LEDMatrix

rick/LEDMatrix

Fork 0

mirror of https://github.com/ChuckBuilds/LEDMatrix.git synced 2026-04-10 21:03:01 +00:00

Commit Graph

Author	SHA1	Message	Date
Chuck	158e07c82b	fix(plugins): prevent root-owned files from blocking plugin updates (#242 ) * fix(web): unify operation history tracking for monorepo plugin operations The operation history UI was reading from the wrong data source (operation_queue instead of operation_history), install/update records lacked version details, toggle operations used a type name that didn't match UI filters, and the Clear History button was non-functional. - Switch GET /plugins/operation/history to read from OperationHistory audit log with return type hint and targeted exception handling - Add DELETE /plugins/operation/history endpoint; wire up Clear button - Add _get_plugin_version helper with specific exception handling (FileNotFoundError, PermissionError, json.JSONDecodeError) and structured logging with plugin_id/path context - Record plugin version, branch, and commit details on install/update - Record install failures in the direct (non-queue) code path - Replace "toggle" operation type with "enable"/"disable" - Add normalizeStatus() in JS to map completed→success, error→failed so status filter works regardless of server-side convention - Truncate commit SHAs to 7 chars in details display - Fix HTML filter options, operation type colors, duplicate JS init Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(plugins): prevent root-owned files from blocking plugin updates The root ledmatrix service creates __pycache__ and data cache files owned by root inside plugin directories. The web service (non-root) cannot delete these when updating or uninstalling plugins, causing operations to fail with "Permission denied". Defense in depth with three layers: - Prevent: PYTHONDONTWRITEBYTECODE=1 in systemd service + run.py - Fallback: sudoers rules for rm on plugin directories - Code: _safe_remove_directory() now uses sudo as last resort, and all bare shutil.rmtree() calls routed through it Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): harden sudo removal with path-validated helper script Address code review findings: - Replace raw rm/find sudoers wildcards with a vetted helper script (safe_plugin_rm.sh) that resolves symlinks and validates the target is a strict child of plugin-repos/ or plugins/ before deletion - Add allow-list validation in sudo_remove_directory() that checks resolved paths against allowed bases before invoking sudo - Check _safe_remove_directory() return value before shutil.move() in the manifest ID rename path - Move stat import to module level in store_manager.py - Use stat.S_IRWXU instead of 0o777 in chmod fallback stage - Add ignore_errors=True to temp dir cleanup in finally block - Use command -v instead of which in configure_web_sudo.sh Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): address code review round 2 — harden paths and error handling - safe_plugin_rm.sh: use realpath --canonicalize-missing for ALLOWED_BASES so the script doesn't fail under set -e when dirs don't exist yet - safe_plugin_rm.sh: add -- before path in rm -rf to prevent flag injection - permission_utils.py: use shutil.which('bash') instead of hardcoded /bin/bash to match whatever path the sudoers BASH_PATH resolves to - store_manager.py: check _safe_remove_directory() return before shutil.move() in _install_from_monorepo_zip to prevent moving into a non-removed target - store_manager.py: catch OSError instead of PermissionError in Stage 1 removal to handle both EACCES and EPERM error codes - store_manager.py: hoist sudo_remove_directory import to module level - configure_web_sudo.sh: harden safe_plugin_rm.sh to root-owned 755 so the web user cannot modify the vetted helper script Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): validate command paths in sudoers config and use resolved paths - configure_web_sudo.sh: validate that required commands (systemctl, bash, python3) resolve to non-empty paths before generating sudoers entries; abort with clear error if any are missing; skip optional commands (reboot, poweroff, journalctl) with a warning instead of emitting malformed NOPASSWD lines; validate helper script exists on disk - permission_utils.py: pass the already-resolved path to the subprocess call and use it for the post-removal exists() check, eliminating a TOCTOU window between Python-side validation and shell-side execution Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Chuck <chuck@example.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-12 19:28:05 -05:00
Chuck	67197635c9	Feature/on demand plugin filtering (#166 ) * fix(web): Resolve font display and config API error handling issues - Fix font catalog display error where path.startsWith fails (path is object, not string) - Update save_main_config to use error_response() helper - Improve save_raw_main_config error handling consistency - Add proper error codes and traceback details to API responses * fix(web): Prevent fontCatalog redeclaration error on HTMX reload - Use window object to store global font variables - Check if script has already loaded before declaring variables - Update both window properties and local references on assignment - Fixes 'Identifier fontCatalog has already been declared' error * fix(web): Wrap fonts script in IIFE to prevent all redeclaration errors - Wrap entire script in IIFE that only runs once - Check if script already loaded before declaring variables/functions - Expose initializeFontsTab to window for re-initialization - Prevents 'Identifier has already been declared' errors on HTMX reload * fix(web): Exempt config save API endpoints from CSRF protection - Exempt save_raw_main_config, save_raw_secrets_config, and save_main_config from CSRF - These endpoints are called via fetch from JavaScript and don't include CSRF tokens - Fixes 500 error when saving config via raw JSON editor * fix(web): Exempt system action endpoint from CSRF protection - Exempt execute_system_action from CSRF - Fixes 500 error when using system action buttons (restart display, restart Pi, etc.) - These endpoints are called via HTMX and don't include CSRF tokens * fix(web): Exempt all API v3 endpoints from CSRF protection - Add before_request handler to exempt all api_v3.* endpoints - All API endpoints are programmatic (HTMX/fetch) and don't include CSRF tokens - Prevents future CSRF errors on any API endpoint - Cleaner than exempting individual endpoints * refactor(web): Remove CSRF protection for local-only application - CSRF is designed for internet-facing apps to prevent cross-site attacks - For local-only Raspberry Pi app, threat model is different - All endpoints were exempted anyway, so it wasn't protecting anything - Forms use HTMX without CSRF tokens - If exposing to internet later, can re-enable with proper token implementation * fix(web): Fix font path double-prefixing in font catalog display - Only prefix with 'assets/fonts/' if path is a bare filename - If path starts with '/' (absolute) or 'assets/' (already prefixed), use as-is - Fixes double-prefixing when get_fonts_catalog returns relative paths like 'assets/fonts/press_start.ttf' * fix(web): Remove fontsTabInitialized guard to allow re-initialization on HTMX reload - Remove fontsTabInitialized check that prevented re-initialization on HTMX content swap - The window._fontsScriptLoaded guard is sufficient to prevent function redeclaration - Allow initializeFontsTab() to run on each HTMX swap to attach listeners to new DOM elements - Fixes fonts UI breaking after HTMX reload (buttons, upload dropzone, etc. not working) * fix(api): Preserve empty strings for optional string fields in plugin config - Add _is_field_required() helper to check if fields are required in schema - Update _parse_form_value_with_schema() to preserve empty strings for optional string fields - Fixes 400 error when saving MQTT plugin config with empty username/password - Resolves validation error: 'Expected type string, got NoneType' * fix(config): Add defaults to schemas and fix None value handling - Updated merge_with_defaults to replace None values with defaults - Fixed form processing to skip empty optional fields without defaults - Added script to automatically add defaults to all plugin config schemas - Added defaults to 89 fields across 10 plugin schemas - Prevents validation errors from None values in configs Changes: - schema_manager.py: Enhanced merge_with_defaults to replace None with defaults - api_v3.py: Added _SKIP_FIELD sentinel to skip optional fields without defaults - add_defaults_to_schemas.py: Script to add sensible defaults to schemas - Plugin schemas: Added defaults for number, boolean, and array fields * fix(config): Fix save button spinner by checking HTTP status code - Fixed handleConfigSave to check xhr.status instead of event.detail.successful - With hx-swap="none", HTMX doesn't set event.detail.successful - Now properly detects successful saves (status 200-299) and stops spinner - Improved error message extraction from API responses - Also fixed handleToggleResponse for consistency * fix(web-ui): Resolve GitHub token warning persistence after save - Made checkGitHubAuthStatus() return Promise for proper async handling - Clear sessionStorage dismissal flag when token is saved - Add delay before status check to ensure backend token reload - Wait for status check completion before hiding settings panel Fixes issue where GitHub token warnings and pop-ups would not disappear after successfully saving a token in the web UI. * fix(web-ui): Add token validation and improve GitHub token warning behavior - Add token validation to backend API endpoint to check if token is valid/expired - Implement _validate_github_token() method in PluginStoreManager with caching - Update frontend to show warning only when token is missing or invalid - Keep settings panel accessible (collapsible) when token is configured - Collapse settings panel content after successful token save instead of hiding - Display specific error messages for invalid/expired tokens - Clear sessionStorage dismissal flag when token becomes valid Fixes issue where GitHub token warnings and settings panel would not properly hide/show based on token status. Now validates token validity and provides better UX with collapsible settings panel. * fix(web-ui): Fix CSS/display issue for GitHub token warning and settings - Update all hide/show operations to use both classList and style.display - Fix checkGitHubAuthStatus() to properly hide/show warning and settings - Fix dismissGithubWarning() to use both methods - Fix toggleGithubTokenSettings() with improved state checking - Fix collapse button handler with improved state checking - Fix saveGithubToken() to properly show/collapse settings panel This ensures elements actually hide/show when status changes, matching the pattern used elsewhere in the codebase (like toggleSection). All buttons (dismiss, close, collapse) should now work correctly. * fix(web-ui): Fix GitHub token expand button functionality - Convert collapse button handler to named function (toggleGithubTokenContent) - Improve state checking using class, inline style, and computed style - Re-attach event listener after saving token to ensure it works - Add console logging for debugging - Make function globally accessible for better reliability Fixes issue where expand button didn't work after saving token. * fix(web-ui): Remove X button and improve GitHub token panel behavior - Remove X (close) button from GitHub token configuration panel - Replace toggleGithubTokenSettings() with openGithubTokenSettings() that only opens - Auto-collapse panel when token is valid (user must click expand to edit) - Auto-detect token status on page load (no need to click save) - Simplify saveGithubToken() to rely on checkGitHubAuthStatus() for UI updates - Ensure expand button works correctly with proper event listener attachment The panel now remains visible but collapsed when a token is configured, allowing users to expand it when needed without the ability to completely hide it. * refactor(web-ui): Improve GitHub token collapse button code quality - Update comment to reflect actual behavior (prevent parent click handlers) - Use empty string for display to defer to CSS instead of hard-coding block/none - Extract duplicate clone-and-attach logic into attachGithubTokenCollapseHandler() helper - Make helper function globally accessible for reuse in checkGitHubAuthStatus() Improves maintainability and makes code more future-proof for layout changes. * fix(web-ui): Fix collapse/expand button by using removeProperty for display - Use style.removeProperty('display') instead of style.display = '' - This properly removes inline styles and defers to CSS classes - Fixes issue where collapse/expand button stopped working after refactor * fix(web-ui): Make display handling consistent for token collapse - Use removeProperty('display') consistently in all places - Fix checkGitHubAuthStatus() to use removeProperty instead of inline style - Simplify state checking to rely on hidden class with computed style fallback - Ensures collapse/expand button works correctly by deferring to CSS classes * fix(web-ui): Fix token collapse button and simplify state detection - Simplify state checking to rely on hidden class only (element has class='block') - Only remove inline display style if it exists (check before removing) - Add console logging to debug handler attachment - Ensure collapse/expand works by relying on CSS classes Fixes issues where: - Collapse button did nothing - Auto-detection of token status wasn't working * debug(web-ui): Add extensive debugging for token collapse button - Add console logs to track function calls and element detection - Improve state detection to use computed style as fallback - Add wrapper function for click handler to ensure it's called - Better error messages to identify why handler might not attach This will help identify why the collapse button isn't working. * debug(web-ui): Add comprehensive debugging for GitHub token features - Add console logs to checkGitHubAuthStatus() to track execution - Re-attach collapse handler after plugin store is rendered - Add error stack traces for better debugging - Ensure handler is attached when content is dynamically loaded This will help identify why: - Auto-detection of token status isn't working - Collapse button isn't functioning * fix(web-ui): Move checkGitHubAuthStatus before IIFE to fix scope issue - Move checkGitHubAuthStatus function definition before IIFE starts - Function was defined after IIFE but called inside it, causing it to be undefined - Now function is available when called during initialization - This should fix auto-detection of token status on page load * debug(web-ui): Add extensive logging to GitHub token functions - Add logging when checkGitHubAuthStatus is defined - Add logging when function is called during initialization - Add logging in attachGithubTokenCollapseHandler - Add logging in store render callback - This will help identify why functions aren't executing * fix(web-ui): Move GitHub token functions outside IIFE for availability - Move attachGithubTokenCollapseHandler and toggleGithubTokenContent outside IIFE - These functions need to be available when store renders, before IIFE completes - Add logging to initializePlugins to track when it's called - This should fix the 'undefined' error when store tries to attach handlers * fix(web-ui): Fix GitHub token content collapse/expand functionality - Element has 'block' class in HTML which conflicts with 'hidden' class - When hiding: add 'hidden', remove 'block', set display:none inline - When showing: remove 'hidden', add 'block', remove inline display - This ensures proper visibility toggle for the GitHub API Configuration section * feat(display): Implement on-demand plugin filtering with restart - Add on-demand plugin filtering to DisplayController initialization - Filters available_modes to only include on-demand plugin's modes - Allows plugin internal rotation (e.g., NFL upcoming, NCAA FB Recent) - Prevents rotation to other plugins - Implement restart mechanism for on-demand activation/clear - _restart_with_on_demand_filter() saves state and restarts with filter - _restart_without_on_demand_filter() restores normal operation - Supports both systemd service and direct process execution - Add state preservation across restarts - Saves/restores rotation position from cache - Restores on-demand config from cache after restart - Add service detection method - Detects if running as systemd service - Uses file-based approach for environment variable passing - Update API endpoints with restart flow comments - Update systemd service file with on-demand support notes - Add comprehensive error handling for edge cases * perf(web-ui): Optimize GitHub token detection speed - Call checkGitHubAuthStatus immediately when script loads (if elements exist) - Call it early in initPluginsPage (before full initialization completes) - Use requestAnimationFrame instead of setTimeout(100ms) for store render callback - Reduce save token delay from 300ms to 100ms - Token detection now happens in parallel with other initialization tasks - This makes token status visible much faster on page load * fix(ui): Move on-demand modal to base.html for always-available access - Move on-demand modal from plugins.html to base.html - Ensures modal is always in DOM when Run On-Demand button is clicked - Fixes issue where button in plugin_config.html couldn't find modal - Modal is now available regardless of which tab is active * fix(ui): Initialize on-demand modal unconditionally on page load - Create initializeOnDemandModal() function that runs regardless of plugins tab - Modal is in base.html so it should always be available - Call initialization on DOMContentLoaded and with timeout - Fixes 'On-demand modal elements not found' error when clicking button - Modal setup now happens even if plugins tab hasn't been loaded yet * fix(ui): Add safety check for updatePluginTabStates function - Check if updatePluginTabStates exists before calling - Prevents TypeError when function is not available - Fixes error when clicking plugin tabs * fix(ui): Add safety checks for all updatePluginTabStates calls - Add safety check in Alpine component tab button handler - Add safety check in Alpine callback - Prevents TypeError when function is not available in all contexts * fix(ui): Add safety check in Alpine callback for updatePluginTabStates * debug(ui): Add console logging to trace on-demand modal opening - Add logging to runPluginOnDemand function - Add logging to __openOnDemandModalImpl function - Log plugin lookup, modal element checks, and display changes - Helps diagnose why modal doesn't open when button is clicked * debug(ui): Add logging for modal display change * debug(ui): Add more explicit modal visibility settings and computed style logging - Set visibility and opacity explicitly when showing modal - Force reflow to ensure styles are applied - Log computed styles to diagnose CSS issues - Helps identify if modal is hidden by CSS rules * debug(ui): Increase modal z-index and add bounding rect check - Set z-index to 9999 to ensure modal is above all other elements - Add bounding rect check to verify modal is in viewport - Helps diagnose if modal is positioned off-screen or behind other elements * debug(display): Add detailed logging for on-demand restart flow - Log when polling finds requests - Log service detection result - Log file writing and systemctl commands - Log restart command execution and results - Helps diagnose why on-demand restart isn't working * debug(display): Add logging for on-demand request polling - Log request_id comparison to diagnose why requests aren't being processed - Helps identify if request_id matching is preventing processing * fix(ui): Force modal positioning with !important to override any conflicting styles - Use cssText with !important flags to ensure modal is always visible - Remove all inline styles first to start fresh - Ensure modal is positioned at top:0, left:0 with fixed positioning - Fixes issue where modal was still positioned off-screen (top: 2422px) * debug(ui): Add logging to on-demand form submission - Log form submission events - Log payload being sent - Log response status and data - Helps diagnose why on-demand requests aren't being processed * fix(display): Remove restart-based on-demand activation - Replace restart-based activation with immediate mode switch - On-demand now activates without restarting the service - Saves rotation state for restoration when on-demand ends - Fixes infinite restart loop issue - On-demand now works when display is already running * docs: Add comprehensive guide for on-demand cache management - Document all on-demand cache keys and their purposes - Explain when manual clearing is needed - Clarify what clearing from cache management tab does/doesn't do - Provide troubleshooting steps and best practices * fix(display): Ensure on-demand takes priority over live priority - Move on-demand check BEFORE live priority check - Add explicit logging when on-demand overrides live priority - Improve request_id checking with both instance and persisted checks - Add debug logging to trace why requests aren't being processed - Fixes issue where on-demand didn't interrupt live NHL game * fix(display): Ensure on-demand takes priority over live priority - Move on-demand check BEFORE live priority check in main loop - Add explicit logging when on-demand overrides live priority - Fixes issue where on-demand didn't interrupt live NHL game * fix(display): Improve on-demand request processing and priority - Add persistent processed_id check to prevent duplicate processing - Mark request as processed BEFORE processing to prevent race conditions - Improve logging to trace request processing - Ensure on-demand takes priority over live priority (already fixed in previous commit) * fix(display): Remove duplicate action line * fix(display): Fix live priority and ensure on-demand overrides it - Fix live priority to properly set active_mode when live content is detected - Ensure on-demand check happens before live priority check - Add debug logging to trace on-demand vs live priority - Fix live priority to stay on live mode instead of rotating * fix(display): Add debug logging for on-demand priority check * fix(display): Add better logging for on-demand request processing - Add logging to show when requests are blocked by processed_id check - Add logging to show on-demand state after activation - Helps debug why on-demand requests aren't being processed * fix(display): Add detailed logging for on-demand activation and checking - Log on-demand state after activation to verify it's set correctly - Add debug logging in main loop to trace on-demand check - Helps identify why on-demand isn't overriding live priority * fix(display): Add debug logging for on-demand check in main loop * fix(display): Remove restart logic from _clear_on_demand and fix cache delete - Replace cache_manager.delete() with cache_manager.clear_cache() - Remove restart logic from _clear_on_demand - now clears immediately - Restore rotation state immediately without restarting - Fixes AttributeError: 'CacheManager' object has no attribute 'delete' * fix(display): Remove restart logic from _clear_on_demand - Remove restart logic - now clears on-demand state immediately - Restore rotation state immediately without restarting - Use clear_cache instead of delete (already fixed in previous commit) - Fixes error when stopping on-demand mode * feat(display): Clear display before activating on-demand mode - Clear display and reset state before activating on-demand - Reset dynamic mode state to ensure clean transition - Mimics the behavior of manually stopping display first - Should fix issue where on-demand only works after manual stop * feat(display): Stop display service before starting on-demand mode - Stop the display service first if it's running - Wait 1.5 seconds for clean shutdown - Then start the service with on-demand request in cache - Mimics the manual workflow of stopping display first - Should fix issue where on-demand only works after manual stop * feat(display): Filter plugins during initialization for on-demand mode - Check cache for on-demand requests during initialization - Only load the on-demand plugin if on-demand request is found - Prevents loading background services for other plugins - Fixes issue where Hockey/Football data loads even when only Clock is requested * fix(display): Use filtered enabled_plugins list instead of discovered_plugins - Use enabled_plugins list which is already filtered for on-demand mode - Prevents loading all plugins when on-demand mode is active - Fixes issue where all plugins were loaded even in on-demand mode * fix(display): Fix on-demand stop request processing and expiration check - Always process stop requests, even if request_id was seen before - Fix expiration check to handle cases where on-demand is not active - Add better logging for stop requests and expiration - Fixes issue where stop button does nothing and timer doesn't expire * fix(display): Fix on-demand stop processing, expiration, and plugin filtering - Fix stop request processing to always process stop requests, bypassing request_id checks - Fix expiration check logic to properly check on_demand_active and expires_at separately - Store display_on_demand_config cache key in _activate_on_demand for plugin filtering - Clear display before switching to on-demand mode to prevent visual artifacts - Clear display_on_demand_config cache key in _clear_on_demand to prevent stale data - Implement plugin filtering during initialization based on display_on_demand_config Fixes issues where: - Stop button did nothing (stop requests were blocked by request_id check) - Expiration timer didn't work (logic issue with or condition) - Plugin filtering didn't work on restart (config cache key never set) - Display showed artifacts when switching to on-demand (display not cleared) - All plugins loaded even in on-demand mode (filtering not implemented) * fix(web): Allow on-demand to work with disabled plugins - Remove frontend checks that blocked disabled plugins from on-demand - Backend already supports temporarily enabling disabled plugins during on-demand - Update UI messages to indicate plugin will be temporarily enabled - Remove disabled attribute from Run On-Demand button Fixes issue where disabled plugins couldn't use on-demand feature even though the backend implementation supports it. * fix(display): Resolve plugin_id when sent as mode in on-demand requests - Detect when mode parameter is actually a plugin_id and resolve to first display mode - Handle case where frontend sends plugin_id as mode (e.g., 'football-scoreboard') - Add fallback to use first available display mode if provided mode is invalid - Add logging for mode resolution debugging Fixes issue where on-demand requests with mode=plugin_id failed with 'invalid-mode' error * feat(display): Rotate through all plugin modes in on-demand mode - Store all modes for on-demand plugin instead of locking to single mode - Rotate through available modes (live, recent, upcoming) when on-demand active - Skip modes that return False (no content) and move to next mode - Prioritize live modes if they have content, otherwise skip them - Add on_demand_modes list and on_demand_mode_index for rotation tracking Fixes issue where on-demand mode stayed on one mode (e.g., football_recent) and didn't rotate through other available modes (football_live, football_upcoming). Now properly rotates through all modes, skipping empty ones. * fix(display): Improve on-demand stop request handling - Always process stop requests if on-demand is active, even if same request_id - Add better logging when stop is requested but on-demand is not active - Improve logging in _clear_on_demand to show which mode rotation resumes to - Ensure stop requests are properly acknowledged Fixes issue where stop button shows as completed but display doesn't resume normal rotation. Stop requests now properly clear on-demand state and resume. * security(web): Fix XSS vulnerability in GitHub auth error display Replace innerHTML usage with safe DOM manipulation: - Use textContent to clear element and create text nodes - Create <strong> element via createElement instead of string HTML - Add safe fallback ('Unknown error') for error messages - Ensure authData.error/authData.message are treated as plain text - Avoid trusting backend-provided data as HTML Fixes XSS vulnerability where malicious HTML in error messages could be injected into the DOM. * style(api): Remove unnecessary str() in f-string for error message Remove explicit str(e) call in error_response f-string since f-strings automatically convert exceptions to strings. This matches the style used elsewhere in the file. Changed: f"Error saving configuration: {str(e)}" To: f"Error saving configuration: {e}" * fix(store): Skip caching for rate-limited 403 responses When a 403 response indicates a rate limit (detected by checking if 'rate limit' is in response.text.lower()), return the error result but do NOT cache it in _token_validation_cache. Rate limits are temporary and should be retried, so caching would incorrectly mark the token as invalid. Continue to cache 403 responses that indicate missing token permissions, as these are persistent issues that should be cached. This prevents rate-limited responses from being incorrectly cached as invalid tokens, allowing the system to retry after the rate limit resets. * fix(display): Prevent ZeroDivisionError when on_demand_modes is empty Add guards to check if on_demand_modes is non-empty before performing any rotation/index math operations. When on_demand_active is True but on_demand_modes is empty, clear on-demand mode instead of attempting division by zero. Fixed in three locations: 1. Mode selection logic (line ~1081): Check before accessing modes 2. Skip to next mode when no content (line ~1190): Guard before modulo 3. Rotate to next mode (line ~1561): Guard before modulo This prevents ZeroDivisionError when a plugin has no available display modes or when on_demand_modes becomes empty unexpectedly. * fix(display): Improve guard for empty on_demand_modes in rotation skip Refine the guard around lines 1195-1209 to: - Check if on_demand_modes is empty before any modulo/index operations - Log warning and debug trace when no modes are configured - Skip rotation (continue) instead of clearing on-demand mode - Only perform modulo and index operations when modes are available - Only log rotation message when next_mode is valid This prevents ZeroDivisionError and ensures all logging only occurs when next_mode is valid, providing better traceability. * fix(display): Populate on_demand_modes when restoring on-demand state from cache When restoring on-demand state from cache during initialization (around lines 163-197), the code sets on_demand_active, on_demand_plugin_id and related fields but does not populate self.on_demand_modes, causing the run loop to see an empty modes list after restart. Fix by: 1. Adding _populate_on_demand_modes_from_plugin() method that retrieves the plugin's display modes from plugin_display_modes and builds the ordered modes list (prioritizing live modes with content, same logic as _activate_on_demand) 2. Calling this method after plugin loading completes (around line 296) when on_demand_active and on_demand_plugin_id are set 3. Setting on_demand_mode_index to match the restored mode if available, otherwise starting at index 0 This ensures on_demand_modes is populated after restart, preventing empty modes list errors in the run loop. * docs: Update on-demand documentation to reflect current implementation Replace obsolete log message reference with current log messages: - Old: 'Activating on-demand mode... restarting display controller' - New: 'Processing on-demand start request for plugin' and 'Activated on-demand for plugin' Update Scenario 2 to reflect immediate mode switching: - Changed title from 'Infinite Restart Loop' to 'On-Demand Mode Switching Issues' - Updated symptoms to describe mode switching issues instead of restart loops - Added note that on-demand now switches modes immediately without restarting - Updated solution to include display_on_demand_state key This reflects the current implementation where on-demand activates immediately without restarting the service. * fix(api): Fix undefined logger and service stop logic in start_on_demand_display - Add module-level logger to avoid NameError when logging disabled plugin - Only stop display service when start_service is True (prevents stopping service without restarting when start_service is False) - Remove unused stop_result variable - Clean up f-strings that don't need formatting - Improve code formatting for logger.info call Fixes issue where logger.info() would raise NameError and where the service would be stopped even when start_service=False, leaving the service stopped without restarting it. --------- Signed-off-by: Chuck <33324927+ChuckBuilds@users.noreply.github.com> Co-authored-by: Chuck <chuck@example.com>	2026-01-01 18:27:58 -05:00
Chuck	7d71656cf1	Plugins (#145 ) Chaotic mega-merge into main. THINGS WILL PROBABLY BE BROKEN * chore: Update soccer-scoreboard submodule to merged commit - Update submodule reference to include manifest.json v2 registry format - Version updated to 1.0.1 * refactor: Remove test_mode and logo_dir config reading from base SportsCore - Remove test_mode initialization and usage - Remove logo_dir reading from mode_config - Use LogoDownloader defaults directly for logo directories * chore: Update plugin submodules after removing global properties - Update basketball-scoreboard submodule (removed global test_mode, live_priority, dynamic_duration, logo_dir) - Update soccer-scoreboard submodule (removed global test_mode, live_priority, dynamic_duration, logo_dir) * feat(calendar): Add credentials.json file upload via web interface - Add API endpoint /api/v3/plugins/calendar/upload-credentials for file upload - Validate JSON format and Google OAuth structure - Save file to plugin directory with secure permissions (0o600) - Backup existing credentials.json before overwriting - Add file upload widget support for string fields in config forms - Add frontend handler handleCredentialsUpload() for single file uploads - Update .gitignore to allow calendar submodule - Update calendar submodule reference * fix(web): Improve spacing for nested configuration sections - Add dynamic margin based on nesting depth (mb-6 for deeply nested sections) - Increase padding in nested content areas (py-3 to py-4) - Add extra spacing after nested sections to prevent overlap - Enhance CSS spacing for nested sections (1.5rem for nested, 2rem for deeply nested) - Add padding-bottom to expanded nested content to prevent cutoff - Fixes issue where game_limits and other nested settings were hidden under next section header * chore(plugins): Update sports scoreboard plugins with live update interval fix - Updated hockey-scoreboard, football-scoreboard, basketball-scoreboard, and soccer-scoreboard submodules - All plugins now fix the interval selection bug that caused live games to update every 5 minutes instead of 30 seconds - Ensures all live games update at the configured live_update_interval (30s) for timely score updates * fix: Initialize test_mode in SportsLive and fix config migration - Add test_mode initialization in SportsLive.__init__() to prevent AttributeError - Remove invalid new_secrets parameter from save_config_atomic() call in config migration - Fixes errors: 'NBALiveManager' object has no attribute 'test_mode' - Fixes errors: ConfigManager.save_config_atomic() got unexpected keyword argument 'new_secrets' * chore: Update submodules with test_mode initialization fixes - Update basketball-scoreboard submodule - Update soccer-scoreboard submodule * fix(plugins): Auto-stash local changes before plugin updates - Automatically stash uncommitted changes before git pull during plugin updates - Prevents update failures when plugins have local modifications - Improves error messages for git update failures - Matches behavior of main LEDMatrix update process * fix(basketball-scoreboard): Update submodule with timeout fix - Updated basketball-scoreboard plugin to fix update() timeout issue - Plugin now uses fire-and-forget odds fetching for upcoming games - Prevents 30-second timeout when processing many upcoming games Also fixed permission issue on devpi: - Changed /var/cache/ledmatrix/display_on_demand_state.json permissions from 600 to 660 to allow web service (devpi user) to read the file * fix(cache): Ensure cache files use 660 permissions for group access - Updated setup_cache.sh to set file permissions to 660 (not 775) - Updated first_time_install.sh to properly set cache file permissions - Modified DiskCache to set 660 permissions when creating cache files - Ensures display_on_demand_state.json and other cache files are readable by web service (devpi user) which is in ledmatrix group This fixes permission issues where cache files were created with 600 permissions, preventing the web service from reading them. Now files are created with 660 (rw-rw----) allowing group read access. * fix(soccer-scoreboard): Update submodule with manifest fix - Updated soccer-scoreboard plugin submodule - Added missing entry_point and class_name to manifest.json - Fixes plugin loading error: 'No class_name in manifest' Also fixed cache file permissions on devpi server: - Changed display_on_demand_state.json from 600 to 660 permissions - Allows web service (devpi user) to read cache files * fix(display): Remove update_display() calls from clear() to prevent black flash Previously, display_manager.clear() was calling update_display() twice, which immediately showed a black screen on the hardware before new content could be drawn. This caused visible black flashes when switching between modes, especially when plugins switch from general modes (e.g., football_upcoming) to specific sub-modes (e.g., nfl_upcoming). Now clear() only prepares the buffer without updating the hardware. Callers can decide when to update the display, allowing smooth transitions from clear → draw → update_display() without intermediate black flashes. Places that intentionally show a cleared screen (error cases) already explicitly call update_display() after clear(), so backward compatibility is maintained. * fix(scroll): Prevent wrap-around before cycle completion in dynamic duration - Check scroll completion BEFORE allowing wrap-around - Clamp scroll_position when complete to prevent visual loop - Only wrap-around if cycle is not complete yet - Fixes issue where stocks plugin showed first stock again at end - Completion logged only once to avoid spam - Ensures smooth transition to next mode without visual repeat * fix(on-demand): Ensure on-demand buttons work and display service runs correctly - Add early stub functions for on-demand modal to ensure availability when Alpine.js initializes - Increase on-demand request cache max_age from 5min to 1hr to prevent premature expiration - Fixes issue where on-demand buttons were not functional due to timing issues - Ensures display service properly picks up on-demand requests when started * test: Add comprehensive test coverage (30%+) - Add 100+ new tests across core components - Add tests for LayoutManager (27 tests) - Add tests for PluginLoader (14 tests) - Add tests for SchemaManager (20 tests) - Add tests for MemoryCache and DiskCache (24 tests) - Add tests for TextHelper (9 tests) - Expand error handling tests (7 new tests) - Improve coverage from 25.63% to 30.26% - All 237 tests passing Test files added: - test/test_layout_manager.py - test/test_plugin_loader.py - test/test_schema_manager.py - test/test_text_helper.py - test/test_config_service.py - test/test_display_controller.py - test/test_display_manager.py - test/test_error_handling.py - test/test_font_manager.py - test/test_plugin_system.py Updated: - pytest.ini: Enable coverage reporting with 30% threshold - test/conftest.py: Enhanced fixtures for better test isolation - test/test_cache_manager.py: Expanded cache component tests - test/test_config_manager.py: Additional config tests Documentation: - HOW_TO_RUN_TESTS.md: Guide for running and understanding tests * test(web): Add comprehensive API endpoint tests - Add 30 new tests for Flask API endpoints in test/test_web_api.py - Cover config, system, display, plugins, fonts, and error handling APIs - Increase test coverage from 30.26% to 30.87% - All 267 tests passing Tests cover: - Config API: GET/POST main config, schedule, secrets - System API: Status, version, system actions - Display API: Current display, on-demand start/stop - Plugins API: Installed plugins, health, config, operations, state - Fonts API: Catalog, tokens, overrides - Error handling: Invalid JSON, missing fields, 404s * test(plugins): Add comprehensive integration tests for all plugins - Add base test class for plugin integration tests - Create integration tests for all 6 plugins: - basketball-scoreboard (11 tests) - calendar (10 tests) - clock-simple (11 tests) - odds-ticker (9 tests) - soccer-scoreboard (11 tests) - text-display (12 tests) - Total: 64 new plugin integration tests - Increase test coverage from 30.87% to 33.38% - All 331 tests passing Tests verify: - Plugin loading and instantiation - Required methods (update, display) - Manifest validation - Display modes - Config schema validation - Graceful handling of missing API credentials Uses hybrid approach: integration tests in main repo, plugin-specific unit tests remain in plugin submodules. * Add mqtt-notifications plugin as submodule * fix(sports): Respect games_to_show settings for favorite teams - Fix upcoming games to show N games per team (not just 1) - Fix recent games to show N games per team (not just 1) - Add duplicate removal for games involving multiple favorite teams - Match behavior of basketball-scoreboard plugin - Affects NFL, NHL, and other sports using base_classes/sports.py * chore: Remove debug instrumentation logs - Remove temporary debug logging added during fix verification - Fix confirmed working by user * debug: Add instrumentation to debug configuration header visibility issue * fix: Resolve nested section content sliding under next header - Remove overflow-hidden from nested-section to allow proper document flow - Add proper z-index and positioning to prevent overlap - Add margin-top to nested sections for better spacing - Remove debug instrumentation that was causing ERR_BLOCKED_BY_CLIENT errors * fix: Prevent unnecessary plugin tab redraws - Add check to only update tabs when plugin list actually changes - Increase debounce timeout to batch rapid changes - Compare plugin IDs before updating to avoid redundant redraws - Fix setter to check for actual changes before triggering updates * fix: Prevent form-groups from sliding out of view when nested sections expand - Increase margin-bottom on nested-sections for better spacing - Add clear: both to nested-sections to ensure proper document flow - Change overflow to visible when expanded to allow natural flow - Add margin-bottom to expanded content - Add spacing rules for form-groups that follow nested sections - Add clear spacer div after nested sections * fix: Reduce excessive debug logging in generateConfigForm - Only log once per plugin instead of on every function call - Prevents log spam when Alpine.js re-renders the form multiple times - Reduces console noise from 10+ logs per plugin to 1 log per plugin * fix: Prevent nested section content from sliding out of view when expanded - Remove overflow-hidden from nested-section in base.html (was causing clipping) - Add scrollIntoView to scroll expanded sections into view within modal - Set nested-section overflow to visible to prevent content clipping - Add min-height to nested-content to ensure proper rendering - Wait for animation to complete before scrolling into view * fix: Prevent form-groups from overlapping and appearing outside view - Change nested-section overflow to hidden by default, visible when expanded - Add :has() selector to allow overflow when content is expanded - Ensure form-groups after nested sections have proper spacing and positioning - Add clear: both and width: 100% to prevent overlap - Use !important for margin-top to ensure spacing is applied - Ensure form-groups are in normal document flow with float: none * fix: Use JavaScript to toggle overflow instead of :has() selector - :has() selector may not be supported in all browsers - Use JavaScript to set overflow: visible when expanded, hidden when collapsed - This ensures better browser compatibility while maintaining functionality * fix: Make parent sections expand when nested sections expand - Add updateParentNestedContentHeight() helper to recursively update parent heights - When a nested section expands, recalculate all parent nested-content max-heights - Ensures parent sections (like NFL) expand to accommodate expanded child sections - Updates parent heights both on expand and collapse for proper animation * refactor: Simplify parent section expansion using CSS max-height: none - Remove complex recursive parent height update function - Use CSS max-height: none when expanded to allow natural expansion - Parent sections automatically expand because nested-content has no height constraint - Simpler and more maintainable solution * refactor: Remove complex recursive parent height update function - CSS max-height: none already handles parent expansion automatically - No need for JavaScript to manually update parent heights - Much simpler and cleaner solution * debug: Add instrumentation to debug auto-collapse issue - Add logging to track toggle calls and state changes - Add guard to prevent multiple simultaneous toggles - Pass event object to prevent bubbling - Improve state detection logic - Add