Full Changelog: https://github.com/spupuz/VibeNVR/compare/v1.11.0...v1.11.1

VibeNVR v1.11.1 — Security Hardening & UX Improvements

This patch release strengthens the security of the file‑management system and improves the user experience for long‑running maintenance tasks.

🔒 Security Improvements

Strict Path Validation

• Implemented rigorous path checks in the orphan‑recovery process.
• Operations are now strictly confined to /data and recording directories using prefix‑based validation.
• Prevents path traversal and unintended file deletion, even in edge‑case scenarios.

Admin‑Only Verification

• Confirmed that all sensitive maintenance endpoints (sync-orphans, cleanup) are fully protected by administrator authentication.

Command Safety

• Re‑verified all low‑level system calls to ensure immunity against command‑injection vulnerabilities.

✨ UX Enhancements

Non‑Blocking Recovery

• The Recover Orphaned Recordings tool now runs as a background task.
• The UI remains responsive during long scans.

Visual Feedback

• Added a Scanning… status indicator.
• A detailed summary popup appears automatically upon completion.

Detailed Summary Report

The completion dialog now includes:

• Number of recordings imported
• Number of thumbnails generated
• Count of corrupted files cleaned up
• Total disk space reclaimed

Robustness Improvements

• The frontend now gracefully handles server restarts or connection interruptions during the sync process.
• Prevents the interface from becoming stuck in a loading state.