Merge origin/main into release artifact scan workflow branch

Author: olimic1000

.github/workflows/privacy-guard.yml

@@ -0,0 +1,94 @@
+name: Privacy Guard
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Ensure sensitive local settings are not tracked
+        shell: bash
+        run: |
+          set -euo pipefail
+          if git ls-files --error-unmatch config/settings.json >/dev/null 2>&1; then
+            echo "❌ config/settings.json must never be tracked"
+            exit 1
+          fi
+
+      - name: Ensure build spec does not bundle config directory
+        shell: bash
+        run: |
+          set -euo pipefail
+          if grep -q "('config', 'config')" VinylFlow.spec; then
+            echo "❌ VinylFlow.spec must not bundle config directory"
+            exit 1
+          fi
+
+      - name: Scan tracked text files for personal data patterns
+        shell: bash
+        run: |
+          set -euo pipefail
+          python - <<'PY'
+          import pathlib
+          import re
+          import subprocess
+          import sys
+
+          tracked = subprocess.check_output(["git", "ls-files"], text=True).splitlines()
+
+          patterns = [
+              (
+                  "Hardcoded Discogs token",
+                  re.compile(r"DISCOGS_USER_TOKEN\s*[:=]\s*['\"]?(?!your_token_here\b)[A-Za-z0-9]{20,}")
+              ),
+              (
+                  "macOS personal user path",
+                  re.compile(r"/Users/(?!you\b)[A-Za-z0-9._-]+")
+              ),
+              (
+                  "Windows personal user path",
+                  re.compile(r"C:\\\\Users\\\\(?!you\b)[A-Za-z0-9._-]+")
+              ),
+          ]
+
+          allowed_files = {
+              ".env.example",
+          }
+
+          failures = []
+          for rel in tracked:
+              if rel in allowed_files:
+                  continue
+              p = pathlib.Path(rel)
+              if not p.exists() or p.is_dir():
+                  continue
+
+              try:
+                  text = p.read_text(encoding="utf-8")
+              except Exception:
+                  continue
+
+              for name, regex in patterns:
+                  for m in regex.finditer(text):
+                      line = text.count("\n", 0, m.start()) + 1
+                      failures.append((rel, line, name, m.group(0)[:200]))
+
+          if failures:
+              print("❌ Privacy guard found potential leaks:")
+              for rel, line, name, snippet in failures:
+                  print(f"- {rel}:{line}: {name}: {snippet}")
+              sys.exit(1)
+
+          print("✅ Privacy guard passed")
+          PY

.github/workflows/windows-release.yml

@@ -0,0 +1,60 @@
+name: Build Windows Release Asset
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Release tag to update (e.g. v0.2.0-beta6)"
+        required: true
+        default: "v0.2.0-beta6"
+
+permissions:
+  contents: write
+
+jobs:
+  build-and-upload:
+    runs-on: windows-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install FFmpeg
+        shell: powershell
+        run: |
+          choco install ffmpeg -y
+          ffmpeg -version
+
+      - name: Install Python dependencies
+        shell: powershell
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install pyinstaller
+
+      - name: Build Windows app
+        shell: powershell
+        run: |
+          pyinstaller --clean -y VinylFlow.spec
+
+      - name: Package unsigned Windows app
+        shell: powershell
+        run: |
+          if (Test-Path VinylFlow-windows-unsigned.zip) { Remove-Item VinylFlow-windows-unsigned.zip -Force }
+          Compress-Archive -Path dist\VinylFlow\* -DestinationPath VinylFlow-windows-unsigned.zip
+          Get-Item VinylFlow-windows-unsigned.zip | Format-List Name,Length,LastWriteTime
+
+      - name: Replace release asset
+        env:
+          GH_TOKEN: ${{ github.token }}
+        shell: powershell
+        run: |
+          gh release upload ${{ inputs.tag }} VinylFlow-windows-unsigned.zip --clobber
+          $release = gh release view ${{ inputs.tag }} --json assets | ConvertFrom-Json
+          $asset = $release.assets | Where-Object { $_.name -eq 'VinylFlow-windows-unsigned.zip' }
+          $asset | Select-Object name,size,updatedAt,url | Format-List

