onvif: clear binaryTimeout on destroy (#1974)

* Let's try to fix the plugin freezing

* hikvision-doorbell version up after merging from main

.github/workflows/docker-common.yml

@@ -84,7 +84,7 @@ jobs:
     strategy:
       matrix:
         BASE: ["noble"]
-        VENDOR: ["nvidia", "intel"]
+        VENDOR: ["nvidia", "nvidia-legacy", "intel", "amd"]
     steps:
       - name: Check out the repo
         uses: actions/checkout@v3

.github/workflows/docker.yml

@@ -21,7 +21,9 @@ jobs:
       matrix:
         BASE: [
           ["noble-nvidia", ".s6", "noble-nvidia", "nvidia"],
+          ["noble-nvidia-legacy", ".s6", "noble-nvidia-legacy", "nvidia-legacy"],
           ["noble-intel", ".s6", "noble-intel", "intel"],
+          ["noble-amd", ".s6", "noble-amd", "amd"],
           ["noble-full", ".s6", "noble-full", "full"],
           ["noble-lite", "", "noble-lite", "lite"],
           ["noble-lite", ".router", "noble-router", "router"],
@@ -109,7 +111,7 @@ jobs:
             ${{ format('koush/scrypted:v{0}-{1}', github.event.inputs.publish_tag || steps.package-version.outputs.NPM_VERSION, matrix.BASE[2]) }}
             ${{ matrix.BASE[2] == 'noble-full' && format('koush/scrypted:{0}', github.event.inputs.tag) || '' }}
             ${{ github.event.inputs.tag == 'latest' && format('koush/scrypted:{0}', matrix.BASE[3]) || '' }}
-            ${{ github.event.inputs.tag != 'latest' && format('koush/scrypted:{0}-{1}', github.event.inputs.tag, matrix.BASE[3]) }}
+            ${{ github.event.inputs.tag != 'latest' && format('koush/scrypted:{0}-{1}', github.event.inputs.tag, matrix.BASE[3]) || '' }}
 
             ${{ format('ghcr.io/koush/scrypted:v{1}-{0}', matrix.BASE[0], github.event.inputs.publish_tag || steps.package-version.outputs.NPM_VERSION) }}
             ${{ matrix.BASE[2] == 'noble-full' && format('ghcr.io/koush/scrypted:{0}', github.event.inputs.tag) || '' }}

common/package-lock.json

@@ -15,14 +15,14 @@
         "typescript": "^5.5.3"
       },
       "devDependencies": {
-        "@types/node": "^20.11.0",
+        "@types/node": "^20.19.11",
         "monaco-editor": "^0.50.0",
         "ts-node": "^10.9.2"
       }
     },
     "../sdk": {
       "name": "@scrypted/sdk",
-      "version": "0.5.29",
+      "version": "0.5.39",
       "license": "ISC",
       "dependencies": {
         "@babel/preset-typescript": "^7.27.1",
@@ -3340,11 +3340,13 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "20.11.0",
+      "version": "20.19.11",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.19.11.tgz",
+      "integrity": "sha512-uug3FEEGv0r+jrecvUUpbY8lLisvIjg6AAic6a2bSP5OEOLeJsDSnvhCDov7ipFFMXS3orMpzlmi0ZcuGkBbow==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "undici-types": "~5.26.4"
+        "undici-types": "~6.21.0"
       }
     },
     "node_modules/acorn": {
@@ -3479,7 +3481,9 @@
       }
     },
     "node_modules/undici-types": {
-      "version": "5.26.5",
+      "version": "6.21.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+      "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
       "dev": true,
       "license": "MIT"
     },

common/package.json

@@ -17,7 +17,7 @@
     "typescript": "^5.5.3"
   },
   "devDependencies": {
-    "@types/node": "^20.11.0",
+    "@types/node": "^20.19.11",
     "monaco-editor": "^0.50.0",
     "ts-node": "^10.9.2"
   }

common/src/async-queue.ts

@@ -9,6 +9,16 @@ export function createAsyncQueue<T>() {
     const waiting: Deferred<T>[] = [];
     const queued: { item: T, dequeued?: Deferred<void> }[] = [];
 
+    const wait = async (index: number) => {
+        const q = queued[index];
+        if (!q)
+            return;
+        if (!q.dequeued) {
+            q.dequeued = new Deferred<void>();
+        }
+        return q.dequeued.promise;
+    }
+
     const dequeue = async () => {
         if (queued.length) {
             const { item, dequeued: enqueue } = queued.shift()!;
@@ -66,7 +76,7 @@ export function createAsyncQueue<T>() {
             dequeued?.reject(new Error('abort'));
         };
 
-        dequeued?.promise.catch(() => {}).finally(() => signal.removeEventListener('abort', h));
+        dequeued?.promise.catch(() => { }).finally(() => signal.removeEventListener('abort', h));
         signal.addEventListener('abort', h);
 
         return true;
@@ -154,13 +164,14 @@ export function createAsyncQueue<T>() {
         dequeue,
         get queue() {
             return queue();
-        }
+        },
+        wait,
     }
 }
 
 export function createAsyncQueueFromGenerator<T>(generator: AsyncGenerator<T>) {
     const q = createAsyncQueue<T>();
-    (async() => {
+    (async () => {
         try {
             for await (const i of generator) {
                 await q.enqueue(i);

common/src/eval/monaco-libs.ts

@@ -2,6 +2,7 @@ import type * as monacoEditor from 'monaco-editor';
 
 export interface StandardLibs {
     '@types/node/globals.d.ts': string,
+    '@types/node/module.d.ts': string,
     '@types/node/buffer.d.ts': string,
     '@types/node/process.d.ts': string,
     '@types/node/events.d.ts': string,

common/src/eval/scrypted-eval.ts

@@ -116,6 +116,7 @@ export async function scryptedEval(device: ScryptedDeviceBase, script: string, e
 export function createMonacoEvalDefaults(extraLibs: { [lib: string]: string }) {
     const standardlibs: StandardLibs = {
         "@types/node/globals.d.ts": readFileAsString('@types/node/globals.d.ts'),
+        "@types/node/module.d.ts": readFileAsString('@types/node/module.d.ts'),
         "@types/node/buffer.d.ts": readFileAsString('@types/node/buffer.d.ts'),
         "@types/node/process.d.ts": readFileAsString('@types/node/process.d.ts'),
         "@types/node/events.d.ts": readFileAsString('@types/node/events.d.ts'),

common/src/rtc-signaling.ts

@@ -110,7 +110,9 @@ export class BrowserSignalingSession implements RTCSignalingSession {
             await this.microphone.replaceTrack(mic.getTracks()[0]);
         }
 
-        this.microphone.track.enabled = enabled;
+        if (this.microphone?.track) {
+            this.microphone.track.enabled = enabled;
+        }
     }
 
     close() {

common/src/stream-parser.ts

@@ -2,7 +2,6 @@ import { Socket as DatagramSocket } from "dgram";
 import { once } from "events";
 import { Duplex } from "stream";
 import { FFMPEG_FRAGMENTED_MP4_OUTPUT_ARGS, MP4Atom, parseFragmentedMP4 } from "./ffmpeg-mp4-parser-session";
-import { readLength } from "./read-stream";
 
 export interface StreamParser {
     container: string;
@@ -25,59 +24,11 @@ export interface StreamParserOptions {
 export interface StreamChunk {
     startStream?: Buffer;
     chunks: Buffer[];
-    type?: string;
+    type: string;
     width?: number;
     height?: number;
 }
 
-// function checkTsPacket(pkt: Buffer) {
-//     const pid = ((pkt[1] & 0x1F) << 8) | pkt[2];
-//     if (pid == 256) {
-//         // found video stream
-//         if ((pkt[3] & 0x20) && (pkt[4] > 0)) {
-//             // have AF
-//             if (pkt[5] & 0x40) {
-//                 // found keyframe
-//                 console.log('keyframe');
-//             }
-//         }
-//     }
-// }
-
-function createLengthParser(length: number, verify?: (concat: Buffer) => void) {
-    async function* parse(socket: Duplex): AsyncGenerator<StreamChunk> {
-        let pending: Buffer[] = [];
-        let pendingSize = 0;
-        while (true) {
-            const data: Buffer = socket.read();
-            if (!data) {
-                await once(socket, 'readable');
-                continue;
-            }
-            pending.push(data);
-            pendingSize += data.length;
-            if (pendingSize < length)
-                continue;
-
-            const concat = Buffer.concat(pending);
-
-            verify?.(concat);
-
-            const remaining = concat.length % length;
-            const left = concat.slice(0, concat.length - remaining);
-            const right = concat.slice(concat.length - remaining);
-            pending = [right];
-            pendingSize = right.length;
-
-            yield {
-                chunks: [left],
-            };
-        }
-    }
-
-    return parse;
-}
-
 export function createDgramParser() {
     async function* parse(socket: DatagramSocket, width: number, height: number, type: string) {
         while (true) {
@@ -91,65 +42,6 @@ export function createDgramParser() {
     return parse;
 }
 
-export function createMpegTsParser(options?: StreamParserOptions): StreamParser {
-    return {
-        container: 'mpegts',
-        outputArguments: [
-            ...(options?.vcodec || []),
-            ...(options?.acodec || []),
-            '-f', 'mpegts',
-        ],
-        parse: createLengthParser(188, concat => {
-            if (concat[0] != 0x47) {
-                throw new Error('Invalid sync byte in mpeg-ts packet. Terminating stream.')
-            }
-        }),
-        findSyncFrame(streamChunks): StreamChunk[] {
-            for (let prebufferIndex = 0; prebufferIndex < streamChunks.length; prebufferIndex++) {
-                const streamChunk = streamChunks[prebufferIndex];
-
-                for (let chunkIndex = 0; chunkIndex < streamChunk.chunks.length; chunkIndex++) {
-                    const chunk = streamChunk.chunks[chunkIndex];
-
-                    let offset = 0;
-                    while (offset + 188 < chunk.length) {
-                        const pkt = chunk.subarray(offset, offset + 188);
-                        const pid = ((pkt[1] & 0x1F) << 8) | pkt[2];
-                        if (pid == 256) {
-                            // found video stream
-                            if ((pkt[3] & 0x20) && (pkt[4] > 0)) {
-                                // have AF
-                                if (pkt[5] & 0x40) {
-                                    // we found the sync frame, but also need to send the pat and pmt
-                                    // which might be at the start of this chunk before the keyframe.
-                                    // yolo!
-                                    return streamChunks.slice(prebufferIndex);
-                                    // const chunks = streamChunk.chunks.slice(chunkIndex + 1);
-                                    // const take = chunk.subarray(offset);
-                                    // chunks.unshift(take);
-
-                                    // const remainingChunks = streamChunks.slice(prebufferIndex + 1);
-                                    // const ret = Object.assign({}, streamChunk);
-                                    // ret.chunks = chunks;
-                                    // return [
-                                    //     ret,
-                                    //     ...remainingChunks
-                                    // ];
-                                }
-                            }
-                        }
-
-                        offset += 188;
-                    }
-
-                }
-            }
-
-            return findSyncFrame(streamChunks);
-        }
-    }
-}
-
 export async function* parseMp4StreamChunks(parser: AsyncGenerator<MP4Atom>) {
     let ftyp: MP4Atom;
     let moov: MP4Atom;
@@ -213,54 +105,3 @@ export const PIXEL_FORMAT_RGB24: RawVideoPixelFormat = {
     name: 'rgb24',
     computeLength: (width, height) => width * height * 3,
 }
-
-export function createRawVideoParser(options: RawVideoParserOptions): StreamParser {
-    const pixelFormat = options?.pixelFormat || PIXEL_FORMAT_YUV420P;
-    let filter: string;
-    const { size, everyNFrames } = options;
-    if (size) {
-        filter = `scale=${size.width}:${size.height}`;
-    }
-    if (everyNFrames && everyNFrames > 1) {
-        if (filter)
-            filter += ',';
-        else
-            filter = '';
-        filter = filter + `select=not(mod(n\\,${everyNFrames}))`
-    }
-
-    const inputArguments: string[] = [];
-    if (options.size)
-        inputArguments.push('-s', `${options.size.width}x${options.size.height}`);
-
-    inputArguments.push('-pix_fmt', pixelFormat.name);
-    return {
-        inputArguments,
-        container: 'rawvideo',
-        outputArguments: [
-            '-s', `${options.size.width}x${options.size.height}`,
-            '-an',
-            '-vcodec', 'rawvideo',
-            '-pix_fmt', pixelFormat.name,
-            '-f', 'rawvideo',
-        ],
-        async *parse(socket: Duplex, width: number, height: number): AsyncGenerator<StreamChunk> {
-            width = size?.width || width;
-            height = size?.height || height
-
-            if (!width || !height)
-                throw new Error("error parsing rawvideo, unknown width and height");
-
-            const toRead = pixelFormat.computeLength(width, height);
-            while (true) {
-                const buffer = await readLength(socket, toRead);
-                yield {
-                    chunks: [buffer],
-                    width,
-                    height,
-                }
-            }
-        },
-        findSyncFrame,
-    }
-}

common/src/using-holder.ts

@@ -0,0 +1,98 @@
+export abstract class AsyncUsingHolderBase<T> {
+    constructor(private _value: T) {
+    }
+
+    get value(): T {
+        return this._value;
+    }
+
+    async [Symbol.asyncDispose]() {
+        await this.release();
+    }
+
+    abstract asyncDispose(value: T): Promise<void>;
+
+    detach() {
+        const value = this._value;
+        this._value = undefined;
+        return value;
+    }
+
+    async replace(value: T) {
+        this.release();
+        this._value = value;
+    }
+
+    async release() {
+        const released = this.detach();
+        if (released)
+            await this.asyncDispose(released);
+    }
+}
+export abstract class UsingHolderBase<T> {
+    constructor(private _value: T) {
+    }
+
+    get value(): T {
+        return this._value;
+    }
+
+    [Symbol.dispose]() {
+        this.release();
+    }
+
+    abstract dispose(value: T): void;
+
+    detach() {
+        const value = this._value;
+        this._value = undefined;
+        return value;
+    }
+
+    replace(value: T) {
+        this.release();
+        this._value = value;
+    }
+
+    release() {
+        const released = this.detach();
+        if (released)
+            this.dispose(released);
+    }
+}
+
+export class UsingHolder<T extends Disposable> extends UsingHolderBase<T> {
+    dispose(value: T) {
+        value?.[Symbol.dispose]();
+    }
+
+    transferClosure<V>(closure: (value: UsingHolder<T>) => Promise<V>) {
+        return (async () => {
+            using attached = new UsingHolder(this.detach());
+            return await closure(attached);
+        })();
+    }
+}
+
+export class AsyncUsingHolder<T extends AsyncDisposable> extends AsyncUsingHolderBase<T> {
+    async asyncDispose(value: T) {
+        value?.[Symbol.asyncDispose]();
+    }
+
+    transferClosure<V>(closure: (value: AsyncUsingHolder<T>) => Promise<V>) {
+        return (async () => {
+            await using attached = new AsyncUsingHolder(this.detach());
+            return await closure(attached);
+        })();
+    }
+}
+
+export class DisposableHolder<T> extends UsingHolderBase<T> {
+    constructor(value: T, private _dispose: (value: T) => void) {
+        super(value);
+    }
+
+    dispose(value: T) {
+        this._dispose(value);
+    }
+}

common/src/zygote.ts

@@ -52,7 +52,12 @@ export function createZygote<T>(options?: ForkOptions): Zygote<T> {
     }
 
     const gen = next();
-    return () => gen.next().value as PluginFork<T>;
+    return () => {
+        const ret = gen.next();
+        if (ret.done || !ret.value)
+            throw new Error('Zygote exhausted');
+        return ret.value;
+    };
 }
 
 

common/tsconfig.json

@@ -1,6 +1,6 @@
 {
     "compilerOptions": {
-        "module": "commonjs",
+        "module": "Node16",
         "moduleResolution": "Node16",
         "target": "esnext",
         "noImplicitAny": true,

install/config.yaml

@@ -1,6 +1,6 @@
 # Home Assistant Addon Configuration
 name: Scrypted
-version: "v0.139.0-noble-full"
+version: "v0.143.0-noble-full"
 slug: scrypted
 description: Scrypted is a high performance home video integration and automation platform
 url: "https://github.com/koush/scrypted"

install/docker/Dockerfile.HEAD

@@ -1,4 +1,4 @@
-ARG BASE="16-jammy"
+ARG BASE="noble-full"
 FROM ghcr.io/koush/scrypted-common:${BASE}
 
 WORKDIR /
@@ -8,4 +8,4 @@ WORKDIR /scrypted/server
 RUN npm install
 RUN npm run build
 
-CMD npm run serve-no-build
+CMD ["npm", "run", "serve-no-build"]

install/docker/Dockerfile.amd

@@ -0,0 +1,7 @@
+ARG BASE="ghcr.io/koush/scrypted-common:noble-amd"
+FROM $BASE
+
+ENV SCRYPTED_DOCKER_FLAVOR="amd"
+
+# amd opencl
+RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-amd-graphics.sh | bash

install/docker/Dockerfile.full

@@ -35,19 +35,6 @@ RUN apt-get -y install \
     python3-setuptools \
     python3-wheel
 
-# gstreamer native https://gstreamer.freedesktop.org/documentation/installing/on-linux.html?gi-language=c#install-gstreamer-on-ubuntu-or-debian
-RUN echo "Installing gstreamer."
-# python-codecs pygobject dependencies
-RUN apt-get -y install libcairo2-dev libgirepository1.0-dev
-RUN apt-get -y install \
-    gstreamer1.0-tools gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-libav \
-    gstreamer1.0-vaapi
-
-# python3 gstreamer bindings
-RUN echo "Installing gstreamer bindings."
-RUN apt-get -y install \
-    python3-gst-1.0
-
 # allow pip to install to system
 RUN rm -f /usr/lib/python**/EXTERNALLY-MANAGED
 
