Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
c787c61
feat: add accounts maps vault and runtime controls
Abhash-Chakraborty Jul 12, 2026
430035f
feat: ship the timeline-first application experience
Abhash-Chakraborty Jul 12, 2026
fba69cd
build: split modular runtime artifacts
Abhash-Chakraborty Jul 12, 2026
5315afe
ci: validate and publish modular release profiles
Abhash-Chakraborty Jul 12, 2026
16bd8d2
docs: prepare the v1.1 release candidate
Abhash-Chakraborty Jul 12, 2026
853b593
fix: align runtime contracts and privacy guidance
Abhash-Chakraborty Jul 12, 2026
361a002
fix: restore media previews and Florence AI
Abhash-Chakraborty Jul 12, 2026
2836f91
fix: secure the full AI caption pipeline
Abhash-Chakraborty Jul 12, 2026
125ba26
fix: harden runtime and media paths
Abhash-Chakraborty Jul 14, 2026
215ccc0
feat: add recoverable private vault controls
Abhash-Chakraborty Jul 14, 2026
c74fed6
feat: modernize shell settings and search
Abhash-Chakraborty Jul 14, 2026
891af0a
chore: release version 1.1.1
Abhash-Chakraborty Jul 14, 2026
591e9f4
feat: complete timeline and route interactions
Abhash-Chakraborty Jul 14, 2026
fdbf7c8
feat: add modular runtime and trash controls
Abhash-Chakraborty Jul 14, 2026
edd2d01
chore: release version 1.1.2
Abhash-Chakraborty Jul 14, 2026
7dae931
fix: render the offline map reliably
Abhash-Chakraborty Jul 14, 2026
17aab0e
test: align settings smoke assertion
Abhash-Chakraborty Jul 14, 2026
64f4c0e
feat: restore fullscreen previews and persistent uploads
Abhash-Chakraborty Jul 14, 2026
d75ce6b
fix: align ONNX CUDA runtime for v1.1.3
Abhash-Chakraborty Jul 15, 2026
9f41b93
Merge branch 'main' into abhash/production-hardening
Abhash-Chakraborty Jul 15, 2026
a307cbd
fix: regenerate modular dependency lock
Abhash-Chakraborty Jul 15, 2026
162cb44
ci: establish canary release governance
Abhash-Chakraborty Jul 15, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ backend/vault_storage
**/*.sqlite3
.env

# Read-only local comparison checkout. It must never enter a build context.
reference-app
@reference-app

# Logs and temporary files
**/*.log
**/*.tmp
25 changes: 18 additions & 7 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# REDIS_PASSWORD, MINIO_ROOT_USER/PASSWORD, and the matching *_URL strings).
# The API refuses to start in production while the default db/object-store
# credentials are still in place. Datastore ports are bound to 127.0.0.1 in
# docker-compose, so the datastores are not reachable from the network.
# Compose, so the datastores are not reachable from the network.
# ──────────────────────────────────────────────────────────────────────────

# Database
Expand Down Expand Up @@ -66,10 +66,20 @@ NEXT_PUBLIC_MAX_BULK_FILES=200
NEXT_PUBLIC_MAX_UPLOAD_SIZE_MB=50

# ML Model Settings
# Normally set by the selected compose file: no-ai | mock | cpu | nvidia.
# It describes packages baked into the image; changing it does not install AI.
FIND_BUILD_PROFILE=nvidia
# disabled | mock | full | remote. The selected artifact must support the mode.
ML_MODE=full
# Remote ML Acceleration
# Disabled by default. Only used when ML_MODE=remote.
# REMOTE_ML_URL must point to a self-hosted Find ML server.
# Instance-wide AI kill switch. The dashboard persists an override in the DB,
# and workers read it at the start of every job.
AI_ENABLED=true
# Opt in to retaining GPS coordinates from EXIF for the private map. Workers
# also read this at each job boundary. False prevents/clears coordinates when
# an image is processed; reprocess existing media to remove previously saved GPS.
MAP_ENABLED=false
# Remote ML/BYOK fields are reserved for a future self-hosted adapter. Today,
# ML_MODE=remote is reported as unavailable and never falls back to local AI.
REMOTE_ML_URL=
REMOTE_ML_API_KEY=
REMOTE_ML_STRIP_EXIF=true
Expand All @@ -96,17 +106,18 @@ ML_OFFLINE_ONLY=false
RQ_WORKER_CLASS=rq.worker.worker_classes.SimpleWorker
CLIP_MODEL=ViT-B-16-SigLIP
CLIP_PRETRAINED=webli
BLIP_MODEL=microsoft/Florence-2-base
BLIP_MODEL=Salesforce/blip-image-captioning-base
YOLO_MODEL=yolo26n.pt
USE_GPU=true
YOLO_HALF=true
# Hardware acceleration mode for ML inference: auto | gpu | cpu
# auto = use the best available accelerator, else CPU (default)
# gpu = prefer GPU; automatically fall back to CPU if unavailable
# cpu = force CPU (works on any machine)
# See docs/guides/hardware-acceleration.md. Legacy USE_GPU=false still pins CPU
# when ACCEL_MODE is left at auto.
# See docs/guides/hardware-acceleration.md. A persisted dashboard value wins
# at request/job boundaries. Legacy USE_GPU=false still pins auto mode to CPU.
ACCEL_MODE=auto
# Used only by the default NVIDIA compose.yml profile.
BACKEND_BASE_IMAGE=nvidia/cuda:12.1.1-runtime-ubuntu22.04
BACKEND_PYTHON_VERSION=3.12
EMBEDDING_DIM=768
Expand Down
11 changes: 11 additions & 0 deletions .github/CODEOWNERS
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Default review owner for every change.
* @Abhash-Chakraborty