return false to onclick handlers * chore: Remove debug instrumentation from toggleNestedSection - Remove all debug logging code - Keep functional fixes: event handling, toggle guard, improved state detection - Code is now clean and production-ready * fix(web): Add browser refresh note to plugin fetch errors * refactor(text-display): Update submodule to use ScrollHelper * fix(text-display): Fix scrolling display issue - update position in display() * feat(text-display): Add scroll_loop option and improve scroll speed control * debug: Add instrumentation to track plugin enabled state changes Added debug logging to investigate why plugins appear to disable themselves: - Track enabled state during plugin load (before/after schema merge) - Track enabled state during plugin reload - Track enabled state preservation during config save - Track state reconciliation fixes - Track enabled state updates in on_config_change This will help identify which code path is causing plugins to disable. * debug: Fix debug log path to work on Pi Changed hardcoded log path to use dynamic project root detection: - Uses LEDMATRIX_ROOT env var if set - Falls back to detecting project root by looking for config directory - Creates .cursor directory if it doesn't exist - Falls back to /tmp/ledmatrix_debug.log if all else fails - Added better error handling with logger fallback * Remove debug instrumentation for plugin enabled state tracking Removed all debug logging that was added to track plugin enabled state changes. The instrumentation has been removed as requested. * Reorganize documentation and cleanup test files - Move documentation files to docs/ directory - Remove obsolete test files - Update .gitignore and README * feat(text-display): Switch to frame-based scrolling with high FPS support * fix(text-display): Add backward compatibility for ScrollHelper sub-pixel scrolling * feat(scroll_helper): Add sub-pixel scrolling support for smooth movement - Add sub-pixel interpolation using scipy (if available) or numpy fallback - Add set_sub_pixel_scrolling() method to enable/disable feature - Implement _get_visible_portion_subpixel() for fractional pixel positioning - Implement _interpolate_subpixel() for linear interpolation - Prevents pixel skipping at slow scroll speeds - Maintains backward compatibility with integer pixel path * fix(scroll_helper): Reset last_update_time in reset_scroll() to prevent jump-ahead - Reset last_update_time when resetting scroll position - Prevents large delta_time on next update after reset - Fixes issue where scroll would immediately complete again after reset - Ensures smooth scrolling continuation after loop reset * fix(scroll_helper): Fix numpy broadcasting error in sub-pixel interpolation - Add output_width parameter to _interpolate_subpixel() for variable widths - Fix wrap-around case to use correct widths for interpolation - Handle edge cases where source array is smaller than expected - Prevent 'could not broadcast input array' errors in sub-pixel scrolling - Ensure proper width matching in all interpolation paths * feat(scroll): Add frame-based scrolling mode for smooth LED matrix movement - Add frame_based_scrolling flag to ScrollHelper - When enabled, moves fixed pixels per step, throttled by scroll_delay - Eliminates time-based jitter by ignoring frame timing variations - Provides stock-ticker-like smooth, predictable scrolling - Update text-display plugin to use frame-based mode This addresses stuttering issues where time-based scrolling caused visual jitter due to frame timing variations in the main display loop. * fix(scroll): Fix NumPy broadcasting errors in sub-pixel wrap-around - Ensure _interpolate_subpixel always returns exactly requested width - Handle cases where scipy.ndimage.shift produces smaller arrays - Add padding logic for wrap-around cases when arrays are smaller than expected - Prevents 'could not broadcast input array' errors during scrolling * refactor(scroll): Remove sub-pixel interpolation, use high FPS integer scrolling - Disable sub-pixel scrolling by default in ScrollHelper - Simplify get_visible_portion to always use integer pixel positioning - Restore frame-based scrolling logic for smooth high FPS movement - Use high frame rate (like stock ticker) for smoothness instead of interpolation - Reduces complexity and eliminates broadcasting errors * fix(scroll): Prevent large pixel jumps in frame-based scrolling - Initialize last_step_time properly to prevent huge initial jumps - Clamp scroll_speed to max 5 pixels/frame in frame-based mode - Prevents 60-pixel jumps when scroll_speed is misconfigured - Simplified step calculation to avoid lag catch-up jumps * fix(text-display): Align config schema and add validation - Update submodule reference - Adds warning and logging for scroll_speed config issues * fix(scroll): Simplify frame-based scrolling to match stock ticker behavior - Remove throttling logic from frame-based scrolling - Move pixels every call (DisplayController's loop timing controls rate) - Add enable_scrolling attribute to text-display plugin for high-FPS treatment - Matches stock ticker: simple, predictable movement every frame - Eliminates jitter from timing mismatches between DisplayController and ScrollHelper * fix(scroll): Restore scroll_delay throttling in frame-based mode - Restore time-based throttling using scroll_delay - Move pixels only when scroll_delay has passed - Handle lag catch-up with reasonable caps to prevent huge jumps - Preserve fractional timing for smooth operation - Now scroll_delay actually controls the scroll speed as intended * feat(text-display): Add FPS counter logging - Update submodule reference - Adds FPS tracking and logging every 5 seconds * fix(text-display): Add display-width buffer so text scrolls completely off - Update submodule reference - Adds end buffer to ensure text exits viewport before looping * fix: Prevent premature game switching in SportsLive - Set last_game_switch when games load even if current_game already exists - Set last_game_switch when same games update but it's still 0 - Add guard to prevent switching check when last_game_switch is 0 - Fixes issue where first game shows for only ~2 seconds before switching - Also fixes random screen flickering when games change prematurely * feat(plugins): Add branch selection support for plugin installation - Add optional branch parameter to install_plugin() and install_from_url() in store_manager - Update API endpoints to accept and pass branch parameter - Update frontend JavaScript to support branch selection in install calls - Maintain backward compatibility - branch parameter is optional everywhere - Falls back to default branch logic if specified branch doesn't exist * feat(plugins): Add UI for branch selection in plugin installation - Add branch input field in 'Install Single Plugin' section - Add global branch input for store installations - Update JavaScript to read branch from input fields - Branch input applies to all store installations when specified * feat(plugins): Change branch selection to be per-plugin instead of global - Remove global store branch input field - Add individual branch input field to each plugin card in store - Add branch input to custom registry plugin cards - Each plugin can now have its own branch specified independently * debug: Add logging to _should_exit_dynamic * feat(display_controller): Add universal get_cycle_duration support for all plugins UNIVERSAL FEATURE: Any plugin can now implement get_cycle_duration() to dynamically calculate the total time needed to show all content for a mode. New method: - _plugin_cycle_duration(plugin, display_mode): Queries plugin for calculated duration Integration: - Display controller calls plugin.get_cycle_duration(display_mode) - Uses returned duration as target (respecting max cap) - Falls back to cap if not provided Benefits: - Football plugin: Show all games (3 games × 15s = 45s total) - Basketball plugin: Could implement same logic - Hockey/Baseball/any sport: Universal support - Stock ticker: Could calculate based on number of stocks - Weather: Could calculate based on forecast days Example plugin implementation: Result: Plugins control their own display duration based on actual content, creating a smooth user experience where all content is shown before switching. * debug: Add logging to cycle duration call * debug: Change loop exit logs to INFO level * fix: Change cycle duration logs to INFO level * fix: Don't exit loop on False for dynamic duration plugins For plugins with dynamic duration enabled, keep the display loop running even when display() returns False. This allows games to continue rotating within the calculated duration. The loop will only exit when: - Cycle is complete (plugin reports all content shown) - Max duration is reached - Mode is changed externally * fix(schedule): Improve display scheduling functionality - Add GET endpoint for schedule configuration retrieval - Fix mode switching to clean up old config keys (days/start_time/end_time) - Improve error handling with consistent error_response() usage - Enhance display controller schedule checking with better edge case handling - Add validation for time formats and ensure at least one day enabled in per-day mode - Add debug logging for schedule state changes Fixes issues where schedule mode switching left stale config causing incorrect behavior. * fix(install): Add cmake and ninja-build to system dependencies Resolves h3 package build failure during first-time installation. The h3 package (dependency of timezonefinder) requires CMake and Ninja to build from source. Adding these build tools ensures successful installation of all Python dependencies. * fix: Pass display_mode in ALL loop calls to maintain sticky manager CRITICAL FIX: Display controller was only passing display_mode on first call, causing plugins to fall back to internal mode cycling and bypass sticky manager logic. Now consistently passes display_mode=active_mode on every display() call in both high-FPS and normal loops. This ensures plugins maintain mode context and sticky manager state throughout the entire display duration. * feat(install): Add OS check for Raspberry Pi OS Lite (Trixie) - Verify OS is Raspberry Pi OS (raspbian/debian) - Require Debian 13 (Trixie) specifically - Check for Lite version (no desktop environment) - Exit with clear error message if requirements not met - Provide instructions for obtaining correct OS version * fix(web-ui): Add missing notification handlers to quick action buttons - Added hx-on:htmx:after-request handlers to all quick action buttons in overview.html - Added hx-ext='json-enc' for proper JSON encoding - Added missing notification handler for reboot button in index.html - Users will now see toast notifications when actions complete or fail * fix(display): Ensure consistent display mode handling in all plugin calls - Updated display controller to consistently pass display_mode in all plugin display() calls. - This change maintains the sticky manager state and ensures plugins retain their mode context throughout the display duration. - Addresses issues with mode cycling and improves overall display reliability. * fix(display): Enhance display mode persistence across plugin updates - Updated display controller to ensure display_mode is consistently maintained during plugin updates. - This change prevents unintended mode resets and improves the reliability of display transitions. - Addresses issues with mode persistence, ensuring a smoother user experience across all plugins. * feat: Add Olympics countdown plugin as submodule - Add olympics-countdown plugin submodule - Update .gitignore to allow olympics-countdown plugin - Plugin automatically determines next Olympics and counts down to opening/closing ceremonies * feat(web-ui): Add checkbox-group widget support for multi-select arrays - Add checkbox-group widget rendering in plugins_manager.js - Update form processing to handle checkbox groups with [] naming - Support for friendly labels via x-options in config schemas - Update odds-ticker submodule with checkbox-group implementation * fix(plugins): Preserve enabled state when saving plugin config from main config endpoint When saving plugin configuration through save_main_config endpoint, the enabled field was not preserved if missing from the form data. This caused plugins to be automatically disabled when users saved their configuration from the plugin manager tab. This fix adds the same enabled state preservation logic that exists in save_plugin_config endpoint, ensuring consistent behavior across both endpoints. The enabled state is preserved from current config, plugin instance, or defaults to True to prevent unexpected disabling of plugins. * fix(git): Resolve git status timeout and exclude plugins from base project updates - Add --untracked-files=no flag to git status for faster execution - Increase timeout from 5s to 30s for git status operations - Add timeout exception handling for git status and stash operations - Filter out plugins directory from git status checks (plugins are separate repos) - Exclude plugins from stash operations using :!plugins pathspec - Apply same fixes to plugin store manager update operations * feat(plugins): Add granular scroll speed control to odds-ticker and leaderboard plugins - Add display object to both plugins' config schemas with scroll_speed and scroll_delay - Enable frame-based scrolling mode for precise FPS control (100 FPS for leaderboard) - Add set_scroll_speed() and set_scroll_delay() methods to both plugins - Maintain backward compatibility with scroll_pixels_per_second config - Leaderboard plugin now explicitly sets target_fps to 100 for high-performance scrolling * fix(scroll): Correct dynamic duration calculation for frame-based scrolling - Fix calculate_dynamic_duration() to properly handle frame-based scrolling mode - Convert scroll_speed from pixels/frame to pixels/second when in frame-based mode - Prevents incorrect duration calculations (e.g., 2609s instead of 52s) - Affects all plugins using ScrollHelper: odds-ticker, leaderboard, stocks, text-display - Add debug logging to show scroll mode and effective speed * Remove version logic from plugin system, use git commits instead - Remove version parameter from install_plugin() method - Rename fetch_latest_versions to fetch_commit_info throughout codebase - Remove version fields from plugins.json registry (versions, latest_version, download_url_template) - Remove version logging from plugin manager - Update web UI to use fetch_commit_info parameter - Update .gitignore to ignore all plugin folders (remove whitelist exceptions) - Remove plugin directories from git index (plugins now installed via plugin store only) Plugins now always install latest commit from default branch. Version fields replaced with git commit SHA and commit dates. System uses git-based approach for all plugin metadata. * feat(plugins): Normalize all plugins as git submodules - Convert all 18 plugins to git submodules for uniform management - Add submodules for: baseball-scoreboard, christmas-countdown, football-scoreboard, hockey-scoreboard, ledmatrix-flights, ledmatrix-leaderboard, ledmatrix-music, ledmatrix-stocks, ledmatrix-weather, static-image - Re-initialize mqtt-notifications as proper submodule - Update .gitignore to allow all plugin submodules - Add normalize_plugin_submodules.sh script for future plugin management All plugins with GitHub repositories are now managed as git submodules, ensuring consistent version control and easier updates. * refactor(repository): Reorganize scripts and files into organized directory structure - Move installation scripts to scripts/install/ (except first_time_install.sh) - Move development scripts to scripts/dev/ - Move utility scripts to scripts/utils/ - Move systemd service files to systemd/ - Keep first_time_install.sh, start_display.sh, stop_display.sh in root - Update all path references in scripts, documentation, and service files - Add README.md files to new directories explaining their purpose - Remove empty tools/ directory (contents moved to scripts/dev/) - Add .gitkeep to data/ directory * fix(scripts): Fix PROJECT_DIR path in start_web_conditionally.py after move to scripts/utils/ * fix(scripts): Fix PROJECT_DIR/PROJECT_ROOT path resolution in moved scripts - Fix wifi_monitor_daemon.py to use project root instead of scripts/utils/ - Fix shell scripts in scripts/ to correctly resolve project root (go up one more level) - Fix scripts in scripts/fix_perms/ to correctly resolve project root - Update diagnose_web_interface.sh to reference moved start_web_conditionally.py path All scripts now correctly determine project root after reorganization. * fix(install): Update first_time_install.sh to detect and update service files with old paths - Check for old paths in service files and reinstall if needed - Always reinstall main service (install_service.sh is idempotent) - This ensures existing installations get updated paths after reorganization * fix(install): Update install_service.sh message to indicate it updates existing services * fix(wifi): Enable WiFi scan to work when AP mode is active - Temporarily disable AP mode during network scanning - Automatically re-enable AP mode after scan completes - Add proper error handling with try/finally to ensure AP mode restoration - Add user notification when AP mode is temporarily disabled - Improve error messages for common scanning failures - Add timing delays for interface mode switching * fix(wifi): Fix network parsing to handle frequency with 'MHz' suffix - Strip 'MHz' suffix from frequency field before float conversion - Add better error logging for parsing failures - Fixes issue where all networks were silently skipped due to ValueError * debug(wifi): Add console logging and Alpine.js reactivity fixes for network display - Add console.log statements to debug network scanning - Add x-effect to force Alpine.js reactivity updates - Add unique keys to x-for template - Add debug display showing network count - Improve error handling and user feedback * fix(wifi): Manually update select options instead of using Alpine.js x-for - Replace Alpine.js x-for template with manual DOM manipulation - Add updateSelectOptions() method to directly update select dropdown - This fixes issue where networks weren't appearing in dropdown - Alpine.js x-for inside select elements can be unreliable * feat(web-ui): Add patternProperties support for dynamic key-value pairs - Add UI support for patternProperties objects (custom_feeds, feed_logo_map) - Implement key-value pair editor with add/remove functionality - Add JavaScript functions for managing dynamic key-value pairs - Update form submission to handle patternProperties JSON data - Enable easy configuration of feed_logo_map in web UI * chore: Update ledmatrix-news submodule to latest commit * fix(plugins): Handle arrays of objects in config normalization Fix configuration validation failure for static-image plugin by adding recursive normalization support for arrays of objects. The normalize_config_values function now properly handles arrays containing objects (like image_config.images) by recursively normalizing each object in the array using the items schema properties. This resolves the 'configuration validation failed' error when saving static image plugin configuration with multiple images. * fix(plugins): Handle union types in config normalization and form generation Fix configuration validation for fields with union types like ['integer', 'null']. The normalization function now properly handles: - Union types in top-level fields (e.g., random_seed: ['integer', 'null']) - Union types in array items - Empty string to None conversion for nullable fields - Form generation and submission for union types This resolves validation errors when saving plugin configs with nullable integer/number fields (e.g., rotation_settings.random_seed in static-image plugin). Also improves UX by: - Adding placeholder text for nullable fields explaining empty = use default - Properly handling empty values in form submission for union types * fix(plugins): Improve union type normalization with better edge case handling Enhanced normalization for union types like ['integer', 'null']: - Better handling of whitespace in string values - More robust empty string to None conversion - Fallback to None when conversion fails and null is allowed - Added debug logging for troubleshooting normalization issues - Improved handling of nested object fields with union types This should resolve remaining validation errors for nullable integer/number fields in nested objects (e.g., rotation_settings.random_seed). * chore: Add ledmatrix-news plugin to .gitignore exceptions * Fix web interface service script path in install_service.sh - Updated ExecStart path from start_web_conditionally.py to scripts/utils/start_web_conditionally.py - Updated diagnose_web_ui.sh to check for correct script path - Fixes issue where web UI service fails to start due to incorrect script path * Fix nested configuration section headers not expanding Fixed toggleNestedSection function to properly calculate scrollHeight when expanding nested configuration sections. The issue occurred when sections started with display:none - the scrollHeight was being measured before the browser had a chance to lay out the element, resulting in a value of 0. Changes: - Added setTimeout to delay scrollHeight measurement until after layout - Added overflow handling during animations to prevent content jumping - Added fallback for edge cases where scrollHeight might still be 0 - Set maxHeight to 'none' after expansion completes for natural growth - Updated function in both base.html and plugins_manager.js This fix applies to all plugins with nested configuration sections, including: - Hockey/Football/Basketball/Baseball/Soccer scoreboards (customization, global sections) - All plugins with transition, display, and other nested configuration objects Fixes configuration header expansion issues across all plugins. * Fix syntax error in first_time_install.sh step 8.5 Added missing 'fi' statement to close the if block in the WiFi monitor service installation section. This resolves the 'unexpected end of file' error that occurred at line 1385 during step 8.5. * Fix WiFi UI: Display correct SSID and accurate signal strength - Fix WiFi network selection dropdown not showing available networks - Replace manual DOM manipulation with Alpine.js x-for directive - Add fallback watcher to ensure select updates reactively - Fix WiFi status display showing netplan connection name instead of SSID - Query actual SSID from device properties (802-11-wireless.ssid) - Add fallback methods to get SSID from active WiFi connection list - Improve signal strength accuracy - Get signal directly from device properties (WIFI.SIGNAL) - Add multiple fallback methods for robust signal retrieval - Ensure signal percentage is accurate and up-to-date * Improve WiFi connection UI and error handling - Fix connect button disabled condition to check both selectedSSID and manualSSID - Improve error handling to display actual server error messages from 400 responses - Add step-by-step labels (Step 1, Step 2, Step 3) to clarify connection workflow - Add visual feedback showing selected network in blue highlight box - Improve password field labeling with helpful instructions - Add auto-clear logic between dropdown and manual SSID entry - Enhance backend validation with better error messages and logging - Trim SSID whitespace before processing to prevent validation errors * Add WiFi disconnect functionality for AP mode testing - Add disconnect_from_network() method to WiFiManager - Disconnects from current WiFi network using nmcli - Automatically triggers AP mode check if auto_enable_ap_mode is enabled - Returns success/error status with descriptive messages - Add /api/v3/wifi/disconnect API endpoint - POST endpoint to disconnect from current WiFi network - Includes proper error handling and logging - Add disconnect button to WiFi status section - Only visible when connected to a network - Red styling to indicate disconnection action - Shows 'Disconnecting...' state during operation - Automatically refreshes status after disconnect - Integrates with AP mode auto-enable functionality - When disconnected, automatically enables AP mode if configured - Perfect for testing captive portal and AP mode features * Add explicit handling for broken pipe errors during plugin dependency installation - Catch BrokenPipeError and OSError (errno 32) explicitly in all dependency installation methods - Add clear error messages explaining network interruption or buffer overflow causes - Improves error handling in store_manager, plugin_loader, and plugin_manager - Helps diagnose 'Errno 32 Broken Pipe' errors during pip install operations * Add WiFi permissions configuration script and integrate into first-time install - Create configure_wifi_permissions.sh script - Configures passwordless sudo for nmcli commands - Configures PolicyKit rules for NetworkManager control - Fixes 'Not Authorized to control Networking' error - Allows web interface to connect/disconnect WiFi without password prompts - Integrate WiFi permissions configuration into first_time_install.sh - Added as Step 10.1 after passwordless sudo configuration - Runs automatically during first-time installation - Ensures WiFi management works out of the box - Resolves authorization errors when connecting/disconnecting WiFi networks - NetworkManager requires both sudo and PolicyKit permissions - Script configures both automatically for seamless WiFi management * Add WiFi status LED message display integration - Integrate WiFi status messages from wifi_manager into display_controller - WiFi status messages interrupt normal rotation (but respect on-demand) - Priority: on-demand > wifi-status > live-priority > normal rotation - Safe implementation with comprehensive error handling - Automatic cleanup of expired/corrupted status files - Word-wrapping for long messages (max 2 lines) - Centered text display with small font - Non-intrusive: all errors are caught and logged, never crash controller * Fix display loop issues: reduce log spam and handle missing plugins - Change _should_exit_dynamic logging from INFO to DEBUG to reduce log spam in tight loops (every 8ms) that was causing high CPU usage - Fix display loop not running when manager_to_display is None - Add explicit check to set display_result=False when no plugin manager found - Fix logic bug where manager_to_display was overwritten after circuit breaker skip - Ensure proper mode rotation when plugins have no content or aren't found * Add debug logging to diagnose display loop stuck issue * Change debug logs to INFO level to diagnose display loop stuck * Add schedule activation logging and ensure display is blanked when inactive - Add clear INFO-level log message when schedule makes display inactive - Track previous display state to detect schedule transitions - Clear display when schedule makes it inactive to ensure blank screen (prevents showing initialization screen when schedule kicks in) - Initialize _was_display_active state tracking in __init__ * Fix indentation errors in schedule state tracking * Add rotation between hostname and IP address every 10 seconds - Added _get_local_ip() method to detect device IP address - Implemented automatic rotation between hostname and IP every 10 seconds - Enhanced logging to include both hostname and IP in initialization - Updated get_info() to expose device_ip and current_display_mode * Add WiFi connection failsafe system - Save original connection before attempting new connection - Automatically restore original connection if new connection fails - Enable AP mode as last resort if restoration fails - Enhanced connection verification with multiple attempts - Verify correct SSID (not just 'connected' status) - Better error handling and exception recovery - Prevents Pi from becoming unresponsive on connection failure - Always ensures device remains accessible via original WiFi or AP mode * feat(web): Improve web UI startup speed and fix cache permissions - Defer plugin discovery until first API request (removed from startup) - Add lazy loading to operation queue, state manager, and operation history - Defer health monitor initialization until first request - Fix cache directory permission issue: - Add systemd CacheDirectory feature for automatic cache dir creation - Add manual cache directory creation in install script as fallback - Improve cache manager logging (reduce alarming warnings) - Fix syntax errors in wifi_manager.py (unclosed try blocks) These changes significantly improve web UI startup time, especially with many plugins installed, while maintaining full backward compatibility. * feat(plugins): Improve GitHub token pop-up UX and combine warning/settings - Fix visibility toggle to handle inline styles properly - Remove redundant inline styles from HTML elements - Combine warning banner and settings panel into unified component - Add loading states to save/load token buttons - Improve error handling with better user feedback - Add token format validation (ghp_ or github_pat_ prefix) - Auto-refresh GitHub auth status after saving token - Hide warning banner when settings panel opens - Clear input field after successful save for security This creates a smoother UX flow where clicking 'Configure Token' transitions from warning directly to configuration form. * fix(wifi): Prevent WiFi radio disabling during AP mode disable - Make NetworkManager restart conditional (only for hostapd mode) - Add enhanced WiFi radio enable with retry and verification logic - Add connectivity safety check before NetworkManager restart - Ensure WiFi radio enabled after all AP mode disable operations - Fix indentation bug in dnsmasq backup restoration logic - Add pre-connection WiFi radio check for safety Fixes issue where WiFi radio was being disabled when disabling AP mode, especially when connected via Ethernet, making it impossible to enable WiFi from the web UI. * fix(plugin-templates): Fix unreachable fallback to expired cache in update() method The exception handler in update() checked the cached variable, which would always be None or falsy at that point. If fresh cached data existed, the method returned early. If cached data was expired, it was filtered out by max_age constraint. The fix retrieves cached data again in the exception handler with a very large max_age (1 year) to effectively bypass expiration check and allow fallback to expired data when fetch fails. * fix(plugin-templates): Resolve plugin_id mismatch in test template setUp method * feat(plugins): Standardize manifest version fields schema - Consolidate version fields to use consistent naming: - compatible_versions: array of semver ranges (required) - min_ledmatrix_version: string (optional) - max_ledmatrix_version: string (optional) - versions[].ledmatrix_min_version: renamed from ledmatrix_min - Add manifest schema validation (schema/manifest_schema.json) - Update store_manager to validate version fields and schema - Update template and all documentation examples to use standardized fields - Add deprecation warnings for ledmatrix_version and ledmatrix_min fields * fix(templates): Update plugin README template script path to correct location * docs(plugin): Resolve conflicting version management guidance in .cursorrules * chore(.gitignore): Consolidate plugin exclusion patterns Remove unnecessary !plugins//.git pattern and consolidate duplicate negations by keeping only trailing-slash directory exclusions. docs: Add language specifiers to code blocks in STATIC_IMAGE_MULTI_UPLOAD_PLAN.md * fix(templates): Remove api_key from config.json example in plugin README template Remove api_key field from config.json example to prevent credential leakage. API keys should only be stored in config_secrets.json. Added clarifying note about proper credential storage. * docs(README): Add plugin installation and migration information - Add plugin installation instructions via web interface and GitHub URL - Add plugin migration guide for users upgrading from old managers - Improve plugin documentation for new users * docs(readme): Update donation links and add Discord acknowledgment * docs: Add comprehensive API references and consolidate documentation - Add API_REFERENCE.md with complete REST API documentation (50+ endpoints) - Add PLUGIN_API_REFERENCE.md documenting Display Manager, Cache Manager, and Plugin Manager APIs - Add ADVANCED_PLUGIN_DEVELOPMENT.md with advanced patterns and examples - Add DEVELOPER_QUICK_REFERENCE.md for quick developer reference - Consolidate plugin configuration docs into single PLUGIN_CONFIGURATION_GUIDE.md - Archive completed implementation summaries to docs/archive/ - Enhance PLUGIN_DEVELOPMENT_GUIDE.md with API links and 3rd party submission guidelines - Update docs/README.md with new API reference sections - Update root README.md with documentation links * fix(install): Fix IP detection and network diagnostics after fresh install - Fix web-ui-info plugin IP detection to handle no internet, AP mode, and network state changes - Replace socket-based detection with robust interface scanning using hostname -I and ip addr - Add AP mode detection returning 192.168.4.1 when AP mode is active - Add periodic IP refresh every 30 seconds to handle network state changes - Improve network diagnostics in first_time_install.sh showing actual IPs, WiFi status, and AP mode - Add WiFi connection check in WiFi monitor installation with warnings - Enhance web service startup logging to show accessible IP addresses - Update README with network troubleshooting section and fix port references (5001->5000) Fixes issue where display showed incorrect IP (127.0.11:5000) and users couldn't access web UI after fresh install. * chore: Add GitHub sponsor button configuration * fix(wifi): Fix aggressive AP mode enabling and improve WiFi detection Critical fixes: - Change auto_enable_ap_mode default from True to False (manual enable only) - Fixes issue where Pi would disconnect from network after code updates - Matches documented behavior (was incorrectly defaulting to True in code) Improvements: - Add grace period: require 3 consecutive disconnected checks (90s) before enabling AP mode - Prevents AP mode from enabling on transient network hiccups - Improve WiFi status detection with retry logic and better nmcli parsing - Enhanced logging for debugging WiFi connection issues - Better handling of WiFi device detection (works with any wlan device) This prevents the WiFi monitor from aggressively enabling AP mode and disconnecting the Pi from the network when there are brief network issues or during system initialization. * fix(wifi): Revert auto_enable_ap_mode default to True with grace period protection Change default back to True for auto_enable_ap_mode while keeping the grace period protection that prevents interrupting valid WiFi connections. - Default auto_enable_ap_mode back to True (useful for setup scenarios) - Grace period (3 consecutive checks = 90s) prevents false positives - Improved WiFi detection with retry logic ensures accurate status - AP mode will auto-enable when truly disconnected, but won't interrupt valid connections due to transient detection issues * fix(news): Update submodule reference for manifest fix Update ledmatrix-news submodule to include the fixed manifest.json with required entry_point and class_name fields. * fix(news): Update submodule reference with validate_config addition Update ledmatrix-news submodule to include validate_config method for proper configuration validation. * feat: Add of-the-day plugin as git submodule - Add ledmatrix-of-the-day plugin as git submodule - Rename submodule path from plugins/of-the-day to plugins/ledmatrix-of-the-day to match repository naming convention - Update .gitignore to allow ledmatrix-of-the-day submodule - Plugin includes fixes for display rendering and web UI configuration support * fix(wifi): Make AP mode open network and fix WiFi page loading in AP mode AP Mode Changes: - Remove password requirement from AP mode (open network for easier setup) - Update hostapd config to create open network (no WPA/WPA2) - Update nmcli hotspot to create open network (no password parameter) WiFi Page Loading Fixes: - Download local copies of HTMX and Alpine.js libraries - Auto-detect AP mode (192.168.4.x) and use local JS files instead of CDN - Auto-open WiFi tab when accessing via AP mode IP - Add fallback loading if HTMX fails to load - Ensures WiFi setup page works in AP mode without internet access This fixes the issue where the WiFi page wouldn't load on iPhone when accessing via AP mode (192.168.4.1:5000) because CDN resources couldn't be fetched without internet connectivity. * feat(wifi): Add explicit network switching support with clean disconnection WiFi Manager Improvements: - Explicitly disconnect from current network before connecting to a new one - Add skip_ap_check parameter to disconnect_from_network() to prevent AP mode from activating during network switches - Check if already connected to target network to avoid unnecessary work - Improved logging for network switching operations Web UI Improvements: - Detect and display network switching status in UI - Show 'Switching from [old] to [new]...' message when switching networks - Enhanced status reloading after connection (multiple checks at 2s, 5s, 10s) - Better user feedback during network transitions This ensures clean network switching without AP mode interruptions and provides clear feedback to users when changing WiFi networks. * fix(web-ui): Add fallback content loading when HTMX fails to load Problem: - After recent updates, web UI showed navigation and CPU status but main content tabs never loaded - Content tabs depend on HTMX's 'revealed' trigger to load - If HTMX failed to load or initialize, content would never appear Solutions: - Enhanced HTMX loading verification with timeout checks - Added fallback direct fetch for overview tab if HTMX fails - Added automatic tab content loading when tabs change - Added loadTabContent() method to manually trigger content loading - Added global 'htmx-load-failed' event for error handling - Automatic retry after 5 seconds if HTMX isn't available - Better error messages and console logging for debugging This ensures the web UI loads content even if HTMX has issues, providing graceful degradation and better user experience. * feat(web-ui): Add support for plugin custom HTML widgets and static file serving - Add x-widget: custom-html support in config schema generation - Add loadCustomHtmlWidget() function to load HTML from plugin directories - Add /api/v3/plugins/<plugin_id>/static/<file_path> endpoint for serving plugin static files - Enhance execute_plugin_action() to pass params via stdin as JSON for scripts - Add JSON output parsing for script action responses These changes enable plugins to provide custom UI components while keeping all functionality plugin-scoped. Used by of-the-day plugin for file management. * fix(web-ui): Resolve Alpine.js initialization errors - Prevent Alpine.js from auto-initializing before app() function is defined - Add deferLoadingAlpine to ensure proper initialization order - Make app() function globally available via window.app - Fix 'app is not defined' and 'activeTab is not defined' errors - Remove duplicate Alpine.start() calls that caused double initialization warnings * fix(web-ui): Fix IndentationError in api_v3.py OAuth flow - Fix indentation in if action_def.get('oauth_flow') block - Properly indent try/except block and all nested code - Resolves IndentationError that prevented web interface from starting * fix(web-ui): Fix SyntaxError in api_v3.py else block - Fix indentation of OAuth flow code inside else block - Properly indent else block for simple script execution - Resolves SyntaxError at line 3458 that prevented web interface from starting * fix(web-ui): Restructure OAuth flow check to fix SyntaxError - Move OAuth flow check before script execution in else block - Remove unreachable code that was causing syntax error - OAuth check now happens first, then falls back to script execution - Resolves SyntaxError at line 3458 * fix(web-ui): Define app() function in head for Alpine.js initialization - Define minimal app() function in head before Alpine.js loads - Ensures app() is available when Alpine initializes - Full implementation in body enhances/replaces the stub - Fixes 'app is not defined' and 'activeTab is not defined' errors * fix(web-ui): Ensure plugin tabs load when full app() implementation is available - Update stub init() to detect and use full implementation when available - Ensure full implementation properly replaces stub methods - Call init() after merging to load plugins and set up watchers - Fixes issue where installed plugins weren't showing in navigation bar * fix(web-ui): Prevent 'Cannot redefine property' error for installedPlugins - Check if window.installedPlugins property already exists before defining - Make property configurable to allow redefinition if needed - Add _initialized flag to prevent multiple init() calls - Fixes TypeError when stub tries to enhance with full implementation * fix(web-ui): Fix variable redeclaration errors in logs tab - Replace let/const declarations with window properties to avoid redeclaration - Use window._logsEventSource, window._allLogs, etc. to persist across HTMX reloads - Clean up existing event source before reinitializing - Remove and re-add event listeners to prevent duplicates - Fixes 'Identifier has already been declared' error when accessing logs tab multiple times * feat(web-ui): Add support for additionalProperties object rendering - Add handler for objects with additionalProperties containing object schemas - Render dynamic category controls with enable/disable toggles - Display category metadata (display name, data file path) - Used by of-the-day plugin for category management * fix(wifi): Ensure AP mode hotspot is always open (no password) Problem: - LEDMatrix-Setup WiFi AP was still asking for password despite code changes - Existing hotspot connections with passwords weren't being fully cleaned up - NetworkManager might reuse old connection profiles with passwords Solutions: - More thorough cleanup: Delete all hotspot-related connections, not just known names - Verification: Check if hotspot has password after creation - Automatic fix: Remove password and restart connection if security is detected - Better logging: Log when password is detected and removed This ensures the AP mode hotspot is always open for easy setup access, even if there were previously saved connections with passwords. * fix(wifi): Improve network switching reliability and device state handling Problem: - Pi failing to switch WiFi networks via web UI - Connection attempts happening before device is ready - Disconnect not fully completing before new connection attempt - Connection name lookup issues when SSID doesn't match connection name Solutions: - Improved disconnect logic: Disconnect specific connection first, then device - Device state verification: Wait for device to be ready (disconnected/unavailable) before connecting - Better connection lookup: Search by SSID, not just connection name - Increased wait times: 2 seconds for disconnect to complete - State checking before activating existing connections - Enhanced error handling and logging throughout This ensures network switching works reliably by properly managing device state transitions and using correct connection identifiers. * debug(web-ui): Add debug logging for custom HTML widget loading - Add console logging to track widget generation - Improve error messages with missing configuration details - Help diagnose why file manager widget may not be appearing * fix(web-ui): Fix [object Object] display in categories field - Add type checking to ensure category values are strings before rendering - Safely extract data_file and display_name properties - Prevent object coercion issues in category display * perf(web-ui): Optimize plugin loading in navigation bar - Reduce stub init timeout from 100ms to 10ms for faster enhancement - Change full implementation merge from 50ms setTimeout to requestAnimationFrame - Add direct plugin loading in stub while waiting for full implementation - Skip plugin reload in full implementation if already loaded by stub - Significantly improves plugin tab loading speed in navigation bar * feat(web-ui): Adapt file-upload widget for JSON files in of-the-day plugin - Add specialized JSON upload/delete endpoints for of-the-day plugin - Modify file-upload widget to support JSON files (file_type: json) - Render JSON files with file-code icon instead of image preview - Show entry count for JSON files - Store files in plugins/ledmatrix-of-the-day/of_the_day/ directory - Automatically update categories config when files are uploaded/deleted - Populate uploaded_files array from categories on form load - Remove custom HTML widget, use standard file-upload widget instead * fix(web-ui): Add working updatePluginTabs to stub for immediate plugin tab rendering - Stub's updatePluginTabs was empty, preventing tabs from showing - Add basic implementation that creates plugin tabs in navigation bar - Ensures plugin tabs appear immediately when plugins load, even before full implementation merges - Fixes issue where plugin navigation bar wasn't working * feat(api): Populate uploaded_files and categories from disk for of-the-day plugin - Scan of_the_day directory for existing JSON files when loading config - Populate uploaded_files array from files on disk - Populate categories from files on disk if not in config - Categories default to disabled, user can enable them - Ensures existing JSON files (word_of_the_day.json, slovenian_word_of_the_day.json) appear in UI * fix(api): Improve category merging logic for of-the-day plugin - Preserve existing category enabled state when merging with files from disk - Ensure all JSON files from disk appear in categories section - Categories from files default to disabled, preserving user choices - Properly merge existing config with scanned files * fix(wifi): More aggressive password removal for AP mode hotspot Problem: - LEDMatrix-Setup network still asking for password despite previous fixes - NetworkManager may add default security settings to hotspots - Existing connections with passwords may not be fully cleaned up Solutions: - Always remove ALL security settings after creating hotspot (not just when detected) - Remove multiple security settings: key-mgmt, psk, wep-key, auth-alg - Verify security was removed and recreate connection if verification fails - Improved cleanup: Delete connections by SSID match, not just by name - Disconnect connections before deleting them - Always restart connection after removing security to apply changes - Better logging for debugging This ensures the AP mode hotspot is always open, even if NetworkManager tries to add default security settings. * perf(web): Optimize web interface performance and fix JavaScript errors - Add resource hints (preconnect, dns-prefetch) for CDN resources to reduce DNS lookup delays - Fix duplicate response parsing bug in loadPluginConfig that was parsing JSON twice - Replace direct fetch() calls with PluginAPI.getInstalledPlugins() to leverage caching and throttling - Fix Alpine.js function availability issues with defensive checks and $nextTick - Enhance request deduplication with debug logging and statistics - Add response caching headers for static assets and API responses - Add performance monitoring utilities with detailed metrics Fixes console errors for loadPluginConfig and generateConfigForm not being defined. Reduces duplicate API calls to /api/v3/plugins/installed endpoint. Improves initial page load time with resource hints and optimized JavaScript loading. * perf(web-ui): optimize CSS for Raspberry Pi performance - Remove backdrop-filter blur from modal-backdrop - Remove box-shadow transitions (use transform/opacity only) - Remove button ::before pseudo-element animation - Simplify skeleton loader (gradient to opacity pulse) - Optimize transition utility (specific properties, not 'all') - Improve color contrast for WCAG AA compliance - Add CSS containment to cards, plugin-cards, modals - Remove unused CSS classes (duration-300, divider, divider-light) - Remove duplicate spacing utility classes All animations now GPU-accelerated (transform/opacity only). Optimized for low-powered Raspberry Pi devices. * fix(web): Resolve ReferenceError for getInstalledPluginsSafe in v3 stub initialization Move getInstalledPluginsSafe() function definition before the app() stub code that uses it. The function was previously defined at line 3756 but was being called at line 849 during Alpine.js initialization, causing a ReferenceError when loadInstalledPluginsDirectly() attempted to load plugins before the full implementation was ready. * fix(web): Resolve TypeError for installedPlugins.map in plugin loading Fix PluginAPI.getInstalledPlugins() to properly extract plugins array from API response structure. The API returns {status: 'success', data: {plugins: [...]