Software-update: Navidrome 0.62.0

Versie 0.62 van Navidrome is uitgekomen. Navidrome is wat ze zelf noemen een personal streaming service, en is een opensource mediaserver die je persoonlijke muziekcollectie van overal benaderbaar kan maken. Het is snel, gebruikt weinig resources, heeft geen moeite met hele grote collecties en elke gebruiker kan zijn eigen playlists en favorieten aanmaken. Navidrome is compatibel met Subsonic, dus je hebt een grote keuze uit mediaspelers om naar de muziek te luisteren. Downloads en installatie-instructies zijn beschikbaar voor Docker, Windows, Linux, macOS en FreeBSD. In deze uitgave zijn de volgende veranderingen en verbeteringen aangebracht:

Navidrome 0.62.0

This release introduces support for the OpenSubsonic sonicSimilarity extension, enabling audio-based similarity through the plugin system: when a plugin provides the capability, the new getSonicSimilarTracks and findSonicPath endpoints unlock smarter, sound-based recommendations and playlists. One plugin that implements it is AudioMuse-AI. It also brings a major overhaul to playback reporting and the Now Playing experience — the UI now uses the new OpenSubsonic playbackReport extension, replacing the old scrobble flow with a redesigned panel and configurable reporting interval. On the security front, it hardens the server with stronger ownership and authorization checks across shares, players, and transcoding endpoints, caps concurrent transcodes to prevent ffmpeg-based denial of service, and adds an option to refuse to run as root. Smart playlists gain ReplayGain fields and new isMissing/isPresent operators, and there are five new UI themes to choose from.

Security

This release fixes several reported vulnerabilities. We thank the security researchers who responsibly disclosed them.

• Fix cross-account disclosure of other users' shares (incl. share tokens) by enforcing per-user ownership on share reads. (1e7996f5d, GHSA-3g4p-jhv2-xrxf)
• Fix cross-tenant player takeover and share-update IDOR by enforcing ownership atomically on player and share updates. (#5563, GHSA-x65f-m8x9-pjxm reported)
• Fix unauthenticated Last.fm scrobble session hijack (IDOR) by requiring a signed state token on the link callback. (#5521, GHSA-8jrh-w926-8rvw)
• Fix JWT expiration bypass on public share stream endpoints by validating token expiration and share existence. (#5426, GHSA-3rfj-qx9q-jghx)
• Fix disclosure of admin-only transcoding configuration to non-admin users by restricting transcoding config reads to admins. (#5564, GHSA-4p3r-6362-833w)
• Fix missing admin authorization on internet radio station management endpoints by requiring admin access for Subsonic management endpoints. (#5510, GHSA-jw24-qqrj-633c)
• Cap concurrent transcodes to prevent an ffmpeg-based denial of service, with new per-server and per-user limits. (#5522)
• Add EnforceNonRootUser option to exit early if Navidrome is started as root. (#5373)
• Split HTML sanitization from plaintext handling. (7e083e079)
  Note: Several of the advisories linked above are still in draft/triage on GitHub at the time of writing. Their links will become publicly accessible once the advisories are published. The fixes themselves are already included in this release.

Configuration Changes

Status	Option	Description	Default
New	EnforceNonRootUser	Exit early on startup if Navidrome is running as root (ignored on Windows). (#5373)	false
New	Transcoding.MaxConcurrent	Maximum number of concurrent transcodes server-wide (0 = unlimited). (#5522)	0
New	Transcoding.MaxConcurrentPerUser	Maximum number of concurrent transcodes per user (0 = unlimited). (#5522)	0
New	Matcher.PreferStarred	Bias the fuzzy matcher toward starred/high-rated tracks. (#5387)	true
New	UIPlaybackReportInterval	How often the UI reports playback progress. (#5448)	1m
Deprecated	EnableTranscodingCancellation → Transcoding.EnableCancellation	Renamed and moved under the new Transcoding section. (#5523)	false
Deprecated	SimilarSongsMatchThreshold → Matcher.FuzzyThreshold	Renamed and moved under the new Matcher section. (#5387)	85

For a complete list of all configuration options, see the Configuration Options documentation.

