Groups are collapsed by default. Click a header to toggle it; chevron
rotates to indicate state. "Expand all" / "Collapse all" buttons in the
page header; each is disabled when the action is already complete.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- DeviceFormModal: device create/edit form with interfaces, virt_type,
url, type selector — no OS field (auto-detected from description)
- IpAddressing: IP address view grouped by VLAN with inline OS icon
detected via detectOs() from name/description
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace hand-curated named imports with `import * as si from 'simple-icons'`.
BRANDS keeps only entries requiring custom aliases, absent icons, or colour
overrides. AUTO_SI covers all remaining simple-icons (title >= 4 chars) with
pre-compiled word-boundary regexes to avoid substring false positives.
detectBrands() now runs two passes:
1. BRANDS — curated aliases (pve → Proxmox, unifi → Ubiquiti, k3s → k8s…)
2. AUTO_SI — automatic match on any icon title as a whole word
Bundle: +5 MB minified / +2 MB gzip (acceptable for a self-hosted tool).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Remove os field from Device API and form — OS is now detected
automatically from name/description via detectOs() in brandIcons.js
- Expand OS_LIST from 20 to 51 entries covering all major distros
(Debian/Ubuntu flavours, Red Hat, SUSE, Arch, BSD, security distros,
Windows/macOS/iOS/Android, generic Linux/BSD catch-alls)
- Display detected OS icon in IpAddressing.vue description column
- Fix virt_type validator to normalise empty string to null
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Move Link, GW, LXC, VM chip tags, WAN labels, form placeholders, and
confirm-dialog delete verbs into i18n.js for all three locales (fr/en/es).
confirmDeleteDevice and confirmDeleteNetwork now include the action verb
so the JS callers no longer hardcode "Supprimer".
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Vue scoped styles append [data-v-xxx] to child selectors, so
`:global(html.dark) .foo` compiled to `.foo[data-v-xxx]` which never
matched. Wrapping the full rule in :global() prevents Vue from adding
the scope attribute.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Tests were importing the production engine and dropping all tables on
teardown, corrupting topology.db in the Docker volume. Set DATABASE_URL
to sqlite:///:memory: before any import in the test file, and use
StaticPool in database.py when running against :memory: so all
connections share the same in-memory database.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add MAX_PING_IPS=4096 constant and validate list size in PingRequest
before spawning futures, returning 422 on overflow
- Add test_ping_too_many_ips_rejected to cover the new cap
- Pin httpx<0.28 in requirements-test.txt (0.28 broke TestClient API)
- Fix reset_db fixture to set a known admin password regardless of
INITIAL_ADMIN_PASSWORD env var (was causing 401 on all auth tests)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Added _validate_iface_vlans() helper that checks all non-null vlan_ids
against the DB before any insert or update, returning a 400 instead of
letting SQLite raise an IntegrityError 500.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
update_vlan now checks for vlan_id conflicts (excluding the current
record) before committing, matching the behaviour of create_vlan and
preventing an unhandled IntegrityError 500.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Reads version from package.json via Vite's define (__APP_VERSION__)
and shows it as a small label at the bottom of the sidebar.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Reduces ICMP concurrency from 100 to 10 workers when soft_scan=true,
spreading out probes to avoid rate-limiting on managed switches and APs.
The option is hidden in the UI when TCP check is active (redundant).
Update README (en/fr/es), docs/backend.md with the new scan modes table
and a troubleshooting entry for ICMP rate-limiting.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Previously tcp_check required both ICMP and TCP to pass. This caused
two failure modes: hosts with ICMP rate-limiting under scan load were
missed (ICMP fails → TCP never tried), and the AND logic was confusing.