}}, but the method was returning response.data (the object) instead of response.data.plugins (the array). Changes: - api_client.js: Extract plugins array from response.data.plugins - plugins_manager.js: Add defensive array checks and handle array return value correctly - base.html: Add defensive check in getInstalledPluginsSafe() to ensure plugins is always an array This prevents 'installedPlugins.map is not a function' errors when loading plugins. * style(web-ui): Enhance navigation bar styling for better readability - Improve contrast: Change inactive tab text from gray-500 to gray-700 - Add gradient background and thicker border for active tabs - Enhance hover states with background highlights - Add smooth transitions using GPU-accelerated properties - Update all navigation buttons (system tabs and plugin tabs) - Add updatePluginTabStates() method for dynamic tab state management All changes are CSS-only with zero performance overhead. * fix(web-ui): Optimize plugin loading and reduce initialization errors - Make generateConfigForm accessible to inline Alpine components via parent scope - Consolidate plugin initialization to prevent duplicate API calls - Fix script execution from HTMX-loaded content by extracting scripts before DOM insertion - Add request deduplication to loadInstalledPlugins() to prevent concurrent requests - Improve Alpine component initialization with proper guards and fallbacks This eliminates 'generateConfigForm is not defined' errors and reduces plugin API calls from 3-4 duplicate calls to 1 per page load, significantly improving page load performance. * fix(web-ui): Add guard check for generateConfigForm to prevent Alpine errors Add typeof check in x-show to prevent Alpine from evaluating generateConfigForm before the component methods are fully initialized. This eliminates the 'generateConfigForm is not defined' error that was occurring during component initialization. * fix(web-ui): Fix try-catch block structure in script execution code Correct the nesting of try-catch block inside the if statement for script execution. The catch block was incorrectly placed after the else clause, causing a syntax error. * fix(web-ui): Escape quotes in querySelector to avoid HTML attribute conflicts Change double quotes to single quotes in the CSS selector to prevent conflicts with HTML attribute parsing when the x-data expression is embedded. * style(web): Improve button text readability in Quick Actions section * fix(web): Resolve Alpine.js expression errors in plugin configuration component - Capture plugin from parent scope into component data to fix parsing errors - Update all plugin references to use this.plugin in component methods - Fix x-init to properly call loadPluginConfig method - Resolves 'Uncaught ReferenceError' for isOnDemandLoading, onDemandLastUpdated, and other component properties * fix(web): Fix remaining Alpine.js scope issues in plugin configuration - Use this.generateConfigForm in typeof checks and method calls - Fix form submission to use this.plugin.id - Use $root. prefix for parent scope function calls (refreshPlugin, updatePlugin, etc.) - Fix confirm dialog string interpolation - Ensures all component methods and properties are properly scoped * fix(web): Add this. prefix to all Alpine.js component property references - Fix all template expressions to use this. prefix for component properties - Update isOnDemandLoading, onDemandLastUpdated, onDemandRefreshing references - Update onDemandStatusClass, onDemandStatusText, onDemandServiceClass, onDemandServiceText - Update disableRunButton, canStopOnDemand, showEnableHint, loading references - Ensures Alpine.js can properly resolve all component getters and properties * fix(web): Resolve Alpine.js expression errors in plugin configuration - Move complex x-data object to pluginConfigData() function for better parsing - Fix all template expressions to use this.plugin instead of plugin - Add this. prefix to all method calls in event handlers - Fix duplicate x-on:click attribute on uninstall button - Add proper loading state management in loadPluginConfig method This resolves the 'Invalid or unexpected token' and 'Uncaught ReferenceError' errors in the browser console. * fix(web): Fix plugin undefined errors in Alpine.js plugin configuration - Change x-data initialization to capture plugin from loop scope first - Use Object.assign in x-init to merge pluginConfigData properties - Add safety check in pluginConfigData function for undefined plugins - Ensure plugin is available before accessing properties in expressions This resolves the 'Cannot read properties of undefined' errors by ensuring the plugin object is properly captured from the x-for loop scope before any template expressions try to access it. * style(web): Make Quick Actions button text styling consistent - Update Start Display, Stop Display, and Reboot System buttons - Change from text-sm font-medium to text-base font-semibold - All Quick Actions buttons now have consistent bold, larger text - Matches the styling of Update Code, Restart Display Service, and Restart Web Service buttons * fix(wifi): Properly handle AP mode disable during WiFi connection - Check return value of disable_ap_mode() before proceeding with connection - Add verification loop to ensure AP mode is actually disabled - Increase wait time to 5 seconds for NetworkManager restart stabilization - Return clear error messages if AP mode cannot be disabled - Prevents connection failures when switching networks from web UI or AP mode This fixes the issue where WiFi network switching would fail silently when AP mode disable failed, leaving the system in an inconsistent state. * fix(web): Handle API response errors in plugin configuration loading - Add null/undefined checks before accessing API response status - Set fallback defaults when API responses don't have status 'success' - Add error handling for batch API requests with fallback to individual requests - Add .catch() handlers to individual fetch calls to prevent unhandled rejections - Add console warnings to help debug API response failures - Fix applies to both main loadPluginConfig and PluginConfigHelpers.loadPluginConfig This fixes the issue where plugin configuration sections would get stuck showing the loading animation when API responses failed or returned error status. * fix(web): Fix Alpine.js reactivity for plugin config by using direct x-data Changed from Object.assign pattern to direct x-data assignment to ensure Alpine.js properly tracks reactive properties. The previous approach used Object.assign to merge properties into the component after initialization, which caused Alpine to not detect changes to config/schema properties. The fix uses pluginConfigData(plugin) directly as x-data, ensuring all properties including config, schema, loading, etc. are reactive from component initialization. * fix(web): Ensure plugin variable is captured in x-data scope Use spread operator to merge pluginConfigData properties while explicitly capturing the plugin variable from outer x-for scope. This fixes undefined plugin errors when Alpine evaluates the component data. * fix(web): Use $data for Alpine.js reactivity when merging plugin config Use Object.assign with Alpine's $data reactive proxy instead of this to ensure added properties are properly reactive. This fixes the issue where plugin variable scoping from x-for wasn't accessible in x-data expressions. * fix(web): Remove incorrect 'this.' prefix in Alpine.js template expressions Alpine.js template expressions (x-show, x-html, x-text, x-on) use the component data as the implicit context, so 'this.' prefix is incorrect. In template expressions, 'this' refers to the DOM element, not the component data. Changes: - Replace 'this.plugin.' with 'plugin.' in all template expressions (19 instances) - Replace 'this.loading' with 'loading' in x-show directives - Replace 'this.generateConfigForm' with 'generateConfigForm' in x-show/x-html - Replace 'this.savePluginConfig' with 'savePluginConfig' in x-on:submit - Replace 'this.config/schema/webUiActions' with direct property access - Use '$data.loadPluginConfig' in x-init for explicit method call Note: 'this.' is still correct inside JavaScript method definitions within pluginConfigData() function since those run with proper object context. * fix(web): Prevent infinite recursion in plugin config methods Add 'parent !== this' check to loadPluginConfig, generateConfigForm, and savePluginConfig methods in pluginConfigData to prevent infinite recursion when the component tries to delegate to a parent that resolves to itself. This fixes the 'Maximum call stack size exceeded' error that occurred when the nested Alpine component's $root reference resolved to a component that had the same delegating methods via Object.assign. * fix(web): Resolve infinite recursion in plugin config by calling $root directly The previous implementation had delegating methods (generateConfigForm, savePluginConfig) in pluginConfigData that tried to call parent.method(), but the parent detection via getParentApp() was causing circular calls because multiple components had the same methods. Changes: - Template now calls $root.generateConfigForm() and $root.savePluginConfig() directly instead of going through nested component delegation - Removed delegating generateConfigForm and savePluginConfig from pluginConfigData - Removed getParentApp() helper that was enabling the circular calls - Simplified loadPluginConfig to use PluginConfigHelpers directly This fixes the 'Maximum call stack size exceeded' error when rendering plugin configuration forms. * fix(web): Use window.PluginConfigHelpers instead of $root for plugin config The $root magic variable in Alpine.js doesn't correctly reference the app() component's data scope from nested x-data contexts. This causes generateConfigForm and savePluginConfig to be undefined. Changed to use window.PluginConfigHelpers which has explicit logic to find and use the app component's methods. * fix(web): Use direct x-data initialization for plugin config reactivity Changed from Object.assign($data, pluginConfigData(plugin)) to x-data="pluginConfigData(plugin)" to ensure Alpine.js properly tracks reactivity for all plugin config properties. This fixes the issue where all plugin tabs were showing the same config. * refactor(web): Implement server-side plugin config rendering with HTMX Major architectural improvement to plugin configuration management: - Add server-side Jinja2 template for plugin config forms (web_interface/templates/v3/partials/plugin_config.html) - Add Flask route to serve plugin config partials on-demand - Replace complex client-side form generation with HTMX lazy loading - Add Alpine.js store for centralized plugin state management - Mark old pluginConfigData and PluginConfigHelpers as deprecated Benefits: - Lazy loading: configs only load when tab is accessed - Server-side rendering: reduces client-side complexity - Better performance: especially on Raspberry Pi - Cleaner code: Jinja2 macros replace JS string templates - More maintainable: form logic in one place (server) The old client-side code is preserved for backwards compatibility but is no longer used by the main plugin configuration UI. * fix(web): Trigger HTMX manually after Alpine renders plugin tabs HTMX processes attributes at page load time, before Alpine.js renders dynamic content. Changed from :hx-get attribute to x-init with htmx.ajax() to properly trigger the request after the element is rendered. * fix(web): Remove duplicate 'enabled' toggle from plugin config form The 'enabled' field was appearing twice in plugin configuration: 1. Header toggle (quick action, uses HTMX) 2. Configuration form (from schema, requires save) Now only the header toggle is shown, avoiding user confusion. The 'enabled' key is explicitly skipped when rendering schema properties. * perf(web): Optimize plugin manager with request caching and init guards Major performance improvements to plugins_manager.js: 1. Request Deduplication & Caching - Added pluginLoadCache with 3-second TTL - Subsequent calls return cached data instead of making API requests - In-flight request deduplication prevents parallel duplicate fetches - Added refreshInstalledPlugins() for explicit force-refresh 2. Initialization Guards - Added pluginsInitialized flag to prevent multiple initializePlugins() calls - Added _eventDelegationSetup guard on container to prevent duplicate listeners - Added _listenerSetup guards on search/category inputs 3. Debug Logging Control - Added PLUGIN_DEBUG flag (localStorage.setItem('pluginDebug', 'true')) - Most console.log calls now use pluginLog() which only logs when debug enabled - Reduces console noise from ~150 logs to ~10 in production Expected improvements: - API calls reduced from 6+ to 2 on page load - Event listeners no longer duplicated - Cleaner console output - Faster perceived performance * fix(web): Handle missing search elements in searchPluginStore The searchPluginStore function was failing silently when called before the plugin-search and plugin-category elements existed in the DOM. This caused the plugin store to never load. Now safely checks if elements exist before accessing their values. * fix(web): Ensure plugin store loads via pluginManager.searchPluginStore - Exposed searchPluginStore on window.pluginManager for easier access - Updated base.html to fallback to pluginManager.searchPluginStore - Added logging when loading plugin store * fix(web): Expose searchPluginStore from inside the IIFE The function was defined inside the IIFE but only exposed after the IIFE ended, where the function was out of scope. Now exposed immediately after definition inside the IIFE. * fix(web): Add cache-busting version to plugins_manager.js URL Static JS files were being aggressively cached, preventing updates from being loaded by browsers. * fix(web): Fix pluginLog reference error outside IIFE pluginLog is defined inside the IIFE, so use _PLUGIN_DEBUG_EARLY and console.log directly for code outside the IIFE. * chore(web): Update plugins_manager.js cache version * fix(web): Defer plugin store render when grid not ready Instead of showing an error when plugin-store-grid doesn't exist, store plugins in window.__pendingStorePlugins for later rendering when the tab loads (consistent with how installed plugins work). * chore: Bump JS cache version * fix(web): Restore enabledBool variable in plugin render Variable was removed during debug logging optimization but was still being used in the template string for toggle switch rendering. * fix(ui): Add header and improve categories section rendering - Add proper header (h4) to categories section with label - Add debug logging to diagnose categories field rendering - Improve additionalProperties condition check readability * fix(ui): Improve additionalProperties condition check - Explicitly exclude objects with properties to avoid conflicts - Ensure categories section is properly detected and rendered - Categories should show as header with toggles, not text box * fix(web-ui): Fix JSON parsing errors and default value loading for plugin configs - Fix JSON parsing errors when saving file upload fields by properly unescaping HTML entities - Merge config with schema defaults when loading plugin config so form shows default values - Improve default value handling in form generation for nested objects and arrays - Add better error handling for malformed JSON in file upload fields * fix(plugins): Return plugins array from getInstalledPlugins() instead of data object Fixed PluginAPI.getInstalledPlugins() to return response.data.plugins (array) instead of response.data (object). This was preventing window.installedPlugins from being set correctly, which caused plugin configuration tabs to not appear and prevented users from saving plugin configurations via the web UI. The fix ensures that: - window.installedPlugins is properly populated with plugin array - Plugin tabs are created automatically on page load - Configuration forms and save buttons are rendered correctly - Save functionality works as expected * fix(api): Support form data submission for plugin config saves The HTMX form submissions use application/x-www-form-urlencoded format instead of JSON. This update allows the /api/v3/plugins/config POST endpoint to accept both formats: - JSON: plugin_id and config in request body (existing behavior) - Form data: plugin_id from query string, config fields from form Added _parse_form_value helper to properly convert form strings to appropriate Python types (bool, int, float, JSON arrays/objects). * debug: Add form data logging to diagnose config save issue * fix(web): Re-discover plugins before loading config partial The plugin config partial was returning 'not found' for plugins because the plugin manifests weren't loaded. The installed plugins API was working because it calls discover_plugins() first. Changes: - Add discover_plugins() call in _load_plugin_config_partial when plugin info is not found on first try - Remove debug logging from form data handling * fix(web): Comprehensive plugin config save improvements SWEEPING FIX for plugin configuration saving issues: 1. Form data now MERGES with existing config instead of replacing - Partial form submissions (missing fields) no longer wipe out existing config values - Fixes plugins with complex schemas (football, clock, etc.) 2. Improved nested value handling with _set_nested_value helper - Correctly handles deeply nested structures like customization - Properly merges when intermediate objects already exist 3. Better JSON parsing for arrays - RGB color arrays like [255, 0, 0] now parse correctly - Parse JSON before trying number conversion 4. Bump cache version to force JS reload * fix(web): Add early stubs for updatePlugin and uninstallPlugin Ensures these functions are available immediately when the page loads, even before the full IIFE executes. Provides immediate user feedback and makes API calls directly. This fixes the 'Update button does not work' issue by ensuring the function is always defined and callable. * fix(web): Support form data in toggle endpoint The toggle endpoint now accepts both JSON and HTMX form submissions. Also updated the plugin config template to send the enabled state via hx-vals when the checkbox changes. Fixes: 415 Unsupported Media Type error when toggling plugins * fix(web): Prevent config duplication when toggling plugins Changed handleToggleResponse to update UI in place instead of refreshing the entire config partial, which was causing duplication. Also improved refreshPluginConfig with proper container targeting and concurrent refresh prevention (though it's no longer needed for toggles since we update in place). * fix(api): Schema-aware form value parsing for plugin configs Major fix for plugin config saving issues: 1. Load schema BEFORE processing form data to enable type-aware parsing 2. New _parse_form_value_with_schema() function that: - Converts comma-separated strings to arrays when schema says 'array' - Parses JSON strings for arrays/objects - Handles empty strings for arrays (returns [] instead of None) - Uses schema to determine correct number types 3. Post-processing to ensure None arrays get converted to empty arrays 4. Proper handling of nested object fields Fixes validation errors: - 'category_order': Expected type array, got str - 'categories': Expected type object, got str - 'uploaded_files': Expected type array, got NoneType - RGB color arrays: Expected type array, got str * fix(web): Make plugin config handlers idempotent and remove scripts from HTMX partials CRITICAL FIX for script redeclaration errors: 1. Removed all <script> tags from plugin_config.html partial - Scripts were being re-executed on every HTMX swap - Caused 'Identifier already declared' errors 2. Moved all handler functions to base.html with idempotent initialization - Added window.__pluginConfigHandlersInitialized guard - Functions only initialized once, even if script runs multiple times - All state stored on window object (e.g., window.pluginConfigRefreshInProgress) 3. Enhanced error logging: - Client-side: Logs form payload, response status, and parsed error details - Server-side: Logs raw form data and parsed config on validation failures 4. Functions moved to window scope: - toggleSection - handleConfigSave (with detailed error logging) - handleToggleResponse (updates UI in place, no refresh) - handlePluginUpdate - refreshPluginConfig (with duplicate prevention) - runPluginOnDemand - stopOnDemand - executePluginAction This ensures HTMX-swapped fragments only contain HTML, and all scripts run once in the base layout. * fix(api): Filter config to only schema-defined fields before validation When merging with existing_config, fields not in the plugin's schema (like high_performance_transitions, transition, dynamic_duration) were being preserved, causing validation failures when additionalProperties is false. Add _filter_config_by_schema() function to recursively filter config to only include fields defined in the schema before validation. This fixes validation errors like: - 'Additional properties are not allowed (high_performance_transitions, transition were unexpected)' * fix(web): Improve update plugin error handling and support form data 1. Enhanced updatePlugin JavaScript function: - Validates pluginId before sending request - Checks response.ok before parsing JSON - Better error logging with request/response details - Handles both successful and error responses properly 2. Update endpoint now supports both JSON and form data: - Similar to config endpoint, accepts plugin_id from query string or form - Better error messages and debug logging 3. Prevent duplicate function definitions: - Second updatePlugin definition checks if improved version exists - Both definitions now have consistent error handling Fixes: 400 BAD REQUEST 'Request body must be valid JSON' error * fix(web): Show correct 'update' message instead of 'save' for plugin updates The handlePluginUpdate function now: 1. Checks actual HTTP status code (not just event.detail.successful) 2. Parses JSON response to get server's actual message 3. Replaces 'save' with 'update' if message incorrectly says 'save' Fixes: Update button showing 'saved successfully' instead of 'updated successfully' * fix(web): Execute plugin updates immediately instead of queuing Plugin updates are now executed directly (synchronously) instead of being queued for async processing. This provides immediate feedback to users about whether the update succeeded or failed. Updates are fast git pull operations, so they don't need async processing. The operation queue is reserved for longer operations like install/uninstall. Fixes: Update button not actually updating plugins (operations were queued but users didn't see results) * fix(web): Ensure toggleSection function is always available for collapsible headers Moved toggleSection outside the initialization guard block so it's always defined, even if the plugin config handlers have already been initialized. This ensures collapsible sections in plugin config forms work correctly. Added debug logging to help diagnose if sections/icons aren't found. Fixes: Collapsible headers in plugin config schema not collapsing * fix(web): Improve toggleSection to explicitly show/hide collapsible content Changed from classList.toggle() to explicit add/remove of 'hidden' class based on current state. This ensures the content visibility is properly controlled when collapsing/expanding sections. Added better error checking and state detection for more reliable collapsible section behavior. * fix(web): Load plugin tabs on page load instead of waiting for plugin manager tab click The stub's loadInstalledPlugins was an empty function, so plugin tabs weren't loading until the plugin manager tab was clicked. Now the stub implementation: 1. Tries to use global window.loadInstalledPlugins if available 2. Falls back to window.pluginManager.loadInstalledPlugins 3. Finally falls back to direct loading via loadInstalledPluginsDirectly 4. Always updates tabs after loading plugins This ensures plugin navigation tabs are available immediately on page load. Fixes: Plugin tabs only loading after clicking plugin manager tab * fix(web): Ensure plugin navigation tabs load on any page regardless of active tab Multiple improvements to ensure plugin tabs are always visible: 1. Stub's loadInstalledPluginsDirectly now waits for DOM to be ready before updating tabs, using requestAnimationFrame for proper timing 2. Stub's init() now has a retry mechanism that periodically checks if plugins have been loaded by plugins_manager.js and updates tabs accordingly (checks for 2 seconds) 3. Full implementation's init() now properly handles async plugin loading and ensures tabs are updated after loading completes, checking window.installedPlugins first before attempting to load 4. Both stub and full implementation ensure tabs update using $nextTick to wait for Alpine.js rendering cycle This ensures plugin navigation tabs are visible immediately when the page loads, regardless of whether the user is on overview, plugin manager, or any other tab. Fixes: Plugin tabs only appearing after clicking plugin manager tab * fix(web): Fix restart display button not working The initPluginsPage function was returning early before event listeners were set up, making all the event listener code unreachable. Moved the return statement to after all event listeners are attached. This fixes the restart display button and all other buttons in the plugin manager (refresh plugins, update all, search, etc.) that depend on event listeners being set up. Fixes: Restart Display button not working in plugin manager * fix(web-ui): Improve categories field rendering for of-the-day plugin - Add more explicit condition checking for additionalProperties objects - Add debug logging specifically for categories field - Add fallback handler for objects that don't match special cases (render as JSON textarea) - Ensure categories section displays correctly with toggle cards instead of plain text * fix(install): Prevent following broken symlinks during file ownership setup - Add -P flag to find commands to prevent following symlinks when traversing - Add -h flag to chown to operate on symlinks themselves rather than targets - Exclude scripts/dev/plugins directory which contains development symlinks - Fixes error when chown tries to dereference broken symlinks with extra LEDMatrix in path * fix(scroll): Ensure scroll completes fully before switching displays - Add display_width to total scroll distance calculation - Scroll now continues until content is completely off screen - Update scroll completion check to use total_scroll_width + display_width - Prevents scroll from being cut off mid-way when switching to next display * fix(install): Remove unsupported -P flag from find commands - Remove -P flag which is not supported on all find versions - Keep -h flag on chown to operate on symlinks themselves - Change to {} \; syntax for better error handling - Add error suppression to continue on broken symlinks - Exclude scripts/dev/plugins directory to prevent traversal into broken symlinks * docs(wifi): Add trailing newline to WiFi AP failover setup guide * fix(web): Suppress non-critical socket errors and fix WiFi permissions script - Add error filtering in web interface to suppress harmless client disconnection errors - Downgrade 'No route to host' and broken pipe errors from ERROR to DEBUG level - Fix WiFi permissions script to use mktemp instead of manual temp file creation - Add cleanup trap to ensure temp files are removed on script exit - Resolves permission denied errors when creating temp files during installation * fix(web): Ensure plugin navigation tabs load on any page by dispatching events The issue was that when plugins_manager.js loaded and called loadInstalledPlugins(), it would set window.installedPlugins but the Alpine.js component wouldn't know to update its tabs unless the plugin manager tab was clicked. Changes: 1. loadInstalledPlugins() now always dispatches a 'pluginsUpdated' event when it sets window.installedPlugins, not just when plugin IDs change 2. renderInstalledPlugins() also dispatches the event and always updates window.installedPlugins for reactivity 3. Cached plugin data also dispatches the event when returned The Alpine component already listens for the 'pluginsUpdated' event in its init() method, so tabs will now update immediately when plugins are loaded, regardless of which tab is active. Fixes: Plugin navigation tabs only loading after clicking plugin manager tab * fix(web): Improve input field contrast in plugin configuration forms Changed input backgrounds from bg-gray-800 to bg-gray-900 (darker) to ensure high contrast with white text. Added placeholder:text-gray-400 for better placeholder text visibility. Updated in both server-side template (plugin_config.html) and client-side form generation (plugins_manager.js): - Number inputs - Text inputs - Array inputs (comma-separated) - Select dropdowns - Textareas (JSON objects) - Fallback inputs without schema This ensures all form inputs have high contrast white text on dark background, making them clearly visible and readable. Fixes: White text on white background in plugin config inputs * fix(web): Change plugin config input text from white to black Changed all input fields in plugin configuration forms to use black text on white background instead of white text on dark background for better readability and standard form appearance. Updated: - Input backgrounds: bg-gray-900 -> bg-white - Text color: text-white -> text-black - Placeholder color: text-gray-400 -> text-gray-500 Applied to both server-side template and client-side form generation for all input types (number, text, select, textarea). * fix(web): Ensure toggleSection function is available for plugin config collapsible sections Moved toggleSection function definition to an early script block so it's available immediately when HTMX loads plugin configuration content. The function was previously defined later in the page which could cause it to not be accessible when inline onclick handlers try to call it. The function toggles the 'hidden' class on collapsible section content divs and rotates the chevron icon between right (collapsed) and down (expanded) states. Fixes: Plugin configuration section headers not collapsing/expanding * fix(web): Fix collapsible section toggle to properly hide/show content Updated toggleSection function to explicitly set display style in addition to toggling the hidden class. This ensures the content is properly hidden even if CSS specificity or other styles might interfere with just the hidden class. The function now: - Checks both the hidden class and computed display style - Explicitly sets display: '' when showing and display: 'none' when hiding - Rotates chevron icon between right (collapsed) and down (expanded) This ensures collapsible sections in plugin configuration forms properly hide and show their content when the header is clicked. Fixes: Collapsible section headers rotate chevron but don't hide content * fix(web): Fix collapsible section toggle to work on first click Simplified the toggle logic to rely primarily on the 'hidden' class check rather than mixing it with computed display styles. When hiding, we now remove any inline display style to let Tailwind's 'hidden' class properly control the display property. This ensures sections respond correctly on the first click, whether they're starting in a collapsed or expanded state. Fixes: Sections requiring 2 clicks to collapse * fix(web): Ensure collapsible sections start collapsed by default Added explicit display: none style to nested content divs in plugin config template to ensure they start collapsed. The hidden class should handle this, but adding the inline style ensures sections are definitely collapsed on initial page load. Sections now: - Start collapsed (hidden) with chevron pointing right - Expand when clicked (chevron points down) - Collapse when clicked again (chevron points right) This ensures a consistent collapsed initial state across all plugin configuration sections. * fix(web): Fix collapsible section toggle to properly collapse on second click Fixed the toggle logic to explicitly set display: block when showing and display: none when hiding, rather than clearing the display style. This ensures the section state is properly tracked and the toggle works correctly on both expand and collapse clicks. The function now: - When hidden: removes hidden class, sets display: block, chevron down - When visible: adds hidden class, sets display: none, chevron right This fixes the issue where sections would expand but not collapse again. Fixes: Sections not collapsing on second click * feat(web): Ensure plugin navigation tabs load automatically on any page Implemented comprehensive solution to ensure plugin navigation tabs load automatically without requiring a visit to the plugin manager page: 1. Global event listener for 'pluginsUpdated' - works even if Alpine isn't ready yet, updates tabs directly when plugins_manager.js loads plugins 2. Enhanced stub's loadInstalledPluginsDirectly(): - Sets window.installedPlugins after loading - Dispatches 'pluginsUpdated' event for global listener - Adds console logging for debugging 3. Event listener in stub's init() method: - Listens for 'pluginsUpdated' events - Updates component state and tabs when events fire 4. Fallback timer: - If plugins_manager.js hasn't loaded after 2 seconds, fetches plugins directly via API - Ensures tabs appear even if plugins_manager.js fails 5. Improved checkAndUpdateTabs(): - Better logging - Fallback to direct fetch after timeout 6. Enhanced logging throughout plugin loading flow for debugging This ensures plugin tabs are visible immediately on page load, regardless of which tab is active or when plugins_manager.js loads. Fixes: Plugin navigation tabs only loading after visiting plugin manager * fix(web): Improve plugin tabs update logging and ensure immediate execution Enhanced logging in updatePluginTabs() and _doUpdatePluginTabs() to help debug why tabs aren't appearing. Changed debounce behavior to execute immediately on first call to ensure tabs appear quickly. Added detailed console logging with [FULL] prefix to track: - When updatePluginTabs() is called - When _doUpdatePluginTabs() executes - DOM element availability - Tab creation process - Final tab count This will help identify if tabs are being created but not visible, or if the update function isn't being called at all. Fixes: Plugin tabs loading but not visible in navigation bar * fix(web): Prevent duplicate plugin tab updates and clearing Added debouncing and duplicate prevention to stub's updatePluginTabs() to prevent tabs from being cleared and re-added multiple times. Also checks if tabs already match before clearing them. Changes: 1. Debounce stub's updatePluginTabs() with 100ms delay 2. Check if existing tabs match current plugin list before clearing 3. Global event listener only triggers full implementation's updatePluginTabs 4. Stub's event listener only works in stub mode (before enhancement) This prevents the issue where tabs were being cleared and re-added multiple times in rapid succession, which could leave tabs empty. Fixes: Plugin tabs being cleared and not re-added properly * fix(web): Fix plugin tabs not rendering when plugins are loaded Fixed _doUpdatePluginTabs() to properly use component's installedPlugins instead of checking window.installedPlugins first. Also fixed the 'unchanged' check to not skip when both lists are empty (first load scenario). Changes: 1. Check component's installedPlugins first (most up-to-date) 2. Only skip update if plugins exist AND match (don't skip empty lists) 3. Retry if no plugins found (in case they're still loading) 4. Ensure window.installedPlugins is set when loading directly 5. Better logging to show which plugin source is being used This ensures tabs are rendered when plugins are loaded, even on first page load. Fixes: Plugin tabs not being drawn despite plugins being loaded * fix(config): Fix array field parsing and validation for plugin config forms - Added logic to detect and combine indexed array fields (text_color.0, text_color.1, etc.) - Fixed array fields incorrectly stored as dicts with numeric keys - Improved handling of comma-separated array values from form submissions - Ensures array fields meet minItems requirements before validation - Resolves 400 BAD REQUEST errors when saving plugin config with RGB color arrays * fix(config): Improve array field handling and secrets error handling - Use schema defaults when array fields don't meet minItems requirement - Add debug logging for array field parsing - Improve error handling for secrets file writes - Fix arrays stored as dicts with numeric keys conversion - Better handling of incomplete array values from form submissions * fix(config): Convert array elements to correct types (numbers not strings) - Fix array element type conversion when converting dicts to arrays - Ensure RGB color arrays have integer elements, not strings - Apply type conversion for both nested and top-level array fields - Fixes validation errors: 'Expected type number, got str' * fix(config): Fix array fields showing 'none' when value is null - Handle None/null values in array field templates properly - Use schema defaults when array values are None/null - Fix applies to both Jinja2 template and JavaScript form generation - Resolves issue where stock ticker plugin shows 'none' instead of default values * fix(config): Add novalidate to plugin config form to prevent HTML5 validation blocking saves - Prevents browser HTML5 validation from blocking form submission - Allows custom validation logic to handle form data properly - Fixes issue where save button appears unclickable due to invalid form controls - Resolves problems with plugins like clock-simple that have nested/array fields * feat(config): Add helpful form validation with detailed error messages - Keep HTML5 validation enabled (removed novalidate) to prevent broken configs - Add validatePluginConfigForm function that shows which fields fail and why - Automatically expands collapsed sections containing invalid fields - Focuses first invalid field and scrolls to it - Shows user-friendly error messages with field names and specific issues - Prevents form submission until all fields are valid * fix(schema): Remove core properties from required array during validation - Core properties (enabled, display_duration, live_priority) are system-managed - SchemaManager now removes them from required array after injection - Added default values for core properties (enabled=True, display_duration=15, live_priority=False) - Updated generate_default_config() to ensure live_priority has default - Resolves 186 validation issues, reducing to 3 non-blocking warnings (98.4% reduction) - All 19 of 20 plugins now pass validation without errors Documentation: - Created docs/PLUGIN_CONFIG_CORE_PROPERTIES.md explaining core property handling - Updated existing docs to reflect core property behavior - Removed temporary audit files and scripts * fix(ui): Improve button text contrast on white backgrounds - Changed Screenshot button text from text-gray-700 to text-gray-900 - Added global CSS rule to ensure all buttons with white backgrounds use dark text (text-gray-900) for better readability - Fixes contrast issues where light text on light backgrounds was illegible * fix(ui): Add explicit text color to form-control inputs - Added color: #111827 to .form-control class to ensure dark text on white backgrounds - Fixes issue where input fields had white text on white background after button contrast fix - Ensures all form inputs are readable with proper contrast * docs: Update impact explanation and plugin config documentation * docs: Improve documentation and fix template inconsistencies - Add migration guide for script path reorganization (scripts moved to scripts/install/ and scripts/fix_perms/) - Add breaking changes section to README with migration guidance - Fix config template: set plugins_directory to 'plugins' to match actual plugin locations - Fix test template: replace Jinja2 placeholders with plain text to match other templates - Fix markdown linting: add language identifiers to code blocks (python, text, javascript) - Update permission guide: document setgid bit (0o2775) for directory modes - Fix example JSON: pin dependency versions and fix compatible_versions range - Improve readability: reduce repetition in IMPACT_EXPLANATION.md * feat(web): Make v3 interface production-ready for local deployment - Phase 2: Real Service Integration - Replace sample data with real psutil system monitoring (CPU, memory, disk, temp, uptime) - Integrate display controller to read from /tmp/led_matrix_preview.png snapshot - Scan assets/fonts directory and extract font metadata with freetype - Phase 1: Security & Input Validation - Add input validation module with URL, file upload, and config sanitization - Add optional CSRF protection (gracefully degrades if flask-wtf missing) - Add rate limiting (lenient for local use, prevents accidental abuse) - Add file upload validation to font upload endpoint - Phase 3: Error Handling - Add global error handlers for 404, 500, and unhandled exceptions - All endpoints have comprehensive try/except blocks - Phase 4: Monitoring & Observability - Add structured logging with JSON format support - Add request logging middleware (tracks method, path, status, duration, IP) - Add /api/v3/health endpoint with service status checks - Phase 5: Performance & Caching - Add in-memory caching system (separate module to avoid circular imports) - Cache font catalog (5 minute TTL) - Cache system status (10 second TTL) - Invalidate cache on config changes - All changes are non-blocking with graceful error handling - Optional dependencies (flask-wtf, flask-limiter) degrade gracefully - All imports protected with try/except blocks - Verified compilation and import tests pass * docs: Fix caching pattern logic flaw and merge conflict resolution plan - Fix Basic Caching Pattern: Replace broken stale cache fallback with correct pattern - Re-fetch cache with large max_age (31536000) in except block instead of checking already-falsy cached variable - Fixes both instances in ADVANCED_PLUGIN_DEVELOPMENT.md - Matches correct pattern from manager.py.template - Fix MERGE_CONFLICT_RESOLUTION_PLAN.md merge direction - Correct Step 1 to checkout main and merge plugins into it (not vice versa) - Update commit message to reflect 'Merge plugins into main' direction - Fixes workflow to match documented plugins → main merge --------- Co-authored-by: Chuck <chuck@example.com>	2025-12-27 14:15:49 -05:00