@@ -69,12 +56,9 @@ RUN apt -y install libvulkan1
 # intel opencl for openvino
 RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-intel-graphics.sh | bash
 
-# NPU driver will SIGILL on openvino prior to 2024.5.0
+# intel NPU
 RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-intel-npu.sh | bash
 
-# amd opencl
-RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-amd-graphics.sh | bash
-
 # python 3.9 from ppa.
 # 3.9 is the version with prebuilt support for tensorflow lite
 RUN add-apt-repository -y ppa:deadsnakes/ppa && \
@@ -92,7 +76,7 @@ RUN python3.9 -m pip install debugpy
 # Coral Edge TPU
 # https://coral.ai/docs/accelerator/get-started/#runtime-on-linux
 RUN echo "deb https://packages.cloud.google.com/apt coral-edgetpu-stable main" | tee /etc/apt/sources.list.d/coral-edgetpu.list
-RUN curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+RUN curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /etc/apt/trusted.gpg.d/coral-edgetpu.gpg
 RUN apt-get -y update && apt-get -y install libedgetpu1-std
 
 # set default shell to bash

install/docker/Dockerfile.intel

@@ -1,9 +1,16 @@
-ARG BASE="ghcr.io/koush/scrypted-common:20-jammy-full"
+ARG BASE="ghcr.io/koush/scrypted-common:noble-intel"
 FROM $BASE
 
 ENV SCRYPTED_DOCKER_FLAVOR="intel"
 
 RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-intel-oneapi.sh | bash
-# these paths must be updated if oneapi is updated via the install-intel-oneapi.sh script
-# note that the 2022.2 seems to be a typo in the intel script...?
-ENV LD_LIBRARY_PATH=/opt/intel/oneapi/tcm/1.4/lib:/opt/intel/oneapi/umf/0.11/lib:/opt/intel/oneapi/tbb/2022.2/env/../lib/intel64/gcc4.8:/opt/intel/oneapi/mkl/2025.2/lib:/opt/intel/oneapi/compiler/2025.2/opt/compiler/lib:/opt/intel/oneapi/compiler/2025.2/lib
+ENV LD_LIBRARY_PATH=/opt/intel/oneapi/tcm/latest/lib
+ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/oneapi/umf/latest/lib
+
+# gcc4.8 does not have a latest link however, it does seem to point to a relative lib path
+ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/oneapi/tbb/latest/env/../lib/intel64/gcc4.8
+ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/oneapi/tbb/latest/lib
+
+ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/oneapi/mkl/latest/lib
+ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/oneapi/compiler/latest/opt/compiler/lib
+ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/oneapi/compiler/latest/lib

install/docker/Dockerfile.lite

@@ -1,4 +1,4 @@
-ARG BASE="jammy"
+ARG BASE="noble-lite"
 FROM ubuntu:${BASE} AS header
 
 ENV SCRYPTED_DOCKER_FLAVOR="lite"

install/docker/Dockerfile.nvidia

@@ -1,4 +1,4 @@
-ARG BASE="ghcr.io/koush/scrypted-common:20-jammy-full"
+ARG BASE="ghcr.io/koush/scrypted-common:noble-nvidia"
 FROM $BASE
 
 ENV SCRYPTED_DOCKER_FLAVOR="nvidia"

install/docker/Dockerfile.nvidia-legacy

@@ -0,0 +1,11 @@
+ARG BASE="ghcr.io/koush/scrypted-common:noble-nvidia-legacy"
+FROM $BASE
+
+ENV SCRYPTED_DOCKER_FLAVOR="nvidia"
+
+ENV NVIDIA_DRIVER_CAPABILITIES=all
+ENV NVIDIA_VISIBLE_DEVICES=all
+
+# nvidia cudnn/libcublas etc.
+# for some reason this is not provided by the nvidia container toolkit
+RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-nvidia-graphics-legacy.sh | bash

install/docker/Dockerfile.router

@@ -9,7 +9,15 @@ RUN rm -f /etc/systemd/system/multi-user.target.wants/dnsmasq.service
 RUN rm -f /etc/systemd/system/sysinit.target.wants/systemd-resolved.service
 
 # go + caddy
-RUN apt -y install golang-go
+RUN GO_VERSION=1.25.1 && ARCH=$(dpkg --print-architecture) && \
+    if [ "$ARCH" = "amd64" ]; then GOARCH="amd64"; \
+    elif [ "$ARCH" = "arm64" ]; then GOARCH="arm64"; \
+    elif [ "$ARCH" = "armhf" ]; then GOARCH="armv6l"; \
+    else echo "Unsupported architecture: $ARCH" && exit 1; fi && \
+    curl -LO "https://go.dev/dl/go${GO_VERSION}.linux-${GOARCH}.tar.gz" && \
+    tar -C /usr/local -xzf "go${GO_VERSION}.linux-${GOARCH}.tar.gz" && \
+    rm "go${GO_VERSION}.linux-${GOARCH}.tar.gz"
+ENV PATH=$PATH:/usr/local/go/bin
 RUN apt install -y debian-keyring debian-archive-keyring apt-transport-https
 RUN curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-xcaddy-archive-keyring.gpg
 RUN curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-xcaddy.list

install/docker/Dockerfile.s6

@@ -1,4 +1,4 @@
-ARG BASE="20-jammy-full"
+ARG BASE="noble-full"
 FROM ghcr.io/koush/scrypted-common:${BASE}
 
 # avahi advertiser support

install/docker/docker-build-nvidia.sh

@@ -1,3 +1,3 @@
 ./docker-build.sh
 
-docker build -t ghcr.io/koush/scrypted:20-jammy-full.nvidia -f Dockerfile.nvidia .
+docker build -t ghcr.io/koush/scrypted:nvidia -f Dockerfile.nvidia .

install/docker/docker-build.sh

@@ -4,7 +4,7 @@ set -x
 
 NODE_VERSION=22
 SCRYPTED_INSTALL_VERSION=beta
-IMAGE_BASE=jammy
+IMAGE_BASE=noble
 FLAVOR=full
 BASE=$NODE_VERSION-$IMAGE_BASE-$FLAVOR
 echo $BASE

install/docker/docker-compose-setup.py

@@ -0,0 +1,45 @@
+import os
+from ruamel.yaml import YAML
+
+# Define the devices to check for
+devices_to_check = [
+    "/dev/dri",
+    "/dev/accel",
+    "/dev/apex_0",
+    "/dev/apex_1",
+    "/dev/kfd",
+    "/dev/bus/usb"
+]
+
+# Use ruamel.yaml with better formatting preservation
+yaml = YAML()
+yaml.preserve_quotes = True
+# Explicitly set roundtrip mode for comment preservation
+yaml.typ = 'rt'
+# Match the original formatting - 4 space indentation
+yaml.indent = 4
+# No special block sequence indentation
+yaml.block_seq_indent = 0
+# Don't wrap lines
+yaml.width = None
+# Preserve unicode
+yaml.allow_unicode = True
+
+# Read the docker-compose.yml file
+with open('docker-compose.yml', 'r') as file:
+    compose_data = yaml.load(file)
+
+# Get a direct reference to the devices key
+scrypted_service = compose_data['services']['scrypted']
+devices = scrypted_service.setdefault('devices', [])
+
+# Check for devices and add them if they exist
+for device_path in devices_to_check:
+    if os.path.exists(device_path):
+        device_mapping = f"{device_path}:{device_path}"
+        if device_mapping not in devices:
+            devices.append(device_mapping)
+
+# Write the modified docker-compose.yml file (preserving comments and formatting)
+with open('docker-compose.yml', 'w') as file:
+    yaml.dump(compose_data, file)

install/docker/docker-compose-setup.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+# run as privileged so all the devices can be detected and only the necessary ones passed through.
+
+docker run --rm \
+  --privileged \
+  -v "$(pwd):/app" \
+  -w /app \
+  python:3.12-slim \
+  sh -c "pip install -q --root-user-action=ignore ruamel.yaml && python docker-compose-setup.py"

install/docker/docker-compose.yml

@@ -132,6 +132,12 @@ services:
         labels:
             - "com.centurylinklabs.watchtower.scope=scrypted"
 
+        # Use global DNS servers to avoid issues with some local DNS servers.
+        # particularly with npm registry, etc.
+        dns:
+            - ${SCRYPTED_DNS_SERVER_0:-1.1.1.1}
+            - ${SCRYPTED_DNS_SERVER_1:-8.8.8.8}
+
     # watchtower manages updates for Scrypted.
     watchtower:
         environment:
@@ -139,7 +145,7 @@ services:
             - WATCHTOWER_HTTP_API_UPDATE=true
             - WATCHTOWER_SCOPE=scrypted
             - WATCHTOWER_HTTP_API_PERIODIC_POLLS=${WATCHTOWER_HTTP_API_PERIODIC_POLLS:-true}
-        image: containrrr/watchtower
+        image: nickfedor/watchtower
         container_name: scrypted-watchtower
         restart: unless-stopped
         volumes:
@@ -152,3 +158,11 @@ services:
             - 10444:8080
         # check for updates once an hour (interval is in seconds)
         command: --interval 3600 --cleanup --scope scrypted
+
+        # Use global DNS servers to avoid issues with some local DNS servers.
+        # particularly with npm registry, etc.
+        dns:
+            - ${SCRYPTED_DNS_SERVER_0:-1.1.1.1}
+            - ${SCRYPTED_DNS_SERVER_1:-8.8.8.8}
+        # LXC usage only
+        # lxc profiles: ["disabled"]

install/docker/install-amd-graphics.sh

@@ -21,23 +21,34 @@ else
     distro="noble"
 fi
 
+apt -y update
+apt -y install rsync gpg
+# the deb no longer seems to install a key?
+gpg --keyserver keyserver.ubuntu.com --recv-keys 9386B48A1A693C5C
+gpg --export --armor 9386B48A1A693C5C | tee /etc/apt/trusted.gpg.d/amdgpu.asc
+
 # https://amdgpu-install.readthedocs.io/en/latest/install-prereq.html#installing-the-installer-package
 
-FILENAME=$(curl -s -L https://repo.radeon.com/amdgpu-install/latest/ubuntu/$distro/ | grep -o 'amdgpu-install_[^ ]*' | cut -d'"' -f1)
-if [ -z "$FILENAME" ]
-then
-    echo "AMD graphics package can not be installed. Could not find the package name."
-    exit 1
-fi
+# AMD keeps breaking these links. Use hard links.
+
+# FILENAME=$(curl -s -L https://repo.radeon.com/amdgpu-install/latest/ubuntu/$distro/ | grep -o 'amdgpu-install_[^ ]*' | cut -d'"' -f1)
+# if [ -z "$FILENAME" ]
+# then
+#     echo "AMD graphics package can not be installed. Could not find the package name."
+#     exit 1
+# fi
 
 set -e
 mkdir -p /tmp/amd
 cd /tmp/amd
-curl -O -L http://repo.radeon.com/amdgpu-install/latest/ubuntu/$distro/$FILENAME
-apt -y update
-apt -y install rsync
+# curl -O -L https://repo.radeon.com/amdgpu-install/latest/ubuntu/$distro/$FILENAME
+
+FILENAME=amdgpu-install_7.0.1.70001-1_all.deb
+curl -O -L https://repo.radeon.com/amdgpu-install/7.0.1/ubuntu/$distro/$FILENAME
+
 dpkg -i $FILENAME
 apt -y update
+
 amdgpu-install --usecase=opencl --no-dkms -y --accept-eula
 cd /tmp
 rm -rf /tmp/amd

install/docker/install-intel-graphics.sh

@@ -69,39 +69,50 @@ apt-get install -y ocl-icd-libopencl1
 # install 24.35.30872.22 for legacy support. Then install latest.
 # https://github.com/intel/compute-runtime/issues/770#issuecomment-2515166915
 
-# https://github.com/intel/compute-runtime/releases/tag/24.35.30872.22
-curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.20/intel-igc-core_1.0.17537.20_amd64.deb
-curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.20/intel-igc-opencl_1.0.17537.20_amd64.deb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu-dbgsym_1.3.30872.22_amd64.ddeb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu-legacy1-dbgsym_1.3.30872.22_amd64.ddeb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu-legacy1_1.3.30872.22_amd64.deb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu_1.3.30872.22_amd64.deb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd-dbgsym_24.35.30872.22_amd64.ddeb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd-legacy1-dbgsym_24.35.30872.22_amd64.ddeb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd-legacy1_24.35.30872.22_amd64.deb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd_24.35.30872.22_amd64.deb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/libigdgmm12_22.5.0_amd64.deb
+# original legacy packages
+# # https://github.com/intel/compute-runtime/releases/tag/24.35.30872.22
+# curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.20/intel-igc-core_1.0.17537.20_amd64.deb
+# curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.20/intel-igc-opencl_1.0.17537.20_amd64.deb
+# # curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu-dbgsym_1.3.30872.22_amd64.ddeb
+# # curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu-legacy1-dbgsym_1.3.30872.22_amd64.ddeb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu-legacy1_1.3.30872.22_amd64.deb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-level-zero-gpu_1.3.30872.22_amd64.deb
+# # curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd-dbgsym_24.35.30872.22_amd64.ddeb
+# # curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd-legacy1-dbgsym_24.35.30872.22_amd64.ddeb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd-legacy1_24.35.30872.22_amd64.deb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/intel-opencl-icd_24.35.30872.22_amd64.deb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.22/libigdgmm12_22.5.0_amd64.deb
+
+# new legacy packages
+# https://github.com/intel/compute-runtime/releases/tag/24.35.30872.36
+curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.24/intel-igc-core_1.0.17537.24_amd64.deb
+curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.24/intel-igc-opencl_1.0.17537.24_amd64.deb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.36/intel-level-zero-gpu-legacy1-dbgsym_1.5.30872.36_amd64.ddeb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.36/intel-level-zero-gpu-legacy1_1.5.30872.36_amd64.deb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.36/intel-opencl-icd-legacy1-dbgsym_24.35.30872.36_amd64.ddeb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.36/intel-opencl-icd-legacy1_24.35.30872.36_amd64.deb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/24.35.30872.36/libigdgmm12_22.5.0_amd64.deb
 
 dpkg -i *.deb
 rm -f *.deb
 
 # https://github.com/intel/compute-runtime/releases
 # note that at time of commit, IGC supports ubuntu 24.04 only possibly due to their builder being on 24.04.
-curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/v2.12.5/intel-igc-core-2_2.12.5+19302_amd64.deb
-curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/v2.12.5/intel-igc-opencl-2_2.12.5+19302_amd64.deb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/intel-ocloc-dbgsym_25.22.33944.8-0_amd64.ddeb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/intel-ocloc_25.22.33944.8-0_amd64.deb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/intel-opencl-icd-dbgsym_25.22.33944.8-0_amd64.ddeb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/intel-opencl-icd_25.22.33944.8-0_amd64.deb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/libigdgmm12_22.7.0_amd64.deb
-# curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/libze-intel-gpu1-dbgsym_25.22.33944.8-0_amd64.ddeb
-curl -O -L https://github.com/intel/compute-runtime/releases/download/25.22.33944.8/libze-intel-gpu1_25.22.33944.8-0_amd64.deb
+curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/v2.18.5/intel-igc-core-2_2.18.5+19820_amd64.deb
+curl -O -L https://github.com/intel/intel-graphics-compiler/releases/download/v2.18.5/intel-igc-opencl-2_2.18.5+19820_amd64.deb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/intel-ocloc-dbgsym_25.35.35096.9-0_amd64.ddeb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/intel-ocloc_25.35.35096.9-0_amd64.deb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/intel-opencl-icd-dbgsym_25.35.35096.9-0_amd64.ddeb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/intel-opencl-icd_25.35.35096.9-0_amd64.deb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/libigdgmm12_22.8.1_amd64.deb
+# curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/libze-intel-gpu1-dbgsym_25.35.35096.9-0_amd64.ddeb
+curl -O -L https://github.com/intel/compute-runtime/releases/download/25.35.35096.9/libze-intel-gpu1_25.35.35096.9-0_amd64.deb
 
 set +e
 dpkg -i *.deb
 set -e
 # the legacy + latest process says this may be necessary but it does not seem to be in a clean environment.
-apt-get install --fix-broken
+apt-get -y install --fix-broken
 
 
 cd /tmp && rm -rf /tmp/gpu

install/docker/install-intel-npu.sh

@@ -9,11 +9,17 @@ UBUNTU_24_04=$(lsb_release -r | grep "24.04")
 
 if [ -z "$UBUNTU_22_04" ] && [ -z "$UBUNTU_24_04" ]
 then
-    # proxmox is compatible with ubuntu 22.04, check for  /etc/pve directory
-    if [ -d "/etc/pve" ]
-    then
+    # proxmox is compatible with intel's ubuntu builds, check for /etc/pve directory
+    # then determine debian version
+    version=$(cat /etc/debian_version 2>/dev/null)
+
+    # Determine if it's Debian 12 or 13
+    if [[ "$version" == 12* ]]; then
         UBUNTU_22_04=true
+    elif [[ "$version" == 13* ]]; then
+        UBUNTU_24_04=true
     fi
+
 fi
 
 # needs either ubuntu 22.0.4 or 24.04
@@ -25,8 +31,10 @@ fi
 
 if [ -n "$UBUNTU_22_04" ]
 then
+    ubuntu_distro=ubuntu2204
     distro="22.04_amd64"
 else
+    ubuntu_distro=ubuntu2404
     distro="24.04_amd64"
 fi
 
@@ -38,22 +46,24 @@ set -e
 rm -rf /tmp/npu && mkdir -p /tmp/npu && cd /tmp/npu
 
 # level zero must also be installed
-LEVEL_ZERO_VERSION=1.22.4
+LEVEL_ZERO_VERSION=1.24.2
 # https://github.com/oneapi-src/level-zero
 curl -O -L https://github.com/oneapi-src/level-zero/releases/download/v"$LEVEL_ZERO_VERSION"/level-zero_"$LEVEL_ZERO_VERSION"+u$distro.deb
 curl -O -L https://github.com/oneapi-src/level-zero/releases/download/v"$LEVEL_ZERO_VERSION"/level-zero-devel_"$LEVEL_ZERO_VERSION"+u$distro.deb
 
 # npu driver
 # https://github.com/intel/linux-npu-driver
-NPU_VERSION=1.19.0
-NPU_VERSION_DATE=20250707-16111289554
-curl -O -L https://github.com/intel/linux-npu-driver/releases/download/v"$NPU_VERSION"/intel-driver-compiler-npu_$NPU_VERSION."$NPU_VERSION_DATE"_ubuntu$distro.deb
+NPU_VERSION=1.23.0
+NPU_VERSION_DATE=20250827-17270089246
+NPU_TAR_FILENAME=linux-npu-driver-v"$NPU_VERSION"."$NPU_VERSION_DATE"-$ubuntu_distro.tar.gz
+curl -O -L https://github.com/intel/linux-npu-driver/releases/download/v"$NPU_VERSION"/"$NPU_TAR_FILENAME"
+tar xzvf "$NPU_TAR_FILENAME"
+
 # firmware can only be installed on host. will cause problems inside container.
-if [ -n "$INTEL_FW_NPU" ]
+if [ ! -z "$INTEL_FW_NPU" ]
 then
-    curl -O -L https://github.com/intel/linux-npu-driver/releases/download/v"$NPU_VERSION"/intel-fw-npu_$NPU_VERSION."$NPU_VERSION_DATE"_ubuntu$distro.deb
+    rm *fw-npu*
 fi
-curl -O -L https://github.com/intel/linux-npu-driver/releases/download/v"$NPU_VERSION"/intel-level-zero-npu_$NPU_VERSION."$NPU_VERSION_DATE"_ubuntu$distro.deb
 
 apt -y update
 apt -y install libtbb12

install/docker/install-nvidia-container-toolkit.sh

@@ -1,3 +1,5 @@
+apt -y install lsb-release
+
 UBUNTU_22_04=$(lsb_release -r | grep "22.04")
 UBUNTU_24_04=$(lsb_release -r | grep "24.04")
 
@@ -9,6 +11,16 @@ set -e
 # https://developer.nvidia.com/cuda-downloads?target_os=Linux&target_arch=x86_64&Distribution=Ubuntu&target_version=24.04&target_type=deb_network
 # Do not apt install nvidia-open, must use cuda-drivers.
 