UI

• Replace UI scrobble with reportPlayback and redesign the Now Playing panel. (#5448)
• Add Tokyo Night theme. (#5497)
• Add Catppuccin Latte theme. (#5250)
• Add Moonbase themes (Alpha light + Bravo dark). (#5243)
• Add a "Not Starred" filter option. (#5362)
• Add a Rescan button to the plugin list empty state. (#5471)
• Suppress capitalization and autocorrection for login on mobile keyboards. (#3783)
• Show album tile actions on keyboard focus. (#5434)
• Start a new album from track 1 after closing the player. (#5441)
• Prevent autoplay when clearing the play queue. (#5430)
• Fix Gruvbox Dark colors. (#5553)
• Update the AMusic theme to use the correct text color for primary confirmation buttons. (#5509)

Smart Playlists

• Add ReplayGain fields to the criteria system. (d9dac4445)
• Add isMissing and isPresent operators. (#5436)
• Relax playlist visibility in inPlaylist/notInPlaylist rules. (#5411)
• Optimize smart playlist performance for role and tag criteria. (#5515)
• Coerce string booleans in smart playlist rules. (#5450)

Subsonic API

• Implement the playbackReport OpenSubsonic extension. (#5442)
• Add the sonicSimilarity extension as a plugin capability. (#5419)
• Add a groupings field to the OpenSubsonic Child response. (f12e75aa1)
• Use SQLite RANDOM() sorting in getRandomSongs for faster results. (cf1f190bb)
• Mark AlbumID3 songCount and created as required. (8897ec918)
• Normalize non-NFKD Unicode letters (ø, æ, œ, ß) in search. (#5413)

Transcoding

• Place -ss before -i for fast input seeking. (#5492)
• Don't apply server-side override on getTranscodeDecision. (#5473)
• Log a warning for invalid or stale transcode tokens. (9a2eb483e)

Scanner

• Respect tag-split config when multiple frames map to the same tag. (#5193)
• Fix error when importing playlists without an admin user. (5b85b2839)

Artwork

• Fix stale cache and top-level album artwork for multi-disc albums. (#5457)
• Prefer album-root images over disc-subfolder images for multi-disc albums. (#5451)
• Return the correct timestamp when disc or album cover art changes. (#5378)

Server

• Prevent artwork throttle token starvation on slow clients. (#5472)
• Proxy NowPlaying even when ignoreScrobble is set. (#5559)
• Make the /api/song path filter work and use startsWith. (#5566)
• Preserve unchanged fields on partial REST playlist updates. (#5542)
• Allow toggling playlist auto-import and avoid unnecessary artwork reloads. (#5421)

Matcher

• Add Matcher.PreferStarred option to bias the fuzzy matcher toward starred/high-rated tracks. (#5387)

Plugins

• Add PlaybackReport to the scrobbler capability. (#5452)
• Add LibraryID to TrackInfo. (fd930eefd)

CLI

• Add pls export/import subcommands for bulk playlist management. (#5412)
• Restore int cast for syscall.Stdin on Windows. (e75ab3b03)

Build & Dependencies

• Improve Windows support: the Go test suite now runs on Windows CI, with previously-skipped Subsonic, artwork, watcher, and scheduler tests enabled and fixed. (#5380, #5427, #5416)
• Upgrade Go to 1.26. (#5361)
• Enable native libwebp encoding in the Docker image. (#5350)
• Update TagLib to 2.3. (e55a35544)

Translations

• Add Estonian translation. (725f6ab34)
• Update Indonesian translations from POEditor. (#5575)
• Update Spanish translations and add missing gain keys. (#5433)
• Update Basque localisation. (#5364)
• Update German, Finnish, Galician, Dutch, Slovak, Thai, and Chinese (traditional) translations from POEditor. (#5351)
• Update Serbian translation. (#5444)
• Update Traditional Chinese translation. (#5470)
• Complete Italian translation. (#5407)