Author

SHA1

Message

Date

Chuck

158e07c82b

fix(plugins): prevent root-owned files from blocking plugin updates (#242 )

* fix(web): unify operation history tracking for monorepo plugin operations

The operation history UI was reading from the wrong data source
(operation_queue instead of operation_history), install/update records
lacked version details, toggle operations used a type name that didn't
match UI filters, and the Clear History button was non-functional.

- Switch GET /plugins/operation/history to read from OperationHistory
  audit log with return type hint and targeted exception handling
- Add DELETE /plugins/operation/history endpoint; wire up Clear button
- Add _get_plugin_version helper with specific exception handling
  (FileNotFoundError, PermissionError, json.JSONDecodeError) and
  structured logging with plugin_id/path context
- Record plugin version, branch, and commit details on install/update
- Record install failures in the direct (non-queue) code path
- Replace "toggle" operation type with "enable"/"disable"
- Add normalizeStatus() in JS to map completed→success, error→failed
  so status filter works regardless of server-side convention
- Truncate commit SHAs to 7 chars in details display
- Fix HTML filter options, operation type colors, duplicate JS init

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(plugins): prevent root-owned files from blocking plugin updates

The root ledmatrix service creates __pycache__ and data cache files
owned by root inside plugin directories. The web service (non-root)
cannot delete these when updating or uninstalling plugins, causing
operations to fail with "Permission denied".

