shelfmark

Media Servers

Self-hosted web interface for searching, browsing, and requesting books and audiobooks across multiple sources

Python Latest v1.3.0 · 22d ago Security brief →

Features

One‑stop modern UI to search, browse, and download from many configured sources
Supports web, torrent, usenet, IRC and other source types including audiobooks
Multi‑user request system with configurable notifications and approvals
Flexible search via metadata providers (Hardcover, Open Library, Google Books) or direct source queries
Real‑time unified download queue with live progress updates

View all 12 releases →

Review required

v1.3.0 Breaking risk 22d

Auth RBAC Dependencies

urllib3 CVE + security hardening

Open

v1.2.3 Bugfix 1mo

Fixed permission errors causing shutdowns on first start after upgrading from 1.2.2 on Unraid.

Full changelog

This release fixes an issue for Unraid installs receiving wrong permissions and shutting down on the first start after updating to 1.2.2.

v1.2.2 Breaking risk 1mo

⚠ Upgrade required

If using non-root mode, explicitly set Docker user or Kubernetes `runAsUser/Group` to 1000:1000
Ensure output folders have appropriate permissions as automatic checks are removed

Breaking changes

Removed user folder permission check/correction logic; users must now manually ensure correct permissions.

Notable features

Newznab indexer can be configured directly as a release source
PrimaryTitle field added with live preview and custom field picker in template editor
Non-root support via explicit Docker user `1000:1000` or Kubernetes `runAsNonRoot/runAsUser/Group`

Full changelog

Newznab - New release source: Configure a newznab indexer directly (#867 by @blades)
PrimaryTitle field + path template improvements — new field for renaming templates, plus live preview and custom field picker in the template editor (#908)
Non-root support - Installs with user: "1000:1000” will now run as non-root. Note: This does not impact those with just PUID/PGID as 1000:1000, the docker user must be explicitly set too. (#871)
Kubernetes users can use runAsNonRoot and runAsUser/Group at 1000:1000 to run as non-root. (#871)
User folder permission checks / corrections removed and replaced by “test destination” button in settings. Users are responsible for ensuring output folders have correct permissions. (#871)
Combined search improvements - Now continue a combined search when one option is unfulfilled, and deselect previously chosen releases.
Direct source refactoring - Decoupled the direct source from the core of the app. It can now be disabled, and users must supply working mirror URLs to use going forward. Existing users updating will keep their existing mirror configs.

Moved Shelfmark runtime from /app to /home. Fixes internal bypasser issues with newer Chromium release. (#919)
Temp filename length capped to avoid OS limits (#912)
OIDC discovery URL no longer has trailing slash stripped (#887)
Fixed JSON script blocking behavior (#862)
Fixed orchestrator timeout and exception handling (#832)
Fixed env variable config lookup in various places (#817)
Retry states now persist across restarts (#817)
Prowlarr downloads now offer retries (#817)
Fixed seedtime parsing for prowlarr release source (#805)

Large tooling update
- Backend: Added uv, ruff, basedpyright, vulture, pytest-xdist, prek, pytest-cov.
- Frontend: Added oxlint, oxfmt, vitest, knip
Major lint / typecheck / formatting rewrites to improve code quality