+if [ -z "$UBUNTU_22_04" ] && [ -z "$UBUNTU_24_04" ]
+then
+    # proxmox is compatible with ubuntu 22.04, check for  /etc/pve directory
+    if [ -d "/etc/pve" ]
+    then
+        apt -y install pve-headers-$(uname -r)
+        UBUNTU_22_04=true
+    fi
+fi
+
 if [ -z "$UBUNTU_22_04" ] && [ -z "$UBUNTU_24_04" ]
 then
     echo "NVIDIA container toolkit can not be installed. Ubuntu version could not be detected when checking lsb-release and /etc/os-release."
@@ -38,7 +50,14 @@ apt -y update
 # is there a way to get a versioned package automatically?
 # cuda-drivers does not work with blackwell for some reason, container toolkit it broken IIRC.
 apt -y install nvidia-open
-apt -y install nvidia-container-toolkit
 
-nvidia-ctk runtime configure --runtime=docker
-systemctl restart docker
+if [ ! -d "/etc/pve" ]
+then
+    apt -y install nvidia-container-toolkit
+    
+    nvidia-ctk runtime configure --runtime=docker
+    systemctl restart docker
+fi
+
+# need this if running inside lxc...
+# nvidia-ctk config --set nvidia-container-cli.no-cgroups --in-place

install/docker/install-nvidia-graphics-legacy.sh

@@ -0,0 +1,54 @@
+if [ "$(uname -m)" = "x86_64" ]
+then
+    UBUNTU_22_04=$(lsb_release -r | grep "22.04")
+    UBUNTU_24_04=$(lsb_release -r | grep "24.04")
+
+    # needs either ubuntu 22.0.4 or 24.04
+    if [ -z "$UBUNTU_22_04" ] && [ -z "$UBUNTU_24_04" ]
+    then
+        echo "NVIDIA graphics package can not be installed. Ubuntu version could not be detected when checking lsb-release and /etc/os-release."
+        exit 1
+    fi
+
+    if [ -n "$UBUNTU_22_04" ]
+    then
+        distro="ubuntu2204"
+    else
+        distro="ubuntu2404"
+    fi
+
+    echo "Installing NVIDIA graphics packages."
+    apt update -q \
+        && apt install -y wget \
+        && wget -qO /cuda-keyring.deb https://developer.download.nvidia.com/compute/cuda/repos/$distro/$(uname -m)/cuda-keyring_1.1-1_all.deb \
+        && dpkg -i /cuda-keyring.deb \
+        && apt update -q \
+        && apt install -y cuda-nvcc-12-6 libcublas-12-6 libcudnn9-cuda-12=9.10.2.21-1 cuda-libraries-12-6;
+
+    if [ "$?" != "0" ]
+    then
+        echo "Error: NVIDIA graphics packages failed to install."
+        exit 1
+    fi
+
+
+    # Update: the libnvidia-opencl.so.1 file is not present in the container image, it is
+    # mounted via the nvidia container runtime. This is why the following check is commented out.
+    # this file is present but for some reason the icd file is not created by nvidia runtime.
+    # if [ ! -f "/usr/lib/x86_64-linux-gnu/libnvidia-opencl.so.1" ]
+    # then
+    #     echo "Error: NVIDIA OpenCL library not found."
+    #     exit 1
+    # fi
+
+    # the container runtime doesn't mount this file for some reason. seems to be a bug.
+    # https://github.com/NVIDIA/nvidia-container-toolkit/issues/682
+    # but the contents are simply the .so file, which is a symlink the nvidia runtime
+    # will mount in.
+    mkdir -p /etc/OpenCL/vendors/
+    echo "libnvidia-opencl.so.1" > /etc/OpenCL/vendors/nvidia.icd
+else
+    echo "NVIDIA graphics will not be installed on this architecture."
+fi
+
+exit 0

install/docker/install-scrypted-docker-compose.sh

@@ -186,4 +186,4 @@ echo
 echo
 echo "Optional:"
 echo "Scrypted NVR Recording storage directory can be configured with an additional script located at:"
-echo "https://docs.scrypted.app/scrypted-nvr/recording-storage.html#docker-volume"
+echo "https://docs.scrypted.app/scrypted-nvr/storage/docker.html"

install/docker/template/Dockerfile.full.footer

@@ -9,12 +9,9 @@ RUN apt -y install libvulkan1
 # intel opencl for openvino
 RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-intel-graphics.sh | bash
 
-# NPU driver will SIGILL on openvino prior to 2024.5.0
+# intel NPU
 RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-intel-npu.sh | bash
 
-# amd opencl
-RUN curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-amd-graphics.sh | bash
-
 # python 3.9 from ppa.
 # 3.9 is the version with prebuilt support for tensorflow lite
 RUN add-apt-repository -y ppa:deadsnakes/ppa && \
@@ -32,7 +29,7 @@ RUN python3.9 -m pip install debugpy
 # Coral Edge TPU
 # https://coral.ai/docs/accelerator/get-started/#runtime-on-linux
 RUN echo "deb https://packages.cloud.google.com/apt coral-edgetpu-stable main" | tee /etc/apt/sources.list.d/coral-edgetpu.list
-RUN curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+RUN curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /etc/apt/trusted.gpg.d/coral-edgetpu.gpg
 RUN apt-get -y update && apt-get -y install libedgetpu1-std
 
 # set default shell to bash

install/docker/template/Dockerfile.full.header

@@ -4,7 +4,7 @@
 # install script.
 ################################################################
 ARG BASE="noble"
-FROM ubuntu:${BASE} as header
+FROM ubuntu:${BASE} AS header
 
 ENV DEBIAN_FRONTEND=noninteractive
 
@@ -32,19 +32,6 @@ RUN apt-get -y install \
     python3-setuptools \
     python3-wheel
 
-# gstreamer native https://gstreamer.freedesktop.org/documentation/installing/on-linux.html?gi-language=c#install-gstreamer-on-ubuntu-or-debian
-RUN echo "Installing gstreamer."
-# python-codecs pygobject dependencies
-RUN apt-get -y install libcairo2-dev libgirepository1.0-dev
-RUN apt-get -y install \
-    gstreamer1.0-tools gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-libav \
-    gstreamer1.0-vaapi
-
-# python3 gstreamer bindings
-RUN echo "Installing gstreamer bindings."
-RUN apt-get -y install \
-    python3-gst-1.0
-
 # allow pip to install to system
 RUN rm -f /usr/lib/python**/EXTERNALLY-MANAGED
 

install/local/install-scrypted-dependencies-mac.sh

@@ -47,9 +47,6 @@ RUN_IGNORE sudo installer -pkg /tmp/node.pkg -target /
 NODE_PATH=/usr/local # used to pass var test
 NODE_BIN_PATH=/usr/local/bin
 
-# gstreamer plugins
-RUN_IGNORE brew install gstreamer
-
 ARCH=$(arch)
 if [ "$ARCH" = "arm64" ]
 then

install/local/install-scrypted-dependencies-win.ps1

@@ -19,7 +19,7 @@ sc.exe stop scrypted.exe
 iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
 
 # Install node.js
-choco upgrade -y nodejs-lts --version=22.15.0
+choco upgrade -y nodejs-lts --version=22.21.0
 
 # Install VC Redist, which is necessary for portable python
 choco install -y vcredist140

install/proxmox/docker-compose.sh

@@ -4,15 +4,37 @@ cd /root/.scrypted
 # always immediately upgrade everything in case there's a broken update.
 # this will also be preferable for troubleshooting via lxc reboot.
 export DEBIAN_FRONTEND=noninteractive
-yes | dpkg --configure -a
-apt -y --fix-broken install && apt -y update && apt -y dist-upgrade
+
+# auto updates may break the system?
+# watchtower stopped working after a docker update, so disabling for now.
+# yes | dpkg --configure -a
+# apt -y --fix-broken install && apt -y update && apt -y dist-upgrade
+
+function cleanup() {
+    IS_UP=$(docker compose ps scrypted -a | grep Up)
+    # Only clean up when scrypted is running to safely free space without risking its image deletion
+    if [ -z "$IS_UP" ]; then
+        echo "scrypted is not running, skipping cleanup to preserve its image"
+        return
+    fi
+    echo $(date) > .last_cleanup
+    echo "scrypted is running, proceeding with cleanup to free space"
+    docker container prune -f
+    docker image prune -a -f
+}
 
 # force a pull to ensure we have the latest images.
 # not using --pull always cause that fails everything on network down
 docker compose pull
 
+(sleep 60 && cleanup) &
+
 # do not daemonize, when it exits, systemd will restart it.
 # force a recreate as .env may have changed.
 # furthermore force recreate gets the container back into a known state
 # which is preferable in case the user has made manual changes and then restarts.
-WATCHTOWER_HTTP_API_TOKEN=$(echo $RANDOM | md5sum | head -c 32) docker compose up --force-recreate --abort-on-container-exit
+WATCHTOWER_HTTP_API_TOKEN=$(echo $RANDOM | md5sum | head -c 32) docker compose up --force-recreate
+
+# abort on container exit is problematic if watchtower is the one that aborts.
+# this is also redundant now that watchtower is disabled.
+# WATCHTOWER_HTTP_API_TOKEN=$(echo $RANDOM | md5sum | head -c 32) docker compose up --force-recreate --abort-on-container-exit

install/proxmox/install-scrypted-proxmox.sh

@@ -18,7 +18,10 @@ function readyn() {
 }
 
 cd /tmp
-SCRYPTED_VERSION=v0.139.0
+if [ -z "$SCRYPTED_VERSION" ]
+then
+    SCRYPTED_VERSION=v0.143.0
+fi
 SCRYPTED_TAR_ZST=scrypted-$SCRYPTED_VERSION.tar.zst
 if [ -z "$VMID" ]
 then