Defense in depth with three layers:
- Prevent: PYTHONDONTWRITEBYTECODE=1 in systemd service + run.py
- Fallback: sudoers rules for rm on plugin directories
- Code: _safe_remove_directory() now uses sudo as last resort,
  and all bare shutil.rmtree() calls routed through it

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(security): harden sudo removal with path-validated helper script

Address code review findings:

- Replace raw rm/find sudoers wildcards with a vetted helper script
  (safe_plugin_rm.sh) that resolves symlinks and validates the target
  is a strict child of plugin-repos/ or plugins/ before deletion
- Add allow-list validation in sudo_remove_directory() that checks
  resolved paths against allowed bases before invoking sudo
- Check _safe_remove_directory() return value before shutil.move()
  in the manifest ID rename path
- Move stat import to module level in store_manager.py
- Use stat.S_IRWXU instead of 0o777 in chmod fallback stage
- Add ignore_errors=True to temp dir cleanup in finally block
- Use command -v instead of which in configure_web_sudo.sh

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(security): address code review round 2 — harden paths and error handling

- safe_plugin_rm.sh: use realpath --canonicalize-missing for ALLOWED_BASES
  so the script doesn't fail under set -e when dirs don't exist yet
- safe_plugin_rm.sh: add -- before path in rm -rf to prevent flag injection
- permission_utils.py: use shutil.which('bash') instead of hardcoded /bin/bash
  to match whatever path the sudoers BASH_PATH resolves to
- store_manager.py: check _safe_remove_directory() return before shutil.move()
  in _install_from_monorepo_zip to prevent moving into a non-removed target
- store_manager.py: catch OSError instead of PermissionError in Stage 1 removal
  to handle both EACCES and EPERM error codes
- store_manager.py: hoist sudo_remove_directory import to module level
- configure_web_sudo.sh: harden safe_plugin_rm.sh to root-owned 755 so
  the web user cannot modify the vetted helper script

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(security): validate command paths in sudoers config and use resolved paths

- configure_web_sudo.sh: validate that required commands (systemctl, bash,
  python3) resolve to non-empty paths before generating sudoers entries;
  abort with clear error if any are missing; skip optional commands
  (reboot, poweroff, journalctl) with a warning instead of emitting
  malformed NOPASSWD lines; validate helper script exists on disk
- permission_utils.py: pass the already-resolved path to the subprocess
  call and use it for the post-removal exists() check, eliminating a
  TOCTOU window between Python-side validation and shell-side execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Chuck <chuck@example.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-12 19:28:05 -05:00

Chuck

67197635c9

Feature/on demand plugin filtering (#166 )

* fix(web): Resolve font display and config API error handling issues

- Fix font catalog display error where path.startsWith fails
  (path is object, not string)
- Update save_main_config to use error_response() helper
- Improve save_raw_main_config error handling consistency
- Add proper error codes and traceback details to API responses

* fix(web): Prevent fontCatalog redeclaration error on HTMX reload

- Use window object to store global font variables
- Check if script has already loaded before declaring variables
- Update both window properties and local references on assignment
- Fixes 'Identifier fontCatalog has already been declared' error

* fix(web): Wrap fonts script in IIFE to prevent all redeclaration errors

- Wrap entire script in IIFE that only runs once
- Check if script already loaded before declaring variables/functions
- Expose initializeFontsTab to window for re-initialization
- Prevents 'Identifier has already been declared' errors on HTMX reload

* fix(web): Exempt config save API endpoints from CSRF protection

- Exempt save_raw_main_config, save_raw_secrets_config, and save_main_config from CSRF
- These endpoints are called via fetch from JavaScript and don't include CSRF tokens
- Fixes 500 error when saving config via raw JSON editor

* fix(web): Exempt system action endpoint from CSRF protection

- Exempt execute_system_action from CSRF
- Fixes 500 error when using system action buttons (restart display, restart Pi, etc.)
- These endpoints are called via HTMX and don't include CSRF tokens

* fix(web): Exempt all API v3 endpoints from CSRF protection

- Add before_request handler to exempt all api_v3.* endpoints
- All API endpoints are programmatic (HTMX/fetch) and don't include CSRF tokens
- Prevents future CSRF errors on any API endpoint
- Cleaner than exempting individual endpoints

* refactor(web): Remove CSRF protection for local-only application

- CSRF is designed for internet-facing apps to prevent cross-site attacks
- For local-only Raspberry Pi app, threat model is different
- All endpoints were exempted anyway, so it wasn't protecting anything
- Forms use HTMX without CSRF tokens
- If exposing to internet later, can re-enable with proper token implementation

* fix(web): Fix font path double-prefixing in font catalog display

- Only prefix with 'assets/fonts/' if path is a bare filename
- If path starts with '/' (absolute) or 'assets/' (already prefixed), use as-is
- Fixes double-prefixing when get_fonts_catalog returns relative paths like 'assets/fonts/press_start.ttf'

* fix(web): Remove fontsTabInitialized guard to allow re-initialization on HTMX reload

- Remove fontsTabInitialized check that prevented re-initialization on HTMX content swap
- The window._fontsScriptLoaded guard is sufficient to prevent function redeclaration
- Allow initializeFontsTab() to run on each HTMX swap to attach listeners to new DOM elements
- Fixes fonts UI breaking after HTMX reload (buttons, upload dropzone, etc. not working)

* fix(api): Preserve empty strings for optional string fields in plugin config

- Add _is_field_required() helper to check if fields are required in schema
- Update _parse_form_value_with_schema() to preserve empty strings for optional string fields
- Fixes 400 error when saving MQTT plugin config with empty username/password
- Resolves validation error: 'Expected type string, got NoneType'

* fix(config): Add defaults to schemas and fix None value handling

- Updated merge_with_defaults to replace None values with defaults
- Fixed form processing to skip empty optional fields without defaults
- Added script to automatically add defaults to all plugin config schemas
- Added defaults to 89 fields across 10 plugin schemas
- Prevents validation errors from None values in configs

Changes:
- schema_manager.py: Enhanced merge_with_defaults to replace None with defaults
- api_v3.py: Added _SKIP_FIELD sentinel to skip optional fields without defaults
- add_defaults_to_schemas.py: Script to add sensible defaults to schemas
- Plugin schemas: Added defaults for number, boolean, and array fields

* fix(config): Fix save button spinner by checking HTTP status code

- Fixed handleConfigSave to check xhr.status instead of event.detail.successful
- With hx-swap="none", HTMX doesn't set event.detail.successful
- Now properly detects successful saves (status 200-299) and stops spinner
- Improved error message extraction from API responses
- Also fixed handleToggleResponse for consistency

* fix(web-ui): Resolve GitHub token warning persistence after save

- Made checkGitHubAuthStatus() return Promise for proper async handling
- Clear sessionStorage dismissal flag when token is saved
- Add delay before status check to ensure backend token reload
- Wait for status check completion before hiding settings panel

Fixes issue where GitHub token warnings and pop-ups would not
disappear after successfully saving a token in the web UI.

* fix(web-ui): Add token validation and improve GitHub token warning behavior

- Add token validation to backend API endpoint to check if token is valid/expired
- Implement _validate_github_token() method in PluginStoreManager with caching
- Update frontend to show warning only when token is missing or invalid
- Keep settings panel accessible (collapsible) when token is configured
- Collapse settings panel content after successful token save instead of hiding
- Display specific error messages for invalid/expired tokens
- Clear sessionStorage dismissal flag when token becomes valid

Fixes issue where GitHub token warnings and settings panel would not
properly hide/show based on token status. Now validates token validity
and provides better UX with collapsible settings panel.

* fix(web-ui): Fix CSS/display issue for GitHub token warning and settings

- Update all hide/show operations to use both classList and style.display
- Fix checkGitHubAuthStatus() to properly hide/show warning and settings
- Fix dismissGithubWarning() to use both methods
- Fix toggleGithubTokenSettings() with improved state checking
- Fix collapse button handler with improved state checking
- Fix saveGithubToken() to properly show/collapse settings panel

This ensures elements actually hide/show when status changes, matching
the pattern used elsewhere in the codebase (like toggleSection). All
buttons (dismiss, close, collapse) should now work correctly.

* fix(web-ui): Fix GitHub token expand button functionality

- Convert collapse button handler to named function (toggleGithubTokenContent)
- Improve state checking using class, inline style, and computed style
- Re-attach event listener after saving token to ensure it works
- Add console logging for debugging
- Make function globally accessible for better reliability

Fixes issue where expand button didn't work after saving token.

* fix(web-ui): Remove X button and improve GitHub token panel behavior

- Remove X (close) button from GitHub token configuration panel
- Replace toggleGithubTokenSettings() with openGithubTokenSettings() that only opens
- Auto-collapse panel when token is valid (user must click expand to edit)
- Auto-detect token status on page load (no need to click save)
- Simplify saveGithubToken() to rely on checkGitHubAuthStatus() for UI updates
- Ensure expand button works correctly with proper event listener attachment

The panel now remains visible but collapsed when a token is configured,
allowing users to expand it when needed without the ability to completely hide it.

* refactor(web-ui): Improve GitHub token collapse button code quality

- Update comment to reflect actual behavior (prevent parent click handlers)
- Use empty string for display to defer to CSS instead of hard-coding block/none
- Extract duplicate clone-and-attach logic into attachGithubTokenCollapseHandler() helper
- Make helper function globally accessible for reuse in checkGitHubAuthStatus()

Improves maintainability and makes code more future-proof for layout changes.

* fix(web-ui): Fix collapse/expand button by using removeProperty for display

- Use style.removeProperty('display') instead of style.display = ''
- This properly removes inline styles and defers to CSS classes
- Fixes issue where collapse/expand button stopped working after refactor

* fix(web-ui): Make display handling consistent for token collapse

- Use removeProperty('display') consistently in all places
- Fix checkGitHubAuthStatus() to use removeProperty instead of inline style
- Simplify state checking to rely on hidden class with computed style fallback
- Ensures collapse/expand button works correctly by deferring to CSS classes

* fix(web-ui): Fix token collapse button and simplify state detection

- Simplify state checking to rely on hidden class only (element has class='block')
- Only remove inline display style if it exists (check before removing)
- Add console logging to debug handler attachment
- Ensure collapse/expand works by relying on CSS classes

Fixes issues where:
- Collapse button did nothing
- Auto-detection of token status wasn't working

* debug(web-ui): Add extensive debugging for token collapse button

- Add console logs to track function calls and element detection
- Improve state detection to use computed style as fallback
- Add wrapper function for click handler to ensure it's called
- Better error messages to identify why handler might not attach

This will help identify why the collapse button isn't working.

* debug(web-ui): Add comprehensive debugging for GitHub token features

- Add console logs to checkGitHubAuthStatus() to track execution
- Re-attach collapse handler after plugin store is rendered
- Add error stack traces for better debugging
- Ensure handler is attached when content is dynamically loaded

This will help identify why:
- Auto-detection of token status isn't working
- Collapse button isn't functioning

* fix(web-ui): Move checkGitHubAuthStatus before IIFE to fix scope issue

- Move checkGitHubAuthStatus function definition before IIFE starts
- Function was defined after IIFE but called inside it, causing it to be undefined
- Now function is available when called during initialization
- This should fix auto-detection of token status on page load

* debug(web-ui): Add extensive logging to GitHub token functions

- Add logging when checkGitHubAuthStatus is defined
- Add logging when function is called during initialization
- Add logging in attachGithubTokenCollapseHandler
- Add logging in store render callback
- This will help identify why functions aren't executing

* fix(web-ui): Move GitHub token functions outside IIFE for availability

- Move attachGithubTokenCollapseHandler and toggleGithubTokenContent outside IIFE
- These functions need to be available when store renders, before IIFE completes
- Add logging to initializePlugins to track when it's called
- This should fix the 'undefined' error when store tries to attach handlers

* fix(web-ui): Fix GitHub token content collapse/expand functionality

- Element has 'block' class in HTML which conflicts with 'hidden' class
- When hiding: add 'hidden', remove 'block', set display:none inline
- When showing: remove 'hidden', add 'block', remove inline display
- This ensures proper visibility toggle for the GitHub API Configuration section

* feat(display): Implement on-demand plugin filtering with restart

- Add on-demand plugin filtering to DisplayController initialization
  - Filters available_modes to only include on-demand plugin's modes
  - Allows plugin internal rotation (e.g., NFL upcoming, NCAA FB Recent)
  - Prevents rotation to other plugins
- Implement restart mechanism for on-demand activation/clear
  - _restart_with_on_demand_filter() saves state and restarts with filter
  - _restart_without_on_demand_filter() restores normal operation
  - Supports both systemd service and direct process execution
- Add state preservation across restarts
  - Saves/restores rotation position from cache
  - Restores on-demand config from cache after restart
- Add service detection method
  - Detects if running as systemd service
  - Uses file-based approach for environment variable passing
- Update API endpoints with restart flow comments
- Update systemd service file with on-demand support notes
- Add comprehensive error handling for edge cases

* perf(web-ui): Optimize GitHub token detection speed

- Call checkGitHubAuthStatus immediately when script loads (if elements exist)
- Call it early in initPluginsPage (before full initialization completes)
- Use requestAnimationFrame instead of setTimeout(100ms) for store render callback
- Reduce save token delay from 300ms to 100ms
- Token detection now happens in parallel with other initialization tasks
- This makes token status visible much faster on page load

* fix(ui): Move on-demand modal to base.html for always-available access

- Move on-demand modal from plugins.html to base.html
- Ensures modal is always in DOM when Run On-Demand button is clicked
- Fixes issue where button in plugin_config.html couldn't find modal
- Modal is now available regardless of which tab is active

* fix(ui): Initialize on-demand modal unconditionally on page load

- Create initializeOnDemandModal() function that runs regardless of plugins tab
- Modal is in base.html so it should always be available
- Call initialization on DOMContentLoaded and with timeout
- Fixes 'On-demand modal elements not found' error when clicking button
- Modal setup now happens even if plugins tab hasn't been loaded yet

* fix(ui): Add safety check for updatePluginTabStates function

- Check if updatePluginTabStates exists before calling
- Prevents TypeError when function is not available
- Fixes error when clicking plugin tabs

* fix(ui): Add safety checks for all updatePluginTabStates calls

- Add safety check in Alpine component tab button handler
- Add safety check in Alpine  callback
- Prevents TypeError when function is not available in all contexts

* fix(ui): Add safety check in Alpine  callback for updatePluginTabStates

* debug(ui): Add console logging to trace on-demand modal opening

- Add logging to runPluginOnDemand function
- Add logging to __openOnDemandModalImpl function
- Log plugin lookup, modal element checks, and display changes
- Helps diagnose why modal doesn't open when button is clicked

* debug(ui): Add logging for modal display change

* debug(ui): Add more explicit modal visibility settings and computed style logging

- Set visibility and opacity explicitly when showing modal
- Force reflow to ensure styles are applied
- Log computed styles to diagnose CSS issues
- Helps identify if modal is hidden by CSS rules

* debug(ui): Increase modal z-index and add bounding rect check

- Set z-index to 9999 to ensure modal is above all other elements
- Add bounding rect check to verify modal is in viewport
- Helps diagnose if modal is positioned off-screen or behind other elements

* debug(display): Add detailed logging for on-demand restart flow

- Log when polling finds requests
- Log service detection result
- Log file writing and systemctl commands
- Log restart command execution and results
- Helps diagnose why on-demand restart isn't working

* debug(display): Add logging for on-demand request polling

- Log request_id comparison to diagnose why requests aren't being processed
- Helps identify if request_id matching is preventing processing

* fix(ui): Force modal positioning with !important to override any conflicting styles

- Use cssText with !important flags to ensure modal is always visible
- Remove all inline styles first to start fresh
- Ensure modal is positioned at top:0, left:0 with fixed positioning
- Fixes issue where modal was still positioned off-screen (top: 2422px)

* debug(ui): Add logging to on-demand form submission

- Log form submission events
- Log payload being sent
- Log response status and data
- Helps diagnose why on-demand requests aren't being processed

* fix(display): Remove restart-based on-demand activation

- Replace restart-based activation with immediate mode switch
- On-demand now activates without restarting the service
- Saves rotation state for restoration when on-demand ends
- Fixes infinite restart loop issue
- On-demand now works when display is already running

* docs: Add comprehensive guide for on-demand cache management

- Document all on-demand cache keys and their purposes
- Explain when manual clearing is needed
- Clarify what clearing from cache management tab does/doesn't do
- Provide troubleshooting steps and best practices

* fix(display): Ensure on-demand takes priority over live priority

- Move on-demand check BEFORE live priority check
- Add explicit logging when on-demand overrides live priority
- Improve request_id checking with both instance and persisted checks
- Add debug logging to trace why requests aren't being processed
- Fixes issue where on-demand didn't interrupt live NHL game

* fix(display): Ensure on-demand takes priority over live priority

- Move on-demand check BEFORE live priority check in main loop
- Add explicit logging when on-demand overrides live priority
- Fixes issue where on-demand didn't interrupt live NHL game

* fix(display): Improve on-demand request processing and priority

- Add persistent processed_id check to prevent duplicate processing
- Mark request as processed BEFORE processing to prevent race conditions
- Improve logging to trace request processing
- Ensure on-demand takes priority over live priority (already fixed in previous commit)

* fix(display): Remove duplicate action line

* fix(display): Fix live priority and ensure on-demand overrides it

- Fix live priority to properly set active_mode when live content is detected
- Ensure on-demand check happens before live priority check
- Add debug logging to trace on-demand vs live priority
- Fix live priority to stay on live mode instead of rotating

* fix(display): Add debug logging for on-demand priority check

* fix(display): Add better logging for on-demand request processing

- Add logging to show when requests are blocked by processed_id check
- Add logging to show on-demand state after activation
- Helps debug why on-demand requests aren't being processed

* fix(display): Add detailed logging for on-demand activation and checking

- Log on-demand state after activation to verify it's set correctly
- Add debug logging in main loop to trace on-demand check
- Helps identify why on-demand isn't overriding live priority

* fix(display): Add debug logging for on-demand check in main loop

* fix(display): Remove restart logic from _clear_on_demand and fix cache delete

- Replace cache_manager.delete() with cache_manager.clear_cache()
- Remove restart logic from _clear_on_demand - now clears immediately
- Restore rotation state immediately without restarting
- Fixes AttributeError: 'CacheManager' object has no attribute 'delete'

* fix(display): Remove restart logic from _clear_on_demand

- Remove restart logic - now clears on-demand state immediately
- Restore rotation state immediately without restarting
- Use clear_cache instead of delete (already fixed in previous commit)
- Fixes error when stopping on-demand mode

* feat(display): Clear display before activating on-demand mode

- Clear display and reset state before activating on-demand
- Reset dynamic mode state to ensure clean transition
- Mimics the behavior of manually stopping display first
- Should fix issue where on-demand only works after manual stop

* feat(display): Stop display service before starting on-demand mode

- Stop the display service first if it's running
- Wait 1.5 seconds for clean shutdown
- Then start the service with on-demand request in cache
- Mimics the manual workflow of stopping display first
- Should fix issue where on-demand only works after manual stop

* feat(display): Filter plugins during initialization for on-demand mode

- Check cache for on-demand requests during initialization
- Only load the on-demand plugin if on-demand request is found
- Prevents loading background services for other plugins
- Fixes issue where Hockey/Football data loads even when only Clock is requested

* fix(display): Use filtered enabled_plugins list instead of discovered_plugins

- Use enabled_plugins list which is already filtered for on-demand mode
- Prevents loading all plugins when on-demand mode is active
- Fixes issue where all plugins were loaded even in on-demand mode

* fix(display): Fix on-demand stop request processing and expiration check

- Always process stop requests, even if request_id was seen before
- Fix expiration check to handle cases where on-demand is not active
- Add better logging for stop requests and expiration
- Fixes issue where stop button does nothing and timer doesn't expire

* fix(display): Fix on-demand stop processing, expiration, and plugin filtering

- Fix stop request processing to always process stop requests, bypassing request_id checks
- Fix expiration check logic to properly check on_demand_active and expires_at separately
- Store display_on_demand_config cache key in _activate_on_demand for plugin filtering
- Clear display before switching to on-demand mode to prevent visual artifacts
- Clear display_on_demand_config cache key in _clear_on_demand to prevent stale data
- Implement plugin filtering during initialization based on display_on_demand_config

Fixes issues where:
- Stop button did nothing (stop requests were blocked by request_id check)
- Expiration timer didn't work (logic issue with or condition)
- Plugin filtering didn't work on restart (config cache key never set)
- Display showed artifacts when switching to on-demand (display not cleared)
- All plugins loaded even in on-demand mode (filtering not implemented)

* fix(web): Allow on-demand to work with disabled plugins

- Remove frontend checks that blocked disabled plugins from on-demand
- Backend already supports temporarily enabling disabled plugins during on-demand
- Update UI messages to indicate plugin will be temporarily enabled
- Remove disabled attribute from Run On-Demand button

Fixes issue where disabled plugins couldn't use on-demand feature even
though the backend implementation supports it.

* fix(display): Resolve plugin_id when sent as mode in on-demand requests

- Detect when mode parameter is actually a plugin_id and resolve to first display mode
- Handle case where frontend sends plugin_id as mode (e.g., 'football-scoreboard')
- Add fallback to use first available display mode if provided mode is invalid
- Add logging for mode resolution debugging

Fixes issue where on-demand requests with mode=plugin_id failed with 'invalid-mode' error

* feat(display): Rotate through all plugin modes in on-demand mode

- Store all modes for on-demand plugin instead of locking to single mode
- Rotate through available modes (live, recent, upcoming) when on-demand active
- Skip modes that return False (no content) and move to next mode
- Prioritize live modes if they have content, otherwise skip them
- Add on_demand_modes list and on_demand_mode_index for rotation tracking

Fixes issue where on-demand mode stayed on one mode (e.g., football_recent)
and didn't rotate through other available modes (football_live, football_upcoming).
Now properly rotates through all modes, skipping empty ones.

* fix(display): Improve on-demand stop request handling

- Always process stop requests if on-demand is active, even if same request_id
- Add better logging when stop is requested but on-demand is not active
- Improve logging in _clear_on_demand to show which mode rotation resumes to
- Ensure stop requests are properly acknowledged

Fixes issue where stop button shows as completed but display doesn't resume
normal rotation. Stop requests now properly clear on-demand state and resume.

* security(web): Fix XSS vulnerability in GitHub auth error display

Replace innerHTML usage with safe DOM manipulation:
- Use textContent to clear element and create text nodes
- Create <strong> element via createElement instead of string HTML
- Add safe fallback ('Unknown error') for error messages
- Ensure authData.error/authData.message are treated as plain text
- Avoid trusting backend-provided data as HTML

Fixes XSS vulnerability where malicious HTML in error messages could
be injected into the DOM.

* style(api): Remove unnecessary str() in f-string for error message

Remove explicit str(e) call in error_response f-string since f-strings
automatically convert exceptions to strings. This matches the style used
elsewhere in the file.

Changed: f"Error saving configuration: {str(e)}"
To:      f"Error saving configuration: {e}"

* fix(store): Skip caching for rate-limited 403 responses

When a 403 response indicates a rate limit (detected by checking if
'rate limit' is in response.text.lower()), return the error result but
do NOT cache it in _token_validation_cache. Rate limits are temporary
and should be retried, so caching would incorrectly mark the token as
invalid.

Continue to cache 403 responses that indicate missing token permissions,
as these are persistent issues that should be cached.

This prevents rate-limited responses from being incorrectly cached as
invalid tokens, allowing the system to retry after the rate limit
resets.

* fix(display): Prevent ZeroDivisionError when on_demand_modes is empty

Add guards to check if on_demand_modes is non-empty before performing
any rotation/index math operations. When on_demand_active is True but
on_demand_modes is empty, clear on-demand mode instead of attempting
division by zero.

Fixed in three locations:
1. Mode selection logic (line ~1081): Check before accessing modes
2. Skip to next mode when no content (line ~1190): Guard before modulo
3. Rotate to next mode (line ~1561): Guard before modulo

This prevents ZeroDivisionError when a plugin has no available display
modes or when on_demand_modes becomes empty unexpectedly.

* fix(display): Improve guard for empty on_demand_modes in rotation skip

Refine the guard around lines 1195-1209 to:
- Check if on_demand_modes is empty before any modulo/index operations
- Log warning and debug trace when no modes are configured
- Skip rotation (continue) instead of clearing on-demand mode
- Only perform modulo and index operations when modes are available
- Only log rotation message when next_mode is valid

This prevents ZeroDivisionError and ensures all logging only occurs
when next_mode is valid, providing better traceability.

* fix(display): Populate on_demand_modes when restoring on-demand state from cache

When restoring on-demand state from cache during initialization (around
lines 163-197), the code sets on_demand_active, on_demand_plugin_id and
related fields but does not populate self.on_demand_modes, causing the
run loop to see an empty modes list after restart.

Fix by:
1. Adding _populate_on_demand_modes_from_plugin() method that retrieves
   the plugin's display modes from plugin_display_modes and builds the
   ordered modes list (prioritizing live modes with content, same logic
   as _activate_on_demand)
2. Calling this method after plugin loading completes (around line 296)
   when on_demand_active and on_demand_plugin_id are set
3. Setting on_demand_mode_index to match the restored mode if available,
   otherwise starting at index 0

This ensures on_demand_modes is populated after restart, preventing
empty modes list errors in the run loop.

* docs: Update on-demand documentation to reflect current implementation

Replace obsolete log message reference with current log messages:
- Old: 'Activating on-demand mode... restarting display controller'
- New: 'Processing on-demand start request for plugin' and 'Activated on-demand for plugin'

Update Scenario 2 to reflect immediate mode switching:
- Changed title from 'Infinite Restart Loop' to 'On-Demand Mode Switching Issues'
- Updated symptoms to describe mode switching issues instead of restart loops
- Added note that on-demand now switches modes immediately without restarting
- Updated solution to include display_on_demand_state key

This reflects the current implementation where on-demand activates
immediately without restarting the service.

* fix(api): Fix undefined logger and service stop logic in start_on_demand_display

- Add module-level logger to avoid NameError when logging disabled plugin
- Only stop display service when start_service is True (prevents stopping
  service without restarting when start_service is False)
- Remove unused stop_result variable
- Clean up f-strings that don't need formatting
- Improve code formatting for logger.info call

Fixes issue where logger.info() would raise NameError and where the
service would be stopped even when start_service=False, leaving the
service stopped without restarting it.

---------

Signed-off-by: Chuck <33324927+ChuckBuilds@users.noreply.github.com>
Co-authored-by: Chuck <chuck@example.com>

2026-01-01 18:27:58 -05:00

Chuck

7d71656cf1

Plugins (#145 )

Chaotic mega-merge into main. THINGS WILL PROBABLY BE BROKEN


* chore: Update soccer-scoreboard submodule to merged commit

- Update submodule reference to include manifest.json v2 registry format
- Version updated to 1.0.1

* refactor: Remove test_mode and logo_dir config reading from base SportsCore

- Remove test_mode initialization and usage
- Remove logo_dir reading from mode_config
- Use LogoDownloader defaults directly for logo directories

* chore: Update plugin submodules after removing global properties

- Update basketball-scoreboard submodule (removed global test_mode, live_priority, dynamic_duration, logo_dir)
- Update soccer-scoreboard submodule (removed global test_mode, live_priority, dynamic_duration, logo_dir)

* feat(calendar): Add credentials.json file upload via web interface

- Add API endpoint /api/v3/plugins/calendar/upload-credentials for file upload
- Validate JSON format and Google OAuth structure
- Save file to plugin directory with secure permissions (0o600)
- Backup existing credentials.json before overwriting
- Add file upload widget support for string fields in config forms
- Add frontend handler handleCredentialsUpload() for single file uploads
- Update .gitignore to allow calendar submodule
- Update calendar submodule reference

* fix(web): Improve spacing for nested configuration sections

- Add dynamic margin based on nesting depth (mb-6 for deeply nested sections)
- Increase padding in nested content areas (py-3 to py-4)
- Add extra spacing after nested sections to prevent overlap
- Enhance CSS spacing for nested sections (1.5rem for nested, 2rem for deeply nested)
- Add padding-bottom to expanded nested content to prevent cutoff
- Fixes issue where game_limits and other nested settings were hidden under next section header

* chore(plugins): Update sports scoreboard plugins with live update interval fix

- Updated hockey-scoreboard, football-scoreboard, basketball-scoreboard, and soccer-scoreboard submodules
- All plugins now fix the interval selection bug that caused live games to update every 5 minutes instead of 30 seconds
- Ensures all live games update at the configured live_update_interval (30s) for timely score updates

* fix: Initialize test_mode in SportsLive and fix config migration

- Add test_mode initialization in SportsLive.__init__() to prevent AttributeError
- Remove invalid new_secrets parameter from save_config_atomic() call in config migration
- Fixes errors: 'NBALiveManager' object has no attribute 'test_mode'
- Fixes errors: ConfigManager.save_config_atomic() got unexpected keyword argument 'new_secrets'

* chore: Update submodules with test_mode initialization fixes

- Update basketball-scoreboard submodule
- Update soccer-scoreboard submodule

* fix(plugins): Auto-stash local changes before plugin updates

- Automatically stash uncommitted changes before git pull during plugin updates
- Prevents update failures when plugins have local modifications
- Improves error messages for git update failures
- Matches behavior of main LEDMatrix update process

* fix(basketball-scoreboard): Update submodule with timeout fix

- Updated basketball-scoreboard plugin to fix update() timeout issue
- Plugin now uses fire-and-forget odds fetching for upcoming games
- Prevents 30-second timeout when processing many upcoming games

Also fixed permission issue on devpi:
- Changed /var/cache/ledmatrix/display_on_demand_state.json permissions
  from 600 to 660 to allow web service (devpi user) to read the file

* fix(cache): Ensure cache files use 660 permissions for group access

- Updated setup_cache.sh to set file permissions to 660 (not 775)
- Updated first_time_install.sh to properly set cache file permissions
- Modified DiskCache to set 660 permissions when creating cache files
- Ensures display_on_demand_state.json and other cache files are readable
  by web service (devpi user) which is in ledmatrix group

This fixes permission issues where cache files were created with 600
permissions, preventing the web service from reading them. Now files
are created with 660 (rw-rw----) allowing group read access.

