No, not really. But what should i expect from someone who states as an 'objective opinion' "I do not like the programming language so the project is bad"
If i had to guess, since you are jumping on the memory leaks, you got an issue, reported it and did not get treatet like they fix it with a priority.
You keep jumping on "They had an RCE so the security must be completely broken"
Once? No jellyfin has had about 4 major RCE issues since the fork. At least 4 that I'm aware of. Blaming it on the previous code only makes sense if the split is recent. They have had time to completely rewrite if they really want.
It absolutely makes sense, otherwise they would have had to throw everything away.
The EFcore refacotring was like 6 years in the making.
And all that from just a few single ppl. Look at the ckntributer list, and how many contribution. Not many active devs are working on jellyfin on their free time. The problems that jellyfin has, is not from a lack of trying but a from a lack of finger and arms.
And you need to take it like it is.
But for complete other reasons than RCEs or similar.
As an FOSS project that inherited lots of shitty code this is basically the best thing they could do.
Not sure why, but you get specific about once RCE but not about other problems and keep vague about them. Is it the lack of understanding or disingenuousness?
It has had a pretty high number of RCE exploits including one recently the architecture of the web service is just very poor and leads to a lot of basic problems.
So they had an RCE that got fixed therefore the software is bad and insecure. Therefore every OS and basically any enterprise software that was ever used is insecure.
Got it.
And Plex doesn't require any. It's okay to accept that one product can be more polished than the other, and Plex has a lot of stuff that "just works"
And it is ok to accept that Plex is getting worse and worse. Only reason why ppl use it these days is because they still have an old lifetime pass. As soon as they take it away or introduce a new tier of features or even removing features of it, they will swarming away from Plex.
And they will!
OC never said anything to do with your comment, you seem to be really offended by recommending an alternative to a tool that you use.
AI is the perfectly fine umbrella term for it. It was used forever in terms of ML. Just go back to the first entry in the linked Wikipedia entry and you will find that its literally the first sentence.
Just because you feel to have negative feelings about a scientific term, does not make it ok to claim it does not belong to the same or a related group.
As I said, when you know the exact path of a media item on the server then you can check if the item exists.
If you choose a none standard filepath its not an issue.
Should that be fixed yes.
Whats the scenario? A law firm could brute force check all media items on open jellyfin servers? Highly illegal to exploit something like this in a lot of jurisdiction. And would also not proof the existence of the media on the server, just a file named like it.
Mitigation? Just add another random letter in the docker-compose mount path.
Machine Learning IS AI! You got yourself confused with marketing schemes yourself.
https://en.wikipedia.org/wiki/Machine_learning
And yes it was called AI before. It was just not in everyone's mouth.
Have you even read the issues and understood them?
Yes, those should be fixed, but unless you are worried about someone hijacking a video stream when you use a generic media path, there is not that much to worry about.
Sure in the gigantic wall of text. Also it doesn't tell you why, or what to do about it. All they'd have to do is say "run dist-upgrade to update these packages."
It is literally in the summary that gets presented in the last few lines before you have to press Y to continue.
Since you are already overwhelmed by the wall of text, you would probably not read the suggestion antways.
And the memory leaks get closed one after another? Dont they? Just because there are still issues does not mean it gets improved upon.
Media matching is no issue if you follow the naming sheme.
I am not upset at all, not sure why you think that.
Jellyfin will and connot be the replacement you wish it to be. Exposing something to the Internet is not a solution for the normal person. Heartbeat, Log4shell etc. etc. all of those are the reason why, not necessarily the service you are hosting by itself.
Especially in an age where tailscale is available to install on every major smart TV or other devices i do not get why you even want to recommend ppl to expose it.