README.md

@@ -8,6 +8,14 @@ Turn your vinyl recordings into perfectly tagged, organized digital files in min
 
 ---
 
+## Use VinylFlow
+
+- 🖥️ **Desktop apps:** install builds from [vinylflow.app/install](https://vinylflow.app/install)
+- 🐳 **Docker (self-hosted):** run locally via [Quick Start (Docker)](#quick-start-docker)
+- ⚙️ **Python local mode:** see [Manual Setup (Non-Docker)](#manual-setup-non-docker)
+
+---
+
 ## The Problem
 
 Digitizing a vinyl record manually takes **20–30 minutes per album**: record in Audacity, manually find track boundaries, split, export, look up metadata, type it all in, find cover art, embed it. Multiply that by a collection of hundreds of records and it's a weekend project that never ends.
@@ -96,13 +104,23 @@ When you open VinylFlow for the first time, you'll see a welcome screen that gui
 
 ## Desktop Apps (Beta)
 
-VinylFlow also has desktop app builds for macOS and Windows in a beta track.
+VinylFlow desktop apps are available for macOS and Windows (beta track).
+
+- Installer downloads: [vinylflow.app/install](https://vinylflow.app/install)
 
 - Desktop beta work is published from `desktop-beta`
 - `main` remains the stable Docker-first channel
 - For local desktop mode, run: `python desktop_launcher.py`
 - Packaging/release scripts are in `scripts/`
 
+### Developer Branch Note
+
+To avoid accidental promotion of beta app work:
+
+- Open desktop feature PRs into `desktop-beta`
+- Keep `main` for stable/docs/release-safe changes
+- Promote desktop work to `main` only when explicitly ready
+
 For full branching and release details, see [docs/BRANCHING_STRATEGY.md](docs/BRANCHING_STRATEGY.md).
 
 ---

VinylFlow.spec

@@ -0,0 +1,69 @@
+# -*- mode: python ; coding: utf-8 -*-
+
+import shutil
+import sys
+from pathlib import Path
+
+
+WINDOWS_ICON = 'assets/VinylFlow.ico' if sys.platform.startswith('win') else None
+FFMPEG_PATH = shutil.which('ffmpeg')
+
+if not FFMPEG_PATH:
+    raise RuntimeError('ffmpeg was not found on PATH. Install ffmpeg before building.')
+
+DATA_FILES = [('backend/static', 'backend/static')]
+
+
+a = Analysis(
+    ['desktop_launcher.py'],
+    pathex=[],
+    binaries=[(FFMPEG_PATH, 'ffmpeg_bin')],
+    datas=DATA_FILES,
+    hiddenimports=[
+        'backend.api',
+        'webview',
+        'webview.platforms.cocoa',
+        'webview.platforms.winforms',
+    ],
+    hookspath=[],
+    hooksconfig={},
+    runtime_hooks=[],
+    excludes=[],
+    noarchive=False,
+    optimize=0,
+)
+pyz = PYZ(a.pure)
+
+exe = EXE(
+    pyz,
+    a.scripts,
+    [],
+    exclude_binaries=True,
+    name='VinylFlow',
+    debug=False,
+    bootloader_ignore_signals=False,
+    strip=False,
+    upx=True,
+    console=False,
+    disable_windowed_traceback=False,
+    argv_emulation=False,
+    target_arch=None,
+    codesign_identity=None,
+    entitlements_file=None,
+    icon=WINDOWS_ICON,
+)
+coll = COLLECT(
+    exe,
+    a.binaries,
+    a.datas,
+    strip=False,
+    upx=True,
+    upx_exclude=[],
+    name='VinylFlow',
+)
+app = BUNDLE(
+    coll,
+    name='VinylFlow.app',
+    icon='assets/VinylFlow.icns',
+    bundle_identifier=None,
+)