# Security, release, dependency, and deployment surfaces require maintainer review.
/.github/ @Abhash-Chakraborty
/backend/pyproject.toml @Abhash-Chakraborty
/backend/uv.lock @Abhash-Chakraborty
/compose*.yml @Abhash-Chakraborty
/scripts/bump_version.py @Abhash-Chakraborty
/LICENSE @Abhash-Chakraborty
/NOTICE @Abhash-Chakraborty
10 changes: 8 additions & 2 deletions .github/ISSUE_TEMPLATE/config.yml
Original file line number Diff line number Diff line change
@@ -1,8 +1,14 @@
blank_issues_enabled: true
blank_issues_enabled: false
contact_links:
- name: Contribution guide
url: https://github.com/Abhash-Chakraborty/Find/blob/main/CONTRIBUTING.md
url: https://github.com/Abhash-Chakraborty/Find/blob/canary/CONTRIBUTING.md
about: Read contribution flow, checks, and PR requirements.
- name: GSSoC Project Admin Guidelines
url: https://gssoc.girlscript.org/guidelines/project-admin
about: Program-level expectations for contributors and maintainers.
- name: Security vulnerability
url: https://github.com/Abhash-Chakraborty/Find/security/advisories/new
about: Report vulnerabilities privately; do not open a public issue.
- name: Questions and support
url: https://github.com/Abhash-Chakraborty/Find/discussions
about: Ask usage and setup questions in GitHub Discussions.
28 changes: 28 additions & 0 deletions .github/ISSUE_TEMPLATE/documentation.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: Documentation problem
description: Report missing, unclear, or inaccurate documentation.
title: "docs: "
labels: [documentation, needs triage]
body:
- type: markdown
attributes:
value: Thanks for helping keep Find's documentation accurate.
- type: input
id: location
attributes:
label: Documentation location
description: Link the page or name the file and section.
validations:
required: true
- type: textarea
id: problem
attributes:
label: What is unclear or incorrect?
validations:
required: true
- type: textarea
id: suggestion
attributes:
label: Suggested improvement
description: Describe the wording, example, or structure you would prefer.
validations:
required: false
10 changes: 8 additions & 2 deletions .github/SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@

## Supported Versions

Find is under active development. Security fixes are applied to the current
`main` branch.
Find is under active development. Security fixes are prepared privately,
validated through `canary`, and released from the current `main` branch.

## Reporting a Vulnerability

Expand All @@ -20,3 +20,9 @@ Helpful reports include:

Please allow maintainers time to review and verify reports before public
disclosure so fixes can be prepared responsibly.

Maintainers should use a patch version for a backward-compatible security fix.
After the private fix is reviewed and promoted from `canary` to `main`, the
release workflow may be manually dispatched with the emergency option to skip
the normal three-hour quiet period. The branch-policy bypass is reserved for a
last-resort production incident and does not replace review or disclosure.
58 changes: 58 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
version: 2
updates:
- package-ecosystem: github-actions
directory: /
target-branch: canary
schedule:
interval: weekly
day: monday
time: "04:30"
timezone: Asia/Kolkata
groups:
actions:
patterns: ["*"]

- package-ecosystem: pip
directory: /backend
target-branch: canary
schedule:
interval: weekly
day: monday
time: "05:00"
timezone: Asia/Kolkata
groups:
python-runtime:
patterns: ["*"]

- package-ecosystem: npm
directory: /frontend
target-branch: canary
schedule:
interval: weekly
day: monday
time: "05:30"
timezone: Asia/Kolkata
groups:
frontend-runtime:
patterns: ["*"]

- package-ecosystem: cargo
directory: /frontend/src-tauri
target-branch: canary
schedule:
interval: monthly
groups:
desktop-runtime:
patterns: ["*"]

- package-ecosystem: docker
directory: /backend
target-branch: canary
schedule:
interval: monthly

- package-ecosystem: docker
directory: /frontend
target-branch: canary
schedule:
interval: monthly
12 changes: 12 additions & 0 deletions .github/pull_request_template.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@

Briefly describe the change and why it is needed.

Contributor PRs must target `canary`. Only the maintainer promotion PR from
`canary` may target `main`.

Fixes #<issue-number>

## Type of change
Expand All @@ -12,6 +15,14 @@ Fixes #<issue-number>
- [ ] Refactor
- [ ] CI / tooling

## Release impact

- [ ] No user-visible release note needed
- [ ] Patch (backward-compatible fix)
- [ ] Minor (backward-compatible feature)
- [ ] Major (breaking change)
- [ ] Critical/security fix (keep sensitive details private)

## What changed

-
Expand All @@ -33,6 +44,7 @@ List exact steps/commands used to validate this PR.
- [ ] My PR is scoped to a single issue
- [ ] I followed commit message conventions
- [ ] I am not committing secrets or local artifacts
- [ ] This PR targets `canary` unless it is the maintainer promotion PR

## GSSoC'26 checklist

Expand Down
Loading
Loading