Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2026-04-25 02:09:53 -04:00
Code Issues Packages Projects Releases Wiki Activity
53,386 Commits 4 Branches 410 Tags
Commit Graph

53386 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kovid Goyal
22bd50ee6a
Ignore inapplicable CVE 2026-04-21 19:33:20 +05:30
Kovid Goyal
7b7a1c6b94
Cleanup previous PR 2026-04-21 19:25:50 +05:30
Kovid Goyal
a27bef2f75
Merge branch 'fix/security-and-quality-issues' of https://github.com/collaed/calibre 2026-04-21 19:17:39 +05:30
ECB
b0c4ba1968 Fix security vulnerabilities and code quality issues 
High severity:
- Fix typo normapth -> normpath in srv/content.py (broken endpoint)
- Replace eval() with ast.literal_eval() in catalogs/epub_mobi.py
- Log exceptions in FunctionDispatcher.dispatch instead of swallowing

Medium severity:
- Add path traversal protection to DirContainer read/write/exists
- Fix XPath injection in comments_editor.py merge_contiguous_links
- Use parameterized SQL queries in database2.py library_id setter
- Add safety comment to pickle_loads in utils/serialize.py
 2026-04-21 12:48:42 +02:00
Kovid Goyal
d525f24df9
Merge branch 'dependabot/github_actions/actions-9b1d3b94f9' of https://github.com/kovidgoyal/calibre 2026-04-21 07:59:49 +05:30
dependabot[bot]
d7877524da
Bump the actions group with 2 updates 
Bumps the actions group with 2 updates: [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/setup-node` from 6 to 6.3.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v6...v6.3.0)

Updates `github/codeql-action` from 4 to 4.35.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v4...v4.35.1)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: github/codeql-action
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-20 18:36:57 +00:00
Kovid Goyal
9e257ecc66
Merge branch 'docs/custom-lookup-sources' of https://github.com/fedesapuppo/calibre 2026-04-20 08:10:44 +05:30
Kovid Goyal
8f06486231
Merge branch 'master' of https://github.com/georgeflug/calibre 2026-04-20 07:57:19 +05:30
Richard White
bfda51433a
update sciam feed names and page order to match print edition 2026-04-19 20:52:43 -05:00
Federico Sapuppo
8c80541cc8 Manual: document custom lookup sources in the viewer 2026-04-19 21:58:29 -03:00
Kovid Goyal
38548b7c9d
Merge branch 'patch-1' of https://github.com/naudvard/calibre 2026-04-19 20:35:12 +05:30
naudvard
fcf6a2cb25
Change 'email' field to 'username' in login mediapart.recipe 2026-04-19 16:57:38 +02:00
Kovid Goyal
9fba48765a
Remove some eval() calls 
They are perfectly harmless but I dont want to have to deal with endless
cargo cult security advisories about them.
 2026-04-19 12:03:52 +05:30
Kovid Goyal
f980061249
... 2026-04-18 14:07:58 +05:30
Kovid Goyal
3774c1b15b
Bump sqlite for CVE 2026-04-18 13:44:29 +05:30
Kovid Goyal
d3476ddaeb
DRYer 2026-04-18 12:56:38 +05:30
Kovid Goyal
49d1847d92
macOS Tahoe: Have the calibre app icon automatically use a dark look when the system is in dark mode 
Uses the new Liquid Glass infrastructure to generate the application
icons using actool which means icons have to be generated on a mac, but
that is done via a one-time script not per build. I could change it to
be done per build, but not needed and doing it that way makes iterating
on icon design too slow.
 2026-04-18 12:17:31 +05:30
Kovid Goyal
d889ac1b89
Merge branch 'dry-render-count' of https://github.com/un-pogaz/calibre 2026-04-17 17:10:56 +05:30
un-pogaz
ad798fc988 DRY 2026-04-17 11:29:52 +02:00
Kovid Goyal
4dee44efa0
... 2026-04-17 14:33:10 +05:30
Kovid Goyal
c55afe2737
Dont generate toc in icns files as iconutil doesnt either 2026-04-17 14:01:09 +05:30
Kovid Goyal
771315bb3e
Fix multiprocessing forkserver not working with python 3.14.4 
Because of this: https://github.com/python/cpython/pull/148195
 2026-04-17 13:48:56 +05:30
Kovid Goyal
92fc9eb5c8
Add dark mode icons to calibre.icns 
Doesn't actually work. The good lord only knows why not. I have wasted
enough of my life on Apple's idiocies.
 2026-04-17 13:25:21 +05:30
Kovid Goyal
8833c84290
Merge branch 'copilot/create-dark-mode-frame-svg' of https://github.com/kovidgoyal/calibre 2026-04-17 10:28:06 +05:30
copilot-swe-agent[bot]
96fc61bfd9
Add dark mode frame SVG and update iconset generation for light/dark subdirectories 
Agent-Logs-Url: https://github.com/kovidgoyal/calibre/sessions/e4e53fa0-3fcf-4a89-aa8a-1f4829934bd2