assets/VinylFlow.icns

@@ -182,6 +182,7 @@ class ConfigUpdate(BaseModel):
     silence_threshold: Optional[float] = None
     min_silence_duration: Optional[float] = None
     min_track_length: Optional[float] = None
+    output_dir: Optional[str] = None
 
 
 class DiscogsSetupRequest(BaseModel):
@@ -873,6 +874,7 @@ async def get_config():
         "min_silence_duration": audio_processor.min_silence_duration,
         "min_track_length": audio_processor.min_track_length,
         "flac_compression": audio_processor.flac_compression,
+        "output_dir": config.default_output_dir,
     }
 
 
@@ -885,6 +887,10 @@ async def update_config(updates: ConfigUpdate):
         audio_processor.min_silence_duration = updates.min_silence_duration
     if updates.min_track_length is not None:
         audio_processor.min_track_length = updates.min_track_length
+    if updates.output_dir is not None:
+        output_dir = str(Path(updates.output_dir).expanduser())
+        config.default_output_dir = output_dir
+        config.save_output_dir(output_dir)
 
     return await get_config()
 

assets/VinylFlow.ico

@@ -75,7 +75,8 @@ function vinylApp() {
             silence_threshold: -40,
             min_silence_duration: 1.5,
             min_track_length: 30,
-            flac_compression: 8
+            flac_compression: 8,
+            output_dir: ''
         },
 
         // Supported input file extensions
@@ -290,12 +291,10 @@ function vinylApp() {
          */
         async saveConfig() {
             try {
-                // Don't send output_dir to API
-                const { output_dir, ...configToSave } = this.config;
                 const response = await fetch('/api/config', {
                     method: 'PUT',
                     headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify(configToSave)
+                    body: JSON.stringify(this.config)
                 });
                 const data = await response.json();
                 this.config = data;
@@ -307,6 +306,26 @@ function vinylApp() {
             }
         },
 
+        /**
+         * Open desktop folder picker for output directory
+         */
+        async chooseOutputFolder() {
+            try {
+                if (!window.pywebview || !window.pywebview.api || !window.pywebview.api.select_output_folder) {
+                    alert('Folder picker is available in the desktop app only.');
+                    return;
+                }
+
+                const selected = await window.pywebview.api.select_output_folder(this.config.output_dir || '');
+                if (selected) {
+                    this.config.output_dir = selected;
+                }
+            } catch (error) {
+                console.error('Failed to choose output folder:', error);
+                alert('Failed to open folder picker');
+            }
+        },
+
         /**
          * Check if a file has a supported extension
          */

backend/api.py

@@ -319,6 +319,13 @@ <h2 class="text-2xl font-bold text-primary mb-4">Settings</h2>
                         <label class="block text-sm font-medium text-secondary mb-1">Min Silence Duration (sec)</label>
                         <input type="number" step="0.1" x-model="config.min_silence_duration" class="w-full px-3 py-2 border focus-primary rounded-md" style="border-color: #8A8A86;">
                     </div>
+                    <div>
+                        <label class="block text-sm font-medium text-secondary mb-1">Output Folder</label>
+                        <div class="flex gap-2">
+                            <input type="text" x-model="config.output_dir" class="flex-1 px-3 py-2 border focus-primary rounded-md" style="border-color: #8A8A86;" placeholder="/Users/you/Music/VinylFlow">
+                            <button @click="chooseOutputFolder()" type="button" class="px-3 py-2 rounded-md text-primary hover:bg-page" style="background-color: #F0EFEB;">Browse</button>
+                        </div>
+                    </div>
 
                     <!-- Discogs Token Section -->
                     <div class="border-t pt-4 mt-4" style="border-color: #8A8A86;">