fix: address five review findings (NM retry loop, start_display message, code quality)

- wifi_monitor_daemon: reset _consecutive_internet_failures = 0 in both
  NM-restart exception handlers; previously both left the counter at threshold,
  causing an immediate retry on the next iteration instead of waiting another
  full backoff period

- api_v3: fix start_display failure message — when mode is set and systemctl
  returns non-zero, message now includes the failure reason and a hint rather
  than always reporting success phrasing

- wifi_manager: move _redirect_backend from class variable to instance variable
  in __init__ alongside _ap_enabled_at; class-level default shadowed correctly
  in practice (single instance) but was misleading

- wifi_manager: narrow broad except Exception in _check_internet_connectivity
  to (subprocess.SubprocessError, OSError) for ping and OSError for HTTP
  (urllib.error.URLError is an OSError subclass in Python 3)

- wifi_manager: remove redundant local 'import re as _re' in _validate_ap_config;
  re is already imported at module level (line 37)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

README.md

@@ -1,5 +1,4 @@
 # LEDMatrix
-[![Codacy Badge](https://app.codacy.com/project/badge/Grade/77fc9b446a5948e5b0aed7a7aaeb1bab)](https://app.codacy.com/gh/ChuckBuilds/LEDMatrix/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade)
 ## Welcome to LEDMatrix! 
 Welcome to the LEDMatrix Project! This open-source project enables you to run an information-rich display on a Raspberry Pi connected to an LED RGB Matrix panel. Whether you want to see your calendar, weather forecasts, sports scores, stock prices, or any other information at a glance, LEDMatrix brings it all together.
 

first_time_install.sh

@@ -1110,7 +1110,6 @@ $ACTUAL_USER ALL=(ALL) NOPASSWD: $SYSTEMCTL_PATH restart ledmatrix-web.service
 $ACTUAL_USER ALL=(ALL) NOPASSWD: $PYTHON_PATH $PROJECT_ROOT_DIR/display_controller.py
 $ACTUAL_USER ALL=(ALL) NOPASSWD: $BASH_PATH $PROJECT_ROOT_DIR/start_display.sh
 $ACTUAL_USER ALL=(ALL) NOPASSWD: $BASH_PATH $PROJECT_ROOT_DIR/stop_display.sh
-$ACTUAL_USER ALL=(ALL) NOPASSWD: $BASH_PATH $PROJECT_ROOT_DIR/scripts/fix_perms/safe_plugin_rm.sh *
 EOF
 if [ -n "$JOURNALCTL_PATH" ]; then
     cat >> /tmp/ledmatrix_web_sudoers << EOF

plugin-repos/march-madness/requirements.txt

@@ -1,4 +1,4 @@
 requests>=2.28.0
-Pillow>=12.2.0
+Pillow>=10.3.0
 pytz>=2022.1
 numpy>=1.24.0

scripts/download_pixlet.sh

@@ -118,7 +118,7 @@ total_count=${#ARCHITECTURES[@]}
 
 for arch in "${!ARCHITECTURES[@]}"; do
     if download_binary "$arch" "${ARCHITECTURES[$arch]}"; then
-        success_count=$((success_count + 1))
+        ((success_count++))
     fi
 done
 

scripts/utils/wifi_monitor_daemon.py

@@ -155,7 +155,7 @@ class WiFiMonitorDaemon:
                                 logger.error(f"NetworkManager restart failed (rc={e.returncode}); "
                                              "resetting failure counter to avoid tight retry loop")
                                 self._consecutive_internet_failures = 0
-                            except (subprocess.SubprocessError, OSError) as e:
+                            except Exception as e:
                                 logger.error(f"NetworkManager restart error: {e}; "
                                              "resetting failure counter to avoid tight retry loop")
                                 self._consecutive_internet_failures = 0

src/display_manager.py

@@ -3,7 +3,6 @@ if os.getenv("EMULATOR", "false") == "true":
     from RGBMatrixEmulator import RGBMatrix, RGBMatrixOptions
 else:
     from rgbmatrix import RGBMatrix, RGBMatrixOptions
-from contextlib import contextmanager
 from PIL import Image, ImageDraw, ImageFont
 import time
 from typing import Dict, Any, List, Tuple
@@ -29,8 +28,6 @@ class DisplayManager:
         self.config = config or {}
         self._force_fallback = force_fallback
         self._suppress_test_pattern = suppress_test_pattern
-        # When True, update_display() and clear() skip hardware writes (used during off-screen content capture)
-        self._capture_mode_active = False
         # Snapshot settings for web preview integration (service writes, web reads)
         self._snapshot_path = "/tmp/led_matrix_preview.png"
         self._snapshot_min_interval_sec = 0.2  # max ~5 fps
@@ -258,22 +255,6 @@ class DisplayManager:
         except Exception as e:
             logger.error(f"Error drawing test pattern: {e}", exc_info=True)
 