* fix(soccer-scoreboard): Update submodule with manifest fix

- Updated soccer-scoreboard plugin submodule
- Added missing entry_point and class_name to manifest.json
- Fixes plugin loading error: 'No class_name in manifest'

Also fixed cache file permissions on devpi server:
- Changed display_on_demand_state.json from 600 to 660 permissions
- Allows web service (devpi user) to read cache files

* fix(display): Remove update_display() calls from clear() to prevent black flash

Previously, display_manager.clear() was calling update_display() twice,
which immediately showed a black screen on the hardware before new
content could be drawn. This caused visible black flashes when switching
between modes, especially when plugins switch from general modes (e.g.,
football_upcoming) to specific sub-modes (e.g., nfl_upcoming).

Now clear() only prepares the buffer without updating the hardware.
Callers can decide when to update the display, allowing smooth transitions
from clear → draw → update_display() without intermediate black flashes.

Places that intentionally show a cleared screen (error cases) already
explicitly call update_display() after clear(), so backward compatibility
is maintained.

* fix(scroll): Prevent wrap-around before cycle completion in dynamic duration

- Check scroll completion BEFORE allowing wrap-around
- Clamp scroll_position when complete to prevent visual loop
- Only wrap-around if cycle is not complete yet
- Fixes issue where stocks plugin showed first stock again at end
- Completion logged only once to avoid spam
- Ensures smooth transition to next mode without visual repeat

* fix(on-demand): Ensure on-demand buttons work and display service runs correctly

- Add early stub functions for on-demand modal to ensure availability when Alpine.js initializes
- Increase on-demand request cache max_age from 5min to 1hr to prevent premature expiration
- Fixes issue where on-demand buttons were not functional due to timing issues
- Ensures display service properly picks up on-demand requests when started

* test: Add comprehensive test coverage (30%+)

- Add 100+ new tests across core components
- Add tests for LayoutManager (27 tests)
- Add tests for PluginLoader (14 tests)
- Add tests for SchemaManager (20 tests)
- Add tests for MemoryCache and DiskCache (24 tests)
- Add tests for TextHelper (9 tests)
- Expand error handling tests (7 new tests)
- Improve coverage from 25.63% to 30.26%
- All 237 tests passing

Test files added:
- test/test_layout_manager.py
- test/test_plugin_loader.py
- test/test_schema_manager.py
- test/test_text_helper.py
- test/test_config_service.py
- test/test_display_controller.py
- test/test_display_manager.py
- test/test_error_handling.py
- test/test_font_manager.py
- test/test_plugin_system.py

Updated:
- pytest.ini: Enable coverage reporting with 30% threshold
- test/conftest.py: Enhanced fixtures for better test isolation
- test/test_cache_manager.py: Expanded cache component tests
- test/test_config_manager.py: Additional config tests

Documentation:
- HOW_TO_RUN_TESTS.md: Guide for running and understanding tests

* test(web): Add comprehensive API endpoint tests

- Add 30 new tests for Flask API endpoints in test/test_web_api.py
- Cover config, system, display, plugins, fonts, and error handling APIs
- Increase test coverage from 30.26% to 30.87%
- All 267 tests passing

Tests cover:
- Config API: GET/POST main config, schedule, secrets
- System API: Status, version, system actions
- Display API: Current display, on-demand start/stop
- Plugins API: Installed plugins, health, config, operations, state
- Fonts API: Catalog, tokens, overrides
- Error handling: Invalid JSON, missing fields, 404s

* test(plugins): Add comprehensive integration tests for all plugins

- Add base test class for plugin integration tests
- Create integration tests for all 6 plugins:
  - basketball-scoreboard (11 tests)
  - calendar (10 tests)
  - clock-simple (11 tests)
  - odds-ticker (9 tests)
  - soccer-scoreboard (11 tests)
  - text-display (12 tests)
- Total: 64 new plugin integration tests
- Increase test coverage from 30.87% to 33.38%
- All 331 tests passing

Tests verify:
- Plugin loading and instantiation
- Required methods (update, display)
- Manifest validation
- Display modes
- Config schema validation
- Graceful handling of missing API credentials

Uses hybrid approach: integration tests in main repo,
plugin-specific unit tests remain in plugin submodules.

* Add mqtt-notifications plugin as submodule

* fix(sports): Respect games_to_show settings for favorite teams

- Fix upcoming games to show N games per team (not just 1)
- Fix recent games to show N games per team (not just 1)
- Add duplicate removal for games involving multiple favorite teams
- Match behavior of basketball-scoreboard plugin
- Affects NFL, NHL, and other sports using base_classes/sports.py

* chore: Remove debug instrumentation logs

- Remove temporary debug logging added during fix verification
- Fix confirmed working by user

* debug: Add instrumentation to debug configuration header visibility issue

* fix: Resolve nested section content sliding under next header

- Remove overflow-hidden from nested-section to allow proper document flow
- Add proper z-index and positioning to prevent overlap
- Add margin-top to nested sections for better spacing
- Remove debug instrumentation that was causing ERR_BLOCKED_BY_CLIENT errors

* fix: Prevent unnecessary plugin tab redraws

- Add check to only update tabs when plugin list actually changes
- Increase debounce timeout to batch rapid changes
- Compare plugin IDs before updating to avoid redundant redraws
- Fix setter to check for actual changes before triggering updates

* fix: Prevent form-groups from sliding out of view when nested sections expand

- Increase margin-bottom on nested-sections for better spacing
- Add clear: both to nested-sections to ensure proper document flow
- Change overflow to visible when expanded to allow natural flow
- Add margin-bottom to expanded content
- Add spacing rules for form-groups that follow nested sections
- Add clear spacer div after nested sections

* fix: Reduce excessive debug logging in generateConfigForm

- Only log once per plugin instead of on every function call
- Prevents log spam when Alpine.js re-renders the form multiple times
- Reduces console noise from 10+ logs per plugin to 1 log per plugin

* fix: Prevent nested section content from sliding out of view when expanded

- Remove overflow-hidden from nested-section in base.html (was causing clipping)
- Add scrollIntoView to scroll expanded sections into view within modal
- Set nested-section overflow to visible to prevent content clipping
- Add min-height to nested-content to ensure proper rendering
- Wait for animation to complete before scrolling into view

* fix: Prevent form-groups from overlapping and appearing outside view

- Change nested-section overflow to hidden by default, visible when expanded
- Add :has() selector to allow overflow when content is expanded
- Ensure form-groups after nested sections have proper spacing and positioning
- Add clear: both and width: 100% to prevent overlap
- Use !important for margin-top to ensure spacing is applied
- Ensure form-groups are in normal document flow with float: none

* fix: Use JavaScript to toggle overflow instead of :has() selector

- :has() selector may not be supported in all browsers
- Use JavaScript to set overflow: visible when expanded, hidden when collapsed
- This ensures better browser compatibility while maintaining functionality

* fix: Make parent sections expand when nested sections expand

- Add updateParentNestedContentHeight() helper to recursively update parent heights
- When a nested section expands, recalculate all parent nested-content max-heights
- Ensures parent sections (like NFL) expand to accommodate expanded child sections
- Updates parent heights both on expand and collapse for proper animation

* refactor: Simplify parent section expansion using CSS max-height: none

- Remove complex recursive parent height update function
- Use CSS max-height: none when expanded to allow natural expansion
- Parent sections automatically expand because nested-content has no height constraint
- Simpler and more maintainable solution

* refactor: Remove complex recursive parent height update function

- CSS max-height: none already handles parent expansion automatically
- No need for JavaScript to manually update parent heights
- Much simpler and cleaner solution

* debug: Add instrumentation to debug auto-collapse issue

- Add logging to track toggle calls and state changes
- Add guard to prevent multiple simultaneous toggles
- Pass event object to prevent bubbling
- Improve state detection logic
- Add return false to onclick handlers

* chore: Remove debug instrumentation from toggleNestedSection

- Remove all debug logging code
- Keep functional fixes: event handling, toggle guard, improved state detection
- Code is now clean and production-ready

* fix(web): Add browser refresh note to plugin fetch errors

* refactor(text-display): Update submodule to use ScrollHelper

* fix(text-display): Fix scrolling display issue - update position in display()

* feat(text-display): Add scroll_loop option and improve scroll speed control

* debug: Add instrumentation to track plugin enabled state changes

Added debug logging to investigate why plugins appear to disable themselves:
- Track enabled state during plugin load (before/after schema merge)
- Track enabled state during plugin reload
- Track enabled state preservation during config save
- Track state reconciliation fixes
- Track enabled state updates in on_config_change

This will help identify which code path is causing plugins to disable.

* debug: Fix debug log path to work on Pi

Changed hardcoded log path to use dynamic project root detection:
- Uses LEDMATRIX_ROOT env var if set
- Falls back to detecting project root by looking for config directory
- Creates .cursor directory if it doesn't exist
- Falls back to /tmp/ledmatrix_debug.log if all else fails
- Added better error handling with logger fallback

* Remove debug instrumentation for plugin enabled state tracking

Removed all debug logging that was added to track plugin enabled state changes.
The instrumentation has been removed as requested.

* Reorganize documentation and cleanup test files

- Move documentation files to docs/ directory
- Remove obsolete test files
- Update .gitignore and README

* feat(text-display): Switch to frame-based scrolling with high FPS support

* fix(text-display): Add backward compatibility for ScrollHelper sub-pixel scrolling

* feat(scroll_helper): Add sub-pixel scrolling support for smooth movement

- Add sub-pixel interpolation using scipy (if available) or numpy fallback
- Add set_sub_pixel_scrolling() method to enable/disable feature
- Implement _get_visible_portion_subpixel() for fractional pixel positioning
- Implement _interpolate_subpixel() for linear interpolation
- Prevents pixel skipping at slow scroll speeds
- Maintains backward compatibility with integer pixel path

* fix(scroll_helper): Reset last_update_time in reset_scroll() to prevent jump-ahead

- Reset last_update_time when resetting scroll position
- Prevents large delta_time on next update after reset
- Fixes issue where scroll would immediately complete again after reset
- Ensures smooth scrolling continuation after loop reset

* fix(scroll_helper): Fix numpy broadcasting error in sub-pixel interpolation

- Add output_width parameter to _interpolate_subpixel() for variable widths
- Fix wrap-around case to use correct widths for interpolation
- Handle edge cases where source array is smaller than expected
- Prevent 'could not broadcast input array' errors in sub-pixel scrolling
- Ensure proper width matching in all interpolation paths

* feat(scroll): Add frame-based scrolling mode for smooth LED matrix movement

- Add frame_based_scrolling flag to ScrollHelper
- When enabled, moves fixed pixels per step, throttled by scroll_delay
- Eliminates time-based jitter by ignoring frame timing variations
- Provides stock-ticker-like smooth, predictable scrolling
- Update text-display plugin to use frame-based mode

This addresses stuttering issues where time-based scrolling caused
visual jitter due to frame timing variations in the main display loop.

* fix(scroll): Fix NumPy broadcasting errors in sub-pixel wrap-around

- Ensure _interpolate_subpixel always returns exactly requested width
- Handle cases where scipy.ndimage.shift produces smaller arrays
- Add padding logic for wrap-around cases when arrays are smaller than expected
- Prevents 'could not broadcast input array' errors during scrolling

* refactor(scroll): Remove sub-pixel interpolation, use high FPS integer scrolling

- Disable sub-pixel scrolling by default in ScrollHelper
- Simplify get_visible_portion to always use integer pixel positioning
- Restore frame-based scrolling logic for smooth high FPS movement
- Use high frame rate (like stock ticker) for smoothness instead of interpolation
- Reduces complexity and eliminates broadcasting errors

* fix(scroll): Prevent large pixel jumps in frame-based scrolling

- Initialize last_step_time properly to prevent huge initial jumps
- Clamp scroll_speed to max 5 pixels/frame in frame-based mode
- Prevents 60-pixel jumps when scroll_speed is misconfigured
- Simplified step calculation to avoid lag catch-up jumps

* fix(text-display): Align config schema and add validation

- Update submodule reference
- Adds warning and logging for scroll_speed config issues

* fix(scroll): Simplify frame-based scrolling to match stock ticker behavior

- Remove throttling logic from frame-based scrolling
- Move pixels every call (DisplayController's loop timing controls rate)
- Add enable_scrolling attribute to text-display plugin for high-FPS treatment
- Matches stock ticker: simple, predictable movement every frame
- Eliminates jitter from timing mismatches between DisplayController and ScrollHelper

* fix(scroll): Restore scroll_delay throttling in frame-based mode

- Restore time-based throttling using scroll_delay
- Move pixels only when scroll_delay has passed
- Handle lag catch-up with reasonable caps to prevent huge jumps
- Preserve fractional timing for smooth operation
- Now scroll_delay actually controls the scroll speed as intended

* feat(text-display): Add FPS counter logging

- Update submodule reference
- Adds FPS tracking and logging every 5 seconds

* fix(text-display): Add display-width buffer so text scrolls completely off

- Update submodule reference
- Adds end buffer to ensure text exits viewport before looping

* fix: Prevent premature game switching in SportsLive

- Set last_game_switch when games load even if current_game already exists
- Set last_game_switch when same games update but it's still 0
- Add guard to prevent switching check when last_game_switch is 0
- Fixes issue where first game shows for only ~2 seconds before switching
- Also fixes random screen flickering when games change prematurely

* feat(plugins): Add branch selection support for plugin installation

- Add optional branch parameter to install_plugin() and install_from_url() in store_manager
- Update API endpoints to accept and pass branch parameter
- Update frontend JavaScript to support branch selection in install calls
- Maintain backward compatibility - branch parameter is optional everywhere
- Falls back to default branch logic if specified branch doesn't exist

* feat(plugins): Add UI for branch selection in plugin installation

- Add branch input field in 'Install Single Plugin' section
- Add global branch input for store installations
- Update JavaScript to read branch from input fields
- Branch input applies to all store installations when specified

* feat(plugins): Change branch selection to be per-plugin instead of global

- Remove global store branch input field
- Add individual branch input field to each plugin card in store
- Add branch input to custom registry plugin cards
- Each plugin can now have its own branch specified independently

* debug: Add logging to _should_exit_dynamic

* feat(display_controller): Add universal get_cycle_duration support for all plugins

UNIVERSAL FEATURE: Any plugin can now implement get_cycle_duration() to dynamically
calculate the total time needed to show all content for a mode.

New method:
- _plugin_cycle_duration(plugin, display_mode): Queries plugin for calculated duration

Integration:
- Display controller calls plugin.get_cycle_duration(display_mode)
- Uses returned duration as target (respecting max cap)
- Falls back to cap if not provided

Benefits:
- Football plugin: Show all games (3 games × 15s = 45s total)
- Basketball plugin: Could implement same logic
- Hockey/Baseball/any sport: Universal support
- Stock ticker: Could calculate based on number of stocks
- Weather: Could calculate based on forecast days

Example plugin implementation:

Result: Plugins control their own display duration based on actual content,
creating a smooth user experience where all content is shown before switching.

* debug: Add logging to cycle duration call

* debug: Change loop exit logs to INFO level

* fix: Change cycle duration logs to INFO level

* fix: Don't exit loop on False for dynamic duration plugins

For plugins with dynamic duration enabled, keep the display loop running
even when display() returns False. This allows games to continue rotating
within the calculated duration.

The loop will only exit when:
- Cycle is complete (plugin reports all content shown)
- Max duration is reached
- Mode is changed externally

* fix(schedule): Improve display scheduling functionality

- Add GET endpoint for schedule configuration retrieval
- Fix mode switching to clean up old config keys (days/start_time/end_time)
- Improve error handling with consistent error_response() usage
- Enhance display controller schedule checking with better edge case handling
- Add validation for time formats and ensure at least one day enabled in per-day mode
- Add debug logging for schedule state changes

Fixes issues where schedule mode switching left stale config causing incorrect behavior.

* fix(install): Add cmake and ninja-build to system dependencies

Resolves h3 package build failure during first-time installation.
The h3 package (dependency of timezonefinder) requires CMake and
Ninja to build from source. Adding these build tools ensures
successful installation of all Python dependencies.

* fix: Pass display_mode in ALL loop calls to maintain sticky manager

CRITICAL FIX: Display controller was only passing display_mode on first call,
causing plugins to fall back to internal mode cycling and bypass sticky
manager logic.

Now consistently passes display_mode=active_mode on every display() call in
both high-FPS and normal loops. This ensures plugins maintain mode context
and sticky manager state throughout the entire display duration.

* feat(install): Add OS check for Raspberry Pi OS Lite (Trixie)

- Verify OS is Raspberry Pi OS (raspbian/debian)
- Require Debian 13 (Trixie) specifically
- Check for Lite version (no desktop environment)
- Exit with clear error message if requirements not met
- Provide instructions for obtaining correct OS version

* fix(web-ui): Add missing notification handlers to quick action buttons

- Added hx-on:htmx:after-request handlers to all quick action buttons in overview.html
- Added hx-ext='json-enc' for proper JSON encoding
- Added missing notification handler for reboot button in index.html
- Users will now see toast notifications when actions complete or fail

* fix(display): Ensure consistent display mode handling in all plugin calls

- Updated display controller to consistently pass display_mode in all plugin display() calls.
- This change maintains the sticky manager state and ensures plugins retain their mode context throughout the display duration.
- Addresses issues with mode cycling and improves overall display reliability.

* fix(display): Enhance display mode persistence across plugin updates

- Updated display controller to ensure display_mode is consistently maintained during plugin updates.
- This change prevents unintended mode resets and improves the reliability of display transitions.
- Addresses issues with mode persistence, ensuring a smoother user experience across all plugins.

* feat: Add Olympics countdown plugin as submodule

- Add olympics-countdown plugin submodule
- Update .gitignore to allow olympics-countdown plugin
- Plugin automatically determines next Olympics and counts down to opening/closing ceremonies

* feat(web-ui): Add checkbox-group widget support for multi-select arrays

- Add checkbox-group widget rendering in plugins_manager.js
- Update form processing to handle checkbox groups with [] naming
- Support for friendly labels via x-options in config schemas
- Update odds-ticker submodule with checkbox-group implementation

* fix(plugins): Preserve enabled state when saving plugin config from main config endpoint

When saving plugin configuration through save_main_config endpoint, the enabled
field was not preserved if missing from the form data. This caused plugins to
be automatically disabled when users saved their configuration from the plugin
manager tab.

This fix adds the same enabled state preservation logic that exists in
save_plugin_config endpoint, ensuring consistent behavior across both endpoints.
The enabled state is preserved from current config, plugin instance, or defaults
to True to prevent unexpected disabling of plugins.

* fix(git): Resolve git status timeout and exclude plugins from base project updates

- Add --untracked-files=no flag to git status for faster execution
- Increase timeout from 5s to 30s for git status operations
- Add timeout exception handling for git status and stash operations
- Filter out plugins directory from git status checks (plugins are separate repos)
- Exclude plugins from stash operations using :!plugins pathspec
- Apply same fixes to plugin store manager update operations

* feat(plugins): Add granular scroll speed control to odds-ticker and leaderboard plugins

- Add display object to both plugins' config schemas with scroll_speed and scroll_delay
- Enable frame-based scrolling mode for precise FPS control (100 FPS for leaderboard)
- Add set_scroll_speed() and set_scroll_delay() methods to both plugins
- Maintain backward compatibility with scroll_pixels_per_second config
- Leaderboard plugin now explicitly sets target_fps to 100 for high-performance scrolling

* fix(scroll): Correct dynamic duration calculation for frame-based scrolling

- Fix calculate_dynamic_duration() to properly handle frame-based scrolling mode
- Convert scroll_speed from pixels/frame to pixels/second when in frame-based mode
- Prevents incorrect duration calculations (e.g., 2609s instead of 52s)
- Affects all plugins using ScrollHelper: odds-ticker, leaderboard, stocks, text-display
- Add debug logging to show scroll mode and effective speed

* Remove version logic from plugin system, use git commits instead

- Remove version parameter from install_plugin() method
- Rename fetch_latest_versions to fetch_commit_info throughout codebase
- Remove version fields from plugins.json registry (versions, latest_version, download_url_template)
- Remove version logging from plugin manager
- Update web UI to use fetch_commit_info parameter
- Update .gitignore to ignore all plugin folders (remove whitelist exceptions)
- Remove plugin directories from git index (plugins now installed via plugin store only)

Plugins now always install latest commit from default branch. Version fields
replaced with git commit SHA and commit dates. System uses git-based approach
for all plugin metadata.

* feat(plugins): Normalize all plugins as git submodules

- Convert all 18 plugins to git submodules for uniform management
- Add submodules for: baseball-scoreboard, christmas-countdown, football-scoreboard, hockey-scoreboard, ledmatrix-flights, ledmatrix-leaderboard, ledmatrix-music, ledmatrix-stocks, ledmatrix-weather, static-image
- Re-initialize mqtt-notifications as proper submodule
- Update .gitignore to allow all plugin submodules
- Add normalize_plugin_submodules.sh script for future plugin management

All plugins with GitHub repositories are now managed as git submodules,
ensuring consistent version control and easier updates.

* refactor(repository): Reorganize scripts and files into organized directory structure

- Move installation scripts to scripts/install/ (except first_time_install.sh)
- Move development scripts to scripts/dev/
- Move utility scripts to scripts/utils/
- Move systemd service files to systemd/
- Keep first_time_install.sh, start_display.sh, stop_display.sh in root
- Update all path references in scripts, documentation, and service files
- Add README.md files to new directories explaining their purpose
- Remove empty tools/ directory (contents moved to scripts/dev/)
- Add .gitkeep to data/ directory

* fix(scripts): Fix PROJECT_DIR path in start_web_conditionally.py after move to scripts/utils/

* fix(scripts): Fix PROJECT_DIR/PROJECT_ROOT path resolution in moved scripts

- Fix wifi_monitor_daemon.py to use project root instead of scripts/utils/
- Fix shell scripts in scripts/ to correctly resolve project root (go up one more level)
- Fix scripts in scripts/fix_perms/ to correctly resolve project root
- Update diagnose_web_interface.sh to reference moved start_web_conditionally.py path

All scripts now correctly determine project root after reorganization.

* fix(install): Update first_time_install.sh to detect and update service files with old paths

- Check for old paths in service files and reinstall if needed
- Always reinstall main service (install_service.sh is idempotent)
- This ensures existing installations get updated paths after reorganization

* fix(install): Update install_service.sh message to indicate it updates existing services

* fix(wifi): Enable WiFi scan to work when AP mode is active

- Temporarily disable AP mode during network scanning
- Automatically re-enable AP mode after scan completes
- Add proper error handling with try/finally to ensure AP mode restoration
- Add user notification when AP mode is temporarily disabled
- Improve error messages for common scanning failures
- Add timing delays for interface mode switching

* fix(wifi): Fix network parsing to handle frequency with 'MHz' suffix

- Strip 'MHz' suffix from frequency field before float conversion
- Add better error logging for parsing failures
- Fixes issue where all networks were silently skipped due to ValueError

* debug(wifi): Add console logging and Alpine.js reactivity fixes for network display

- Add console.log statements to debug network scanning
- Add x-effect to force Alpine.js reactivity updates
- Add unique keys to x-for template
- Add debug display showing network count
- Improve error handling and user feedback

* fix(wifi): Manually update select options instead of using Alpine.js x-for

- Replace Alpine.js x-for template with manual DOM manipulation
- Add updateSelectOptions() method to directly update select dropdown
- This fixes issue where networks weren't appearing in dropdown
- Alpine.js x-for inside select elements can be unreliable

* feat(web-ui): Add patternProperties support for dynamic key-value pairs

- Add UI support for patternProperties objects (custom_feeds, feed_logo_map)
- Implement key-value pair editor with add/remove functionality
- Add JavaScript functions for managing dynamic key-value pairs
- Update form submission to handle patternProperties JSON data
- Enable easy configuration of feed_logo_map in web UI

* chore: Update ledmatrix-news submodule to latest commit

* fix(plugins): Handle arrays of objects in config normalization

Fix configuration validation failure for static-image plugin by adding
recursive normalization support for arrays of objects. The normalize_config_values
function now properly handles arrays containing objects (like image_config.images)
by recursively normalizing each object in the array using the items schema properties.

This resolves the 'configuration validation failed' error when saving static
image plugin configuration with multiple images.

* fix(plugins): Handle union types in config normalization and form generation

Fix configuration validation for fields with union types like ['integer', 'null'].
The normalization function now properly handles:
- Union types in top-level fields (e.g., random_seed: ['integer', 'null'])
- Union types in array items
- Empty string to None conversion for nullable fields
- Form generation and submission for union types

This resolves validation errors when saving plugin configs with nullable
integer/number fields (e.g., rotation_settings.random_seed in static-image plugin).

Also improves UX by:
- Adding placeholder text for nullable fields explaining empty = use default
- Properly handling empty values in form submission for union types

* fix(plugins): Improve union type normalization with better edge case handling

Enhanced normalization for union types like ['integer', 'null']:
- Better handling of whitespace in string values
- More robust empty string to None conversion
- Fallback to None when conversion fails and null is allowed
- Added debug logging for troubleshooting normalization issues
- Improved handling of nested object fields with union types

This should resolve remaining validation errors for nullable integer/number
fields in nested objects (e.g., rotation_settings.random_seed).

* chore: Add ledmatrix-news plugin to .gitignore exceptions

* Fix web interface service script path in install_service.sh

- Updated ExecStart path from start_web_conditionally.py to scripts/utils/start_web_conditionally.py
- Updated diagnose_web_ui.sh to check for correct script path
- Fixes issue where web UI service fails to start due to incorrect script path

* Fix nested configuration section headers not expanding

Fixed toggleNestedSection function to properly calculate scrollHeight when
expanding nested configuration sections. The issue occurred when sections
started with display:none - the scrollHeight was being measured before the
browser had a chance to lay out the element, resulting in a value of 0.

Changes:
- Added setTimeout to delay scrollHeight measurement until after layout
- Added overflow handling during animations to prevent content jumping
- Added fallback for edge cases where scrollHeight might still be 0
- Set maxHeight to 'none' after expansion completes for natural growth
- Updated function in both base.html and plugins_manager.js

This fix applies to all plugins with nested configuration sections, including:
- Hockey/Football/Basketball/Baseball/Soccer scoreboards (customization, global sections)
- All plugins with transition, display, and other nested configuration objects

Fixes configuration header expansion issues across all plugins.

* Fix syntax error in first_time_install.sh step 8.5

Added missing 'fi' statement to close the if block in the WiFi monitor
service installation section. This resolves the 'unexpected end of file'
error that occurred at line 1385 during step 8.5.

