Medialyze

v0.13.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1d Media Servers

✓ No known CVEs patched

This release patches 1 known CVE

Summary

AI summary

Updates ✨ New, 🐛 Bug fixes, and https://github.com/frederikemmer/MediaLyze/issues/141 across a mixed release.

Type	Severity	Summary	CVE
Feature	Low	Bundle static ffmpeg binary into desktop backend eliminating external dependency Bundle static ffmpeg binary into desktop backend eliminating external dependency Source: llm_adapter@2026-06-02 Confidence: high	—
Feature	Low	Redesign active scan banner with a collapsible metrics panel Redesign active scan banner with a collapsible metrics panel Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Dependency	Medium	Update frontend vitest and override desktop transitive tmp to remediate Dependabot security alerts Update frontend vitest and override desktop transitive tmp to remediate Dependabot security alerts Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	Rework active scan progress to stream discovery, keep bar indeterminate until stable, explicitly report unchanged files, and avoid heavy repeated updates Rework active scan progress to stream discovery, keep bar indeterminate until stable, explicitly report unchanged files, and avoid heavy repeated updates Source: llm_adapter@2026-06-02 Confidence: high	—

Full changelog

redesign the active scan banner with a collapsible metrics panel #141
bundle a static ffmpeg binary into the desktop backend so release artifacts no longer depend on the runner or target system having ffmpeg installed

update frontend vitest and override desktop transitive tmp to remediate current Dependabot security alerts
rework active scan progress so discovery stays streamed for throughput, the progress bar stays indeterminate until the queued-work total is stable, unchanged files are communicated explicitly, and live scan progress writes avoid repeated heavy summary updates

Updated frontend vitest and overrode desktop transitive tmp to remediate Dependabot security alerts

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track Medialyze

Get notified when new releases ship.

About Medialyze

Media library analysis for large collections

v0.13.0 Changes license from MIT to GNU Affero General Public License v3.0 (AGPL-3.0).
v0.13.0 Breaks prior usage by relicensing from MIT to GNU AGPL‑3.0.