packages/client/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@scrypted/client",
-  "version": "1.3.17",
+  "version": "1.3.26",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@scrypted/client",
-      "version": "1.3.17",
+      "version": "1.3.26",
       "license": "ISC",
       "dependencies": {
         "engine.io-client": "^6.6.3",
@@ -21,7 +21,7 @@
         "typescript": "^5.8.3"
       },
       "peerDependencies": {
-        "@scrypted/types": "^0.5.23"
+        "@scrypted/types": "^0.5.52"
       }
     },
     "node_modules/@cspotcode/source-map-support": {
@@ -37,6 +37,27 @@
         "node": ">=12"
       }
     },
+    "node_modules/@isaacs/balanced-match": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz",
+      "integrity": "sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==",
+      "license": "MIT",
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
+    "node_modules/@isaacs/brace-expansion": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz",
+      "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==",
+      "license": "MIT",
+      "dependencies": {
+        "@isaacs/balanced-match": "^4.0.1"
+      },
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
     "node_modules/@isaacs/cliui": {
       "version": "8.0.2",
       "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
@@ -65,9 +86,9 @@
       }
     },
     "node_modules/@jridgewell/sourcemap-codec": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
-      "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+      "version": "1.5.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+      "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
       "dev": true,
       "license": "MIT"
     },
@@ -83,58 +104,13 @@
       }
     },
     "node_modules/@scrypted/types": {
-      "version": "0.5.23",
-      "resolved": "https://registry.npmjs.org/@scrypted/types/-/types-0.5.23.tgz",
-      "integrity": "sha512-is/UJHgS3lvEuXyb+C/OPeIP5CKp+M6SQt1l/WFJr1Oj+KYYHGU8Ztlh/qOmAWgONhg286N4/cLNzTtAAh4YnA==",
+      "version": "0.5.52",
+      "resolved": "https://registry.npmjs.org/@scrypted/types/-/types-0.5.52.tgz",
+      "integrity": "sha512-c1ra1ENnoC8MqVHf7QQcXIU+5BvQnhU4x5oqx4b20LtoB0/TTXthYFFvEDBvLenBivUr8Bb6dWrji7TZXVax1g==",
       "license": "ISC",
       "peer": true,
       "dependencies": {
-        "openai": "^5.3.0"
-      }
-    },
-    "node_modules/@scrypted/types/node_modules/openai": {
-      "version": "5.3.0",
-      "resolved": "https://registry.npmjs.org/openai/-/openai-5.3.0.tgz",
-      "integrity": "sha512-VIKmoF7y4oJCDOwP/oHXGzM69+x0dpGFmN9QmYO+uPbLFOmmnwO+x1GbsgUtI+6oraxomGZ566Y421oYVu191w==",
-      "license": "Apache-2.0",
-      "peer": true,
-      "bin": {
-        "openai": "bin/cli"
-      },
-      "peerDependencies": {
-        "ws": "^8.18.0",
-        "zod": "^3.23.8"
-      },
-      "peerDependenciesMeta": {
-        "ws": {
-          "optional": true
-        },
-        "zod": {
-          "optional": true
-        }
-      }
-    },
-    "node_modules/@scrypted/types/node_modules/ws": {
-      "version": "8.18.2",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz",
-      "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==",
-      "license": "MIT",
-      "optional": true,
-      "peer": true,
-      "engines": {
-        "node": ">=10.0.0"
-      },
-      "peerDependencies": {
-        "bufferutil": "^4.0.1",
-        "utf-8-validate": ">=5.0.2"
-      },
-      "peerDependenciesMeta": {
-        "bufferutil": {
-          "optional": true
-        },
-        "utf-8-validate": {
-          "optional": true
-        }
+        "openai": "^6.1.0"
       }
     },
     "node_modules/@socket.io/component-emitter": {
@@ -182,13 +158,13 @@
       }
     },
     "node_modules/@types/node": {
-      "version": "24.0.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.0.10.tgz",
-      "integrity": "sha512-ENHwaH+JIRTDIEEbDK6QSQntAYGtbvdDXnMXnZaZ6k13Du1dPMmprkEHIL7ok2Wl2aZevetwTAb5S+7yIF+enA==",
+      "version": "24.5.1",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.5.1.tgz",
+      "integrity": "sha512-/SQdmUP2xa+1rdx7VwB9yPq8PaKej8TD5cQ+XfKDPWWC+VDJU4rvVVagXqKUzhKjtFoNA8rXDJAkCxQPAe00+Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "undici-types": "~7.8.0"
+        "undici-types": "~7.12.0"
       }
     },
     "node_modules/@types/ws": {
@@ -202,9 +178,9 @@
       }
     },
     "node_modules/acorn": {
-      "version": "8.14.0",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
-      "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
+      "version": "8.15.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
+      "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -228,9 +204,9 @@
       }
     },
     "node_modules/ansi-regex": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz",
-      "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==",
+      "version": "6.2.2",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz",
+      "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==",
       "license": "MIT",
       "engines": {
         "node": ">=12"
@@ -240,9 +216,9 @@
       }
     },
     "node_modules/ansi-styles": {
-      "version": "6.2.1",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz",
-      "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==",
+      "version": "6.2.3",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz",
+      "integrity": "sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==",
       "license": "MIT",
       "engines": {
         "node": ">=12"
@@ -258,21 +234,6 @@
       "dev": true,
       "license": "MIT"
     },
-    "node_modules/balanced-match": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
-      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
-      "license": "MIT"
-    },
-    "node_modules/brace-expansion": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-      "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0"
-      }
-    },
     "node_modules/color-convert": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
@@ -364,6 +325,27 @@
         "xmlhttprequest-ssl": "~2.1.1"
       }
     },
+    "node_modules/engine.io-client/node_modules/ws": {
+      "version": "8.17.1",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz",
+      "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10.0.0"
+      },
+      "peerDependencies": {
+        "bufferutil": "^4.0.1",
+        "utf-8-validate": ">=5.0.2"
+      },
+      "peerDependenciesMeta": {
+        "bufferutil": {
+          "optional": true
+        },
+        "utf-8-validate": {
+          "optional": true
+        }
+      }
+    },
     "node_modules/engine.io-parser": {
       "version": "5.2.3",
       "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.2.3.tgz",
@@ -374,9 +356,9 @@
       }
     },
     "node_modules/follow-redirects": {
-      "version": "1.15.9",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz",
-      "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==",
+      "version": "1.15.11",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz",
+      "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==",
       "funding": [
         {
           "type": "individual",
@@ -410,14 +392,14 @@
       }
     },
     "node_modules/glob": {
-      "version": "11.0.1",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.1.tgz",
-      "integrity": "sha512-zrQDm8XPnYEKawJScsnM0QzobJxlT/kHOOlRTio8IH/GrmxRE5fjllkzdaHclIuNjUQTJYH2xHNIGfdpJkDJUw==",
+      "version": "11.0.3",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.3.tgz",
+      "integrity": "sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==",
       "license": "ISC",
       "dependencies": {
-        "foreground-child": "^3.1.0",
-        "jackspeak": "^4.0.1",
-        "minimatch": "^10.0.0",
+        "foreground-child": "^3.3.1",
+        "jackspeak": "^4.1.1",
+        "minimatch": "^10.0.3",
         "minipass": "^7.1.2",
         "package-json-from-dist": "^1.0.0",
         "path-scurry": "^2.0.0"
@@ -448,9 +430,9 @@
       "license": "ISC"
     },
     "node_modules/jackspeak": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.0.tgz",
-      "integrity": "sha512-9DDdhb5j6cpeitCbvLO7n7J4IxnbM6hoF6O1g4HQ5TfhvvKN8ywDM7668ZhMHRqVmxqhps/F6syWK2KcPxYlkw==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.1.tgz",
+      "integrity": "sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==",
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "@isaacs/cliui": "^8.0.2"
@@ -463,9 +445,9 @@
       }
     },
     "node_modules/lru-cache": {
-      "version": "11.0.2",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.0.2.tgz",
-      "integrity": "sha512-123qHRfJBmo2jXDbo/a5YOQrJoHF/GNQTLzQ5+IdK5pWpceK17yRc6ozlWd25FxvGKQbIUs91fDFkXmDHTKcyA==",
+      "version": "11.2.1",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.1.tgz",
+      "integrity": "sha512-r8LA6i4LP4EeWOhqBaZZjDWwehd1xUJPCJd9Sv300H0ZmcUER4+JPh7bqqZeqs1o5pgtgvXm+d9UGrB5zZGDiQ==",
       "license": "ISC",
       "engines": {
         "node": "20 || >=22"
@@ -479,12 +461,12 @@
       "license": "ISC"
     },
     "node_modules/minimatch": {
-      "version": "10.0.1",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.1.tgz",
-      "integrity": "sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==",
+      "version": "10.0.3",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.3.tgz",
+      "integrity": "sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==",
       "license": "ISC",
       "dependencies": {
-        "brace-expansion": "^2.0.1"
+        "@isaacs/brace-expansion": "^5.0.0"
       },
       "engines": {
         "node": "20 || >=22"
@@ -508,6 +490,28 @@
       "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
       "license": "MIT"
     },
+    "node_modules/openai": {
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/openai/-/openai-6.1.0.tgz",
+      "integrity": "sha512-5sqb1wK67HoVgGlsPwcH2bUbkg66nnoIYKoyV9zi5pZPqh7EWlmSrSDjAh4O5jaIg/0rIlcDKBtWvZBuacmGZg==",
+      "license": "Apache-2.0",
+      "peer": true,
+      "bin": {
+        "openai": "bin/cli"
+      },
+      "peerDependencies": {
+        "ws": "^8.18.0",
+        "zod": "^3.25 || ^4.0"
+      },
+      "peerDependenciesMeta": {
+        "ws": {
+          "optional": true
+        },
+        "zod": {
+          "optional": true
+        }
+      }
+    },
     "node_modules/package-json-from-dist": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz",
@@ -651,9 +655,9 @@
       }
     },
     "node_modules/strip-ansi": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz",
-      "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==",
+      "version": "7.1.2",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz",
+      "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==",
       "license": "MIT",
       "dependencies": {
         "ansi-regex": "^6.0.1"
@@ -732,9 +736,9 @@
       }
     },
     "node_modules/typescript": {
-      "version": "5.8.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz",
-      "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==",
+      "version": "5.9.2",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.2.tgz",
+      "integrity": "sha512-CWBzXQrc/qOkhidw1OzBTQuYRbfyxDXJMVJ1XNwUHGROVmuaeiEm3OslpZ1RV96d7SKKjZKrSJu3+t/xlw3R9A==",
       "dev": true,
       "license": "Apache-2.0",
       "bin": {
@@ -746,9 +750,9 @@
       }
     },
     "node_modules/undici-types": {
-      "version": "7.8.0",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
-      "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
+      "version": "7.12.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.12.0.tgz",
+      "integrity": "sha512-goOacqME2GYyOZZfb5Lgtu+1IDmAlAEu5xnD3+xTzS10hT0vzpf0SPjkXwAw9Jm+4n/mQGDP3LO8CPbYROeBfQ==",
       "dev": true,
       "license": "MIT"
     },
@@ -865,27 +869,6 @@
         "node": ">=8"
       }
     },
-    "node_modules/ws": {
-      "version": "8.17.1",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz",
-      "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=10.0.0"
-      },
-      "peerDependencies": {
-        "bufferutil": "^4.0.1",
-        "utf-8-validate": ">=5.0.2"
-      },
-      "peerDependenciesMeta": {
-        "bufferutil": {
-          "optional": true
-        },
-        "utf-8-validate": {
-          "optional": true
-        }
-      }
-    },
     "node_modules/xmlhttprequest-ssl": {
       "version": "2.1.2",
       "resolved": "https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-2.1.2.tgz",

packages/client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@scrypted/client",
-  "version": "1.3.17",
+  "version": "1.3.26",
   "description": "",
   "main": "dist/packages/client/src/index.js",
   "scripts": {
@@ -19,7 +19,7 @@
     "typescript": "^5.8.3"
   },
   "peerDependencies": {
-    "@scrypted/types": "^0.5.23"
+    "@scrypted/types": "^0.5.52"
   },
   "dependencies": {
     "engine.io-client": "^6.6.3",

packages/client/src/index.ts

@@ -1,21 +1,19 @@
-import { MediaObjectCreateOptions, RTCConnectionManagement, RTCSignalingSession, ScryptedStatic } from "@scrypted/types";
+import { ConnectRPCObjectOptions, ForkOptions, ForkWorker, MediaObjectCreateOptions, PluginFork, ScryptedInterface, ScryptedInterfaceProperty, ScryptedStatic } from "@scrypted/types";
 import * as eio from 'engine.io-client';
-import { SocketOptions } from 'engine.io-client';
-import { Deferred } from "../../../common/src/deferred";
 import { timeoutPromise } from "../../../common/src/promise-utils";
-import { BrowserSignalingSession, waitPeerConnectionIceConnected, waitPeerIceConnectionClosed } from "../../../common/src/rtc-signaling";
-import { DataChannelDebouncer } from "../../../plugins/webrtc/src/datachannel-debouncer";
 import type { ClusterObject, ConnectRPCObject } from '../../../server/src/cluster/connect-rpc-object';
+import { domFetch } from "../../../server/src/fetch";
+import { httpFetch } from '../../../server/src/fetch/http-fetch';
 import type { IOSocket } from '../../../server/src/io';
 import { MediaObject } from '../../../server/src/plugin/mediaobject';
+import { PluginAPIProxy, PluginRemote } from "../../../server/src/plugin/plugin-api";
 import { attachPluginRemote } from '../../../server/src/plugin/plugin-remote';
 import { RpcPeer } from '../../../server/src/rpc';
 import { createRpcDuplexSerializer, createRpcSerializer } from '../../../server/src/rpc-serializer';
 import packageJson from '../package.json';
 import { isIPAddress } from "./ip";
-
-import { domFetch } from "../../../server/src/fetch";
-import { httpFetch } from '../../../server/src/fetch/http-fetch';
+export * as rpc from '../../../server/src/rpc';
+export * as rpc_serializer from '../../../server/src/rpc-serializer';
 
 let fetcher: typeof httpFetch | typeof domFetch;
 try {
@@ -33,6 +31,15 @@ const sourcePeerId = RpcPeer.generateId();
 
 type IOClientSocket = eio.Socket & IOSocket;
 
+interface InternalFork extends Pick<ScryptedClientStatic, 'loginResult' | 'username' | 'address' | 'connectionType'> {
+    extraHeaders: {
+        [header: string]: string,
+    };
+    transports?: string[] | undefined;
+    clientName?: string;
+    admin: boolean;
+};
+
 function once(socket: IOClientSocket, event: 'open' | 'message') {
     return new Promise<any[]>((resolve, reject) => {
         const err = (e: any) => {
@@ -52,7 +59,13 @@ function once(socket: IOClientSocket, event: 'open' | 'message') {
     });
 }
 
-export type ScryptedClientConnectionType = 'http' | 'webrtc' | 'http-direct';
+/**
+ * The type of connection used by the Scrypted client.
+ * http-cloud is through Scrypted Cloud
+ * http-direct is a direct connection to the Scrypted server via one of the local network interfaces or public IP addresses.
+ * http is a direct connection with the base url or browser url.
+ */
+export type ScryptedClientConnectionType = 'http-cloud' | 'http-direct' | 'http';
 
 export interface ScryptedClientStatic extends ScryptedStatic {
     userId?: string;
@@ -60,18 +73,16 @@ export interface ScryptedClientStatic extends ScryptedStatic {
     admin: boolean;
     disconnect(): void;
     onClose?: Function;
-    rtcConnectionManagement?: RTCConnectionManagement;
-    browserSignalingSession?: BrowserSignalingSession;
     address?: string;
     connectionType: ScryptedClientConnectionType;
     rpcPeer: RpcPeer;
     loginResult: ScryptedClientLoginResult;
+    fork<T>(options: ForkOptions & { worker: Worker }): PluginFork<T>;
 }
 
 export interface ScryptedConnectionOptions {
     direct?: boolean;
     local?: boolean;
-    webrtc?: boolean;
     baseUrl?: string;
     previousLoginResult?: ScryptedClientLoginResult;
 }
@@ -112,19 +123,59 @@ export async function logoutScryptedClient(baseUrl?: string) {
     return response.body;
 }
 
-export function getCurrentBaseUrl() {
-    // an endpoint within scrypted will be served at /endpoint/[org/][id]
-    // find the endpoint prefix and anything prior to that will be the server base url.
-    const url = new URL(window.location.href);
-    url.search = '';
-    url.hash = '';
-    let endpointPath = window.location.pathname;
-    const parts = endpointPath.split('/');
-    const index = parts.findIndex(p => p === 'endpoint');
-    if (index === -1) {
-        // console.warn('path not recognized, does not contain the segment "endpoint".')
-        return undefined;
+function getBaseUrl(href: string) {
+    try {
+        // an endpoint within scrypted will be served at /endpoint/[org/][id]
+        // find the endpoint prefix and anything prior to that will be the server base url.
+        const url = new URL(href);
+        url.search = '';
+        url.hash = '';
+        let endpointPath = url.pathname;
+        const parts = endpointPath.split('/');
+        const index = parts.findIndex(p => p === 'endpoint');
+        if (index === -1) {
+            // console.warn('path not recognized, does not contain the segment "endpoint".')
+            return;
+        }
+        return { url, parts, index };
     }
+    catch (e) {
+    }
+}
+
+function importMetaUrlWithoutAssetsPath() {
+    // @ts-ignore
+    const url = new URL(import.meta.url);
+    const parts = url.pathname.split('/');
+    parts.pop();
+    parts.pop();
+    parts.push('public')
+    parts.push('');
+    url.pathname = parts.join('/');
+    return url.toString();
+}
+
+export function getCurrentBaseUrlRaw() {
+    const url = getBaseUrl(window.location.href)
+        || getBaseUrl(document.baseURI)
+        || getBaseUrl(importMetaUrlWithoutAssetsPath());
+
+    if (!url) {
+        try {
+            return getBaseUrl(process.env.SCRYPTED_ENDPOINT_PATH);
+        }
+        catch (e) {
+        }
+    }
+    return url;
+}
+
+export function getCurrentBaseUrl() {
+    const s = getCurrentBaseUrlRaw();
+    if (!s) {
+        return;
+    }
+    const { url, parts, index } = s;
     const keep = parts.slice(0, index);
     keep.push('');
     url.pathname = keep.join('/');
@@ -385,11 +436,10 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
     const eioPath = `endpoint/${pluginId}/engine.io/api`;
     const eioEndpoint = baseUrl ? new URL(eioPath, baseUrl).pathname : '/' + eioPath;
     // https://github.com/socketio/engine.io/issues/690
-    const cacehBust = Math.random().toString(36).substring(3, 10);
-    const eioOptions: Partial<SocketOptions> = {
+    const eioOptions: eio.SocketOptions = {
         path: eioEndpoint,
         query: {
-            cacehBust,
+            cacheBust: Math.random().toString(36).substring(3, 10),
         },
         withCredentials: true,
         extraHeaders,
@@ -399,10 +449,6 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
 
     const explicitBaseUrl = baseUrl || `${globalThis.location.protocol}//${globalThis.location.host}`;
 
-    // underlying webrtc rpc transport may queue up messages before its ready to be to be handled.
-    // watch for this flush.
-    const flush = new Deferred<void>();
-
     const addresses: string[] = [];
     const localAddressDefault = isNotChromeOrIsInstalledApp;
 
@@ -426,28 +472,12 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
     }
 
     const tryAddresses = !!addresses.length;
-    const webrtcLastFailedKey = 'webrtcLastFailed';
-    const canUseWebrtc = !!globalThis.RTCPeerConnection;
-    let tryWebrtc = canUseWebrtc && options.webrtc;
-    // try webrtc by default on scrypted cloud.
-    // but webrtc takes a while to fail, so backoff if it fails to prevent continual slow starts.
-    if (scryptedCloud && canUseWebrtc && globalThis.localStorage && options.webrtc === undefined) {
-        tryWebrtc = true;
-        const webrtcLastFailed = parseFloat(localStorage.getItem(webrtcLastFailedKey));
-        // if webrtc has failed in the past day, dont attempt to use it.
-        const now = Date.now();
-        if (webrtcLastFailed < now && webrtcLastFailed > now - 1 * 24 * 60 * 60 * 1000) {
-            tryWebrtc = false;
-            console.warn('WebRTC API connection recently failed. Skipping.')
-        }
-    }
 
     console.log({
         tryLocalAddressess: tryAddresses,
-        tryWebrtc,
     });
 
-    const localEioOptions: Partial<SocketOptions> = {
+    const localEioOptions: eio.SocketOptions = {
         ...eioOptions,
         extraHeaders: {
             ...eioOptions.extraHeaders,
@@ -484,145 +514,11 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
         }
     }
 
