Merge branch 'dev' of github.com:blakeblackshear/frigate into testing

Author: ivanjx

.github/copilot-instructions.md

@@ -1,2 +1,3 @@
-Never write strings in the frontend directly, always write to and reference the relevant translations file.
-Always conform new and refactored code to the existing coding style in the project.
+- For Frigate NVR, never write strings in the frontend directly. Since the project uses `react-i18next`, use `t()` and write the English string in the relevant translations file in `web/public/locales/en`.
+- Always conform new and refactored code to the existing coding style in the project.
+- Always have a way to test your work and confirm your changes. When running backend tests, use `python3 -u -m unittest`.

README.md

@@ -67,7 +67,7 @@ Please see our [Trademark Policy](TRADEMARK.md) for details on acceptable use of
 ### Built-in mask and zone editor
 
 <div>
-<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
+<img width="800" alt="Built-in mask and zone editor" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
 </div>
 
 ## Translations

docker/main/requirements-wheels.txt

@@ -47,8 +47,8 @@ onnxruntime == 1.22.*
 # Embeddings
 transformers == 4.45.*
 # Generative AI
-google-generativeai == 0.8.*
-ollama == 0.5.*
+google-genai == 1.58.*
+ollama == 0.6.*
 openai == 1.65.*
 # push notifications
 py-vapid == 1.9.*

docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run

@@ -54,8 +54,8 @@ function setup_homekit_config() {
     local config_path="$1"
 
     if [[ ! -f "${config_path}" ]]; then
-        echo "[INFO] Creating empty HomeKit config file..."
-        echo 'homekit: {}' > "${config_path}"
+        echo "[INFO] Creating empty config file for HomeKit..."
+        echo '{}' > "${config_path}"
     fi
 
     # Convert YAML to JSON for jq processing
@@ -69,15 +69,15 @@ function setup_homekit_config() {
     local cleaned_json="/tmp/cache/homekit_cleaned.json"
     jq '
         # Keep only the homekit section if it exists, otherwise empty object
-        if has("homekit") then {homekit: .homekit} else {homekit: {}} end
+        if has("homekit") then {homekit: .homekit} else {} end
     ' "${temp_json}" > "${cleaned_json}" 2>/dev/null || {
-        echo '{"homekit": {}}' > "${cleaned_json}"
+        echo '{}' > "${cleaned_json}"
     }
 
     # Convert back to YAML and write to the config file
     yq eval -P "${cleaned_json}" > "${config_path}" 2>/dev/null || {
         echo "[WARNING] Failed to convert cleaned config to YAML, creating minimal config"
-        echo 'homekit: {}' > "${config_path}"
+        echo '{}' > "${config_path}"
     }
 
     # Clean up temp files

docker/main/rootfs/usr/local/go2rtc/create_config.py

@@ -22,6 +22,31 @@
 
 yaml = YAML()
 
+# Check if arbitrary exec sources are allowed (defaults to False for security)
+allow_arbitrary_exec = None
+if "GO2RTC_ALLOW_ARBITRARY_EXEC" in os.environ:
+    allow_arbitrary_exec = os.environ.get("GO2RTC_ALLOW_ARBITRARY_EXEC")
+elif (
+    os.path.isdir("/run/secrets")
+    and os.access("/run/secrets", os.R_OK)
+    and "GO2RTC_ALLOW_ARBITRARY_EXEC" in os.listdir("/run/secrets")
+):
+    allow_arbitrary_exec = (
+        Path(os.path.join("/run/secrets", "GO2RTC_ALLOW_ARBITRARY_EXEC"))
+        .read_text()
+        .strip()
+    )
+# check for the add-on options file
+elif os.path.isfile("/data/options.json"):
+    with open("/data/options.json") as f:
+        raw_options = f.read()
+    options = json.loads(raw_options)
+    allow_arbitrary_exec = options.get("go2rtc_allow_arbitrary_exec")
+
+ALLOW_ARBITRARY_EXEC = allow_arbitrary_exec is not None and str(
+    allow_arbitrary_exec
+).lower() in ("true", "1", "yes")
+
 FRIGATE_ENV_VARS = {k: v for k, v in os.environ.items() if k.startswith("FRIGATE_")}
 # read docker secret files as env vars too
 if os.path.isdir("/run/secrets"):
@@ -109,30 +134,60 @@
     elif go2rtc_config["ffmpeg"].get("rtsp") is None:
         go2rtc_config["ffmpeg"]["rtsp"] = rtsp_args
 
