v2.5.4 Release — dev → main

Summary

• Amazon Music — T2Tunes-backed download source (24-bit/48kHz FLAC primary, Opus 320kbps / Dolby Atmos EAC3 fallback). Full enrichment worker with ASIN matching for artists/albums/tracks, artist thumbnail backfill, enrichment orb + rate-limit gauge on dashboard. Library badges on artist cards, hero section, and enhanced view. Match status chips with click-to-rematch. Album/track ASINs link to music.amazon.com. Scoped correctly as download source + enricher only — not a metadata source (T2Tunes has no discography API).

• Personalized Playlist Pipeline — new automation action that syncs discover-page playlists (Hidden Gems, Time Machine, Fresh Tape, The Archives, Seasonal Mix, Daily Mix, etc.) to your active media server and queues missing tracks for download. Auto-refreshes stale snapshots after watchlist scan completes. Configurable per-kind/variant multi-select picker in the automation builder.

• Personalized Playlists Overhaul — all 8 discover-page playlist types unified under one storage layer. Playlists now have stable identity, persistent track snapshots, explicit refresh, and per-playlist config (limit, diversity caps, popularity bounds, recency window). REST endpoints under /api/personalized/*. Daily Mix fixed (was returning empty library half, now honestly discovery-only).

• Dashboard Bento Redesign — full bento grid layout with responsive breakpoints (3-col → 2-col → single). Cursor-following accent blob with lag + pulse. Cards darkened for contrast. Respects "reduce visual effects" setting.

• Automation Handlers Extraction — all automation action handlers lifted out of web_server.py into core/automation/handlers/. Shared pipeline sync/wishlist logic in _pipeline_shared eliminates duplication between mirrored and personalized pipelines.

• Security: Token Leak Fixes — Plex/Jellyfin/Navidrome tokens were landing in app.log via artwork URLs and artist-endpoint debug lines. Fixed with _redact_url_secrets helper (covers both plain and URL-encoded forms) + moved log calls to DEBUG. Wipe existing app.log if affected.

• Bug fixes — AcoustID multi-candidate suppression + duration guard + multi-value retag (#587), quarantine modal apostrophe XSS (#608), live recording false-quarantine (#607), reorganize embedded-tag mode (#592), retag stripping LYRICS tag, track number writing "6/0", dashboard activity "NaNmo ago".

Changed files (highlights)

| Area | Files |
|---|---|
| Amazon download + metadata | core/amazon_client.py, core/amazon_download_client.py |
| Amazon enrichment | core/amazon_worker.py |
| Amazon UI | webui/static/library.js, api-monitor.js, enrichment.js, worker-orbs.js, core.js, style.css, amazon.svg |
| Personalized playlists | core/personalized/generators/*, core/personalized/manager.py |
| Personalized pipeline | core/automation/handlers/_pipeline_shared.py, handlers/personalized_pipeline.py |
| Automation extraction | core/automation/handlers/* |
| Dashboard | webui/static/api-monitor.js, style.css |
| Security | web_server.py (_redact_url_secrets), core/discovery/sync.py |
| AcoustID | core/matching/acoustid_candidates.py, core/matching/version_mismatch.py, core/tag_writer.py |
| Reorganize | core/library/reorganize_tag_source.py |
| DB | database/music_database.py (amazon_id columns, watchlist_artists.amazon_artist_id) |
| Registry | core/metadata/registry.py (Amazon removed from metadata source priority) |