-    if (tryWebrtc) {
-        console.log('trying webrtc');
-        const webrtcEioOptions: Partial<SocketOptions> = {
-            path: '/endpoint/@scrypted/webrtc/engine.io/',
-            query: {
-                cacehBust,
-            },
-            withCredentials: true,
-            extraHeaders,
-            rejectUnauthorized: false,
-            transports: options?.transports,
-        };
-        const check = new eio.Socket(explicitBaseUrl, webrtcEioOptions) as IOClientSocket;
-        sockets.push(check);
-        promises.push((async () => {
-            await once(check, 'open');
-
-            const connectionManagementId = `connectionManagement-${Math.random()}`;
-            const updateSessionId = `updateSessionId-${Math.random()}`;
-            check.send(JSON.stringify({
-                pluginId,
-                updateSessionId,
-                connectionManagementId,
-            }));
-            const dcDeferred = new Deferred<RTCDataChannel>();
-            const session = new BrowserSignalingSession();
-            const droppedMessages: any[] = [];
-            session.onPeerConnection = async pc => {
-                pc.ondatachannel = e => {
-                    e.channel.onmessage = message => droppedMessages.push(message);
-                    e.channel.binaryType = 'arraybuffer';
-                    dcDeferred.resolve(e.channel)
-                };
-            }
-            const pcPromise = session.pcDeferred.promise;
-
-            const serializer = createRpcSerializer({
-                sendMessageBuffer: buffer => check.send(buffer),
-                sendMessageFinish: message => check.send(JSON.stringify(message)),
-            });
-            const upgradingPeer = new RpcPeer(clientName || 'webrtc-upgrade', "api", (message, reject, serializationContext) => {
-                try {
-                    serializer.sendMessage(message, reject, serializationContext);
-                }
-                catch (e) {
-                    reject?.(e as Error);
-                }
-            });
-
-            check.on('message', data => {
-                if (data.constructor === Buffer || data.constructor === ArrayBuffer) {
-                    serializer.onMessageBuffer(Buffer.from(data as string));
-                }
-                else {
-                    serializer.onMessageFinish(JSON.parse(data as string));
-                }
-            });
-            serializer.setupRpcPeer(upgradingPeer);
-
-            // is this an issue?
-            // const readyClose = new Promise<RpcPeer>((resolve, reject) => {
-            //     check.on('close', () => reject(new Error('closed')))
-            // })
-
-            upgradingPeer.params['session'] = session;
-
-            const pc = await pcPromise;
-            console.log('peer connection received');
-
-            await waitPeerConnectionIceConnected(pc);
-            console.log('waiting for data channel');
-
-            const dc = await dcDeferred.promise;
-            console.log('datachannel received', Date.now() - start);
-
-            const debouncer = new DataChannelDebouncer(dc, e => {
-                console.error('datachannel send error', e);
-                rpcPeer.kill('datachannel send error');
-            });
-            const dcSerializer = createRpcDuplexSerializer({
-                write: (data) => debouncer.send(data),
-            });
-
-            while (droppedMessages.length) {
-                const message = droppedMessages.shift();
-                dc.dispatchEvent(message);
-            }
-
-            const rpcPeer = new RpcPeer('webrtc-client', "api", (message, reject, serializationContext) => {
-                try {
-                    dcSerializer.sendMessage(message, reject, serializationContext);
-                }
-                catch (e) {
-                    reject?.(e as Error);
-                    pc.close();
-                }
-            });
-            dcSerializer.setupRpcPeer(rpcPeer);
-
-            rpcPeer.params['connectionManagementId'] = connectionManagementId;
-            rpcPeer.params['updateSessionId'] = updateSessionId;
-            rpcPeer.params['browserSignalingSession'] = session;
-
-            waitPeerIceConnectionClosed(pc).then(() => check.close());
-            check.on('close', () => {
-                console.log('datachannel upgrade cancelled/closed');
-                pc.close()
-            });
-
-            await new Promise(resolve => {
-                let buffers: Buffer[] = [];
-                dc.onmessage = message => {
-                    buffers.push(Buffer.from(message.data));
-                    resolve(undefined);
-
-                    flush.promise.finally(() => {
-                        if (buffers) {
-                            for (const buffer of buffers) {
-                                dcSerializer.onData(Buffer.from(buffer));
-                            }
-                            buffers = undefined;
-                        }
-                        dc.onmessage = message => dcSerializer.onData(Buffer.from(message.data));
-                    });
-                };
-            });
-
-            return {
-                ready: check,
-                connectionType: 'webrtc',
-                rpcPeer,
-            };
-        })());
-    }
 
     const p2pPromises = [...promises];
 
     promises.push((async () => {
-        const waitDuration = tryWebrtc ? 10000 : (tryAddresses ? 1000 : 0);
+        const waitDuration = tryAddresses ? 1000 : 0;
         console.log('waiting', waitDuration);
         if (waitDuration) {
             // give the peer to peers a second, but then try connecting directly.
@@ -643,16 +539,13 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
         return {
             ready: check,
             address: explicitBaseUrl,
-            connectionType: 'http',
+            connectionType: scryptedCloud ? 'http-cloud' : 'http',
         };
     })());
 
     const any = Promise.any(promises);
     let { ready, connectionType, address, rpcPeer } = await any;
 
-    if (tryWebrtc && connectionType !== 'webrtc')
-        localStorage.setItem(webrtcLastFailedKey, Date.now().toString());
-
     console.log('connected', connectionType, address)
 
     socket = ready;
@@ -692,7 +585,6 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
             serializer.setupRpcPeer(rpcPeer);
         }
 
-        setTimeout(() => flush.resolve(undefined), 0);
         const scrypted = await attachPluginRemote(rpcPeer, undefined);
         const {
             serverVersion,
@@ -701,6 +593,8 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
             endpointManager,
             mediaManager,
             clusterManager,
+            pluginHostAPI,
+            pluginRemoteAPI,
         } = scrypted;
         console.log('api attached', Date.now() - start);
 
@@ -708,20 +602,7 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
             return new MediaObject(mimeType, data, options) as any;
         }
 
-        const { browserSignalingSession, connectionManagementId, updateSessionId } = rpcPeer.params;
-        if (updateSessionId && browserSignalingSession) {
-            systemManager.getComponent('plugins').then(async plugins => {
-                const updateSession: (session: RTCSignalingSession) => Promise<void> = await plugins.getHostParam('@scrypted/webrtc', updateSessionId);
-                if (!updateSession)
-                    return;
-                await updateSession(browserSignalingSession);
-                console.log('signaling channel upgraded.');
-                socket.removeAllListeners();
-                socket.close();
-            });
-        }
-
-        const [admin, rtcConnectionManagement] = await Promise.all([
+        const [admin] = await Promise.all([
             (async () => {
                 try {
                     // info is 
@@ -732,18 +613,6 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
                 }
                 return false;
             })(),
-            (async () => {
-                let rtcConnectionManagement: RTCConnectionManagement;
-                if (connectionManagementId) {
-                    try {
-                        const plugins = await systemManager.getComponent('plugins');
-                        rtcConnectionManagement = await plugins.getHostParam('@scrypted/webrtc', connectionManagementId);
-                        return rtcConnectionManagement;
-                    }
-                    catch (e) {
-                    }
-                }
-            })(),
         ]);
 
         console.log('api initialized', Date.now() - start);
@@ -752,110 +621,131 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
             .map(id => systemManager.getDeviceById(id))
             .find(device => device.pluginId === '@scrypted/core' && device.nativeId === `user:${username}`);
 
-        const clusterPeers = new Map<number, Promise<RpcPeer>>();
-        const ensureClusterPeer = (clusterObject: ClusterObject) => {
-            let clusterPeerPromise = clusterPeers.get(clusterObject.port);
-            if (!clusterPeerPromise) {
-                clusterPeerPromise = (async () => {
-                    const eioPath = 'engine.io/connectRPCObject';
-                    const eioEndpoint = baseUrl ? new URL(eioPath, baseUrl).pathname : '/' + eioPath;
-                    const clusterPeerOptions = {
-                        path: eioEndpoint,
-                        query: {
-                            cacehBust,
-                            clusterObject: JSON.stringify(clusterObject),
-                        },
-                        withCredentials: true,
-                        extraHeaders,
-                        rejectUnauthorized: false,
-                        transports: options?.transports,
-                    };
+        const connectRPCObject = clusterSetup(address, connectionType, queryToken, extraHeaders, options?.transports, sourcePeerId, clientName);
 
-                    const clusterPeerSocket = new eio.Socket(explicitBaseUrl, clusterPeerOptions);
-                    let peerReady = false;
-                    clusterPeerSocket.on('close', () => {
-                        clusterPeers.delete(clusterObject.port);
-                        if (!peerReady) {
-                            throw new Error("peer disconnected before setup completed");
-                        }
-                    });
-
-                    try {
-                        await once(clusterPeerSocket, 'open');
-
-                        const serializer = createRpcDuplexSerializer({
-                            write: data => clusterPeerSocket.send(data),
-                        });
-                        clusterPeerSocket.on('message', data => serializer.onData(Buffer.from(data)));
-
-                        const clusterPeer = new RpcPeer(clientName || 'engine.io-client', "cluster-proxy", (message, reject, serializationContext) => {
-                            try {
-                                serializer.sendMessage(message, reject, serializationContext);
-                            }
-                            catch (e) {
-                                reject?.(e as Error);
-                            }
-                        });
-                        serializer.setupRpcPeer(clusterPeer);
-                        clusterPeer.tags.localPort = sourcePeerId;
-                        peerReady = true;
-                        return clusterPeer;
-                    }
-                    catch (e) {
-                        console.error('failure ipc connect', e);
-                        clusterPeerSocket.close();
-                        throw e;
-                    }
-                })();
-                clusterPeers.set(clusterObject.port, clusterPeerPromise);
-            }
-            return clusterPeerPromise;
+        const loginResult: ScryptedClientLoginResult = {
+            username,
+            token,
+            directAddress,
+            localAddresses,
+            externalAddresses,
+            scryptedCloud,
+            queryToken,
+            authorization,
+            cloudAddress,
+            hostname,
+            serverId,
         };
 
-        const resolveObject = async (proxyId: string, sourcePeerPort: number) => {
-            const sourcePeer = await clusterPeers.get(sourcePeerPort);
-            if (sourcePeer?.remoteWeakProxies) {
-                return Object.values(sourcePeer.remoteWeakProxies).find(
-                    v => v.deref()?.__cluster?.proxyId == proxyId
-                )?.deref();
-            }
-            return null;
-        }
+        type ForkType = ScryptedClientStatic['fork'];
+        const fork: ForkType = (forkOptions) => {
+            const { worker } = forkOptions;
 
-        const connectRPCObject = async (value: any) => {
-            const clusterObject: ClusterObject = value?.__cluster;
-            if (!clusterObject) {
-                return value;
-            }
+            const serializer = createRpcSerializer({
+                sendMessageBuffer: buffer => worker.postMessage(buffer),
+                sendMessageFinish: message => worker.postMessage(JSON.stringify(message)),
+            });
 
-            const { port, proxyId } = clusterObject;
+            const threadPeer = new RpcPeer("main-client", 'thread', (message, reject, serializationContext) => {
+                try {
+                    serializer.sendMessage(message, reject, serializationContext);
+                }
+                catch (e) {
+                    reject?.(e as Error);
+                }
+            });
 
-            // check if object is already connected
-            const resolved = await resolveObject(proxyId, port);
-            if (resolved) {
-                return resolved;
-            }
+            rpcPeer.killed.finally(() => threadPeer.kill('main rpc peer killed'));
 
-            try {
-                const clusterPeerPromise = ensureClusterPeer(clusterObject);
-                const clusterPeer = await clusterPeerPromise;
-                const connectRPCObject: ConnectRPCObject = await clusterPeer.getParam('connectRPCObject');
-                const newValue = await connectRPCObject(clusterObject);
-                if (!newValue)
-                    throw new Error('ipc object not found?');
-                return newValue;
-            }
-            catch (e) {
-                console.error('failure ipc', e);
-                return value;
-            }
-        }
+            worker.addEventListener('message', async event => {
+                if (event.data instanceof Uint8Array) {
+                    serializer.onMessageBuffer(Buffer.from(event.data));
+                }
+                else {
+                    serializer.onMessageFinish(JSON.parse(event.data));
+                }
+            });
+
+            serializer.setupRpcPeer(threadPeer);
+
+            // there is no worker close event?
+            const forkApi = new PluginAPIProxy(pluginHostAPI, mediaManager);
+            threadPeer.killed.finally(() => {
+                forkApi.removeListeners();
+                worker.terminate();
+            });
+
+            const internalFork: InternalFork = {
+                loginResult,
+                username,
+                address,
+                connectionType,
+                extraHeaders,
+                transports: options?.transports,
+                clientName,
+                admin,
+            };
+
+            threadPeer.params['client'] = internalFork;
+
+            const result = (async () => {
+                const getRemote = await threadPeer.getParam('getRemote');
+                const remote = await getRemote(forkApi, pluginId, {
+                    serverVersion
+                }) as PluginRemote;
+
+                await remote.setSystemState(systemManager.getSystemState());
+                forkApi.listen((id, eventDetails, eventData) => {
+                    // ScryptedDevice events will be handled specially and repropagated by the remote.
+                    if (eventDetails.eventInterface === ScryptedInterface.ScryptedDevice) {
+                        if (eventDetails.property === ScryptedInterfaceProperty.id) {
+                            // a change on the id property means device was deleted
+                            remote.updateDeviceState(eventData, undefined);
+                        }
+                        else {
+                            // a change on anything else is a descriptor update
+                            remote.updateDeviceState(id, systemManager.getSystemState()[id]);
+                        }
+                        return;
+                    }
+
+                    if (eventDetails.property && !eventDetails.mixinId) {
+                        remote.notify(id, eventDetails, systemManager.getSystemState()[id]?.[eventDetails.property]).catch(() => { });
+                    }
+                    else {
+                        remote.notify(id, eventDetails, eventData).catch(() => { });
+                    }
+                });
+
+                const fork = await threadPeer.getParam('fork');
+                return fork;
+            })();
+
+            result.catch(() => {
+                threadPeer.kill('fork setup failed');
+                worker.terminate();
+            });
+
+            return {
+                [Symbol.dispose]() {
+                    worker.terminate();
+                    threadPeer.kill('disposed');
+                },
+                result,
+                worker: {
+                    terminate() {
+                        worker.terminate();
+                    },
+                    nativeWorker: worker,
+                } as any as ForkWorker,
+            };
+        };
 
         const ret: ScryptedClientStatic = {
             userId: userDevice?.id,
             serverVersion,
             username,
-            pluginRemoteAPI: undefined,
+            pluginRemoteAPI,
             address,
             connectionType,
             admin,
@@ -867,25 +757,11 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
             disconnect() {
                 rpcPeer.kill('disconnect requested');
             },
-            pluginHostAPI: undefined,
-            rtcConnectionManagement,
-            browserSignalingSession,
+            pluginHostAPI,
             rpcPeer,
-            loginResult: {
-                username,
-                token,
-                directAddress,
-                localAddresses,
-                externalAddresses,
-                scryptedCloud,
-                queryToken,
-                authorization,
-                cloudAddress,
-                hostname,
-                serverId,
-            },
+            loginResult,
             connectRPCObject,
-            fork: undefined,
+            fork,
             connect: undefined,
         }
 