-for name in go2rtc_config.get("streams", {}):
+
+def is_restricted_source(stream_source: str) -> bool:
+    """Check if a stream source is restricted (echo, expr, or exec)."""
+    return stream_source.strip().startswith(("echo:", "expr:", "exec:"))
+
+
+for name in list(go2rtc_config.get("streams", {})):
     stream = go2rtc_config["streams"][name]
 
     if isinstance(stream, str):
         try:
-            go2rtc_config["streams"][name] = go2rtc_config["streams"][name].format(
-                **FRIGATE_ENV_VARS
-            )
+            formatted_stream = stream.format(**FRIGATE_ENV_VARS)
+            if not ALLOW_ARBITRARY_EXEC and is_restricted_source(formatted_stream):
+                print(
+                    f"[ERROR] Stream '{name}' uses a restricted source (echo/expr/exec) which is disabled by default for security. "
+                    f"Set GO2RTC_ALLOW_ARBITRARY_EXEC=true to enable arbitrary exec sources."
+                )
+                del go2rtc_config["streams"][name]
+                continue
+            go2rtc_config["streams"][name] = formatted_stream
         except KeyError as e:
             print(
                 "[ERROR] Invalid substitution found, see https://docs.frigate.video/configuration/restream#advanced-restream-configurations for more info."
             )
             sys.exit(e)
 
     elif isinstance(stream, list):
-        for i, stream in enumerate(stream):
+        filtered_streams = []
+        for i, stream_item in enumerate(stream):
             try:
-                go2rtc_config["streams"][name][i] = stream.format(**FRIGATE_ENV_VARS)
+                formatted_stream = stream_item.format(**FRIGATE_ENV_VARS)
+                if not ALLOW_ARBITRARY_EXEC and is_restricted_source(formatted_stream):
+                    print(
+                        f"[ERROR] Stream '{name}' item {i + 1} uses a restricted source (echo/expr/exec) which is disabled by default for security. "
+                        f"Set GO2RTC_ALLOW_ARBITRARY_EXEC=true to enable arbitrary exec sources."
+                    )
+                    continue
+
+                filtered_streams.append(formatted_stream)
             except KeyError as e:
                 print(
                     "[ERROR] Invalid substitution found, see https://docs.frigate.video/configuration/restream#advanced-restream-configurations for more info."
                 )
                 sys.exit(e)
 
+        if filtered_streams:
+            go2rtc_config["streams"][name] = filtered_streams
+        else:
+            print(
+                f"[ERROR] Stream '{name}' was removed because all sources were restricted (echo/expr/exec). "
+                f"Set GO2RTC_ALLOW_ARBITRARY_EXEC=true to enable arbitrary exec sources."
+            )
+            del go2rtc_config["streams"][name]
+
 # add birdseye restream stream if enabled
 if config.get("birdseye", {}).get("restream", False):
     birdseye: dict[str, Any] = config.get("birdseye")

docs/docs/configuration/audio_detectors.md

@@ -50,7 +50,7 @@ cameras:
 
 ### Configuring Minimum Volume
 
-The audio detector uses volume levels in the same way that motion in a camera feed is used for object detection. This means that frigate will not run audio detection unless the audio volume is above the configured level in order to reduce resource usage. Audio levels can vary widely between camera models so it is important to run tests to see what volume levels are. The Debug view in the Frigate UI has an Audio tab for cameras that have the `audio` role assigned where a graph and the current levels are is displayed. The `min_volume` parameter should be set to the minimum the `RMS` level required to run audio detection.
+The audio detector uses volume levels in the same way that motion in a camera feed is used for object detection. This means that Frigate will not run audio detection unless the audio volume is above the configured level in order to reduce resource usage. Audio levels can vary widely between camera models so it is important to run tests to see what volume levels are. The Debug view in the Frigate UI has an Audio tab for cameras that have the `audio` role assigned where a graph and the current levels are is displayed. The `min_volume` parameter should be set to the minimum the `RMS` level required to run audio detection.
 
 :::tip
 

docs/docs/configuration/cameras.md

@@ -79,6 +79,12 @@ cameras:
 
 If the ONVIF connection is successful, PTZ controls will be available in the camera's WebUI.
 
+:::note
+
+Some cameras use a separate ONVIF/service account that is distinct from the device administrator credentials. If ONVIF authentication fails with the admin account, try creating or using an ONVIF/service user in the camera's firmware. Refer to your camera manufacturer's documentation for more.
+
+:::
+
 :::tip
 
 If your ONVIF camera does not require authentication credentials, you may still need to specify an empty string for `user` and `password`, eg: `user: ""` and `password: ""`.
@@ -95,7 +101,7 @@ The FeatureList on the [ONVIF Conformant Products Database](https://www.onvif.or
 
 | Brand or specific camera     | PTZ Controls | Autotracking | Notes                                                                                                                                                                                                                                                             |
 | ---------------------------- | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| Amcrest                      |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support autotracking                                                                                                                                                   |
+| Amcrest                      |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support autotracking                                                                                                                                                    |
 | Amcrest ASH21                |      ✅      |      ❌      | ONVIF service port: 80                                                                                                                                                                                                                                            |
 | Amcrest IP4M-S2112EW-AI      |      ✅      |      ❌      | FOV relative movement not supported.                                                                                                                                                                                                                              |
 | Amcrest IP5M-1190EW          |      ✅      |      ❌      | ONVIF Port: 80. FOV relative movement not supported.                                                                                                                                                                                                              |