot, including Vite, Undici, PostCSS, Picomatch, xmldom, Lodash, and related transitive packages Source: granite4.1:8b-q6_K@2026-05-19 Confidence: low	—
Feature
Feature	Medium	expand music-library metadata with sortable/filterable tag and technical audio fields, add matching statistic/comparison dimensions, detect embedded covers, and support .ogg, .oga, .aiff, .aif, .alac, .mka, and .ape audio files expand music-library metadata with sortable/filterable tag and technical audio fields, add matching statistic/comparison dimensions, detect embedded covers, and support .ogg, .oga, .aiff, .aif, .alac, .mka, and .ape audio files Source: granite4.1:8b-q6_K@2026-05-19 Confidence: low	—
Feature	Medium	Expand music-library metadata with sortable/filterable tags and technical audio fields Expand music-library metadata with sortable/filterable tags and technical audio fields Source: granite4.1:30b@2026-05-19-audit Confidence: low	—
Feature	Medium	Add matching statistic/comparison dimensions to music library Add matching statistic/comparison dimensions to music library Source: granite4.1:30b@2026-05-19-audit Confidence: low	—
Feature	Medium	Detect embedded covers in music files Detect embedded covers in music files Source: granite4.1:30b@2026-05-19-audit Confidence: low	—
Feature	Medium	Support additional audio formats: .ogg, .oga, .aiff, .aif, .alac, .mka, .ape Support additional audio formats: .ogg, .oga, .aiff, .aif, .alac, .mka, .ape Source: granite4.1:30b@2026-05-19-audit Confidence: low	—
Bugfix
Bugfix	Medium	speed up idle dashboard and library loads by reusing full statistics/history snapshots between mutations and warming page data on startup and while the runtime is idle speed up idle dashboard and library loads by reusing full statistics/history snapshots between mutations and warming page data on startup and while the runtime is idle Source: granite4.1:8b-q6_K@2026-05-19 Confidence: low	—
Bugfix	Medium	Speed up idle dashboard and library loads by reusing statistics/history snapshots Speed up idle dashboard and library loads by reusing statistics/history snapshots Source: granite4.1:30b@2026-05-19-audit Confidence: low	—
Bugfix	Medium	Warm page data on startup and during runtime idle periods Warm page data on startup and during runtime idle periods Source: granite4.1:30b@2026-05-19-audit Confidence: low	—

Full changelog

✨ New

expand music-library metadata with sortable/filterable tag and technical audio fields, add matching statistic/comparison dimensions, detect embedded covers, and support .ogg, .oga, .aiff, .aif, .alac, .mka, and .ape audio files

🐛 Bug fixes

speed up idle dashboard and library loads by reusing full statistics/history snapshots between mutations and warming page data on startup and while the runtime is idle
update vulnerable frontend and desktop development dependencies reported by Dependabot, including Vite, Undici, PostCSS, Picomatch, xmldom, Lodash, and related transitive packages

Security Fixes

Updated vulnerable frontend (Vite, Undici, PostCSS, Picomatch) and desktop development dependencies including Lodash and xmldom to patched versions per Dependabot reports

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Medialyze

Get notified when new releases ship.

About Medialyze

Media library analysis for large collections

All releases →

Related context

Related tools

Earlier breaking changes

v0.13.0 Changes license from MIT to GNU Affero General Public License v3.0 (AGPL-3.0).
v0.13.0 Breaks prior usage by relicensing from MIT to GNU AGPL‑3.0.