@@ -905,3 +781,308 @@ export async function connectScryptedClient(options: ScryptedClientOptions): Pro
         throw e;
     }
 }
+
+function clusterSetup(address: string, connectionType: ScryptedClientConnectionType, queryToken: any, extraHeaders: { [header: string]: string }, transports: string[] | undefined, sourcePeerId: string, clientName?: string) {
+    const clusterPeers = new Map<number, Promise<RpcPeer>>();
+    const finalizationRegistry = new FinalizationRegistry((clusterPeer: RpcPeer) => {
+        clusterPeer.kill('object finalized');
+    });
+    const ensureClusterPeer = (clusterObject: ClusterObject, connectRPCObjectOptions?: ConnectRPCObjectOptions) => {
+        // If dedicatedTransport is true, don't reuse existing cluster peers
+        if (!connectRPCObjectOptions?.dedicatedTransport) {
+            let clusterPeerPromise = clusterPeers.get(clusterObject.port);
+            if (clusterPeerPromise)
+                return clusterPeerPromise;
+        }
+
+        const clusterPeerPromise = (async () => {
+            const eioPath = 'engine.io/connectRPCObject';
+            const eioEndpoint = new URL(eioPath, address).pathname;
+            const eioQueryToken = connectionType === 'http' ? undefined : queryToken;
+            const clusterPeerOptions: eio.SocketOptions = {
+                path: eioEndpoint,
+                query: {
+                    cacheBust: Math.random().toString(36).substring(3, 10),
+                    clusterObject: JSON.stringify(clusterObject),
+                    ...eioQueryToken,
+                },
+                withCredentials: true,
+                extraHeaders,
+                rejectUnauthorized: false,
+                transports,
+            };
+
+            const clusterPeerSocket = new eio.Socket(address, clusterPeerOptions);
+            let peerReady = false;
+
+            // Timeout handling for dedicated transports
+            let receiveTimeout: NodeJS.Timeout | undefined;
+            let sendTimeout: NodeJS.Timeout | undefined;
+            let clusterPeer: RpcPeer | undefined;
+
+            const clearTimers = () => {
+                if (receiveTimeout) {
+                    clearTimeout(receiveTimeout);
+                    receiveTimeout = undefined;
+                }
+                if (sendTimeout) {
+                    clearTimeout(sendTimeout);
+                    sendTimeout = undefined;
+                }
+            };
+
+            const resetReceiveTimeout = connectRPCObjectOptions?.dedicatedTransport?.receiveTimeout ? () => {
+                if (receiveTimeout) {
+                    clearTimeout(receiveTimeout);
+                }
+                receiveTimeout = setTimeout(() => {
+                    if (clusterPeer) {
+                        clusterPeer.kill('receive timeout');
+                    }
+                }, connectRPCObjectOptions.dedicatedTransport.receiveTimeout);
+            } : undefined;
+
+            const resetSendTimeout = connectRPCObjectOptions?.dedicatedTransport?.sendTimeout ? () => {
+                if (sendTimeout) {
+                    clearTimeout(sendTimeout);
+                }
+                sendTimeout = setTimeout(() => {
+                    if (clusterPeer) {
+                        clusterPeer.kill('send timeout');
+                    }
+                }, connectRPCObjectOptions.dedicatedTransport.sendTimeout);
+            } : undefined;
+
+            clusterPeerSocket.on('close', () => {
+                clusterPeer?.kill('socket closed');
+                // Only remove from clusterPeers if it's not a dedicated transport
+                if (!connectRPCObjectOptions?.dedicatedTransport) {
+                    clusterPeers.delete(clusterObject.port);
+                }
+                if (!peerReady) {
+                    throw new Error("peer disconnected before setup completed");
+                }
+            });
+
+            try {
+                await once(clusterPeerSocket, 'open');
+
+                const serializer = createRpcDuplexSerializer({
+                    write: data => {
+                        resetSendTimeout?.();
+                        clusterPeerSocket.send(data);
+                    },
+                });
+
+                clusterPeerSocket.on('message', data => {
+                    resetReceiveTimeout?.();
+                    serializer.onData(Buffer.from(data));
+                });
+
+                clusterPeer = new RpcPeer(clientName || 'engine.io-client', "cluster-proxy", (message, reject, serializationContext) => {
+                    try {
+                        resetSendTimeout?.();
+                        serializer.sendMessage(message, reject, serializationContext);
+                    }
+                    catch (e) {
+                        reject?.(e as Error);
+                    }
+                });
+                clusterPeer.killedSafe.finally(() => {
+                    clearTimers();
+                    clusterPeerSocket.close();
+                });
+                serializer.setupRpcPeer(clusterPeer);
+                clusterPeer.tags.localPort = sourcePeerId;
+                peerReady = true;
+
+                // Initialize timeouts if configured
+                resetReceiveTimeout?.();
+                resetSendTimeout?.();
+
+                return clusterPeer;
+            }
+            catch (e) {
+                clearTimers();
+                console.error('failure ipc connect', e);
+                clusterPeerSocket.close();
+                throw e;
+            }
+        })();
+
+        // Only store in clusterPeers if it's not a dedicated transport
+        if (!connectRPCObjectOptions?.dedicatedTransport) {
+            clusterPeers.set(clusterObject.port, clusterPeerPromise);
+        }
+
+        return clusterPeerPromise;
+    };
+
+    const resolveObject = async (proxyId: string, sourcePeerPort: number) => {
+        const sourcePeer = await clusterPeers.get(sourcePeerPort);
+        if (sourcePeer?.remoteWeakProxies) {
+            return Object.values(sourcePeer.remoteWeakProxies).find(
+                v => v.deref()?.__cluster?.proxyId == proxyId
+            )?.deref();
+        }
+        return null;
+    }
+
+    const connectRPCObject = async (value: any, options?: ConnectRPCObjectOptions) => {
+        const clusterObject: ClusterObject = value?.__cluster;
+        if (!clusterObject) {
+            return value;
+        }
+
+        const { port, proxyId } = clusterObject;
+
+        // check if object is already connected
+        const resolved = await resolveObject(proxyId, port);
+        if (resolved) {
+            return resolved;
+        }
+
+        try {
+            const clusterPeerPromise = ensureClusterPeer(clusterObject, options);
+            const clusterPeer = await clusterPeerPromise;
+            const connectRPCObject: ConnectRPCObject = await clusterPeer.getParam('connectRPCObject');
+            try {
+                const newValue = await connectRPCObject(clusterObject);
+                if (!newValue)
+                    throw new Error('ipc object not found?');
+
+                // If dedicatedTransport is true, register the object for cleanup
+                if (options?.dedicatedTransport) {
+                    finalizationRegistry.register(newValue, clusterPeer);
+                }
+
+                return newValue;
+            }
+            catch (e) {
+                // If we have a clusterPeer and this is a dedicated transport, kill the connection
+                // to prevent resource leaks when connectRPCObject fails
+                if (options?.dedicatedTransport) {
+                    clusterPeer.kill('connectRPCObject failed');
+                }
+                throw e;
+            }
+        }
+        catch (e) {
+            console.error('failure ipc', e);
+            return value;
+        }
+    }
+
+    return connectRPCObject;
+}
+
+export async function connectScryptedClientFork(forkMain: (client: ScryptedClientStatic) => Promise<any>) {
+    const start = Date.now();
+
+    try {
+
+        const serializer = createRpcSerializer({
+            sendMessageBuffer: buffer => self.postMessage(buffer),
+            sendMessageFinish: message => self.postMessage(JSON.stringify(message)),
+        });
+
+        const rpcPeer = new RpcPeer('thread', "main-client", (message, reject, serializationContext) => {
+            try {
+                serializer.sendMessage(message, reject, serializationContext);
+            }
+            catch (e) {
+                reject?.(e as Error);
+            }
+        });
+
+        self.addEventListener('message', event => {
+            if (event.data instanceof Uint8Array) {
+                serializer.onMessageBuffer(Buffer.from(event.data));
+            }
+            else {
+                serializer.onMessageFinish(JSON.parse(event.data));
+            }
+        });
+
+        serializer.setupRpcPeer(rpcPeer);
+
+
+        const scrypted = await attachPluginRemote(rpcPeer, undefined);
+        const {
+            serverVersion,
+            systemManager,
+            deviceManager,
+            endpointManager,
+            mediaManager,
+            clusterManager,
+            pluginHostAPI,
+            pluginRemoteAPI,
+        } = scrypted;
+        console.log('api attached', Date.now() - start);
+
+        mediaManager.createMediaObject = async<T extends MediaObjectCreateOptions>(data: any, mimeType: string, options: T) => {
+            return new MediaObject(mimeType, data, options) as any;
+        }
+        console.log('api initialized', Date.now() - start);
+
+        const {
+            loginResult,
+            username,
+            address,
+            connectionType,
+            extraHeaders,
+            transports,
+            clientName,
+            admin,
+        } = await rpcPeer.getParam('client') as InternalFork;
+
+        const { queryToken } = loginResult;
+
+        const userDevice = Object.keys(systemManager.getSystemState())
+            .map(id => systemManager.getDeviceById(id))
+            .find(device => device.pluginId === '@scrypted/core' && device.nativeId === `user:${username}`);
+
+        const connectRPCObject = clusterSetup(address, connectionType, queryToken, extraHeaders, transports, sourcePeerId, clientName);
+
+        type ForkType = ScryptedClientStatic['fork'];
+        const fork: ForkType = (forkOptions) => {
+            throw new Error('not implemented');
+        };
+
+        const ret: ScryptedClientStatic = {
+            userId: userDevice?.id,
+            serverVersion,
+            username,
+            pluginRemoteAPI,
+            address,
+            connectionType,
+            admin,
+            systemManager,
+            clusterManager,
+            deviceManager,
+            endpointManager,
+            mediaManager,
+            disconnect() {
+                rpcPeer.kill('disconnect requested');
+            },
+            pluginHostAPI,
+            rpcPeer,
+            loginResult,
+            connectRPCObject,
+            fork,
+            connect: undefined,
+        }
+        rpcPeer.killed.finally(() => {
+            self.close();
+            ret.onClose?.();
+        });
+
+        const forked = await forkMain(ret);
+
+        rpcPeer.params['fork'] = forked;
+    }
+    catch (e) {
+        self.close();
+        throw e;
+    }
+}

plugins/amcrest/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@scrypted/amcrest",
-   "version": "0.0.166",
+   "version": "0.0.168",
    "lockfileVersion": 3,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/amcrest",
-         "version": "0.0.166",
+         "version": "0.0.168",
          "license": "Apache",
          "dependencies": {
             "@scrypted/common": "file:../../common",
@@ -16,7 +16,7 @@
          },
          "devDependencies": {
             "@types/content-type": "^1.1.8",
-            "@types/node": "^20.11.30",
+            "@types/node": "^22.19.3",
             "@types/xml2js": "^0.4.14"
          }
       },
@@ -26,39 +26,42 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
          "devDependencies": {
-            "@types/node": "^20.11.0",
+            "@types/node": "^20.19.11",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2"
          }
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.114",
+         "version": "0.5.55",
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.9",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-terser": "^0.4.4",
+            "@rollup/plugin-typescript": "^12.3.0",
             "@rollup/plugin-virtual": "^3.0.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.52.5",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.4",
             "tslib": "^2.8.1",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typescript": "^5.9.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
@@ -71,9 +74,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.9.2",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.11"
+            "typedoc": "^0.28.14"
          }
       },
       "node_modules/@scrypted/common": {
@@ -91,12 +94,13 @@
          "dev": true
       },
       "node_modules/@types/node": {
-         "version": "20.11.30",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.30.tgz",
-         "integrity": "sha512-dHM6ZxwlmuZaRmUPfv1p+KrdD1Dci04FbdEm/9wEMouFqxYoFl5aMkt0VMAUtYRQDyYvD41WJLukhq/ha3YuTw==",
+         "version": "22.19.3",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.3.tgz",
+         "integrity": "sha512-1N9SBnWYOJTrNZCdh/yJE+t910Y128BoyY+zBLWhL3r0TYzlTmFdXrPwHL9DyFZmlEXNQQolTZh3KHV31QDhyA==",
          "dev": true,
+         "license": "MIT",
          "dependencies": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "node_modules/@types/xml2js": {
@@ -124,10 +128,11 @@
          "license": "ISC"
       },
       "node_modules/undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
-         "dev": true
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+         "dev": true,
+         "license": "MIT"
       },
       "node_modules/xml2js": {
          "version": "0.6.2",

plugins/amcrest/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@scrypted/amcrest",
-   "version": "0.0.166",
+   "version": "0.0.168",
    "description": "Amcrest Plugin for Scrypted",
    "author": "Scrypted",
    "license": "Apache",
@@ -44,7 +44,7 @@
    },
    "devDependencies": {
       "@types/content-type": "^1.1.8",
-      "@types/node": "^20.11.30",
+      "@types/node": "^22.19.3",
       "@types/xml2js": "^0.4.14"
    }
 }

plugins/amcrest/src/amcrest-api.ts

@@ -268,8 +268,8 @@ export class AmcrestCameraClient {
                     continue;
                 if (ignore === boundaryEnd)
                     continue;
-                // dahua bugs out and sends this.
-                if (ignore === 'HTTP/1.1 200 OK') {
+                // dahua bugs out and sends this (handle both HTTP/1.0 and HTTP/1.1).
+                if (ignore === 'HTTP/1.1 200 OK' || ignore === 'HTTP/1.0 200 OK') {
                     const message = await readAmcrestMessage(stream);
                     this.console.log('ignoring dahua http message', message);
                     message.unshift('');

plugins/cloud/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@scrypted/cloud",
-   "version": "0.2.49",
+   "version": "0.2.51",
    "lockfileVersion": 3,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/cloud",
-         "version": "0.2.49",
+         "version": "0.2.51",
          "dependencies": {
             "@eneris/push-receiver": "^4.3.0",
             "@scrypted/common": "file:../../common",

plugins/cloud/package.json

@@ -52,5 +52,5 @@
       "@types/node": "^22.10.1",
       "ts-node": "^10.9.2"
    },
-   "version": "0.2.49"
+   "version": "0.2.51"
 }

plugins/cloud/src/main.ts

@@ -240,8 +240,10 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
     upnpClient = upnp.createClient();
     upnpStatus = 'Starting';
     randomBytes = crypto.randomBytes(16).toString('base64');
+    healthCheckToken = crypto.randomBytes(16).toString('hex');
     reverseConnections = new Set<Duplex>();
     cloudflaredLoginController?: AbortController;
+    healthCheckInterval?: NodeJS.Timeout;
 
     get portForwardingDisabled() {
         return this.storageSettings.values.forwardingMode === 'Disabled' || this.storageSettings.values.forwardingMode === 'Default';
@@ -852,6 +854,12 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
                 }
                 res.end();
             }
+            else if (url.pathname === '/_punch/cloudflared_callback') {
+                res.writeHead(200);
+                res.write(this.healthCheckToken);
+                res.end();
+                return;
+            }
             else if (url.pathname === '/web/') {
                 const validDomain = this.getSSLHostname();
                 if (validDomain) {
@@ -1122,6 +1130,9 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
                     maxDelay: 300000,
                 });
 
+                // Start health check after cloudflared is successfully started
+                this.startHealthCheck();
+
                 await once(this.cloudflared.child, 'exit').catch(() => { });
                 // the successfully started cloudflared process may exit at some point, loop and allow it to restart.
                 this.console.error('cloudflared exited');
@@ -1131,6 +1142,8 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
                 this.console.error('cloudflared error', e);
             }
             finally {
+                clearInterval(this.healthCheckInterval);
+                this.healthCheckInterval = undefined;
                 this.cloudflared = undefined;
                 this.cloudflareTunnel = undefined;
                 this.updateExternalAddresses();
@@ -1138,6 +1151,59 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
         }
     }
 
+    async startHealthCheck() {
+        // Clear any existing health check interval
+        if (this.healthCheckInterval) {
+            clearInterval(this.healthCheckInterval);
+        }
+
+        // Local failure counter - only accessible within this method
+        let failureCount = 0;
+        const maxFailuresBeforeRestart = 3;
+        const alertTitle = 'Cloudflared health check failed 3 times consecutively. Restarting cloudflared process.';
+
+        const check = async () => {
+            // Only perform health check if cloudflare is enabled and we have a tunnel URL
+            if (!this.storageSettings.values.cloudflareEnabled || !this.cloudflareTunnel) {
+                return;
+            }
+
+            try {
+                const healthCheckUrl = `${this.cloudflareTunnel}/_punch/cloudflared_callback`;
+                this.console.log(`Performing health check: ${healthCheckUrl}`);
+
+                const response = await httpFetch({
+                    url: healthCheckUrl,
+                    responseType: 'text',
+                    timeout: 30000, // 30 second timeout
+                });
+
+                this.log.clearAlert(alertTitle);
+
+                if (response.body !== this.healthCheckToken) {
+                    throw new Error(`Health check failed: Expected token ${this.healthCheckToken}, got ${response.body}`);
+                }
+
+                failureCount = 0;
+                this.console.log('Cloudflared health check passed');
+            } catch (error) {
+                failureCount++;
+                this.console.error(`Cloudflared health check failed (${failureCount}/${maxFailuresBeforeRestart}):`, error);
+
+                if (failureCount >= maxFailuresBeforeRestart) {
+                    this.console.warn('3 consecutive health check failures detected. Restarting cloudflared process.');
+                    this.log.a(alertTitle);
+                    this.cloudflared?.child?.kill();
+
+                    failureCount = 0;
+                }
+            }
+        };
+
+        // Start a new health check interval (every 2 minutes)
+        this.healthCheckInterval = setInterval(check, 2 * 60 * 1000); // Run every 2 minutes
+    }
+
     get serverIdentifier() {
         const serverIdentifier = `${this.storageSettings.values.registrationSecret}@${this.storageSettings.values.serverId}`;
         return serverIdentifier;

plugins/core/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@scrypted/core",
-   "version": "0.3.129",
+   "version": "0.3.146",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/core",
-         "version": "0.3.129",
+         "version": "0.3.146",
          "license": "Apache-2.0",
          "dependencies": {
             "@scrypted/common": "file:../../common",
@@ -77,6 +77,7 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
@@ -88,28 +89,29 @@
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.100",
+         "version": "0.5.33",
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
             "@rollup/plugin-virtual": "^3.0.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^5.3.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.2",
             "tslib": "^2.8.1",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
@@ -122,9 +124,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.0.1",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.11"
+            "typedoc": "^0.28.5"
          }
       },
       "node_modules/@scrypted/common": {
@@ -276,6 +278,7 @@
          "version": "file:../../common",
          "requires": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "@types/node": "^20.11.0",
             "http-auth-utils": "^5.0.1",
             "monaco-editor": "^0.50.0",
@@ -286,28 +289,29 @@
       "@scrypted/sdk": {
          "version": "file:../../sdk",
          "requires": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
             "@rollup/plugin-virtual": "^3.0.2",
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.0.1",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^5.3.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.2",
             "ts-node": "^10.9.2",
             "tslib": "^2.8.1",
-            "typedoc": "^0.26.11",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typedoc": "^0.28.5",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          }
       },

plugins/core/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@scrypted/core",
-   "version": "0.3.129",
+   "version": "0.3.146",
    "description": "Scrypted Core plugin. Provides the UI, websocket, and engine.io APIs.",
    "author": "Scrypted",
    "license": "Apache-2.0",

plugins/core/src/main.ts

@@ -12,7 +12,7 @@ import { AutomationCore, AutomationCoreNativeId } from './automations-core';
 import { ClusterCore, ClusterCoreNativeId } from './cluster';
 import { LauncherMixin } from './launcher-mixin';
 import { MediaCore } from './media-core';
-import { checkLegacyLxc, checkLxc } from './platform/lxc';
+import { checkLegacyLxc, checkLxc, checkLxcVersionUpdateNeeded } from './platform/lxc';
 import { ConsoleServiceNativeId, PluginSocketService, ReplServiceNativeId } from './plugin-socket-service';
 import { ScriptCore, ScriptCoreNativeId, newScript } from './script-core';
 import { TerminalService, TerminalServiceNativeId, newTerminalService } from './terminal-service';
@@ -64,7 +64,10 @@ class ScryptedCore extends ScryptedDeviceBase implements HttpRequestHandler, Dev
                 'Default',
                 'latest',
                 'beta',
-                `v${sdk.serverVersion}-jammy-full`,
+                'intel',
+                'amd',
+                'nvidia',
+                `v${sdk.serverVersion}-noble-full`,
             ],
             combobox: true,
             onPut: (ov, nv) => {
@@ -212,9 +215,14 @@ class ScryptedCore extends ScryptedDeviceBase implements HttpRequestHandler, Dev
             );
         })();
 
-        // check on workers once an hour.
+        // check on workers immediately and once an hour.
         this.updateWorkers();
-        setInterval(() => this.updateWorkers(), 1000 * 60 * 60);
+        setInterval(() => this.updateWorkers(), 60 * 1000 * 60);
+
+        // check on worker images once an hour.
+        // checking immediately is problematic as a failed update may cause a restart loop on startup.
+        // images are also pruned 1 minute after startup, so avoid that.
+        setInterval(() => this.updateWorkerImages(), 60 * 1000 * 60);
     }
 
     async updateWorkers() {
@@ -239,6 +247,38 @@ class ScryptedCore extends ScryptedDeviceBase implements HttpRequestHandler, Dev
         }
     }
 
+    async updateWorkerImages() {
+        const workers = await sdk.clusterManager?.getClusterWorkers();
+        if (!workers)
+            return;
+        for (const [id, worker] of Object.entries(workers)) {
+            const forked = sdk.fork<ReturnType<typeof fork>>({
+                clusterWorkerId: id,
+                runtime: 'node',
+            });
+
+            (async () => {
+                try {
+                    const result = await forked.result;
+                    if (!await result.checkLxcVersionUpdateNeeded()) {
+                        return;
+                    }
+
+                    // restart the worker to pick up the new image.
+                    const clusterFork = await sdk.systemManager.getComponent('cluster-fork');
+                    const serviceControl = await clusterFork.getServiceControl(worker.id);
+                    await serviceControl.restart().catch(() => { });
+                }
+                catch (e) {
+                }
+                finally {
+                    await sleep(1000);
+                    forked.worker.terminate();
+                }
+            })();
+        }
+    }
+
     async getSettings(): Promise<Setting[]> {
         try {
             const service = await sdk.systemManager.getComponent('addresses');
@@ -342,7 +382,6 @@ class ScryptedCore extends ScryptedDeviceBase implements HttpRequestHandler, Dev
         const dockerCompose = yaml.parseDocument(readFileAsString('/root/.scrypted/docker-compose.yml'));
         // @ts-ignore
         dockerCompose.contents.get('services').get('scrypted').set('image', `ghcr.io/koush/scrypted${releaseChannel}`);
-        yaml.stringify(dockerCompose);
         writeFileSync('/root/.scrypted/docker-compose.yml', yaml.stringify(dockerCompose));
         this.setPullImage();
 