-    @contextmanager
-    def capture_mode(self):
-        """Suppress hardware output during off-screen content capture.
-
-        Plugins call update_display() as part of their normal display() flow.
-        When fetching content for Vegas mode the render loop is still running,
-        so any incidental hardware write causes a visible flash on the matrix.
-        Entering this context prevents those writes without affecting the PIL
-        image buffer, which the adapter reads to extract content.
-        """
-        self._capture_mode_active = True
-        try:
-            yield
-        finally:
-            self._capture_mode_active = False
-
     def update_display(self):
         """Update the display using double buffering with proper sync."""
         try:
@@ -283,13 +264,10 @@ class DisplayManager:
                 # Still write a snapshot so the web UI can preview
                 self._write_snapshot_if_due()
                 return
-
-            if self._capture_mode_active:
-                return  # Skip hardware write — content is being captured off-screen
-
-            # Copy the current image to the offscreen canvas
+                
+            # Copy the current image to the offscreen canvas   
             self.offscreen_canvas.SetImage(self.image)
-
+            
             # Swap buffers immediately
             self.matrix.SwapOnVSync(self.offscreen_canvas)
             
@@ -326,23 +304,21 @@ class DisplayManager:
             # Create a new black image
             self.image = Image.new('RGB', (self.matrix.width, self.matrix.height))
             self.draw = ImageDraw.Draw(self.image)
-
-            if not self._capture_mode_active:
-                # Clear both canvases and the underlying matrix to ensure no artifacts.
-                # Failures are non-fatal — the image buffer is already black above, so
-                # the next update_display() call will push clean content regardless.
-                try:
-                    self.offscreen_canvas.Clear()
-                except (RuntimeError, OSError) as e:
-                    logger.error("Failed to clear offscreen canvas: %s", e)
-                try:
-                    self.current_canvas.Clear()
-                except (RuntimeError, OSError) as e:
-                    logger.error("Failed to clear current canvas: %s", e)
-                try:
-                    self.matrix.Clear()
-                except (RuntimeError, OSError) as e:
-                    logger.error("Failed to clear matrix front buffer: %s", e)
+            
+            # Clear both canvases and the underlying matrix to ensure no artifacts
+            try:
+                self.offscreen_canvas.Clear()
+            except Exception:
+                pass
+            try:
+                self.current_canvas.Clear()
+            except Exception:
+                pass
+            try:
+                # Extra safety: clear the matrix front buffer as well
+                self.matrix.Clear()
+            except Exception:
+                pass
             
             # Note: We do NOT call update_display() here to avoid black flashes.
             # The caller should call update_display() after drawing new content.

src/vegas_mode/plugin_adapter.py

@@ -329,51 +329,50 @@ class PluginAdapter:
             # Save display state to restore after
             original_image = self.display_manager.image.copy()
 
-            with self.display_manager.capture_mode():
-                # Method 1: Try _create_scrolling_display (stocks pattern)
-                if hasattr(plugin, '_create_scrolling_display'):
-                    logger.info(
-                        "[%s] Triggering via _create_scrolling_display()",
-                        plugin_id
-                    )
-                    try:
-                        plugin._create_scrolling_display()
-                        cached_image = getattr(scroll_helper, 'cached_image', None)
-                        if cached_image is not None and isinstance(cached_image, Image.Image):
-                            logger.info(
-                                "[%s] _create_scrolling_display() SUCCESS: %dx%d",
-                                plugin_id, cached_image.width, cached_image.height
-                            )
-                            return cached_image
-                    except (AttributeError, TypeError, ValueError, OSError):
-                        logger.exception(
-                            "[%s] _create_scrolling_display() failed", plugin_id
-                        )
-
-                # Method 2: Try display(force_clear=True) which typically builds scroll content
-                if hasattr(plugin, 'display'):
-                    logger.info(
-                        "[%s] Triggering via display(force_clear=True)",
-                        plugin_id
-                    )
-                    try:
-                        self.display_manager.clear()
-                        plugin.display(force_clear=True)
-                        cached_image = getattr(scroll_helper, 'cached_image', None)
-                        if cached_image is not None and isinstance(cached_image, Image.Image):
-                            logger.info(
-                                "[%s] display(force_clear=True) SUCCESS: %dx%d",
-                                plugin_id, cached_image.width, cached_image.height
-                            )
-                            return cached_image
+            # Method 1: Try _create_scrolling_display (stocks pattern)
+            if hasattr(plugin, '_create_scrolling_display'):
+                logger.info(
+                    "[%s] Triggering via _create_scrolling_display()",
+                    plugin_id
+                )
+                try:
+                    plugin._create_scrolling_display()
+                    cached_image = getattr(scroll_helper, 'cached_image', None)
+                    if cached_image is not None and isinstance(cached_image, Image.Image):
                         logger.info(
-                            "[%s] display(force_clear=True) did not populate cached_image",
-                            plugin_id
+                            "[%s] _create_scrolling_display() SUCCESS: %dx%d",
+                            plugin_id, cached_image.width, cached_image.height
                         )
-                    except (AttributeError, TypeError, ValueError, OSError):
-                        logger.exception(
-                            "[%s] display(force_clear=True) failed", plugin_id
+                        return cached_image
+                except (AttributeError, TypeError, ValueError, OSError):
+                    logger.exception(
+                        "[%s] _create_scrolling_display() failed", plugin_id
+                    )
+
+            # Method 2: Try display(force_clear=True) which typically builds scroll content
+            if hasattr(plugin, 'display'):
+                logger.info(
+                    "[%s] Triggering via display(force_clear=True)",
+                    plugin_id
+                )
+                try:
+                    self.display_manager.clear()
+                    plugin.display(force_clear=True)
+                    cached_image = getattr(scroll_helper, 'cached_image', None)
+                    if cached_image is not None and isinstance(cached_image, Image.Image):
+                        logger.info(
+                            "[%s] display(force_clear=True) SUCCESS: %dx%d",
+                            plugin_id, cached_image.width, cached_image.height
                         )
+                        return cached_image
+                    logger.info(
+                        "[%s] display(force_clear=True) did not populate cached_image",
+                        plugin_id
+                    )
+                except (AttributeError, TypeError, ValueError, OSError):
+                    logger.exception(
+                        "[%s] display(force_clear=True) failed", plugin_id
+                    )
 