* Fix WiFi UI: Display correct SSID and accurate signal strength

- Fix WiFi network selection dropdown not showing available networks
  - Replace manual DOM manipulation with Alpine.js x-for directive
  - Add fallback watcher to ensure select updates reactively

- Fix WiFi status display showing netplan connection name instead of SSID
  - Query actual SSID from device properties (802-11-wireless.ssid)
  - Add fallback methods to get SSID from active WiFi connection list

- Improve signal strength accuracy
  - Get signal directly from device properties (WIFI.SIGNAL)
  - Add multiple fallback methods for robust signal retrieval
  - Ensure signal percentage is accurate and up-to-date

* Improve WiFi connection UI and error handling

- Fix connect button disabled condition to check both selectedSSID and manualSSID
- Improve error handling to display actual server error messages from 400 responses
- Add step-by-step labels (Step 1, Step 2, Step 3) to clarify connection workflow
- Add visual feedback showing selected network in blue highlight box
- Improve password field labeling with helpful instructions
- Add auto-clear logic between dropdown and manual SSID entry
- Enhance backend validation with better error messages and logging
- Trim SSID whitespace before processing to prevent validation errors

* Add WiFi disconnect functionality for AP mode testing

- Add disconnect_from_network() method to WiFiManager
  - Disconnects from current WiFi network using nmcli
  - Automatically triggers AP mode check if auto_enable_ap_mode is enabled
  - Returns success/error status with descriptive messages

- Add /api/v3/wifi/disconnect API endpoint
  - POST endpoint to disconnect from current WiFi network
  - Includes proper error handling and logging

- Add disconnect button to WiFi status section
  - Only visible when connected to a network
  - Red styling to indicate disconnection action
  - Shows 'Disconnecting...' state during operation
  - Automatically refreshes status after disconnect

- Integrates with AP mode auto-enable functionality
  - When disconnected, automatically enables AP mode if configured
  - Perfect for testing captive portal and AP mode features

* Add explicit handling for broken pipe errors during plugin dependency installation

- Catch BrokenPipeError and OSError (errno 32) explicitly in all dependency installation methods
- Add clear error messages explaining network interruption or buffer overflow causes
- Improves error handling in store_manager, plugin_loader, and plugin_manager
- Helps diagnose 'Errno 32 Broken Pipe' errors during pip install operations

* Add WiFi permissions configuration script and integrate into first-time install

- Create configure_wifi_permissions.sh script
  - Configures passwordless sudo for nmcli commands
  - Configures PolicyKit rules for NetworkManager control
  - Fixes 'Not Authorized to control Networking' error
  - Allows web interface to connect/disconnect WiFi without password prompts

- Integrate WiFi permissions configuration into first_time_install.sh
  - Added as Step 10.1 after passwordless sudo configuration
  - Runs automatically during first-time installation
  - Ensures WiFi management works out of the box

- Resolves authorization errors when connecting/disconnecting WiFi networks
  - NetworkManager requires both sudo and PolicyKit permissions
  - Script configures both automatically for seamless WiFi management

* Add WiFi status LED message display integration

- Integrate WiFi status messages from wifi_manager into display_controller
- WiFi status messages interrupt normal rotation (but respect on-demand)
- Priority: on-demand > wifi-status > live-priority > normal rotation
- Safe implementation with comprehensive error handling
- Automatic cleanup of expired/corrupted status files
- Word-wrapping for long messages (max 2 lines)
- Centered text display with small font
- Non-intrusive: all errors are caught and logged, never crash controller

* Fix display loop issues: reduce log spam and handle missing plugins

- Change _should_exit_dynamic logging from INFO to DEBUG to reduce log spam
  in tight loops (every 8ms) that was causing high CPU usage
- Fix display loop not running when manager_to_display is None
- Add explicit check to set display_result=False when no plugin manager found
- Fix logic bug where manager_to_display was overwritten after circuit breaker skip
- Ensure proper mode rotation when plugins have no content or aren't found

* Add debug logging to diagnose display loop stuck issue

* Change debug logs to INFO level to diagnose display loop stuck

* Add schedule activation logging and ensure display is blanked when inactive

- Add clear INFO-level log message when schedule makes display inactive
- Track previous display state to detect schedule transitions
- Clear display when schedule makes it inactive to ensure blank screen
  (prevents showing initialization screen when schedule kicks in)
- Initialize _was_display_active state tracking in __init__

* Fix indentation errors in schedule state tracking

* Add rotation between hostname and IP address every 10 seconds

- Added _get_local_ip() method to detect device IP address
- Implemented automatic rotation between hostname and IP every 10 seconds
- Enhanced logging to include both hostname and IP in initialization
- Updated get_info() to expose device_ip and current_display_mode

* Add WiFi connection failsafe system

- Save original connection before attempting new connection
- Automatically restore original connection if new connection fails
- Enable AP mode as last resort if restoration fails
- Enhanced connection verification with multiple attempts
- Verify correct SSID (not just 'connected' status)
- Better error handling and exception recovery
- Prevents Pi from becoming unresponsive on connection failure
- Always ensures device remains accessible via original WiFi or AP mode

* feat(web): Improve web UI startup speed and fix cache permissions

- Defer plugin discovery until first API request (removed from startup)
- Add lazy loading to operation queue, state manager, and operation history
- Defer health monitor initialization until first request
- Fix cache directory permission issue:
  - Add systemd CacheDirectory feature for automatic cache dir creation
  - Add manual cache directory creation in install script as fallback
  - Improve cache manager logging (reduce alarming warnings)
- Fix syntax errors in wifi_manager.py (unclosed try blocks)

These changes significantly improve web UI startup time, especially with many
plugins installed, while maintaining full backward compatibility.

* feat(plugins): Improve GitHub token pop-up UX and combine warning/settings

- Fix visibility toggle to handle inline styles properly
- Remove redundant inline styles from HTML elements
- Combine warning banner and settings panel into unified component
- Add loading states to save/load token buttons
- Improve error handling with better user feedback
- Add token format validation (ghp_ or github_pat_ prefix)
- Auto-refresh GitHub auth status after saving token
- Hide warning banner when settings panel opens
- Clear input field after successful save for security

This creates a smoother UX flow where clicking 'Configure Token'
transitions from warning directly to configuration form.

* fix(wifi): Prevent WiFi radio disabling during AP mode disable

- Make NetworkManager restart conditional (only for hostapd mode)
- Add enhanced WiFi radio enable with retry and verification logic
- Add connectivity safety check before NetworkManager restart
- Ensure WiFi radio enabled after all AP mode disable operations
- Fix indentation bug in dnsmasq backup restoration logic
- Add pre-connection WiFi radio check for safety

Fixes issue where WiFi radio was being disabled when disabling AP mode,
especially when connected via Ethernet, making it impossible to enable
WiFi from the web UI.

* fix(plugin-templates): Fix unreachable fallback to expired cache in update() method

The exception handler in update() checked the cached variable, which would
always be None or falsy at that point. If fresh cached data existed, the
method returned early. If cached data was expired, it was filtered out by
max_age constraint. The fix retrieves cached data again in the exception
handler with a very large max_age (1 year) to effectively bypass expiration
check and allow fallback to expired data when fetch fails.

* fix(plugin-templates): Resolve plugin_id mismatch in test template setUp method

* feat(plugins): Standardize manifest version fields schema

- Consolidate version fields to use consistent naming:
  - compatible_versions: array of semver ranges (required)
  - min_ledmatrix_version: string (optional)
  - max_ledmatrix_version: string (optional)
  - versions[].ledmatrix_min_version: renamed from ledmatrix_min
- Add manifest schema validation (schema/manifest_schema.json)
- Update store_manager to validate version fields and schema
- Update template and all documentation examples to use standardized fields
- Add deprecation warnings for ledmatrix_version and ledmatrix_min fields

* fix(templates): Update plugin README template script path to correct location

* docs(plugin): Resolve conflicting version management guidance in .cursorrules

* chore(.gitignore): Consolidate plugin exclusion patterns

Remove unnecessary !plugins/*/.git pattern and consolidate duplicate
negations by keeping only trailing-slash directory exclusions.

* docs: Add language specifiers to code blocks in STATIC_IMAGE_MULTI_UPLOAD_PLAN.md

* fix(templates): Remove api_key from config.json example in plugin README template

Remove api_key field from config.json example to prevent credential leakage.
API keys should only be stored in config_secrets.json. Added clarifying note
about proper credential storage.

* docs(README): Add plugin installation and migration information

- Add plugin installation instructions via web interface and GitHub URL
- Add plugin migration guide for users upgrading from old managers
- Improve plugin documentation for new users

* docs(readme): Update donation links and add Discord acknowledgment

* docs: Add comprehensive API references and consolidate documentation

- Add API_REFERENCE.md with complete REST API documentation (50+ endpoints)
- Add PLUGIN_API_REFERENCE.md documenting Display Manager, Cache Manager, and Plugin Manager APIs
- Add ADVANCED_PLUGIN_DEVELOPMENT.md with advanced patterns and examples
- Add DEVELOPER_QUICK_REFERENCE.md for quick developer reference
- Consolidate plugin configuration docs into single PLUGIN_CONFIGURATION_GUIDE.md
- Archive completed implementation summaries to docs/archive/
- Enhance PLUGIN_DEVELOPMENT_GUIDE.md with API links and 3rd party submission guidelines
- Update docs/README.md with new API reference sections
- Update root README.md with documentation links

* fix(install): Fix IP detection and network diagnostics after fresh install

- Fix web-ui-info plugin IP detection to handle no internet, AP mode, and network state changes
- Replace socket-based detection with robust interface scanning using hostname -I and ip addr
- Add AP mode detection returning 192.168.4.1 when AP mode is active
- Add periodic IP refresh every 30 seconds to handle network state changes
- Improve network diagnostics in first_time_install.sh showing actual IPs, WiFi status, and AP mode
- Add WiFi connection check in WiFi monitor installation with warnings
- Enhance web service startup logging to show accessible IP addresses
- Update README with network troubleshooting section and fix port references (5001->5000)

Fixes issue where display showed incorrect IP (127.0.11:5000) and users couldn't access web UI after fresh install.

* chore: Add GitHub sponsor button configuration

* fix(wifi): Fix aggressive AP mode enabling and improve WiFi detection

Critical fixes:
- Change auto_enable_ap_mode default from True to False (manual enable only)
- Fixes issue where Pi would disconnect from network after code updates
- Matches documented behavior (was incorrectly defaulting to True in code)

Improvements:
- Add grace period: require 3 consecutive disconnected checks (90s) before enabling AP mode
- Prevents AP mode from enabling on transient network hiccups
- Improve WiFi status detection with retry logic and better nmcli parsing
- Enhanced logging for debugging WiFi connection issues
- Better handling of WiFi device detection (works with any wlan device)

This prevents the WiFi monitor from aggressively enabling AP mode and
disconnecting the Pi from the network when there are brief network issues
or during system initialization.

* fix(wifi): Revert auto_enable_ap_mode default to True with grace period protection

Change default back to True for auto_enable_ap_mode while keeping the grace
period protection that prevents interrupting valid WiFi connections.

- Default auto_enable_ap_mode back to True (useful for setup scenarios)
- Grace period (3 consecutive checks = 90s) prevents false positives
- Improved WiFi detection with retry logic ensures accurate status
- AP mode will auto-enable when truly disconnected, but won't interrupt
  valid connections due to transient detection issues

* fix(news): Update submodule reference for manifest fix

Update ledmatrix-news submodule to include the fixed manifest.json with
required entry_point and class_name fields.

* fix(news): Update submodule reference with validate_config addition

Update ledmatrix-news submodule to include validate_config method for
proper configuration validation.

* feat: Add of-the-day plugin as git submodule

- Add ledmatrix-of-the-day plugin as git submodule
- Rename submodule path from plugins/of-the-day to plugins/ledmatrix-of-the-day to match repository naming convention
- Update .gitignore to allow ledmatrix-of-the-day submodule
- Plugin includes fixes for display rendering and web UI configuration support

* fix(wifi): Make AP mode open network and fix WiFi page loading in AP mode

AP Mode Changes:
- Remove password requirement from AP mode (open network for easier setup)
- Update hostapd config to create open network (no WPA/WPA2)
- Update nmcli hotspot to create open network (no password parameter)

WiFi Page Loading Fixes:
- Download local copies of HTMX and Alpine.js libraries
- Auto-detect AP mode (192.168.4.x) and use local JS files instead of CDN
- Auto-open WiFi tab when accessing via AP mode IP
- Add fallback loading if HTMX fails to load
- Ensures WiFi setup page works in AP mode without internet access

This fixes the issue where the WiFi page wouldn't load on iPhone when
accessing via AP mode (192.168.4.1:5000) because CDN resources couldn't
be fetched without internet connectivity.

* feat(wifi): Add explicit network switching support with clean disconnection

WiFi Manager Improvements:
- Explicitly disconnect from current network before connecting to a new one
- Add skip_ap_check parameter to disconnect_from_network() to prevent AP mode
  from activating during network switches
- Check if already connected to target network to avoid unnecessary work
- Improved logging for network switching operations

Web UI Improvements:
- Detect and display network switching status in UI
- Show 'Switching from [old] to [new]...' message when switching networks
- Enhanced status reloading after connection (multiple checks at 2s, 5s, 10s)
- Better user feedback during network transitions

This ensures clean network switching without AP mode interruptions and
provides clear feedback to users when changing WiFi networks.

* fix(web-ui): Add fallback content loading when HTMX fails to load

Problem:
- After recent updates, web UI showed navigation and CPU status but main
  content tabs never loaded
- Content tabs depend on HTMX's 'revealed' trigger to load
- If HTMX failed to load or initialize, content would never appear

Solutions:
- Enhanced HTMX loading verification with timeout checks
- Added fallback direct fetch for overview tab if HTMX fails
- Added automatic tab content loading when tabs change
- Added loadTabContent() method to manually trigger content loading
- Added global 'htmx-load-failed' event for error handling
- Automatic retry after 5 seconds if HTMX isn't available
- Better error messages and console logging for debugging

This ensures the web UI loads content even if HTMX has issues,
providing graceful degradation and better user experience.

* feat(web-ui): Add support for plugin custom HTML widgets and static file serving

- Add x-widget: custom-html support in config schema generation
- Add loadCustomHtmlWidget() function to load HTML from plugin directories
- Add /api/v3/plugins/<plugin_id>/static/<file_path> endpoint for serving plugin static files
- Enhance execute_plugin_action() to pass params via stdin as JSON for scripts
- Add JSON output parsing for script action responses

These changes enable plugins to provide custom UI components while keeping
all functionality plugin-scoped. Used by of-the-day plugin for file management.

* fix(web-ui): Resolve Alpine.js initialization errors

- Prevent Alpine.js from auto-initializing before app() function is defined
- Add deferLoadingAlpine to ensure proper initialization order
- Make app() function globally available via window.app
- Fix 'app is not defined' and 'activeTab is not defined' errors
- Remove duplicate Alpine.start() calls that caused double initialization warnings

* fix(web-ui): Fix IndentationError in api_v3.py OAuth flow

- Fix indentation in if action_def.get('oauth_flow') block
- Properly indent try/except block and all nested code
- Resolves IndentationError that prevented web interface from starting

* fix(web-ui): Fix SyntaxError in api_v3.py else block

- Fix indentation of OAuth flow code inside else block
- Properly indent else block for simple script execution
- Resolves SyntaxError at line 3458 that prevented web interface from starting

* fix(web-ui): Restructure OAuth flow check to fix SyntaxError

- Move OAuth flow check before script execution in else block
- Remove unreachable code that was causing syntax error
- OAuth check now happens first, then falls back to script execution
- Resolves SyntaxError at line 3458

* fix(web-ui): Define app() function in head for Alpine.js initialization

- Define minimal app() function in head before Alpine.js loads
- Ensures app() is available when Alpine initializes
- Full implementation in body enhances/replaces the stub
- Fixes 'app is not defined' and 'activeTab is not defined' errors

* fix(web-ui): Ensure plugin tabs load when full app() implementation is available

- Update stub init() to detect and use full implementation when available
- Ensure full implementation properly replaces stub methods
- Call init() after merging to load plugins and set up watchers
- Fixes issue where installed plugins weren't showing in navigation bar

* fix(web-ui): Prevent 'Cannot redefine property' error for installedPlugins

- Check if window.installedPlugins property already exists before defining
- Make property configurable to allow redefinition if needed
- Add _initialized flag to prevent multiple init() calls
- Fixes TypeError when stub tries to enhance with full implementation

* fix(web-ui): Fix variable redeclaration errors in logs tab

- Replace let/const declarations with window properties to avoid redeclaration
- Use window._logsEventSource, window._allLogs, etc. to persist across HTMX reloads
- Clean up existing event source before reinitializing
- Remove and re-add event listeners to prevent duplicates
- Fixes 'Identifier has already been declared' error when accessing logs tab multiple times

* feat(web-ui): Add support for additionalProperties object rendering

- Add handler for objects with additionalProperties containing object schemas
- Render dynamic category controls with enable/disable toggles
- Display category metadata (display name, data file path)
- Used by of-the-day plugin for category management

* fix(wifi): Ensure AP mode hotspot is always open (no password)

Problem:
- LEDMatrix-Setup WiFi AP was still asking for password despite code changes
- Existing hotspot connections with passwords weren't being fully cleaned up
- NetworkManager might reuse old connection profiles with passwords

Solutions:
- More thorough cleanup: Delete all hotspot-related connections, not just known names
- Verification: Check if hotspot has password after creation
- Automatic fix: Remove password and restart connection if security is detected
- Better logging: Log when password is detected and removed

This ensures the AP mode hotspot is always open for easy setup access,
even if there were previously saved connections with passwords.

* fix(wifi): Improve network switching reliability and device state handling

Problem:
- Pi failing to switch WiFi networks via web UI
- Connection attempts happening before device is ready
- Disconnect not fully completing before new connection attempt
- Connection name lookup issues when SSID doesn't match connection name

Solutions:
- Improved disconnect logic: Disconnect specific connection first, then device
- Device state verification: Wait for device to be ready (disconnected/unavailable) before connecting
- Better connection lookup: Search by SSID, not just connection name
- Increased wait times: 2 seconds for disconnect to complete
- State checking before activating existing connections
- Enhanced error handling and logging throughout

This ensures network switching works reliably by properly managing device
state transitions and using correct connection identifiers.

* debug(web-ui): Add debug logging for custom HTML widget loading

- Add console logging to track widget generation
- Improve error messages with missing configuration details
- Help diagnose why file manager widget may not be appearing

* fix(web-ui): Fix [object Object] display in categories field

- Add type checking to ensure category values are strings before rendering
- Safely extract data_file and display_name properties
- Prevent object coercion issues in category display

* perf(web-ui): Optimize plugin loading in navigation bar

- Reduce stub init timeout from 100ms to 10ms for faster enhancement
- Change full implementation merge from 50ms setTimeout to requestAnimationFrame
- Add direct plugin loading in stub while waiting for full implementation
- Skip plugin reload in full implementation if already loaded by stub
- Significantly improves plugin tab loading speed in navigation bar

* feat(web-ui): Adapt file-upload widget for JSON files in of-the-day plugin

- Add specialized JSON upload/delete endpoints for of-the-day plugin
- Modify file-upload widget to support JSON files (file_type: json)
- Render JSON files with file-code icon instead of image preview
- Show entry count for JSON files
- Store files in plugins/ledmatrix-of-the-day/of_the_day/ directory
- Automatically update categories config when files are uploaded/deleted
- Populate uploaded_files array from categories on form load
- Remove custom HTML widget, use standard file-upload widget instead

* fix(web-ui): Add working updatePluginTabs to stub for immediate plugin tab rendering

- Stub's updatePluginTabs was empty, preventing tabs from showing
- Add basic implementation that creates plugin tabs in navigation bar
- Ensures plugin tabs appear immediately when plugins load, even before full implementation merges
- Fixes issue where plugin navigation bar wasn't working

* feat(api): Populate uploaded_files and categories from disk for of-the-day plugin

- Scan of_the_day directory for existing JSON files when loading config
- Populate uploaded_files array from files on disk
- Populate categories from files on disk if not in config
- Categories default to disabled, user can enable them
- Ensures existing JSON files (word_of_the_day.json, slovenian_word_of_the_day.json) appear in UI

* fix(api): Improve category merging logic for of-the-day plugin

- Preserve existing category enabled state when merging with files from disk
- Ensure all JSON files from disk appear in categories section
- Categories from files default to disabled, preserving user choices
- Properly merge existing config with scanned files

* fix(wifi): More aggressive password removal for AP mode hotspot

Problem:
- LEDMatrix-Setup network still asking for password despite previous fixes
- NetworkManager may add default security settings to hotspots
- Existing connections with passwords may not be fully cleaned up

Solutions:
- Always remove ALL security settings after creating hotspot (not just when detected)
- Remove multiple security settings: key-mgmt, psk, wep-key, auth-alg
- Verify security was removed and recreate connection if verification fails
- Improved cleanup: Delete connections by SSID match, not just by name
- Disconnect connections before deleting them
- Always restart connection after removing security to apply changes
- Better logging for debugging

This ensures the AP mode hotspot is always open, even if NetworkManager
tries to add default security settings.

* perf(web): Optimize web interface performance and fix JavaScript errors

- Add resource hints (preconnect, dns-prefetch) for CDN resources to reduce DNS lookup delays
- Fix duplicate response parsing bug in loadPluginConfig that was parsing JSON twice
- Replace direct fetch() calls with PluginAPI.getInstalledPlugins() to leverage caching and throttling
- Fix Alpine.js function availability issues with defensive checks and $nextTick
- Enhance request deduplication with debug logging and statistics
- Add response caching headers for static assets and API responses
- Add performance monitoring utilities with detailed metrics

Fixes console errors for loadPluginConfig and generateConfigForm not being defined.
Reduces duplicate API calls to /api/v3/plugins/installed endpoint.
Improves initial page load time with resource hints and optimized JavaScript loading.

* perf(web-ui): optimize CSS for Raspberry Pi performance

- Remove backdrop-filter blur from modal-backdrop
- Remove box-shadow transitions (use transform/opacity only)
- Remove button ::before pseudo-element animation
- Simplify skeleton loader (gradient to opacity pulse)
- Optimize transition utility (specific properties, not 'all')
- Improve color contrast for WCAG AA compliance
- Add CSS containment to cards, plugin-cards, modals
- Remove unused CSS classes (duration-300, divider, divider-light)
- Remove duplicate spacing utility classes

All animations now GPU-accelerated (transform/opacity only).
Optimized for low-powered Raspberry Pi devices.

* fix(web): Resolve ReferenceError for getInstalledPluginsSafe in v3 stub initialization

Move getInstalledPluginsSafe() function definition before the app() stub code that uses it. The function was previously defined at line 3756 but was being called at line 849 during Alpine.js initialization, causing a ReferenceError when loadInstalledPluginsDirectly() attempted to load plugins before the full implementation was ready.

* fix(web): Resolve TypeError for installedPlugins.map in plugin loading

Fix PluginAPI.getInstalledPlugins() to properly extract plugins array from API response structure. The API returns {status: 'success', data: {plugins: [...]}}, but the method was returning response.data (the object) instead of response.data.plugins (the array).

Changes:
- api_client.js: Extract plugins array from response.data.plugins
- plugins_manager.js: Add defensive array checks and handle array return value correctly
- base.html: Add defensive check in getInstalledPluginsSafe() to ensure plugins is always an array

This prevents 'installedPlugins.map is not a function' errors when loading plugins.

* style(web-ui): Enhance navigation bar styling for better readability

- Improve contrast: Change inactive tab text from gray-500 to gray-700
- Add gradient background and thicker border for active tabs
- Enhance hover states with background highlights
- Add smooth transitions using GPU-accelerated properties
- Update all navigation buttons (system tabs and plugin tabs)
- Add updatePluginTabStates() method for dynamic tab state management

All changes are CSS-only with zero performance overhead.

* fix(web-ui): Optimize plugin loading and reduce initialization errors

- Make generateConfigForm accessible to inline Alpine components via parent scope
- Consolidate plugin initialization to prevent duplicate API calls
- Fix script execution from HTMX-loaded content by extracting scripts before DOM insertion
- Add request deduplication to loadInstalledPlugins() to prevent concurrent requests
- Improve Alpine component initialization with proper guards and fallbacks

This eliminates 'generateConfigForm is not defined' errors and reduces plugin
API calls from 3-4 duplicate calls to 1 per page load, significantly improving
page load performance.

* fix(web-ui): Add guard check for generateConfigForm to prevent Alpine errors

Add typeof check in x-show to prevent Alpine from evaluating generateConfigForm
before the component methods are fully initialized. This eliminates the
'generateConfigForm is not defined' error that was occurring during component
initialization.

* fix(web-ui): Fix try-catch block structure in script execution code

Correct the nesting of try-catch block inside the if statement for script execution.
The catch block was incorrectly placed after the else clause, causing a syntax error.

* fix(web-ui): Escape quotes in querySelector to avoid HTML attribute conflicts

Change double quotes to single quotes in the CSS selector to prevent conflicts
with HTML attribute parsing when the x-data expression is embedded.

* style(web): Improve button text readability in Quick Actions section

* fix(web): Resolve Alpine.js expression errors in plugin configuration component

- Capture plugin from parent scope into component data to fix parsing errors
- Update all plugin references to use this.plugin in component methods
- Fix x-init to properly call loadPluginConfig method
- Resolves 'Uncaught ReferenceError' for isOnDemandLoading, onDemandLastUpdated, and other component properties

* fix(web): Fix remaining Alpine.js scope issues in plugin configuration

- Use this.generateConfigForm in typeof checks and method calls
- Fix form submission to use this.plugin.id
- Use $root. prefix for parent scope function calls (refreshPlugin, updatePlugin, etc.)
- Fix confirm dialog string interpolation
- Ensures all component methods and properties are properly scoped

* fix(web): Add this. prefix to all Alpine.js component property references

- Fix all template expressions to use this. prefix for component properties
- Update isOnDemandLoading, onDemandLastUpdated, onDemandRefreshing references
- Update onDemandStatusClass, onDemandStatusText, onDemandServiceClass, onDemandServiceText
- Update disableRunButton, canStopOnDemand, showEnableHint, loading references
- Ensures Alpine.js can properly resolve all component getters and properties

* fix(web): Resolve Alpine.js expression errors in plugin configuration

- Move complex x-data object to pluginConfigData() function for better parsing
- Fix all template expressions to use this.plugin instead of plugin
- Add this. prefix to all method calls in event handlers
- Fix duplicate x-on:click attribute on uninstall button
- Add proper loading state management in loadPluginConfig method

This resolves the 'Invalid or unexpected token' and 'Uncaught ReferenceError'
errors in the browser console.

* fix(web): Fix plugin undefined errors in Alpine.js plugin configuration

- Change x-data initialization to capture plugin from loop scope first
- Use Object.assign in x-init to merge pluginConfigData properties
- Add safety check in pluginConfigData function for undefined plugins
- Ensure plugin is available before accessing properties in expressions

This resolves the 'Cannot read properties of undefined' errors by ensuring
the plugin object is properly captured from the x-for loop scope before
any template expressions try to access it.

* style(web): Make Quick Actions button text styling consistent

- Update Start Display, Stop Display, and Reboot System buttons
- Change from text-sm font-medium to text-base font-semibold
- All Quick Actions buttons now have consistent bold, larger text
- Matches the styling of Update Code, Restart Display Service, and Restart Web Service buttons

* fix(wifi): Properly handle AP mode disable during WiFi connection

- Check return value of disable_ap_mode() before proceeding with connection
- Add verification loop to ensure AP mode is actually disabled
- Increase wait time to 5 seconds for NetworkManager restart stabilization
- Return clear error messages if AP mode cannot be disabled
- Prevents connection failures when switching networks from web UI or AP mode

This fixes the issue where WiFi network switching would fail silently when
AP mode disable failed, leaving the system in an inconsistent state.

* fix(web): Handle API response errors in plugin configuration loading

- Add null/undefined checks before accessing API response status
- Set fallback defaults when API responses don't have status 'success'
- Add error handling for batch API requests with fallback to individual requests
- Add .catch() handlers to individual fetch calls to prevent unhandled rejections
- Add console warnings to help debug API response failures
- Fix applies to both main loadPluginConfig and PluginConfigHelpers.loadPluginConfig

This fixes the issue where plugin configuration sections would get stuck
showing the loading animation when API responses failed or returned error status.

* fix(web): Fix Alpine.js reactivity for plugin config by using direct x-data

Changed from Object.assign pattern to direct x-data assignment to ensure
Alpine.js properly tracks reactive properties. The previous approach used
Object.assign to merge properties into the component after initialization,
which caused Alpine to not detect changes to config/schema properties.

The fix uses pluginConfigData(plugin) directly as x-data, ensuring all
properties including config, schema, loading, etc. are reactive from
component initialization.

* fix(web): Ensure plugin variable is captured in x-data scope

Use spread operator to merge pluginConfigData properties while explicitly
capturing the plugin variable from outer x-for scope. This fixes undefined
plugin errors when Alpine evaluates the component data.

* fix(web): Use $data for Alpine.js reactivity when merging plugin config

Use Object.assign with Alpine's $data reactive proxy instead of this to
ensure added properties are properly reactive. This fixes the issue where
plugin variable scoping from x-for wasn't accessible in x-data expressions.

* fix(web): Remove incorrect 'this.' prefix in Alpine.js template expressions

Alpine.js template expressions (x-show, x-html, x-text, x-on) use the
component data as the implicit context, so 'this.' prefix is incorrect.
In template expressions, 'this' refers to the DOM element, not the
component data.

Changes:
- Replace 'this.plugin.' with 'plugin.' in all template expressions (19 instances)
- Replace 'this.loading' with 'loading' in x-show directives
- Replace 'this.generateConfigForm' with 'generateConfigForm' in x-show/x-html
- Replace 'this.savePluginConfig' with 'savePluginConfig' in x-on:submit
- Replace 'this.config/schema/webUiActions' with direct property access
- Use '$data.loadPluginConfig' in x-init for explicit method call

Note: 'this.' is still correct inside JavaScript method definitions within
pluginConfigData() function since those run with proper object context.

* fix(web): Prevent infinite recursion in plugin config methods

Add 'parent !== this' check to loadPluginConfig, generateConfigForm, and
savePluginConfig methods in pluginConfigData to prevent infinite recursion
when the component tries to delegate to a parent that resolves to itself.

This fixes the 'Maximum call stack size exceeded' error that occurred when
the nested Alpine component's $root reference resolved to a component that
had the same delegating methods via Object.assign.

* fix(web): Resolve infinite recursion in plugin config by calling $root directly

The previous implementation had delegating methods (generateConfigForm,
savePluginConfig) in pluginConfigData that tried to call parent.method(),
but the parent detection via getParentApp() was causing circular calls
because multiple components had the same methods.