@@ -359,6 +398,7 @@ export async function fork() {
         tsCompile,
         newScript,
         newTerminalService,
+        checkLxcVersionUpdateNeeded,
         checkLxc: async () => {
             try {
                 // console.warn('Checking for LXC installation...');

plugins/core/src/platform/lxc.ts

@@ -1,5 +1,9 @@
-import fs from 'fs';
+import { Deferred } from '@scrypted/common/src/deferred';
+import { readFileAsString } from '@scrypted/common/src/eval/scrypted-eval';
 import sdk from '@scrypted/sdk';
+import fs, { writeFileSync } from 'fs';
+import http from 'http';
+import yaml from 'yaml';
 
 export const SCRYPTED_INSTALL_ENVIRONMENT_LXC = 'lxc';
 export const SCRYPTED_INSTALL_ENVIRONMENT_LXC_DOCKER = 'lxc-docker';
@@ -18,6 +22,119 @@ export async function checkLxc() {
     if (process.env.SCRYPTED_INSTALL_ENVIRONMENT !== SCRYPTED_INSTALL_ENVIRONMENT_LXC_DOCKER)
         return;
 
+    await checkLxcCompose();
+    await checkLxcScript();
+}
+
+
+async function dockerRequest(options: http.RequestOptions, body?: string) {
+    const deferred = new Deferred<string>();
+
+    const req = http.request({
+        socketPath: '/var/run/docker.sock',
+        method: options.method,
+        path: options.path,
+        headers: {
+            'Host': 'localhost',
+            ...options.headers
+        }
+    });
+
+    req.on('response', (res) => {
+        let data = '';
+        res.on('data', (chunk) => {
+            data += chunk;
+        });
+        res.on('end', () => {
+            deferred.resolve(data);
+        });
+    });
+
+    req.on('error', (err) => {
+        deferred.reject(err);
+    });
+
+    if (body) {
+        req.write(body);
+    }
+
+    req.end();
+
+    return deferred.promise;
+}
+
+async function dockerPullScryptedTag(tag: string) {
+    return dockerRequest({
+        method: 'POST',
+        path: `/v1.41/images/create?fromImage=ghcr.io%2Fkoush%2Fscrypted&tag=${tag}`,
+    });
+}
+
+async function dockerImageLsScryptedTag(tag: string) {
+    // List all images and find the specific one
+    const data = await dockerRequest({
+        method: 'GET',
+        path: '/v1.41/images/json'
+    });
+    const images = JSON.parse(data);
+    // Filter for your specific image
+    const targetImage = images.find(image => {
+        return image.RepoTags && image.RepoTags.some(t =>
+            t === `ghcr.io/koush/scrypted:${tag}`
+        );
+    });
+    if (!targetImage) {
+        throw new Error('Image not found');
+    }
+
+    return targetImage.Id;
+}
+
+async function dockerGetScryptedContainerImageId() {
+    // List running containers filtered by name
+    const data = await dockerRequest({
+        method: 'GET',
+        path: '/v1.41/containers/json?filters={"name":["scrypted"],"status":["running"]}'
+    });
+    const containers = JSON.parse(data);
+    if (!containers.length)
+        throw new Error('No running container named "scrypted" found');
+    const container = containers[0];
+    return container.ImageID;
+}
+
+export async function checkLxcVersionUpdateNeeded() {
+    if (process.env.SCRYPTED_INSTALL_ENVIRONMENT !== SCRYPTED_INSTALL_ENVIRONMENT_LXC_DOCKER)
+        return;
+
+    const dockerCompose = yaml.parseDocument(readFileAsString('/root/.scrypted/docker-compose.yml'));
+    // @ts-ignore
+    const image: string = dockerCompose.contents.get('services').get('scrypted').get('image');
+    const label = image.split(':')[1] || 'latest';
+
+    await dockerPullScryptedTag(label);
+    const imageId = await dockerImageLsScryptedTag(label);
+    const containerImageId = await dockerGetScryptedContainerImageId();
+    console.warn('LXC Scrypted latest image ID:', imageId);
+    console.warn('LXC Scrypted running image ID:', containerImageId);
+    return containerImageId !== imageId;
+}
+
+async function checkLxcCompose() {
+    // the lxc-docker used watchtower for automatic updates but watchtower started crashing in the lxc environment
+    // after a docker update.
+    // watchtower was removed from the lxc as a result.
+    // however existing installations may still have watchtower in their docker-compose.yml and need it removed.
+    const dockerCompose = yaml.parseDocument(readFileAsString('/root/.scrypted/docker-compose.yml'));
+    // @ts-ignore
+    const watchtower = dockerCompose.contents.get('services').get('watchtower');
+    if (watchtower.get('profiles'))
+        return;
+    watchtower.set('profiles', ['disabled']);
+    writeFileSync('/root/.scrypted/docker-compose.yml', yaml.stringify(dockerCompose));
+}
+
+async function checkLxcScript() {
     const foundDockerComposeSh = await fs.promises.readFile(DOCKER_COMPOSE_SH_PATH, 'utf8');
     const dockerComposeSh = await fs.promises.readFile(LXC_DOCKER_COMPOSE_SH_PATH, 'utf8');
 
@@ -34,4 +151,4 @@ export async function checkLxc() {
     // console.warn(foundDockerComposeSh);
     await fs.promises.copyFile(LXC_DOCKER_COMPOSE_SH_PATH, DOCKER_COMPOSE_SH_PATH);
     await fs.promises.chmod(DOCKER_COMPOSE_SH_PATH, 0o755);
-}
+}

plugins/core/src/terminal-service.ts

@@ -1,7 +1,7 @@
-import sdk, { ClusterForkInterface, ClusterForkInterfaceOptions, ScryptedDeviceBase, ScryptedInterface, ScryptedNativeId, StreamService, TTYSettings } from "@scrypted/sdk";
-import type { IPty, spawn as ptySpawn } from 'node-pty';
-import { createAsyncQueue } from '@scrypted/common/src/async-queue'
+import { createAsyncQueue } from '@scrypted/common/src/async-queue';
+import sdk, { ClusterForkInterface, ClusterForkInterfaceOptions, ScryptedDeviceBase, ScryptedInterface, ScryptedNativeId, StreamService, TTY, TTYSettings } from "@scrypted/sdk";
 import { ChildProcess, spawn as childSpawn } from "child_process";
+import type { IPty, spawn as ptySpawn } from 'node-pty';
 import path from 'path';
 
 export const TerminalServiceNativeId = 'terminalservice';
@@ -19,12 +19,24 @@ function toSpawnPathEnv(paths: string[]): string {
 class InteractiveTerminal {
     cp: IPty
 
-    constructor(cmd: string[], paths: string[], spawn: typeof ptySpawn) {
+    constructor(cmd: string[], paths: string[], spawn: typeof ptySpawn, cwd?: string) {
         const spawnPath = toSpawnPathEnv(paths);
         if (cmd?.length) {
-            this.cp = spawn(cmd[0], cmd.slice(1), { env: { ...process.env, PATH: spawnPath } });
+            this.cp = spawn(cmd[0], cmd.slice(1), {
+                env: {
+                    ...process.env,
+                    PATH: spawnPath,
+                },
+                cwd,
+            });
         } else {
-            this.cp = spawn(process.env.SHELL as string, [], { env: { ...process.env, PATH: spawnPath } });
+            this.cp = spawn(process.env.SHELL as string, [], {
+                env: {
+                    ...process.env,
+                    PATH: spawnPath,
+                },
+                cwd,
+            });
         }
     }
 
@@ -111,7 +123,7 @@ class NoninteractiveTerminal {
 }
 
 
-export class TerminalService extends ScryptedDeviceBase implements StreamService<Buffer | string, Buffer>, ClusterForkInterface {
+export class TerminalService extends ScryptedDeviceBase implements StreamService<Buffer | string, Buffer>, ClusterForkInterface, TTY {
     private forks: { [clusterWorkerId: string]: TerminalService } = {};
     private forkClients: 0;
 
@@ -186,7 +198,7 @@ export class TerminalService extends ScryptedDeviceBase implements StreamService
     async connectStream(input: AsyncGenerator<Buffer | string, void>, options?: any): Promise<AsyncGenerator<Buffer, void>> {
         let cp: InteractiveTerminal | NoninteractiveTerminal = null;
         const queue = createAsyncQueue<Buffer>();
-        const extraPaths = await this.getExtraPaths();
+        const extraPaths = [...options?.env?.PATH?.split(path.delimiter) || [], ...await this.getExtraPaths()];
 
         if (this.isFork) {
             this.forkClients++;
@@ -259,7 +271,7 @@ export class TerminalService extends ScryptedDeviceBase implements StreamService
                                 let spawn: typeof ptySpawn;
                                 try {
                                     spawn = require('@scrypted/node-pty').spawn as typeof ptySpawn;
-                                    cp = new InteractiveTerminal(cmd, extraPaths, spawn);
+                                    cp = new InteractiveTerminal(cmd, extraPaths, spawn, options?.cwd);
                                 }
                                 catch (e) {
                                     this.console.error('Error starting pty', e);

plugins/core/src/user.ts

@@ -111,7 +111,7 @@ export class User extends ScryptedDeviceBase implements Settings, ScryptedUser {
         const { username, admin } = user;
         const nativeId = `user:${username}`;
         const aclId = await sdk.deviceManager.onDeviceDiscovered({
-            providerNativeId: this.nativeId,
+            providerNativeId: UsersNativeId,
             name: username.toString(),
             nativeId,
             interfaces: [

plugins/coreml/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@scrypted/coreml",
-   "version": "0.1.83",
+   "version": "0.1.89",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/coreml",
-         "version": "0.1.83",
+         "version": "0.1.89",
          "devDependencies": {
             "@scrypted/sdk": "file:../../sdk"
          }

plugins/coreml/package.json

@@ -50,5 +50,5 @@
    "devDependencies": {
       "@scrypted/sdk": "file:../../sdk"
    },
-   "version": "0.1.83"
+   "version": "0.1.89"
 }

plugins/coreml/src/coreml/__init__.py

@@ -16,6 +16,7 @@ from common import yolo
 from coreml.face_recognition import CoreMLFaceRecognition
 from coreml.custom_detection import CoreMLCustomDetection
 from coreml.clip_embedding import CoreMLClipEmbedding
+from coreml.segment import CoreMLSegmentation
 
 try:
     from coreml.text_recognition import CoreMLTextRecognition
@@ -28,18 +29,11 @@ predictExecutor = concurrent.futures.ThreadPoolExecutor(1, "CoreML-Predict")
 
 availableModels = [
     "Default",
-    "scrypted_yolov10m_320",
-    "scrypted_yolov10n_320",
-    "scrypted_yolo_nas_s_320",
-    "scrypted_yolov9e_320",
-    "scrypted_yolov9c_320",
-    "scrypted_yolov9s_320",
-    "scrypted_yolov9t_320",
-    "scrypted_yolov6n_320",
-    "scrypted_yolov6s_320",
-    "scrypted_yolov8n_320",
-    "ssdlite_mobilenet_v2",
-    "yolov4-tiny",
+    "scrypted_yolov9t_relu_test",
+    "scrypted_yolov9c_relu",
+    "scrypted_yolov9m_relu",
+    "scrypted_yolov9s_relu",
+    "scrypted_yolov9t_relu",
 ]
 
 
@@ -79,60 +73,24 @@ class CoreMLPlugin(
     def __init__(self, nativeId: str | None = None, forked: bool = False):
         super().__init__(nativeId=nativeId, forked=forked)
 
+        # this used to work but a bug in macos is causing recompilation of the coreml models every time it restarts
+        # and the cache is not reused and also not cleared until the whole system reboots.
+        self.periodic_restart = False
+
         self.custom_models = {}
 
         model = self.storage.getItem("model") or "Default"
         if model == "Default" or model not in availableModels:
             if model != "Default":
                 self.storage.setItem("model", "Default")
-            model = "scrypted_yolov9c_320"
-        self.yolo = "yolo" in model
-        self.scrypted_yolov10n = "scrypted_yolov10" in model
-        self.scrypted_yolo_nas = "scrypted_yolo_nas" in model
-        self.scrypted_yolo = "scrypted_yolo" in model
-        self.scrypted_model = "scrypted" in model
-        model_version = "v8"
-        mlmodel = "model" if self.scrypted_yolo else model
+            model = "scrypted_yolov9c_relu"
         self.modelName = model
 
         print(f"model: {model}")
 
-        if not self.yolo:
-            # todo convert these to mlpackage
-            modelFile = self.downloadFile(
-                f"https://github.com/koush/coreml-models/raw/main/{model}/{mlmodel}.mlmodel",
-                f"{model}.mlmodel",
-            )
-        else:
-            if self.scrypted_yolo:
-                files = [
-                    f"{model}/{model}.mlpackage/Data/com.apple.CoreML/weights/weight.bin",
-                    f"{model}/{model}.mlpackage/Data/com.apple.CoreML/{mlmodel}.mlmodel",
-                    f"{model}/{model}.mlpackage/Manifest.json",
-                ]
-
-                for f in files:
-                    p = self.downloadFile(
-                        f"https://github.com/koush/coreml-models/raw/main/{f}",
-                        f"{model_version}/{f}",
-                    )
-                    modelFile = os.path.dirname(p)
-            else:
-                files = [
-                    f"{model}/{model}.mlpackage/Data/com.apple.CoreML/FeatureDescriptions.json",
-                    f"{model}/{model}.mlpackage/Data/com.apple.CoreML/Metadata.json",
-                    f"{model}/{model}.mlpackage/Data/com.apple.CoreML/weights/weight.bin",
-                    f"{model}/{model}.mlpackage/Data/com.apple.CoreML/{mlmodel}.mlmodel",
-                    f"{model}/{model}.mlpackage/Manifest.json",
-                ]
-
-                for f in files:
-                    p = self.downloadFile(
-                        f"https://github.com/koush/coreml-models/raw/main/{f}",
-                        f"{model_version}/{f}",
-                    )
-                    modelFile = os.path.dirname(p)
-
+        model_path = self.downloadHuggingFaceModelLocalFallback(model)
+        modelFile = os.path.join(model_path, f"{model}.mlpackage")
+        print(model_path, modelFile)
         self.model = ct.models.MLModel(modelFile)
 
         self.modelspec = self.model.get_spec()
@@ -148,6 +106,7 @@ class CoreMLPlugin(
         self.faceDevice = None
         self.textDevice = None
         self.clipDevice = None
+        self.segmentDevice = None
 
         if not self.forked:
             asyncio.ensure_future(self.prepareRecognitionModels(), loop=self.loop)
@@ -192,6 +151,18 @@ class CoreMLPlugin(
                     "name": "CoreML CLIP Embedding",
                 }
             )
+
+            await scrypted_sdk.deviceManager.onDeviceDiscovered(
+                {
+                    "nativeId": "segment",
+                    "type": scrypted_sdk.ScryptedDeviceType.Builtin.value,
+                    "interfaces": [
+                        scrypted_sdk.ScryptedInterface.ClusterForkInterface.value,
+                        scrypted_sdk.ScryptedInterface.ObjectDetection.value,
+                    ],
+                    "name": "CoreML Segmentation",
+                }
+            )
         except:
             pass
 
@@ -205,6 +176,9 @@ class CoreMLPlugin(
         elif nativeId == "clipembedding":
             self.clipDevice = self.clipDevice or CoreMLClipEmbedding(self, nativeId)
             return self.clipDevice
+        elif nativeId == "segment":
+            self.segmentDevice = self.segmentDevice or CoreMLSegmentation(self, nativeId)
+            return self.segmentDevice
         custom_model = self.custom_models.get(nativeId, None)
         if custom_model:
             return custom_model
@@ -244,94 +218,8 @@ class CoreMLPlugin(
         return out_dicts
 
     async def detect_once(self, input: Image.Image, settings: Any, src_size, cvss):
-        objs = []
-
-        # run in executor if this is the plugin loop
-        if self.yolo:
-            out_dict = await self.queue_batch({self.input_name: input})
-
-            if self.scrypted_yolov10n:
-                results = list(out_dict.values())[0][0]
-                objs = yolo.parse_yolov10(results)
-                ret = self.create_detection_result(objs, src_size, cvss)
-                return ret
-
-            if self.scrypted_yolo_nas:
-                predictions = list(out_dict.values())
-                objs = yolo.parse_yolo_nas(predictions)
-                ret = self.create_detection_result(objs, src_size, cvss)
-                return ret
-
-            if self.scrypted_yolo:
-                results = list(out_dict.values())[0][0]
-                objs = yolo.parse_yolov9(results)
-                ret = self.create_detection_result(objs, src_size, cvss)
-                return ret
-
-            out_blob = out_dict["Identity"]
-
-            objects = yolo.parse_yolo_region(
-                out_blob,
-                (input.width, input.height),
-                (81, 82, 135, 169, 344, 319),
-                #  (23,27, 37,58, 81,82),
-                False,
-            )
-
-            for r in objects:
-                obj = Prediction(
-                    r["classId"],
-                    r["confidence"],
-                    Rectangle(
-                        r["xmin"],
-                        r["ymin"],
-                        r["xmax"],
-                        r["ymax"],
-                    ),
-                )
-                objs.append(obj)
-
-            # what about output[1]?
-            # 26 26
-            # objects = yolo.parse_yolo_region(out_blob, (input.width, input.height), (23,27, 37,58, 81,82))
-
-            ret = self.create_detection_result(objs, src_size, cvss)
-            return ret
-
-        out_dict = await asyncio.get_event_loop().run_in_executor(
-            predictExecutor,
-            lambda: self.model.predict(
-                {"image": input, "confidenceThreshold": self.minThreshold}
-            ),
-        )
-
-        coordinatesList = out_dict["coordinates"]
-
-        for index, confidenceList in enumerate(out_dict["confidence"]):
-            values = confidenceList
-            maxConfidenceIndex = max(range(len(values)), key=values.__getitem__)
-            maxConfidence = confidenceList[maxConfidenceIndex]
-            if maxConfidence < self.minThreshold:
-                continue
-
-            coordinates = coordinatesList[index]
-
-            def torelative(value: float):
-                return value * self.inputheight
-
-            x = torelative(coordinates[0])
-            y = torelative(coordinates[1])
-            w = torelative(coordinates[2])
-            h = torelative(coordinates[3])
-            w2 = w / 2
-            h2 = h / 2
-            l = x - w2
-            t = y - h2
-
-            obj = Prediction(
-                maxConfidenceIndex, maxConfidence, Rectangle(l, t, l + w, t + h)
-            )
-            objs.append(obj)
-
+        out_dict = await self.queue_batch({self.input_name: input})
+        results = list(out_dict.values())[0][0]
+        objs = yolo.parse_yolov9(results)
         ret = self.create_detection_result(objs, src_size, cvss)
         return ret

plugins/coreml/src/coreml/face_recognition.py

@@ -6,6 +6,7 @@ import os
 import asyncio
 import coremltools as ct
 import numpy as np
+
 # import Quartz
 # from Foundation import NSData, NSMakeSize
 