             logger.info(
                 "[%s] Could not trigger scroll content generation",
@@ -409,7 +408,10 @@ class PluginAdapter:
             original_image = self.display_manager.image.copy()
             logger.info("[%s] Fallback: saved original display state", plugin_id)
 
-            # Ensure plugin has fresh data before capturing
+            # Lightweight in-memory data refresh before capturing.
+            # Full update() is intentionally skipped here — the background
+            # update tick in the Vegas coordinator handles periodic API
+            # refreshes so we don't block the content-fetch thread.
             has_update_data = hasattr(plugin, 'update_data')
             logger.info("[%s] Fallback: has update_data=%s", plugin_id, has_update_data)
             if has_update_data:
@@ -419,24 +421,21 @@ class PluginAdapter:
                 except (AttributeError, RuntimeError, OSError):
                     logger.exception("[%s] Fallback: update_data() failed", plugin_id)
 
-            # Clear and call plugin display — use capture_mode to suppress hardware writes
-            # that plugins may trigger internally via update_display().
-            with self.display_manager.capture_mode():
-                self.display_manager.clear()
-                logger.info("[%s] Fallback: display cleared, calling display()", plugin_id)
+            # Clear and call plugin display
+            self.display_manager.clear()
+            logger.info("[%s] Fallback: display cleared, calling display()", plugin_id)
 
-                # First try without force_clear (some plugins behave better this way)
-                try:
-                    plugin.display()
-                    logger.info("[%s] Fallback: display() called successfully", plugin_id)
-                except TypeError:
-                    # Plugin may require force_clear argument
-                    logger.info("[%s] Fallback: display() failed, trying with force_clear=True", plugin_id)
-                    plugin.display(force_clear=True)
-
-                # Capture the result
-                captured = self.display_manager.image.copy()
+            # First try without force_clear (some plugins behave better this way)
+            try:
+                plugin.display()
+                logger.info("[%s] Fallback: display() called successfully", plugin_id)
+            except TypeError:
+                # Plugin may require force_clear argument
+                logger.info("[%s] Fallback: display() failed, trying with force_clear=True", plugin_id)
+                plugin.display(force_clear=True)
 
+            # Capture the result
+            captured = self.display_manager.image.copy()
             logger.info(
                 "[%s] Fallback: captured frame %dx%d, mode=%s",
                 plugin_id, captured.width, captured.height, captured.mode
@@ -455,10 +454,9 @@ class PluginAdapter:
                     plugin_id
                 )
                 # Try once more with force_clear=True
-                with self.display_manager.capture_mode():
-                    self.display_manager.clear()
-                    plugin.display(force_clear=True)
-                    captured = self.display_manager.image.copy()
+                self.display_manager.clear()
+                plugin.display(force_clear=True)
+                captured = self.display_manager.image.copy()
 
                 is_blank, bright_ratio = self._is_blank_image(captured, return_ratio=True)
                 logger.info(
@@ -587,6 +585,28 @@ class PluginAdapter:
             else:
                 self._content_cache.clear()
 
