Introduces 'Cardio training' as a new activity type (ID 41) across backend and frontend. Updates activity mappings, enums, goal logic, UI components, and i18n files to support the new type. Also fixes goal list initialization in SettingsUserGoals.vue.
Introduces Slovenian (SL) as a supported language across backend and frontend, including language enum, language switchers, and i18n resources. Updates documentation to credit the contributor, and increments version numbers in backend and frontend to 0.15.7.
Introduces the BinaryFileCategory enum to categorize binary file extensions, starting with fitness files (e.g., '.fit'). Updates the ZipContentInspector to skip script content checks for files with extensions in BinaryFileCategory, improving handling of binary files in zip archives.
Added max_number_files_same_type to SecurityLimits in config.py and updated zip_inspector.py to use this configurable limit instead of a hardcoded value when checking for excessive files of the same type in ZIP archives.
Replaces the hardcoded value of 500 for max_items_per_file with the batch_size parameter, allowing dynamic control over the number of items per export file.
Refactored backend/app/core/config.py to simplify and clarify docstrings and comments, improving readability and maintainability. Updated the MariaDB to Postgres migration guide to use Endurain's built-in export/import functionality instead of pgloader, providing a more user-friendly migration process. Removed obsolete pgloader migration files and transformation scripts.
Added or revised concise, PEP 257-compliant docstrings for all public classes and methods in profile export/import services, router endpoints, exceptions, and MFA schema. Updated docstring formats to match new repository guidelines, clarified argument and return value descriptions, and removed extended explanations and examples. Also updated .github/copilot-instructions.md with new Python code style and docstring requirements.
Reduced default batch sizes in both ExportPerformanceConfig and ImportPerformanceConfig for improved memory efficiency. Refactored ExportService to stream data directly to the ZIP archive in batches, writing each data type progressively instead of collecting all data in memory first. Updated activity component collection to support chunked writing for large datasets, and removed excessive inline documentation for clarity and maintainability. ImportPerformanceConfig tier batch sizes were also adjusted to match the new export logic.
Reverted the use of ijson and streaming batch parsing for large activity component files with standard in-memory JSON loading. Updates the import logic to filter activity components per activity after loading all data, and removes ijson from dependencies.
Refactored the import_service to use streaming JSON parsing (via ijson) for large files, reducing memory usage during import operations. Updated method signatures and logic to process data in batches and load one data type at a time. Adjusted batch sizes in both import and export configs for all memory tiers. Added ijson as a dependency.
Refactored file_security/config.py and enums.py to improve documentation, type annotations, and code clarity. Expanded exception imports and public API in __init__.py, removed deprecated utils.py, and updated configuration validation to use standard logging. Enhanced enum docstrings and structure for better maintainability.
Deleted backend/app/core/file_security.py and refactored related modules to remove dependencies on the legacy file security implementation. This streamlines the file security logic and ensures all validation is handled by the updated modular components.
Split file_security.py into a modular package with separate config, enums, exceptions, validators, inspectors, and utility modules. Added deep ZIP content inspection and threat categorization, improved configuration validation, and enhanced extensibility for file security checks.
Introduces backend/app/core/file_security.py, providing advanced file validation for uploads including extension, MIME type, Unicode, and ZIP compression checks. Integrates security validation into profile image and data upload endpoints in router.py, refactors import/export service and exception imports, and updates profile/schema.py to support secure MFA secret storage. Dependency configuration updated in pyproject.toml.
Eliminated unused 'psutil' imports from export_service.py and import_service.py. Added detailed docstrings to all classes and methods in schema.py for improved code documentation and clarity.
Introduced BasePerformanceConfig in utils.py to centralize common configuration logic for import and export services. Both ExportPerformanceConfig and ImportPerformanceConfig now inherit from this base class and use a unified memory tier detection and auto-configuration pattern, reducing code duplication and improving maintainability.
Moved memory usage, timeout, and operation count logic from import_service.py and export_service.py into profile/utils.py for reuse and maintainability. Updated both services to use the new utility functions, removed duplicated code, and split file/media import logic in ImportService for clarity. Also adjusted default memory and timeout settings for consistency.
Refactored custom exceptions to support both import and export operations, added granular import error types, and unified error-to-HTTP mapping in handle_import_export_exception. Updated import service to use new exceptions for file size, format, structure, activity limits, and memory allocation. Router now handles new import exceptions and provides more specific HTTP responses and logging for import errors. Import performance config defaults and auto-detection logic were also updated for better resource management.
Introduces backend/app/profile/import_service.py, implementing ImportService for importing user profile data from ZIP archives. Refactors router.py to use ImportService, removing legacy import logic and unused imports, and streamlining the import endpoint for maintainability and performance.
Updated import_profile_data to correctly access user data as a list, ensuring the user ID and photo path are set for the first element. This resolves issues when importing user JSONs structured as lists.
Upgraded several backend Python packages (alembic, arrow, asgiref, certifi, charset-normalizer) and updated dependency versions in pyproject.toml. Also updated frontend npm package-lock.json to reflect new dependency versions.
Introduces ExportPerformanceConfig for adaptive performance tuning based on system memory, including batch size, memory limits, and compression level. Refactors ExportService to use batched data collection for activities and components, adds memory usage monitoring, and optimizes user image export with efficient directory traversal and file size checks. Improves error handling and logging throughout the export process.
Introduces custom exceptions for profile export operations and refactors export_service.py to use granular error handling for data collection and file operations. Updates router.py to catch and handle these exceptions, providing more informative HTTP responses for different failure scenarios during profile data export.
Moved profile data export functionality from router.py into a new ExportService class for better modularity and maintainability. Added utility functions for SQLAlchemy object serialization and ZIP writing to utils.py. Improved error handling for MFA secret encryption/decryption. The export endpoint now uses ExportService to generate the ZIP archive, simplifying the router and centralizing export logic.
Introduces secure reading of sensitive environment variables (DB_PASSWORD, SECRET_KEY, FERNET_KEY) via _FILE variants for Docker secrets. Updates backend to use new read_secret utility, adds validation for Fernet keys, and documents usage in advanced setup guide. Bumps version to 0.15.3 and provides a docker-compose secrets example.
Updated frontend/app/package-lock.json and backend/poetry.lock to reflect new dependency versions and metadata. This includes upgrades for @asamuzakjp/dom-selector, @esbuild, @eslint, @rollup, and various platform-specific packages, as well as refined environment markers and extras in the backend Python dependencies.
Improved formatting and readability in Strava gear import utilities and router, including better line breaks and removal of redundant blank lines. Updated documentation for Strava and Garmin Connect integrations, clarifying import instructions and reorganizing integration details for clarity.
Improved readability of activity name and description assignment with clearer multi-line expressions. Enhanced extension parsing by ensuring 'power' and 'heart_rate' values are always integers, defaulting to 0 if missing, to prevent type errors.
Introduces Galician (gl) as a supported language across backend and frontend. Updates language enums, language switchers, user profile, signup, and user modal components. Also updates documentation and version numbers to 0.15.1.
User creation and editing now convert usernames and emails to lowercase in frontend forms and backend logic to ensure consistency and prevent duplicate accounts with case variations. Birthdate is also converted to ISO format during migration for data uniformity.
