- PyPI wheel shipped zero Python files — the global
[tool.hatch.build].includewhitelist inpyproject.tomloverrodepackages = ["semanticdog"], causingpip install semanticdogto produce a broken package with only web assets and no.pyfiles. Removed the whitelist; Hatchling now collects the full package directory automatically, including templates and static files. (Fixes #7)
Redesigned dashboard health overview
The dashboard now uses a stronger visual hierarchy with a stateful hero banner, activity timeline, and health overview card. File distribution is shown as a health-aware donut chart so healthy, corrupt, and unreadable files are easier to distinguish at a glance.
- Setup changes now refresh scan-root diagnostics immediately after saving, without requiring a page reload.
- Scheduled run reporting now reflects the completed run outcome instead of a stale trigger state, and history/dashboard totals stay aligned with files actually examined.
- Dashboard refresh logic now ignores stale
/statusresponses after a scan completes, preventing older responses from overwriting newer state. - The setup/dashboard frontend rendering paths were hardened to avoid DOM injection when displaying server-supplied values.
- Docker image builds now create the sudoers include directory before writing the hardening rule, fixing CI and release image builds.
- README examples now point to the
0.3.2image tag.
Built-in Web UI for NAS and Docker installs
SemanticDog now ships with setup, dashboard, issues, history, and configuration pages in the same service. For container deployments, the Web UI is now the main way to add scan roots, set the schedule, and review library health.
Docker-first NAS deployment
Published container images are now the primary install path for NAS use. Images are built for linux/amd64 and linux/arm64, and the documented deployment uses non-root-friendly named volumes for app data plus read-only library mounts.
Readiness and setup diagnostics
Added a real /ready endpoint and richer setup diagnostics in the API. This makes it much easier to tell the difference between “the process is up” and “the app is actually ready to scan your library.”
Secret file support for container installs
Selected sensitive settings can now be provided through SDOG_*_FILE environment variables, so passwords and tokens do not need to be written directly into Compose files.
- Release automation now builds, smoke-tests, and publishes multi-arch GHCR images from version tags.
- Docker docs and examples now center on the published image plus Web UI setup flow instead of local image builds and env-only configuration.
Real-time scan progress
The scanner now prints a live progress line to stderr every 5 seconds:
[1500/15234] 9.8% ok:1498 corrupt:2 unreadable:0 43.1 f/s ETA: ~3.2 min
Status counts and speed update as workers finish — they are no longer stuck at zero for the entire run. On a TTY the line overwrites in place; in logs it appends a new line.
Cancel and resume
Every scan now prints its ID upfront:
Discovered 15234 files.
Scan ID: abc123-... (resume with: sdog scan --resume abc123-...)
If a scan is interrupted (Ctrl+C, SIGTERM, crash), it stays resumable. Pick up exactly where you left off:
sdog scan --resume abc123-...Interrupted scans appear as incomplete in sdog list-scans. Resuming twice in a row correctly tracks position — each resume sees only the files that were not yet processed.
sdog show-stats — library health dashboard
New command for the "is everything OK?" view:
- Files indexed by status and format
- Last 5 completed scans with corrupt/unreadable counts
- Stale files (not checked in N days)
- Most frequent error messages
sdog report remains the drill-down companion — use it to list individual corrupt files with error details.
sdog show-corruptremoved.sdog reportcovers everything it did, with more options (--format json/csv,--since).- Config validation now runs before
sdog scanandsdog estimatestart. Missingpaths:, invalid worker counts, or MCP enabled without an auth token now produce a clear error at startup instead of failing deep in the scan.
- Concurrent instance lock — two
sdogprocesses pointed at the same database could both believe they held the exclusive lock and corrupt state. Fixed. - Webhook SSRF protection — the private-IP guard existed but was never enforced. Webhooks to internal addresses (
192.168.x.x,localhost, etc.) are now blocked unlessSDOG_WEBHOOK_ALLOW_PRIVATE=trueis set. - Scan deadlock on multi-file pools — a race between the inline result drain and the blocking drain caused scans to hang indefinitely when more than one file was in flight. Fixed.
asyncio.get_event_loop()deprecation — updated toget_running_loop()for Python 3.12+ compatibility.
- Installation instructions updated.
- MIT license added.
Initial release.
- Semantic validation for JPEG, PNG, TIFF, HEIC, WebP, RAW (CR2/CR3/NEF/ARW/ORF/RW2/PEF/DNG/RAF/NRW), PDF, DOCX/XLSX/PPTX, DOC/XLS/PPT, MP4/MOV/MTS/M4V/MKV, MP3/FLAC/WAV/AAC.
- SQLite state database with incremental re-scan (only changed files re-validated).
- Email (SMTP) and webhook notifications on first corrupt detection.
- HTTP API (
/health,/status,/metrics,/trigger) and Prometheus endpoint. - MCP server for AI agent integration.
sdog scan,sdog report,sdog estimate,sdog list-scans,sdog status,sdog reset,sdog db-export,sdog db-import,sdog check-deps.