+    def invalidate_plugin_scroll_cache(self, plugin: 'BasePlugin', plugin_id: str) -> None:
+        """
+        Clear a plugin's scroll_helper cache so Vegas re-fetches fresh visuals.
+
+        Uses scroll_helper.clear_cache() to reset all cached state (cached_image,
+        cached_array, total_scroll_width, scroll_position, etc.) — not just the
+        image.  Without this, plugins that use scroll_helper (stocks, news,
+        odds-ticker, etc.) would keep serving stale scroll images even after
+        their data refreshes.
+
+        Args:
+            plugin: Plugin instance
+            plugin_id: Plugin identifier
+        """
+        scroll_helper = getattr(plugin, 'scroll_helper', None)
+        if scroll_helper is None:
+            return
+
+        if getattr(scroll_helper, 'cached_image', None) is not None:
+            scroll_helper.clear_cache()
+            logger.debug("[%s] Cleared scroll_helper cache", plugin_id)
+
     def get_content_type(self, plugin: 'BasePlugin', plugin_id: str) -> str:
         """
         Get the type of content a plugin provides.

src/vegas_mode/render_pipeline.py

@@ -202,25 +202,8 @@ class RenderPipeline:
             # Update scroll position
             self.scroll_helper.update_scroll_position()
 
-            # Determine if the cycle is done.
-            #
-            # scroll_helper considers a cycle complete only after
-            # total_distance_scrolled >= total_scroll_width + display_width.
-            # That extra display_width of travel causes a "wrap-around" phase
-            # where scroll_position resets to ~0 and the first plugin's content
-            # re-enters from the right — the user sees this 2-3 s window as
-            # "a plugin partially displaying before the next one starts."
-            #
-            # We end the cycle as soon as total_distance_scrolled reaches
-            # total_scroll_width (the wrap-around point), before any second-pass
-            # content becomes visible.  scroll_helper.is_scroll_complete() is
-            # kept as a fallback for edge-cases where that threshold is skipped.
-            at_wrap_point = (
-                not self._cycle_complete and
-                self.scroll_helper.total_distance_scrolled >= self.scroll_helper.total_scroll_width
-            )
-
-            if at_wrap_point or self.scroll_helper.is_scroll_complete():
+            # Check if cycle is complete
+            if self.scroll_helper.is_scroll_complete():
                 if not self._cycle_complete:
                     self._cycle_complete = True
                     self.stats['scroll_cycles'] += 1
@@ -228,20 +211,6 @@ class RenderPipeline:
                         "Scroll cycle complete after %.1fs",
                         time.time() - self._cycle_start_time
                     )
-                    # Push blank immediately so the hardware never shows
-                    # post-wrap content while the coordinator recomposes.
-                    try:
-                        from PIL import Image as _Image
-                        blank = _Image.new('RGB', (self.display_width, self.display_height))
-                        self.display_manager.image = blank
-                        self.display_manager.update_display()
-                    except (ImportError, OSError, RuntimeError, ValueError, TypeError, MemoryError) as exc:
-                        logger.error(
-                            "Failed to push blank frame at cycle end "
-                            "(display=%dx%d): %s",
-                            self.display_width, self.display_height, exc
-                        )
-                return True  # Cycle done; coordinator starts new cycle next frame
 
             # Get visible portion
             visible_frame = self.scroll_helper.get_visible_portion()

web_interface/app.py

@@ -226,24 +226,13 @@ def serve_plugin_asset(plugin_id, filename):
                 'message': 'Internal server error'
             }), 500
 
-# Prime psutil CPU measurement once at startup so interval=None returns a real value
-try:
-    import psutil as _psutil_prime
-    _psutil_prime.cpu_percent(interval=None)
-except ImportError:
-    pass
-
 # Cached AP mode check — avoids creating a WiFiManager per request
 _ap_mode_cache = {'value': False, 'timestamp': 0}
-_AP_MODE_CACHE_TTL = 30  # seconds — AP mode is user-initiated; 30s is fine
-
-# Cached ledmatrix service status for SSE stats stream
-_ledmatrix_service_cache = {'active': False, 'timestamp': 0}
-_LEDMATRIX_SERVICE_CACHE_TTL = 15  # seconds
+_AP_MODE_CACHE_TTL = 5  # seconds
 
 def is_ap_mode_active():
     """
-    Check if access point mode is currently active (cached, 30s TTL).
+    Check if access point mode is currently active (cached, 5s TTL).
     Uses a direct systemctl check instead of instantiating WiFiManager.
     """
     now = time.time()
@@ -455,11 +444,10 @@ def system_status_generator():
             # Try to import psutil for system stats
             try:
                 import psutil
-                # interval=None is non-blocking; primed at module startup above
-                cpu_percent = round(psutil.cpu_percent(interval=None), 1)
+                cpu_percent = round(psutil.cpu_percent(interval=1), 1)
                 memory = psutil.virtual_memory()
                 memory_used_percent = round(memory.percent, 1)
-
+                
                 # Try to get CPU temperature (Raspberry Pi specific)
                 cpu_temp = 0
                 try:
@@ -467,23 +455,20 @@ def system_status_generator():
                         cpu_temp = round(float(f.read()) / 1000.0, 1)
                 except (OSError, ValueError):
                     pass
-
+                    
             except ImportError:
                 cpu_percent = 0
                 memory_used_percent = 0
                 cpu_temp = 0
-
-            # Check if display service is running (cached to avoid per-client subprocess forks)
-            now = time.time()
-            if (now - _ledmatrix_service_cache['timestamp']) >= _LEDMATRIX_SERVICE_CACHE_TTL:
-                try:
-                    result = subprocess.run(['systemctl', 'is-active', 'ledmatrix'],
-                                            capture_output=True, text=True, timeout=2)
-                    _ledmatrix_service_cache['active'] = result.stdout.strip() == 'active'
-                except (subprocess.SubprocessError, OSError):
-                    pass
-                _ledmatrix_service_cache['timestamp'] = now
-            service_active = _ledmatrix_service_cache['active']
+            
+            # Check if display service is running
+            service_active = False
+            try:
+                result = subprocess.run(['systemctl', 'is-active', 'ledmatrix'], 
+                                      capture_output=True, text=True, timeout=2)
+                service_active = result.stdout.strip() == 'active'
+            except (subprocess.SubprocessError, OSError):
+                pass
             
