Workflow status is tracked in GitHub: https://github.com/emulebb/emulebb/issues/40. This local document is retained as an engineering spec/evidence record.
BUG-132 - Follow up deferred qBit session and bulk REST hardening¶
Summary¶
Track the remaining non-RC-blocking REST/qBit hardening findings from the final
pre-RC1 C++ stabilization pass. These should be revalidated against current
main before implementation because controller behavior has been changing
quickly during RC preparation.
Findings¶
- qBit compatibility sessions currently outlive API-key rotation because the
static SID is not bound to the credential generation in
srchybrid\WebServerQBitCompat.cpp.
Acceptance Criteria¶
- [ ] qBit sessions are invalidated or generation-bound when API credentials change.
- [x] qBit torrent-info responses avoid unbounded full-queue serialization on hot polling paths.
- [x] Bulk native transfer-add rejects oversized
linkspayloads before expensive parsing. - [ ] Behavior is documented as compatibility hardening with minimal API drift.
Notes¶
Deferred by operator decision while RC1-focused fixes landed under BUG-131. The qBit torrent-info hot-polling sub-finding was resolved later under BUG-133 and tightened under BUG-134. Native bulk transfer-add caps were resolved under BUG-134. This item remains deferred for qBit session invalidation.