Changes:
- Template now calls $root.generateConfigForm() and $root.savePluginConfig()
  directly instead of going through nested component delegation
- Removed delegating generateConfigForm and savePluginConfig from pluginConfigData
- Removed getParentApp() helper that was enabling the circular calls
- Simplified loadPluginConfig to use PluginConfigHelpers directly

This fixes the 'Maximum call stack size exceeded' error when rendering
plugin configuration forms.

* fix(web): Use window.PluginConfigHelpers instead of $root for plugin config

The $root magic variable in Alpine.js doesn't correctly reference the
app() component's data scope from nested x-data contexts. This causes
generateConfigForm and savePluginConfig to be undefined.

Changed to use window.PluginConfigHelpers which has explicit logic to
find and use the app component's methods.

* fix(web): Use direct x-data initialization for plugin config reactivity

Changed from Object.assign($data, pluginConfigData(plugin)) to
x-data="pluginConfigData(plugin)" to ensure Alpine.js properly
tracks reactivity for all plugin config properties. This fixes
the issue where all plugin tabs were showing the same config.

* refactor(web): Implement server-side plugin config rendering with HTMX

Major architectural improvement to plugin configuration management:

- Add server-side Jinja2 template for plugin config forms
  (web_interface/templates/v3/partials/plugin_config.html)
- Add Flask route to serve plugin config partials on-demand
- Replace complex client-side form generation with HTMX lazy loading
- Add Alpine.js store for centralized plugin state management
- Mark old pluginConfigData and PluginConfigHelpers as deprecated

Benefits:
- Lazy loading: configs only load when tab is accessed
- Server-side rendering: reduces client-side complexity
- Better performance: especially on Raspberry Pi
- Cleaner code: Jinja2 macros replace JS string templates
- More maintainable: form logic in one place (server)

The old client-side code is preserved for backwards compatibility
but is no longer used by the main plugin configuration UI.

* fix(web): Trigger HTMX manually after Alpine renders plugin tabs

HTMX processes attributes at page load time, before Alpine.js
renders dynamic content. Changed from :hx-get attribute to
x-init with htmx.ajax() to properly trigger the request after
the element is rendered.

* fix(web): Remove duplicate 'enabled' toggle from plugin config form

The 'enabled' field was appearing twice in plugin configuration:
1. Header toggle (quick action, uses HTMX)
2. Configuration form (from schema, requires save)

Now only the header toggle is shown, avoiding user confusion.
The 'enabled' key is explicitly skipped when rendering schema properties.

* perf(web): Optimize plugin manager with request caching and init guards

Major performance improvements to plugins_manager.js:

1. Request Deduplication & Caching
   - Added pluginLoadCache with 3-second TTL
   - Subsequent calls return cached data instead of making API requests
   - In-flight request deduplication prevents parallel duplicate fetches
   - Added refreshInstalledPlugins() for explicit force-refresh

2. Initialization Guards
   - Added pluginsInitialized flag to prevent multiple initializePlugins() calls
   - Added _eventDelegationSetup guard on container to prevent duplicate listeners
   - Added _listenerSetup guards on search/category inputs

3. Debug Logging Control
   - Added PLUGIN_DEBUG flag (localStorage.setItem('pluginDebug', 'true'))
   - Most console.log calls now use pluginLog() which only logs when debug enabled
   - Reduces console noise from ~150 logs to ~10 in production

Expected improvements:
- API calls reduced from 6+ to 2 on page load
- Event listeners no longer duplicated
- Cleaner console output
- Faster perceived performance

* fix(web): Handle missing search elements in searchPluginStore

The searchPluginStore function was failing silently when called before
the plugin-search and plugin-category elements existed in the DOM.
This caused the plugin store to never load.

Now safely checks if elements exist before accessing their values.

* fix(web): Ensure plugin store loads via pluginManager.searchPluginStore

- Exposed searchPluginStore on window.pluginManager for easier access
- Updated base.html to fallback to pluginManager.searchPluginStore
- Added logging when loading plugin store

* fix(web): Expose searchPluginStore from inside the IIFE

The function was defined inside the IIFE but only exposed after the IIFE
ended, where the function was out of scope. Now exposed immediately after
definition inside the IIFE.

* fix(web): Add cache-busting version to plugins_manager.js URL

Static JS files were being aggressively cached, preventing updates
from being loaded by browsers.

* fix(web): Fix pluginLog reference error outside IIFE

pluginLog is defined inside the IIFE, so use _PLUGIN_DEBUG_EARLY and
console.log directly for code outside the IIFE.

* chore(web): Update plugins_manager.js cache version

* fix(web): Defer plugin store render when grid not ready

Instead of showing an error when plugin-store-grid doesn't exist,
store plugins in window.__pendingStorePlugins for later rendering
when the tab loads (consistent with how installed plugins work).

* chore: Bump JS cache version

* fix(web): Restore enabledBool variable in plugin render

Variable was removed during debug logging optimization but was still
being used in the template string for toggle switch rendering.

* fix(ui): Add header and improve categories section rendering

- Add proper header (h4) to categories section with label
- Add debug logging to diagnose categories field rendering
- Improve additionalProperties condition check readability

* fix(ui): Improve additionalProperties condition check

- Explicitly exclude objects with properties to avoid conflicts
- Ensure categories section is properly detected and rendered
- Categories should show as header with toggles, not text box

* fix(web-ui): Fix JSON parsing errors and default value loading for plugin configs

- Fix JSON parsing errors when saving file upload fields by properly unescaping HTML entities
- Merge config with schema defaults when loading plugin config so form shows default values
- Improve default value handling in form generation for nested objects and arrays
- Add better error handling for malformed JSON in file upload fields

* fix(plugins): Return plugins array from getInstalledPlugins() instead of data object

Fixed PluginAPI.getInstalledPlugins() to return response.data.plugins (array)
instead of response.data (object). This was preventing window.installedPlugins
from being set correctly, which caused plugin configuration tabs to not appear
and prevented users from saving plugin configurations via the web UI.

The fix ensures that:
- window.installedPlugins is properly populated with plugin array
- Plugin tabs are created automatically on page load
- Configuration forms and save buttons are rendered correctly
- Save functionality works as expected

* fix(api): Support form data submission for plugin config saves

The HTMX form submissions use application/x-www-form-urlencoded format
instead of JSON. This update allows the /api/v3/plugins/config POST
endpoint to accept both formats:

- JSON: plugin_id and config in request body (existing behavior)
- Form data: plugin_id from query string, config fields from form

Added _parse_form_value helper to properly convert form strings to
appropriate Python types (bool, int, float, JSON arrays/objects).

* debug: Add form data logging to diagnose config save issue

* fix(web): Re-discover plugins before loading config partial

The plugin config partial was returning 'not found' for plugins
because the plugin manifests weren't loaded. The installed plugins
API was working because it calls discover_plugins() first.

Changes:
- Add discover_plugins() call in _load_plugin_config_partial when
  plugin info is not found on first try
- Remove debug logging from form data handling

* fix(web): Comprehensive plugin config save improvements

SWEEPING FIX for plugin configuration saving issues:

1. Form data now MERGES with existing config instead of replacing
   - Partial form submissions (missing fields) no longer wipe out
     existing config values
   - Fixes plugins with complex schemas (football, clock, etc.)

2. Improved nested value handling with _set_nested_value helper
   - Correctly handles deeply nested structures like customization
   - Properly merges when intermediate objects already exist

3. Better JSON parsing for arrays
   - RGB color arrays like [255, 0, 0] now parse correctly
   - Parse JSON before trying number conversion

4. Bump cache version to force JS reload

* fix(web): Add early stubs for updatePlugin and uninstallPlugin

Ensures these functions are available immediately when the page loads,
even before the full IIFE executes. Provides immediate user feedback
and makes API calls directly.

This fixes the 'Update button does not work' issue by ensuring the
function is always defined and callable.

* fix(web): Support form data in toggle endpoint

The toggle endpoint now accepts both JSON and HTMX form submissions.
Also updated the plugin config template to send the enabled state
via hx-vals when the checkbox changes.

Fixes: 415 Unsupported Media Type error when toggling plugins

* fix(web): Prevent config duplication when toggling plugins

Changed handleToggleResponse to update UI in place instead of
refreshing the entire config partial, which was causing duplication.

Also improved refreshPluginConfig with proper container targeting
and concurrent refresh prevention (though it's no longer needed
for toggles since we update in place).

* fix(api): Schema-aware form value parsing for plugin configs

Major fix for plugin config saving issues:

1. Load schema BEFORE processing form data to enable type-aware parsing
2. New _parse_form_value_with_schema() function that:
   - Converts comma-separated strings to arrays when schema says 'array'
   - Parses JSON strings for arrays/objects
   - Handles empty strings for arrays (returns [] instead of None)
   - Uses schema to determine correct number types
3. Post-processing to ensure None arrays get converted to empty arrays
4. Proper handling of nested object fields

Fixes validation errors:
- 'category_order': Expected type array, got str
- 'categories': Expected type object, got str
- 'uploaded_files': Expected type array, got NoneType
- RGB color arrays: Expected type array, got str

* fix(web): Make plugin config handlers idempotent and remove scripts from HTMX partials

CRITICAL FIX for script redeclaration errors:

1. Removed all <script> tags from plugin_config.html partial
   - Scripts were being re-executed on every HTMX swap
   - Caused 'Identifier already declared' errors

2. Moved all handler functions to base.html with idempotent initialization
   - Added window.__pluginConfigHandlersInitialized guard
   - Functions only initialized once, even if script runs multiple times
   - All state stored on window object (e.g., window.pluginConfigRefreshInProgress)

3. Enhanced error logging:
   - Client-side: Logs form payload, response status, and parsed error details
   - Server-side: Logs raw form data and parsed config on validation failures

4. Functions moved to window scope:
   - toggleSection
   - handleConfigSave (with detailed error logging)
   - handleToggleResponse (updates UI in place, no refresh)
   - handlePluginUpdate
   - refreshPluginConfig (with duplicate prevention)
   - runPluginOnDemand
   - stopOnDemand
   - executePluginAction

This ensures HTMX-swapped fragments only contain HTML, and all
scripts run once in the base layout.

* fix(api): Filter config to only schema-defined fields before validation

When merging with existing_config, fields not in the plugin's schema
(like high_performance_transitions, transition, dynamic_duration)
were being preserved, causing validation failures when
additionalProperties is false.

Add _filter_config_by_schema() function to recursively filter config
to only include fields defined in the schema before validation.

This fixes validation errors like:
- 'Additional properties are not allowed (high_performance_transitions, transition were unexpected)'

* fix(web): Improve update plugin error handling and support form data

1. Enhanced updatePlugin JavaScript function:
   - Validates pluginId before sending request
   - Checks response.ok before parsing JSON
   - Better error logging with request/response details
   - Handles both successful and error responses properly

2. Update endpoint now supports both JSON and form data:
   - Similar to config endpoint, accepts plugin_id from query string or form
   - Better error messages and debug logging

3. Prevent duplicate function definitions:
   - Second updatePlugin definition checks if improved version exists
   - Both definitions now have consistent error handling

Fixes: 400 BAD REQUEST 'Request body must be valid JSON' error

* fix(web): Show correct 'update' message instead of 'save' for plugin updates

The handlePluginUpdate function now:
1. Checks actual HTTP status code (not just event.detail.successful)
2. Parses JSON response to get server's actual message
3. Replaces 'save' with 'update' if message incorrectly says 'save'

Fixes: Update button showing 'saved successfully' instead of
'updated successfully'

* fix(web): Execute plugin updates immediately instead of queuing

Plugin updates are now executed directly (synchronously) instead of
being queued for async processing. This provides immediate feedback
to users about whether the update succeeded or failed.

Updates are fast git pull operations, so they don't need async
processing. The operation queue is reserved for longer operations
like install/uninstall.

Fixes: Update button not actually updating plugins (operations were
queued but users didn't see results)

* fix(web): Ensure toggleSection function is always available for collapsible headers

Moved toggleSection outside the initialization guard block so it's
always defined, even if the plugin config handlers have already been
initialized. This ensures collapsible sections in plugin config forms
work correctly.

Added debug logging to help diagnose if sections/icons aren't found.

Fixes: Collapsible headers in plugin config schema not collapsing

* fix(web): Improve toggleSection to explicitly show/hide collapsible content

Changed from classList.toggle() to explicit add/remove of 'hidden' class
based on current state. This ensures the content visibility is properly
controlled when collapsing/expanding sections.

Added better error checking and state detection for more reliable
collapsible section behavior.

* fix(web): Load plugin tabs on page load instead of waiting for plugin manager tab click

The stub's loadInstalledPlugins was an empty function, so plugin tabs
weren't loading until the plugin manager tab was clicked. Now the stub
implementation:
1. Tries to use global window.loadInstalledPlugins if available
2. Falls back to window.pluginManager.loadInstalledPlugins
3. Finally falls back to direct loading via loadInstalledPluginsDirectly
4. Always updates tabs after loading plugins

This ensures plugin navigation tabs are available immediately on page load.

Fixes: Plugin tabs only loading after clicking plugin manager tab

* fix(web): Ensure plugin navigation tabs load on any page regardless of active tab

Multiple improvements to ensure plugin tabs are always visible:

1. Stub's loadInstalledPluginsDirectly now waits for DOM to be ready
   before updating tabs, using requestAnimationFrame for proper timing

2. Stub's init() now has a retry mechanism that periodically checks
   if plugins have been loaded by plugins_manager.js and updates tabs
   accordingly (checks for 2 seconds)

3. Full implementation's init() now properly handles async plugin loading
   and ensures tabs are updated after loading completes, checking
   window.installedPlugins first before attempting to load

4. Both stub and full implementation ensure tabs update using $nextTick
   to wait for Alpine.js rendering cycle

This ensures plugin navigation tabs are visible immediately when the
page loads, regardless of whether the user is on overview, plugin manager,
or any other tab.

Fixes: Plugin tabs only appearing after clicking plugin manager tab

* fix(web): Fix restart display button not working

The initPluginsPage function was returning early before event listeners
were set up, making all the event listener code unreachable. Moved the
return statement to after all event listeners are attached.

This fixes the restart display button and all other buttons in the
plugin manager (refresh plugins, update all, search, etc.) that depend
on event listeners being set up.

Fixes: Restart Display button not working in plugin manager

* fix(web-ui): Improve categories field rendering for of-the-day plugin

- Add more explicit condition checking for additionalProperties objects
- Add debug logging specifically for categories field
- Add fallback handler for objects that don't match special cases (render as JSON textarea)
- Ensure categories section displays correctly with toggle cards instead of plain text

* fix(install): Prevent following broken symlinks during file ownership setup

- Add -P flag to find commands to prevent following symlinks when traversing
- Add -h flag to chown to operate on symlinks themselves rather than targets
- Exclude scripts/dev/plugins directory which contains development symlinks
- Fixes error when chown tries to dereference broken symlinks with extra LEDMatrix in path

* fix(scroll): Ensure scroll completes fully before switching displays

- Add display_width to total scroll distance calculation
- Scroll now continues until content is completely off screen
- Update scroll completion check to use total_scroll_width + display_width
- Prevents scroll from being cut off mid-way when switching to next display

* fix(install): Remove unsupported -P flag from find commands

- Remove -P flag which is not supported on all find versions
- Keep -h flag on chown to operate on symlinks themselves
- Change to {} \; syntax for better error handling
- Add error suppression to continue on broken symlinks
- Exclude scripts/dev/plugins directory to prevent traversal into broken symlinks

* docs(wifi): Add trailing newline to WiFi AP failover setup guide

* fix(web): Suppress non-critical socket errors and fix WiFi permissions script

- Add error filtering in web interface to suppress harmless client disconnection errors
- Downgrade 'No route to host' and broken pipe errors from ERROR to DEBUG level
- Fix WiFi permissions script to use mktemp instead of manual temp file creation
- Add cleanup trap to ensure temp files are removed on script exit
- Resolves permission denied errors when creating temp files during installation

* fix(web): Ensure plugin navigation tabs load on any page by dispatching events

The issue was that when plugins_manager.js loaded and called
loadInstalledPlugins(), it would set window.installedPlugins but the
Alpine.js component wouldn't know to update its tabs unless the plugin
manager tab was clicked.

Changes:
1. loadInstalledPlugins() now always dispatches a 'pluginsUpdated' event
   when it sets window.installedPlugins, not just when plugin IDs change
2. renderInstalledPlugins() also dispatches the event and always updates
   window.installedPlugins for reactivity
3. Cached plugin data also dispatches the event when returned

The Alpine component already listens for the 'pluginsUpdated' event in
its init() method, so tabs will now update immediately when plugins are
loaded, regardless of which tab is active.

Fixes: Plugin navigation tabs only loading after clicking plugin manager tab

* fix(web): Improve input field contrast in plugin configuration forms

Changed input backgrounds from bg-gray-800 to bg-gray-900 (darker) to
ensure high contrast with white text. Added placeholder:text-gray-400
for better placeholder text visibility.

Updated in both server-side template (plugin_config.html) and client-side
form generation (plugins_manager.js):
- Number inputs
- Text inputs
- Array inputs (comma-separated)
- Select dropdowns
- Textareas (JSON objects)
- Fallback inputs without schema

This ensures all form inputs have high contrast white text on dark
background, making them clearly visible and readable.

Fixes: White text on white background in plugin config inputs

* fix(web): Change plugin config input text from white to black

Changed all input fields in plugin configuration forms to use black text
on white background instead of white text on dark background for better
readability and standard form appearance.

Updated:
- Input backgrounds: bg-gray-900 -> bg-white
- Text color: text-white -> text-black
- Placeholder color: text-gray-400 -> text-gray-500

Applied to both server-side template and client-side form generation
for all input types (number, text, select, textarea).

* fix(web): Ensure toggleSection function is available for plugin config collapsible sections

Moved toggleSection function definition to an early script block so it's
available immediately when HTMX loads plugin configuration content. The
function was previously defined later in the page which could cause it
to not be accessible when inline onclick handlers try to call it.

The function toggles the 'hidden' class on collapsible section content
divs and rotates the chevron icon between right (collapsed) and down
(expanded) states.

Fixes: Plugin configuration section headers not collapsing/expanding

* fix(web): Fix collapsible section toggle to properly hide/show content

Updated toggleSection function to explicitly set display style in addition
to toggling the hidden class. This ensures the content is properly hidden
even if CSS specificity or other styles might interfere with just the
hidden class.

The function now:
- Checks both the hidden class and computed display style
- Explicitly sets display: '' when showing and display: 'none' when hiding
- Rotates chevron icon between right (collapsed) and down (expanded)

This ensures collapsible sections in plugin configuration forms properly
hide and show their content when the header is clicked.

Fixes: Collapsible section headers rotate chevron but don't hide content

* fix(web): Fix collapsible section toggle to work on first click

Simplified the toggle logic to rely primarily on the 'hidden' class check
rather than mixing it with computed display styles. When hiding, we now
remove any inline display style to let Tailwind's 'hidden' class properly
control the display property.

This ensures sections respond correctly on the first click, whether they're
starting in a collapsed or expanded state.

Fixes: Sections requiring 2 clicks to collapse

* fix(web): Ensure collapsible sections start collapsed by default

Added explicit display: none style to nested content divs in plugin config
template to ensure they start collapsed. The hidden class should handle this,
but adding the inline style ensures sections are definitely collapsed on
initial page load.

Sections now:
- Start collapsed (hidden) with chevron pointing right
- Expand when clicked (chevron points down)
- Collapse when clicked again (chevron points right)

This ensures a consistent collapsed initial state across all plugin
configuration sections.

* fix(web): Fix collapsible section toggle to properly collapse on second click

Fixed the toggle logic to explicitly set display: block when showing and
display: none when hiding, rather than clearing the display style. This
ensures the section state is properly tracked and the toggle works correctly
on both expand and collapse clicks.

The function now:
- When hidden: removes hidden class, sets display: block, chevron down
- When visible: adds hidden class, sets display: none, chevron right

This fixes the issue where sections would expand but not collapse again.

Fixes: Sections not collapsing on second click

* feat(web): Ensure plugin navigation tabs load automatically on any page

Implemented comprehensive solution to ensure plugin navigation tabs load
automatically without requiring a visit to the plugin manager page:

1. Global event listener for 'pluginsUpdated' - works even if Alpine isn't
   ready yet, updates tabs directly when plugins_manager.js loads plugins

2. Enhanced stub's loadInstalledPluginsDirectly():
   - Sets window.installedPlugins after loading
   - Dispatches 'pluginsUpdated' event for global listener
   - Adds console logging for debugging

3. Event listener in stub's init() method:
   - Listens for 'pluginsUpdated' events
   - Updates component state and tabs when events fire

4. Fallback timer:
   - If plugins_manager.js hasn't loaded after 2 seconds, fetches
     plugins directly via API
   - Ensures tabs appear even if plugins_manager.js fails

5. Improved checkAndUpdateTabs():
   - Better logging
   - Fallback to direct fetch after timeout

6. Enhanced logging throughout plugin loading flow for debugging

This ensures plugin tabs are visible immediately on page load, regardless
of which tab is active or when plugins_manager.js loads.

Fixes: Plugin navigation tabs only loading after visiting plugin manager

* fix(web): Improve plugin tabs update logging and ensure immediate execution

Enhanced logging in updatePluginTabs() and _doUpdatePluginTabs() to help
debug why tabs aren't appearing. Changed debounce behavior to execute
immediately on first call to ensure tabs appear quickly.

Added detailed console logging with [FULL] prefix to track:
- When updatePluginTabs() is called
- When _doUpdatePluginTabs() executes
- DOM element availability
- Tab creation process
- Final tab count

This will help identify if tabs are being created but not visible, or if
the update function isn't being called at all.

Fixes: Plugin tabs loading but not visible in navigation bar

* fix(web): Prevent duplicate plugin tab updates and clearing

Added debouncing and duplicate prevention to stub's updatePluginTabs() to
prevent tabs from being cleared and re-added multiple times. Also checks
if tabs already match before clearing them.

Changes:
1. Debounce stub's updatePluginTabs() with 100ms delay
2. Check if existing tabs match current plugin list before clearing
3. Global event listener only triggers full implementation's updatePluginTabs
4. Stub's event listener only works in stub mode (before enhancement)

This prevents the issue where tabs were being cleared and re-added
multiple times in rapid succession, which could leave tabs empty.

Fixes: Plugin tabs being cleared and not re-added properly

* fix(web): Fix plugin tabs not rendering when plugins are loaded

Fixed _doUpdatePluginTabs() to properly use component's installedPlugins
instead of checking window.installedPlugins first. Also fixed the 'unchanged'
check to not skip when both lists are empty (first load scenario).

Changes:
1. Check component's installedPlugins first (most up-to-date)
2. Only skip update if plugins exist AND match (don't skip empty lists)
3. Retry if no plugins found (in case they're still loading)
4. Ensure window.installedPlugins is set when loading directly
5. Better logging to show which plugin source is being used

This ensures tabs are rendered when plugins are loaded, even on first page load.

Fixes: Plugin tabs not being drawn despite plugins being loaded

* fix(config): Fix array field parsing and validation for plugin config forms

- Added logic to detect and combine indexed array fields (text_color.0, text_color.1, etc.)
- Fixed array fields incorrectly stored as dicts with numeric keys
- Improved handling of comma-separated array values from form submissions
- Ensures array fields meet minItems requirements before validation
- Resolves 400 BAD REQUEST errors when saving plugin config with RGB color arrays

* fix(config): Improve array field handling and secrets error handling

- Use schema defaults when array fields don't meet minItems requirement
- Add debug logging for array field parsing
- Improve error handling for secrets file writes
- Fix arrays stored as dicts with numeric keys conversion
- Better handling of incomplete array values from form submissions

* fix(config): Convert array elements to correct types (numbers not strings)

- Fix array element type conversion when converting dicts to arrays
- Ensure RGB color arrays have integer elements, not strings
- Apply type conversion for both nested and top-level array fields
- Fixes validation errors: 'Expected type number, got str'

* fix(config): Fix array fields showing 'none' when value is null

- Handle None/null values in array field templates properly
- Use schema defaults when array values are None/null
- Fix applies to both Jinja2 template and JavaScript form generation
- Resolves issue where stock ticker plugin shows 'none' instead of default values

* fix(config): Add novalidate to plugin config form to prevent HTML5 validation blocking saves

- Prevents browser HTML5 validation from blocking form submission
- Allows custom validation logic to handle form data properly
- Fixes issue where save button appears unclickable due to invalid form controls
- Resolves problems with plugins like clock-simple that have nested/array fields

* feat(config): Add helpful form validation with detailed error messages

- Keep HTML5 validation enabled (removed novalidate) to prevent broken configs
- Add validatePluginConfigForm function that shows which fields fail and why
- Automatically expands collapsed sections containing invalid fields
- Focuses first invalid field and scrolls to it
- Shows user-friendly error messages with field names and specific issues
- Prevents form submission until all fields are valid

* fix(schema): Remove core properties from required array during validation

- Core properties (enabled, display_duration, live_priority) are system-managed
- SchemaManager now removes them from required array after injection
- Added default values for core properties (enabled=True, display_duration=15, live_priority=False)
- Updated generate_default_config() to ensure live_priority has default
- Resolves 186 validation issues, reducing to 3 non-blocking warnings (98.4% reduction)
- All 19 of 20 plugins now pass validation without errors

Documentation:
- Created docs/PLUGIN_CONFIG_CORE_PROPERTIES.md explaining core property handling
- Updated existing docs to reflect core property behavior
- Removed temporary audit files and scripts

* fix(ui): Improve button text contrast on white backgrounds

- Changed Screenshot button text from text-gray-700 to text-gray-900
- Added global CSS rule to ensure all buttons with white backgrounds use dark text (text-gray-900) for better readability
- Fixes contrast issues where light text on light backgrounds was illegible

* fix(ui): Add explicit text color to form-control inputs

- Added color: #111827 to .form-control class to ensure dark text on white backgrounds
- Fixes issue where input fields had white text on white background after button contrast fix
- Ensures all form inputs are readable with proper contrast

* docs: Update impact explanation and plugin config documentation

* docs: Improve documentation and fix template inconsistencies

- Add migration guide for script path reorganization (scripts moved to scripts/install/ and scripts/fix_perms/)
- Add breaking changes section to README with migration guidance
- Fix config template: set plugins_directory to 'plugins' to match actual plugin locations
- Fix test template: replace Jinja2 placeholders with plain text to match other templates
- Fix markdown linting: add language identifiers to code blocks (python, text, javascript)
- Update permission guide: document setgid bit (0o2775) for directory modes
- Fix example JSON: pin dependency versions and fix compatible_versions range
- Improve readability: reduce repetition in IMPACT_EXPLANATION.md

* feat(web): Make v3 interface production-ready for local deployment

- Phase 2: Real Service Integration
  - Replace sample data with real psutil system monitoring (CPU, memory, disk, temp, uptime)
  - Integrate display controller to read from /tmp/led_matrix_preview.png snapshot
  - Scan assets/fonts directory and extract font metadata with freetype

- Phase 1: Security & Input Validation
  - Add input validation module with URL, file upload, and config sanitization
  - Add optional CSRF protection (gracefully degrades if flask-wtf missing)
  - Add rate limiting (lenient for local use, prevents accidental abuse)
  - Add file upload validation to font upload endpoint

- Phase 3: Error Handling
  - Add global error handlers for 404, 500, and unhandled exceptions
  - All endpoints have comprehensive try/except blocks

- Phase 4: Monitoring & Observability
  - Add structured logging with JSON format support
  - Add request logging middleware (tracks method, path, status, duration, IP)
  - Add /api/v3/health endpoint with service status checks

- Phase 5: Performance & Caching
  - Add in-memory caching system (separate module to avoid circular imports)
  - Cache font catalog (5 minute TTL)
  - Cache system status (10 second TTL)
  - Invalidate cache on config changes

- All changes are non-blocking with graceful error handling
- Optional dependencies (flask-wtf, flask-limiter) degrade gracefully
- All imports protected with try/except blocks
- Verified compilation and import tests pass

* docs: Fix caching pattern logic flaw and merge conflict resolution plan

- Fix Basic Caching Pattern: Replace broken stale cache fallback with correct pattern
  - Re-fetch cache with large max_age (31536000) in except block instead of checking already-falsy cached variable
  - Fixes both instances in ADVANCED_PLUGIN_DEVELOPMENT.md
  - Matches correct pattern from manager.py.template

- Fix MERGE_CONFLICT_RESOLUTION_PLAN.md merge direction
  - Correct Step 1 to checkout main and merge plugins into it (not vice versa)
  - Update commit message to reflect 'Merge plugins into main' direction
  - Fixes workflow to match documented plugins → main merge

---------

Co-authored-by: Chuck <chuck@example.com>

2025-12-27 14:15:49 -05:00

3 Commits