             status = {
                 'timestamp': time.time(),
@@ -561,7 +546,7 @@ def display_preview_generator():
         except Exception as e:
             yield {'error': str(e)}
         
-        time.sleep(1.0)  # Check once per second — halves PIL encode overhead vs 0.5s
+        time.sleep(0.5)  # Check 2 times per second (reduced frequency for better performance)
 
 # Logs generator for SSE
 def logs_generator():

web_interface/blueprints/api_v3.py

@@ -2,7 +2,6 @@ from flask import Blueprint, request, jsonify, Response, send_from_directory
 import json
 import os
 import re
-import shutil
 import socket
 import sys
 import subprocess
@@ -17,11 +16,6 @@ from typing import Optional, Tuple, Dict, Any, Type
 
 logger = logging.getLogger(__name__)
 
-SUDO_BIN = shutil.which("sudo") or "/usr/bin/sudo"
-SYSTEMCTL_BIN = shutil.which("systemctl") or "/usr/bin/systemctl"
-REBOOT_BIN = shutil.which("reboot") or "/usr/sbin/reboot"
-POWEROFF_BIN = shutil.which("poweroff") or "/usr/sbin/poweroff"
-
 # Import new infrastructure
 from src.web_interface.api_helpers import success_response, error_response, validate_request_json
 from src.web_interface.errors import ErrorCode
@@ -224,7 +218,7 @@ def _ensure_display_service_running():
     if status.get('active'):
         status['started'] = False
         return status
-    result = _run_systemctl_command([SUDO_BIN, SYSTEMCTL_BIN, 'start', 'ledmatrix.service'])
+    result = _run_systemctl_command(['sudo', 'systemctl', 'start', 'ledmatrix.service'])
     service_status = _get_display_service_status()
     result['started'] = result.get('returncode') == 0
     result['active'] = service_status.get('active')
@@ -233,7 +227,7 @@ def _ensure_display_service_running():
 
 def _stop_display_service():
     """Stop the ledmatrix display service."""
-    result = _run_systemctl_command([SUDO_BIN, SYSTEMCTL_BIN, 'stop', 'ledmatrix.service'])
+    result = _run_systemctl_command(['sudo', 'systemctl', 'stop', 'ledmatrix.service'])
     status = _get_display_service_status()
     result['active'] = status.get('active')
     result['status'] = status
@@ -1722,7 +1716,7 @@ def execute_system_action():
             if mode:
                 # For on-demand modes, we would need to integrate with the display controller
                 # For now, just start the display service
-                result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'start', 'ledmatrix.service'],
+                result = subprocess.run(['sudo', 'systemctl', 'start', 'ledmatrix.service'],
                                      capture_output=True, text=True, timeout=15)
                 return jsonify({
                     'status': 'success' if result.returncode == 0 else 'error',
@@ -1733,22 +1727,22 @@ def execute_system_action():
                     'stderr': result.stderr
                 })
             else:
-                result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'start', 'ledmatrix.service'],
+                result = subprocess.run(['sudo', 'systemctl', 'start', 'ledmatrix.service'],
                                      capture_output=True, text=True, timeout=15)
         elif action == 'stop_display':
-            result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'stop', 'ledmatrix.service'],
+            result = subprocess.run(['sudo', 'systemctl', 'stop', 'ledmatrix.service'],
                                  capture_output=True, text=True, timeout=15)
         elif action == 'enable_autostart':
-            result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'enable', 'ledmatrix.service'],
+            result = subprocess.run(['sudo', 'systemctl', 'enable', 'ledmatrix.service'],
                                  capture_output=True, text=True, timeout=15)
         elif action == 'disable_autostart':
-            result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'disable', 'ledmatrix.service'],
+            result = subprocess.run(['sudo', 'systemctl', 'disable', 'ledmatrix.service'],
                                  capture_output=True, text=True, timeout=15)
         elif action == 'reboot_system':
-            result = subprocess.run([SUDO_BIN, REBOOT_BIN],
+            result = subprocess.run(['sudo', 'reboot'],
                                  capture_output=True, text=True, timeout=10)
         elif action == 'shutdown_system':
-            result = subprocess.run([SUDO_BIN, POWEROFF_BIN],
+            result = subprocess.run(['sudo', 'poweroff'],
                                  capture_output=True, text=True, timeout=10)
         elif action == 'git_pull':
             # Use PROJECT_ROOT instead of hardcoded path
@@ -1830,10 +1824,10 @@ def execute_system_action():
                 'stderr': result.stderr
             })
         elif action == 'restart_display_service':
-            result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'restart', 'ledmatrix.service'],
+            result = subprocess.run(['sudo', 'systemctl', 'restart', 'ledmatrix.service'],
                                  capture_output=True, text=True, timeout=15)
         elif action == 'restart_web_service':
-            result = subprocess.run([SUDO_BIN, SYSTEMCTL_BIN, 'restart', 'ledmatrix-web.service'],
+            result = subprocess.run(['sudo', 'systemctl', 'restart', 'ledmatrix-web.service'],
                                  capture_output=True, text=True, timeout=15)
         else:
             return jsonify({'status': 'error', 'message': f'Unknown action: {action}'}), 400
@@ -1846,13 +1840,6 @@ def execute_system_action():
             'stderr': result.stderr
         })
 