Co-authored-by: kovidgoyal <1308621+kovidgoyal@users.noreply.github.com>
 2026-04-17 04:50:49 +00:00
Kovid Goyal
cfb2e7566e
pep8 2026-04-17 09:44:11 +05:30
Kovid Goyal
073f67522a
Merge branch 'codex/add-openai-compatible-provider' of https://github.com/lazydao/calibre 2026-04-17 09:43:29 +05:30
Kovid Goyal
0b91aa8354
... 2026-04-17 09:41:29 +05:30
Kovid Goyal
5379b5bb62
Cleanup previous PR 2026-04-17 09:19:28 +05:30
Kovid Goyal
ad1da12068
Merge branch 'codex/throttle-ai-chat-streaming' of https://github.com/lazydao/calibre 2026-04-17 09:15:30 +05:30
Kovid Goyal
ab24d2e152
Native TTS engine: Normalize text to NFKC so that word tracking works when the native engine reports spoken word with different normal form 2026-04-17 08:51:55 +05:30
Kovid Goyal
1a87b70c12
When converting GIF images to PNG workaround bug in PIL causing exception when checking if the GIF is animated. Fixes #2148533 [Failure converting MOBI file to EPUB](https://bugs.launchpad.net/calibre/+bug/2148533) 2026-04-16 13:15:01 +05:30
Kovid Goyal
86d0abb1a9
Merge branch 'master' of https://github.com/unkn0w7n/calibre 2026-04-15 20:46:23 +05:30
unkn0w7n
e6c71601f1 Update hindu.recipe 2026-04-15 20:41:21 +05:30
Kovid Goyal
d5c887d569
Use paths for another instance of safe_replace 2026-04-15 04:53:42 +05:30
Kovid Goyal
a92353468b
Merge branch 'copilot/add-tests-safe-replace-function' of https://github.com/kovidgoyal/calibre 2026-04-14 20:49:18 +05:30
Kovid Goyal
f154a468ee
... 2026-04-14 20:36:36 +05:30
copilot-swe-agent[bot]
dede73a0cc
Add tests for safe_replace() in zipfile.py and register in run_tests.py 
Agent-Logs-Url: https://github.com/kovidgoyal/calibre/sessions/ae87adbf-5df0-4d0c-aeb2-27cb25a97469

Co-authored-by: kovidgoyal <1308621+kovidgoyal@users.noreply.github.com>
 2026-04-14 15:04:31 +00:00
Kovid Goyal
c5639d4428
Use atomic replace when updating epub files 2026-04-14 20:26:28 +05:30
Kovid Goyal
55e9d7650e
Merge branch 'clean-from-source-try-catch' of https://github.com/un-pogaz/calibre 2026-04-14 14:20:37 +05:30
Kovid Goyal
1b519a10e1
Bump python for CVEs 2026-04-14 14:12:35 +05:30
un-pogaz
51b4739aca clean "running from source" try catch 2026-04-14 10:20:09 +02:00
lazydao
b462171750 move AI chat disclaimer out of scroll area 2026-04-14 15:20:55 +08:00
lazydao
a40a29936f add streaming render demo for AI chat 2026-04-14 14:40:49 +08:00
Kovid Goyal
6ce8497ed4
Bump pillow version for CVE 2026-04-14 08:10:39 +05:30
lazydao
f84f3ca7ba add OpenAI-compatible AI provider 2026-04-14 10:24:18 +08:00
lazydao
04bcc7e7c3 throttle AI chat streaming re-renders 2026-04-14 10:23:04 +08:00
Kovid Goyal
4c1041b23f
Preserve existing conversation with AI when there is an error talking to it. Fixes #3085 (Preserve AI chat history when a follow-up request fails) 2026-04-13 20:02:21 +05:30
Kovid Goyal
1914d15fd3
Make clearing conversation optional when showing a message 2026-04-13 19:56:23 +05:30
Kovid Goyal
e5e9ad4055
Remove unused code 2026-04-13 19:54:53 +05:30