In TCP-only mode, proxy-ARP gateways are still filtered out because
they never spoof TCP replies. Hosts with rate-limited ICMP (e.g. some
WiFi APs during a full /24 sweep) are now correctly detected via TCP.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
When the Docker container's DNS can resolve a target IP to a hostname,
ping formats the reply line as "from hostname (ip):" instead of the
plain "from ip:" format. The proxy-ARP source-IP guard only checked
for the plain format, causing those hosts to be incorrectly reported
as unreachable despite a valid ICMP response.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- DNS_SERVER env var configures the default DNS server for PTR lookups
- GET /api/discovery/config exposes it to the frontend
- DiscoveryModal fetches it on mount and pre-fills the field (editable)
- dns_server is now optional in ScanRequest (default empty string)
- PTR lookup is skipped when dns_server is empty — scan still proceeds
- Validator only runs when dns_server is non-empty
- .env.example, docker-compose.yml, READMEs (fr/en/es) updated
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add Apple ecosystem row in all three README brand tables
- Add Troubleshooting section explaining proxy-ARP false positives and
the TCP check fix (fr/en/es)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Uses siApple with hex override #555555 (visible on both light and dark
themes — Apple's brand color #000000 is invisible on dark backgrounds).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The previous wording wrongly implied smartphones and firewalled PCs could
be missed. Only devices that silently DROP (not REJECT) all probed ports
are undetected; a RST reply on a closed port correctly identifies the host.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Some gateways (e.g. UniFi) respond to ICMP for every IP in a subnet via
proxy-ARP, spoofing the source IP so the existing ICMP guard cannot help.
A secondary TCP probe (ports 22, 80, 443, 8080, 8443) distinguishes real
hosts (RST/connect on closed ports) from ghost IPs (gateway drops SYN →
timeout). The check is opt-in (disabled by default) to avoid missing
devices whose firewall DROPs all probed ports.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
When a VLAN/LAN is deleted, all non-gateway, non-livebox devices
with an interface in that network are deleted automatically.
Gateway and livebox devices are preserved; their interface is
unlinked (vlan_id set to NULL).
The confirmation dialog now shows the exact count of devices
that will be deleted (all three locales: fr/en/es).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Verify that the ICMP reply source IP matches the target before
reporting a host as alive. Prevents scan from returning the entire
CIDR range when a gateway answers ARP requests on behalf of all IPs.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace v-if/v-else-if/v-else auth guard with v-if on LoginPage and
v-show on the layout div. Firefox fails to dispatch clicks to children
after a DOM node is inserted into a display:flex container; using v-show
means the layout is always present (just display:none), so no node
replacement ever occurs in .app-root. Move the forced AccountModal
(mustChangePassword) inside the layout as a first child with v-if.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
None of the three are in simple-icons — custom wifi icons with
official brand colors (Free #CD1126, Bouygues #0099CC, SFR #E2001A).
Keywords avoid the bare word "free" to prevent false positives on
freenas/freebsd/etc.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add 9 missing trigger keywords that were present in brandIcons.js
but absent from the documentation: tp link, maria db, raspberrypi,
kde desktop, paperless-ng, uptimekuma, material for mkdocs, hass,
hue hub.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
TV manufacturers: Samsung, LG, Sony (hex overridden #1A1A1A — white
would be invisible), Panasonic, Sharp, Toshiba, Vestel.
Hisense is absent from simple-icons.
TV boxes: Chromecast/Google TV, Android TV, Apple TV, Amazon Fire TV,
Roku, Kodi.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace the 10-color row with a 5-row × 10-column palette covering
red, rose, orange, amber, yellow, green, teal, cyan, blue, indigo,
violet, purple, fuchsia and gray families. Selected swatch is
highlighted with a border ring.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Custom envelope icon (slate #64748B) triggered by: mail, smtp, imap,
postfix, dovecot, mailcow, mailu, roundcube. Uses the same {title, hex,
path} format as simple-icons so no consumer changes are needed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The backend validator was rejecting the three new device types added
in the previous commit, returning HTTP 422.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add three new device types (21 total) with Lucide icons (Tv2, Printer,
Smartphone), colour-coded badges, and translations in fr/en/es.
No backend migration needed — type is a free string field.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Documents keyword-based detection mechanism and lists all 34 supported
brands with their trigger keywords, organised by category.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Explains that db_data/ is preserved across container rebuilds and that
database migrations run automatically on startup.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Show singular form when count is 1 (Network, Device, Réseau, Équip., Red, Equipo)
across all three supported languages (fr, en, es).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
olivier