-    except subprocess.TimeoutExpired:
-        if action == 'start_display' and mode:
-            msg = f'Failed to start display in {mode} mode: timed out'
-        else:
-            msg = f'Action {action} timed out'
-        logger.warning("[System] execute_system_action timed out: action=%s", action)
-        return jsonify({'status': 'error', 'message': msg, 'returncode': -1, 'stdout': '', 'stderr': 'timeout'}), 500
     except Exception as e:
         logger.exception("[System] execute_system_action failed")
         return jsonify({'status': 'error', 'message': 'Failed to execute system action'}), 500
@@ -4277,13 +4264,8 @@ def _set_missing_booleans_to_false(config, schema_props, form_keys, prefix='', c
         elif prop_type == 'object' and 'properties' in prop_schema:
             # Recurse into nested objects
             if config_node is not None:
-                # Inside an array item — only recurse if the sub-object already exists.
-                # Never create optional sub-objects that weren't submitted; doing so
-                # produces e.g. logo:{} on feed items with no logo, which then fails
-                # schema validation when the object has required fields (id, path).
-                if prop_name not in node:
-                    continue
-                if not isinstance(node[prop_name], dict):
+                # Inside an array item — ensure nested dict exists in item
+                if prop_name not in node or not isinstance(node[prop_name], dict):
                     node[prop_name] = {}
                 _set_missing_booleans_to_false(
                     config, prop_schema['properties'], form_keys, full_path,
@@ -4423,22 +4405,10 @@ def _filter_config_by_schema(config, schema, prefix=''):
         prop_schema = schema_props[key]
 
         # Handle nested objects recursively
-        item_prefix = f"{prefix}.{key}" if prefix else key
         if isinstance(value, dict) and prop_schema.get('type') == 'object' and 'properties' in prop_schema:
-            filtered[key] = _filter_config_by_schema(value, prop_schema, item_prefix)
-        elif isinstance(value, list) and prop_schema.get('type') == 'array':
-            items_schema = prop_schema.get('items', {})
-            if isinstance(items_schema, dict) and items_schema.get('type') == 'object' and 'properties' in items_schema:
-                # Filter each item in the array so extra fields are stripped before
-                # schema validation (important when items has additionalProperties: false)
-                filtered[key] = [
-                    _filter_config_by_schema(item, items_schema, item_prefix) if isinstance(item, dict) else item
-                    for item in value
-                ]
-            else:
-                filtered[key] = value
+            filtered[key] = _filter_config_by_schema(value, prop_schema, f"{prefix}.{key}" if prefix else key)
         else:
-            # Keep the value as-is for non-object/non-array types
+            # Keep the value as-is for non-object types
             filtered[key] = value
 
     return filtered
@@ -7594,126 +7564,6 @@ _STARLARK_APPS_DIR = PROJECT_ROOT / 'starlark-apps'
 _STARLARK_MANIFEST_FILE = _STARLARK_APPS_DIR / 'manifest.json'
 
 
-def _find_pixlet_binary(explicit_path: Optional[str] = None) -> Optional[str]:
-    """Find pixlet binary: explicit path → bundled binary → system PATH."""
-    import platform
-    if explicit_path and os.path.isfile(explicit_path) and os.access(explicit_path, os.X_OK):
-        return explicit_path
-    bin_dir = PROJECT_ROOT / "bin" / "pixlet"
-    system = platform.system().lower()
-    machine = platform.machine().lower()
-    if system == "linux":
-        if "aarch64" in machine or "arm64" in machine:
-            name = "pixlet-linux-arm64"
-        elif "x86_64" in machine or "amd64" in machine:
-            name = "pixlet-linux-amd64"
-        else:
-            name = None
-    elif system == "darwin":
-        name = "pixlet-darwin-arm64" if "arm64" in machine else "pixlet-darwin-amd64"
-    else:
-        name = None
-    if name:
-        bundled = bin_dir / name
-        if bundled.is_file():
-            if os.access(str(bundled), os.X_OK):
-                return str(bundled)
-            try:
-                bundled.chmod(0o755)
-            except OSError:
-                logger.warning("Could not make pixlet bundled binary executable (%s); falling back to PATH", bundled)
-            else:
-                if os.access(str(bundled), os.X_OK):
-                    return str(bundled)
-                logger.warning("Pixlet bundled binary still not executable after chmod (%s); falling back to PATH", bundled)
-    return shutil.which("pixlet")
-
-
-def _standalone_render_starlark_app(app_id: str) -> Tuple[bool, int, Optional[str]]:
-    """Render a Starlark app via pixlet directly (no plugin required).
-
-    Reads the .star file and config from starlark-apps/{app_id}/, runs pixlet,
-    and saves the output to cached_render.webp in the same directory.
-    This is the web-service fallback when starlark-apps plugin is not loaded.
-
-    Returns (success, http_status_code, error_message).
-    """
-    manifest = _read_starlark_manifest()
-    if not isinstance(manifest, dict):
-        return False, 400, "Invalid manifest shape: expected object with 'apps' mapping"
-    apps = manifest.get('apps', {})
-    if not isinstance(apps, dict):
-        return False, 400, "Invalid manifest shape: expected object with 'apps' mapping"
-    app_data = apps.get(app_id)
-    if not app_data:
-        return False, 404, f"App not found: {app_id}"
-
-    app_dir = _STARLARK_APPS_DIR / app_id
-    star_file = app_dir / app_data.get('star_file', f'{app_id}.star')
-    if not star_file.exists():
-        return False, 404, f"Star file not found: {star_file}"
-
-    full_config = api_v3.config_manager.load_config() if api_v3.config_manager else {}
-    plugin_config = full_config.get('starlark-apps', {})
-
-    pixlet_path = _find_pixlet_binary(plugin_config.get('pixlet_path'))
-    if not pixlet_path:
-        return False, 503, "Pixlet binary not found — install pixlet first"
-
-    magnify = plugin_config.get('magnify')
-    if magnify is None:
-        hw = full_config.get('display', {}).get('hardware', {})
-        cols = hw.get('cols', 64)
-        chain = hw.get('chain_length', 1)
-        rows = hw.get('rows', 32)
-        magnify = max(1, min(8, int(min((cols * chain) / 64, rows / 32))))
-    else:
-        try:
-            magnify = max(1, min(8, int(magnify)))
-        except (ValueError, TypeError):
-            magnify = 1
-
-    config_file = app_dir / 'config.json'
-    app_config: Dict[str, Any] = {}
-    if config_file.exists():
-        try:
-            with open(config_file) as f:
-                app_config = json.load(f)
-        except json.JSONDecodeError as e:
-            return False, 400, f"Invalid config.json for {app_id} ({config_file}): {e}"
-        except OSError as e:
-            return False, 400, f"Cannot read config.json for {app_id} ({config_file}): {e}"
-        if not isinstance(app_config, dict):
-            return False, 400, (
-                f"config.json for {app_id} must be a JSON object, "
-                f"got {type(app_config).__name__}"
-            )
-
-    INTERNAL_KEYS = {'render_interval', 'display_duration'}
-    pixlet_config = {k: v for k, v in app_config.items() if k not in INTERNAL_KEYS}
-
-    output_path = str(app_dir / 'cached_render.webp')
-    cmd = [pixlet_path, 'render', str(star_file)]
-    for key, value in pixlet_config.items():
-        if not re.match(r'^[a-zA-Z_][a-zA-Z0-9_]*$', key):
-            continue
-        value_str = 'true' if value is True else 'false' if value is False else str(value)
-        if re.search(r'[`$|<>&;\x00]|\$\(', value_str):
-            continue
-        cmd.append(f'{key}={value_str}')
-    cmd.extend(['-o', output_path, '-m', str(magnify)])
-
-    try:
-        result = subprocess.run(cmd, capture_output=True, text=True, timeout=30, cwd=str(app_dir))
-        if result.returncode == 0 and os.path.isfile(output_path):
-            return True, 200, None
-        return False, 502, f"Pixlet failed (exit {result.returncode}): {result.stderr.strip()}"
-    except subprocess.TimeoutExpired:
-        return False, 504, "Render timed out after 30s"
-    except Exception as e:
-        return False, 500, f"Render error: {e}"
-
-
 def _read_starlark_manifest() -> Dict[str, Any]:
     """Read the starlark-apps manifest.json directly from disk."""
     try:
@@ -7833,11 +7683,24 @@ def get_starlark_status():
                 'display_info': magnify_info
             })
 
-        # Plugin not loaded - check Pixlet availability via shared resolver
-        # (respects user-configured pixlet_path, bundled binary, and system PATH)
-        full_config = api_v3.config_manager.load_config() if api_v3.config_manager else {}
-        pixlet_path = _find_pixlet_binary(full_config.get('starlark-apps', {}).get('pixlet_path'))
-        pixlet_available = pixlet_path is not None
+        # Plugin not loaded - check Pixlet availability directly
+        import shutil
+        import platform
+
+        system = platform.system().lower()
+        machine = platform.machine().lower()
+        bin_dir = PROJECT_ROOT / 'bin' / 'pixlet'
+
+        pixlet_binary = None
+        if system == "linux":
+            if "aarch64" in machine or "arm64" in machine:
+                pixlet_binary = bin_dir / "pixlet-linux-arm64"
+            elif "x86_64" in machine or "amd64" in machine:
+                pixlet_binary = bin_dir / "pixlet-linux-amd64"
+        elif system == "darwin":
+            pixlet_binary = bin_dir / ("pixlet-darwin-arm64" if "arm64" in machine else "pixlet-darwin-amd64")
+
+        pixlet_available = (pixlet_binary and pixlet_binary.exists()) or shutil.which('pixlet') is not None
 
         # Read app counts from manifest
         manifest = _read_starlark_manifest()
@@ -8290,26 +8153,19 @@ def toggle_starlark_app(app_id):
 def render_starlark_app(app_id):
     """Force render a Starlark app."""
     try:
-        is_valid, err = _validate_starlark_app_path(app_id)
-        if not is_valid:
-            return jsonify({'status': 'error', 'message': err}), 400
-
         starlark_plugin = _get_starlark_plugin()
-        if starlark_plugin:
-            app = starlark_plugin.apps.get(app_id)
-            if not app:
-                return jsonify({'status': 'error', 'message': f'App not found: {app_id}'}), 404
-            success = starlark_plugin._render_app(app, force=True)
-            if success:
-                return jsonify({'status': 'success', 'message': 'App rendered',
-                                'frame_count': len(app.frames) if app.frames else 0})
-            return jsonify({'status': 'error', 'message': 'Failed to render app'}), 500
+        if not starlark_plugin:
+            return jsonify({'status': 'error', 'message': 'Rendering requires the main LEDMatrix service (plugin not loaded in web service)'}), 503
 
-        # Web-service context: plugin not loaded, call pixlet directly
-        success, status_code, error = _standalone_render_starlark_app(app_id)
+        app = starlark_plugin.apps.get(app_id)
+        if not app:
+            return jsonify({'status': 'error', 'message': f'App not found: {app_id}'}), 404
+
+        success = starlark_plugin._render_app(app, force=True)
         if success:
-            return jsonify({'status': 'success', 'message': 'App rendered successfully', 'frame_count': 0}), status_code
-        return jsonify({'status': 'error', 'message': error or 'Render failed', 'frame_count': 0}), status_code
+            return jsonify({'status': 'success', 'message': 'App rendered', 'frame_count': len(app.frames) if app.frames else 0})
+        else:
+            return jsonify({'status': 'error', 'message': 'Failed to render app'}), 500
 
     except Exception as e:
         logger.exception("[Starlark] render_starlark_app failed")

web_interface/blueprints/pages_v3.py

@@ -1,6 +1,7 @@
 from flask import Blueprint, render_template, request, redirect, url_for, flash, jsonify
 import json
 import logging
+from html import escape as html_escape
 from pathlib import Path
 from src.web_interface.secret_helpers import mask_secret_fields
 
@@ -354,7 +355,7 @@ def _load_plugin_config_partial(plugin_id):
             plugin_info = pages_v3.plugin_manager.get_plugin_info(plugin_id)
         
         if not plugin_info:
-            return f'<div class="text-red-500 p-4">Plugin "{plugin_id}" not found</div>', 404
+            return f'<div class="text-red-500 p-4">Plugin "{html_escape(plugin_id)}" not found</div>', 404
         
         # Get plugin instance (may be None if not loaded)
         plugin_instance = pages_v3.plugin_manager.get_plugin(plugin_id)

web_interface/static/v3/js/widgets/day-selector.js

@@ -91,7 +91,7 @@
             const xOptions = config['x-options'] || config['x_options'] || {};
             const requestedFormat = xOptions.format || 'long';
             // Validate format exists in DAY_LABELS, default to 'long' if not
-            const format = DAY_LABELS.hasOwnProperty(requestedFormat) ? requestedFormat : 'long';
+            const format = Object.prototype.hasOwnProperty.call(DAY_LABELS, requestedFormat) ? requestedFormat : 'long';
             const layout = xOptions.layout || 'horizontal';
             const showSelectAll = xOptions.selectAll !== false;