@@ -25,6 +26,7 @@ def cosine_similarity(vector_a, vector_b):
     similarity = dot_product / (norm_a * norm_b)
     return similarity
 
+
 class CoreMLFaceRecognition(FaceRecognizeDetection):
     def __init__(self, plugin, nativeId: str):
         super().__init__(plugin, nativeId)
@@ -32,26 +34,12 @@ class CoreMLFaceRecognition(FaceRecognizeDetection):
         self.recogExecutor = concurrent.futures.ThreadPoolExecutor(1, "recog-face")
 
     def downloadModel(self, model: str):
-        model_version = "v7"
-        mlmodel = "model"
-
-        files = [
-            f"{model}/{model}.mlpackage/Data/com.apple.CoreML/weights/weight.bin",
-            f"{model}/{model}.mlpackage/Data/com.apple.CoreML/{mlmodel}.mlmodel",
-            f"{model}/{model}.mlpackage/Manifest.json",
-        ]
-
-        for f in files:
-            p = self.downloadFile(
-                f"https://github.com/koush/coreml-models/raw/main/{f}",
-                f"{model_version}/{f}",
-            )
-            modelFile = os.path.dirname(p)
-
+        model_path = self.downloadHuggingFaceModelLocalFallback(model)
+        modelFile = os.path.join(model_path, f"{model}.mlpackage")
         model = ct.models.MLModel(modelFile)
         inputName = model.get_spec().description.input[0].name
         return model, inputName
-    
+
     async def predictDetectModel(self, input: Image.Image):
         def predict():
             model, inputName = self.detectModel
@@ -70,11 +58,12 @@ class CoreMLFaceRecognition(FaceRecognizeDetection):
             out_dict = model.predict({inputName: input})
             results = list(out_dict.values())[0][0]
             return results
+
         results = await asyncio.get_event_loop().run_in_executor(
             self.recogExecutor, lambda: predict()
         )
         return results
-    
+
     # def predictVision(self, input: Image.Image) -> asyncio.Future[list[Prediction]]:
     #     buffer = input.tobytes()
     #     myData = NSData.alloc().initWithBytes_length_(buffer, len(buffer))

plugins/coreml/src/coreml/segment.py

@@ -0,0 +1,48 @@
+from __future__ import annotations
+
+import asyncio
+import os
+import traceback
+
+import numpy as np
+
+import coremltools as ct
+from common import async_infer
+from common import yolov9_seg
+from predict.segment import Segmentation
+
+prepareExecutor, predictExecutor = async_infer.create_executors("Segment")
+
+
+class CoreMLSegmentation(Segmentation):
+    def __init__(self, plugin, nativeId: str):
+        super().__init__(plugin=plugin, nativeId=nativeId)
+
+    def loadModel(self, name):
+        model_path = self.plugin.downloadHuggingFaceModelLocalFallback(name)
+        modelFile = os.path.join(model_path, f"{name}.mlpackage")
+        model = ct.models.MLModel(modelFile)
+        return model
+
+    async def detect_once(self, input, settings, src_size, cvss):
+        def predict():
+            input_name = self.model.get_spec().description.input[0].name
+            out_dict = self.model.predict({input_name: input})
+
+            outputs = list(out_dict.values())
+            pred = outputs[0]
+            proto = outputs[1]
+            pred = yolov9_seg.non_max_suppression(pred, nm=32)
+
+            return self.process_segmentation_output(pred, proto)
+
+        try:
+            objs = await asyncio.get_event_loop().run_in_executor(
+                predictExecutor, lambda: predict()
+            )
+        except:
+            traceback.print_exc()
+            raise
+
+        ret = self.create_detection_result(objs, src_size, cvss)
+        return ret

plugins/coreml/src/coreml/text_recognition.py

@@ -20,22 +20,8 @@ class CoreMLTextRecognition(TextRecognition):
         self.recogExecutor = concurrent.futures.ThreadPoolExecutor(1, "recog-text")
 
     def downloadModel(self, model: str):
-        model_version = "v8"
-        mlmodel = "model"
-
-        files = [
-            f"{model}/{model}.mlpackage/Data/com.apple.CoreML/weights/weight.bin",
-            f"{model}/{model}.mlpackage/Data/com.apple.CoreML/{mlmodel}.mlmodel",
-            f"{model}/{model}.mlpackage/Manifest.json",
-        ]
-
-        for f in files:
-            p = self.downloadFile(
-                f"https://github.com/koush/coreml-models/raw/main/{f}",
-                f"{model_version}/{f}",
-            )
-            modelFile = os.path.dirname(p)
-
+        model_path = self.downloadHuggingFaceModelLocalFallback(model)
+        modelFile = os.path.join(model_path, f"{model}.mlpackage")
         model = ct.models.MLModel(modelFile)
         inputName = model.get_spec().description.input[0].name
         return model, inputName

plugins/diagnostics/.vscode/settings.json

@@ -1,4 +1,4 @@
 
 {
-    "scrypted.debugHost": "koushik-winvm",
+    "scrypted.debugHost": "scrypted-nvr",
 }

plugins/diagnostics/package-lock.json

@@ -1,19 +1,19 @@
 {
    "name": "@scrypted/diagnostics",
-   "version": "0.0.19",
+   "version": "0.0.29",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/diagnostics",
-         "version": "0.0.19",
+         "version": "0.0.29",
          "dependencies": {
             "@scrypted/common": "file:../../common",
             "@scrypted/sdk": "file:../../sdk",
             "sharp": "^0.33.5"
          },
          "devDependencies": {
-            "@types/node": "^22.5.4"
+            "@types/node": "^22.18.8"
          }
       },
       "../../common": {
@@ -22,32 +22,41 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
          "devDependencies": {
-            "@types/node": "^20.11.0",
+            "@types/node": "^20.19.11",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2"
          }
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.69",
+         "version": "0.5.48",
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.26.0",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
+            "@rollup/plugin-json": "^6.1.0",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
+            "@rollup/plugin-virtual": "^3.0.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.7",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
-            "typescript": "^5.5.4",
-            "webpack": "^5.95.0",
+            "ts-loader": "^9.5.2",
+            "tslib": "^2.8.1",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
@@ -60,11 +69,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^22.8.1",
-            "@types/stringify-object": "^4.0.5",
-            "stringify-object": "^3.3.0",
+            "@types/node": "^24.0.1",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.10"
+            "typedoc": "^0.28.5"
          }
       },
       "node_modules/@emnapi/runtime": {
@@ -427,12 +434,13 @@
          "link": true
       },
       "node_modules/@types/node": {
-         "version": "22.5.4",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.4.tgz",
-         "integrity": "sha512-FDuKUJQm/ju9fT/SeX/6+gBzoPzlVCzfzmGkwKvRHQVxi4BntVbyIwf6a4Xn62mrvndLiml6z/UBXIdEVjQLXg==",
+         "version": "22.18.8",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.18.8.tgz",
+         "integrity": "sha512-pAZSHMiagDR7cARo/cch1f3rXy0AEXwsVsVH09FcyeJVAzCnGgmYis7P3JidtTUjyadhTeSo8TgRPswstghDaw==",
          "dev": true,
+         "license": "MIT",
          "dependencies": {
-            "undici-types": "~6.19.2"
+            "undici-types": "~6.21.0"
          }
       },
       "node_modules/color": {
@@ -549,10 +557,11 @@
          "optional": true
       },
       "node_modules/undici-types": {
-         "version": "6.19.8",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz",
-         "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==",
-         "dev": true
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+         "dev": true,
+         "license": "MIT"
       }
    },
    "dependencies": {
@@ -710,7 +719,8 @@
          "version": "file:../../common",
          "requires": {
             "@scrypted/sdk": "file:../sdk",
-            "@types/node": "^20.11.0",
+            "@scrypted/types": "^0.5.27",
+            "@types/node": "^20.19.11",
             "http-auth-utils": "^5.0.1",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2",
@@ -720,33 +730,39 @@
       "@scrypted/sdk": {
          "version": "file:../../sdk",
          "requires": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@types/node": "^22.8.1",
-            "@types/stringify-object": "^4.0.5",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
+            "@rollup/plugin-json": "^6.1.0",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
+            "@rollup/plugin-virtual": "^3.0.2",
+            "@types/node": "^24.0.1",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.7",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "stringify-object": "^3.3.0",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.2",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.10",
-            "typescript": "^5.5.4",
-            "webpack": "^5.95.0",
+            "tslib": "^2.8.1",
+            "typedoc": "^0.28.5",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          }
       },
       "@types/node": {
-         "version": "22.5.4",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.4.tgz",
-         "integrity": "sha512-FDuKUJQm/ju9fT/SeX/6+gBzoPzlVCzfzmGkwKvRHQVxi4BntVbyIwf6a4Xn62mrvndLiml6z/UBXIdEVjQLXg==",
+         "version": "22.18.8",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.18.8.tgz",
+         "integrity": "sha512-pAZSHMiagDR7cARo/cch1f3rXy0AEXwsVsVH09FcyeJVAzCnGgmYis7P3JidtTUjyadhTeSo8TgRPswstghDaw==",
          "dev": true,
          "requires": {
-            "undici-types": "~6.19.2"
+            "undici-types": "~6.21.0"
          }
       },
       "color": {
@@ -839,9 +855,9 @@
          "optional": true
       },
       "undici-types": {
-         "version": "6.19.8",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz",
-         "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==",
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
          "dev": true
       }
    }

plugins/diagnostics/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@scrypted/diagnostics",
-   "version": "0.0.19",
+   "version": "0.0.29",
    "scripts": {
       "scrypted-setup-project": "scrypted-setup-project",
       "prescrypted-setup-project": "scrypted-package-json",
@@ -32,6 +32,6 @@
       "sharp": "^0.33.5"
    },
    "devDependencies": {
-      "@types/node": "^22.5.4"
+      "@types/node": "^22.18.8"
    }
 }

plugins/diagnostics/src/main.ts

@@ -1,16 +1,37 @@
 import { Deferred } from '@scrypted/common/src/deferred';
 import { safeKillFFmpeg } from '@scrypted/common/src/media-helpers';
-import sdk, { Camera, FFmpegInput, Image, MediaObject, MediaStreamDestination, MotionSensor, Notifier, ObjectDetection, ScryptedDevice, ScryptedDeviceBase, ScryptedDeviceType, ScryptedInterface, ScryptedMimeTypes, Setting, Settings, VideoCamera } from '@scrypted/sdk';
+import sdk, { Camera, FFmpegInput, Image, MediaObject, MediaStreamDestination, MotionSensor, Notifier, ObjectDetection, ScryptedDevice, ScryptedDeviceBase, ScryptedDeviceType, ScryptedInterface, ScryptedMimeTypes, Setting, Settings, VideoCamera, TextEmbedding, ImageEmbedding } from '@scrypted/sdk';
 import { StorageSettings } from '@scrypted/sdk/storage-settings';
 import child_process from 'child_process';
+import dns from 'dns';
 import { once } from 'events';
 import fs from 'fs';
 import net from 'net';
 import os from 'os';
 import sharp from 'sharp';
 import { httpFetch } from '../../../server/src/fetch/http-fetch';
+
+function cosineSimilarityPrenormalized(e1: Buffer, e2: Buffer) {
+    const embedding1 = new Float32Array(e1.buffer, e1.byteOffset, e1.length / Float32Array.BYTES_PER_ELEMENT);
+    const embedding2 = new Float32Array(e2.buffer, e2.byteOffset, e2.length / Float32Array.BYTES_PER_ELEMENT);
+
+    let dotProduct = 0;
+    for (let i = 0; i < embedding1.length; i++) {
+        dotProduct += embedding1[i] * embedding2[i];
+    }
+    return dotProduct;
+}
+
 class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
     storageSettings = new StorageSettings(this, {
+        validateSystem: {
+            console: true,
+            group: 'System',
+            title: 'Validate System',
+            description: 'Validate the system configuration.',
+            type: 'button',
+            onPut: () => this.validateSystem(),
+        },
         testDevice: {
             group: 'Device',
             title: 'Validation Device',
@@ -29,14 +50,6 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
                 this.validateDevice();
             },
         },
-        validateSystem: {
-            console: true,
-            group: 'System',
-            title: 'Validate System',
-            description: 'Validate the system configuration.',
-            type: 'button',
-            onPut: () => this.validateSystem(),
-        },
     });
 
     loggedMotion = new Map<string, number>();
@@ -87,6 +100,80 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
         }
     }
 
+    async validateNVR() {
+        const console = this.console;
+        const nvrPlugin = sdk.systemManager.getDeviceById('@scrypted/nvr');
+
+        if (!nvrPlugin) {
+            await this.validate(console, 'NVR Plugin Check', async () => {
+                throw new Error('NVR plugin not installed.');
+            });
+            return;
+        }
+
+        // Consolidated loop for detection plugins
+        const detectionPlugins = [
+            '@scrypted/onnx',
+            '@scrypted/openvino',
+            '@scrypted/coreml',
+            '@scrypted/ncnn',
+            '@scrypted/tensorflow-lite'
+        ];
+
+        for (const pluginId of detectionPlugins) {
+            const plugin = sdk.systemManager.getDeviceById<Settings & ObjectDetection>(pluginId);
+
+            if (!plugin) {
+                continue;
+            }
+
+            // Detect objects test
+            await this.validate(console, `${pluginId}`, async () => {
+                const settings = await plugin.getSettings();
+                const executionDevice = settings.find(s => s.key === 'execution_device');
+                if (executionDevice?.value?.toString().includes('CPU')) {
+                    this.warnStep(console, 'Using CPU execution. GPU recommended for better performance.');
+                }
+
+                const zidane = await sdk.mediaManager.createMediaObjectFromUrl('https://docs.scrypted.app/img/scrypted-nvr/troubleshooting/zidane.jpg');
+                const detected = await plugin.detectObjects(zidane);
+                const personFound = detected.detections!.find(d => d.className === 'person' && d.score > .8);
+                if (!personFound) {
+                    throw new Error('Person not detected in test image.');
+                }
+            });
+
+            const clip = sdk.systemManager.getDeviceById<TextEmbedding & ImageEmbedding>(pluginId, 'clipembedding');
+
+            // tflite and ncnn doesnt have it
+            if (!clip) {
+                continue;
+            }
+
+            // CLIP implementation test
+            await this.validate(console, `${pluginId} CLIP`, async () => {
+                // Test CLIP functionality
+                const testText = 'test';
+                const textEmbedding = await clip.getTextEmbedding(testText);
+                if (!textEmbedding || textEmbedding.length === 0) {
+                    throw new Error('Failed to get text embedding.');
+                }
+
+                const testImage = await sdk.mediaManager.createMediaObjectFromUrl('https://docs.scrypted.app/img/scrypted-nvr/troubleshooting/zidane.jpg');
+                const imageEmbedding = await clip.getImageEmbedding(testImage);
+                if (!imageEmbedding || imageEmbedding.length === 0) {
+                    throw new Error('Failed to get image embedding.');
+                }
+
+                // Test similarity calculation
+                const similarity = cosineSimilarityPrenormalized(imageEmbedding, textEmbedding);
+                if (typeof similarity !== 'number') {
+                    throw new Error('Failed to calculate similarity.');
+                }
+            });
+        }
+    }
+
     async validateDevice() {
         const device = this.storageSettings.values.testDevice as ScryptedDevice & any;
         const console = sdk.deviceManager.getMixinConsole(device.id);
@@ -227,19 +314,28 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
 
         const validated = new Set<string | undefined>();
         const validateMediaStream = async (stepName: string, destination: MediaStreamDestination) => {
-            const vsos = await device.getVideoStreamOptions();
-            const streamId = vsos.find(vso => vso.destinations?.includes(destination))?.id;
+            let streamId: string | undefined;
+            await this.validate(console, stepName + ' (Metadata)', async () => {
+                const vsos = await device.getVideoStreamOptions();
+                streamId = vsos.find(vso => vso.destinations?.includes(destination))?.id;
+            });
+
+            if (!streamId) {
+                await this.validate(console, stepName, async () => "Skipped (Not Configured)");
+                return;
+            }
 
             if (validated.has(streamId)) {
                 await this.validate(console, stepName, async () => "Skipped (Duplicate)");
                 return;
             }
-
             validated.add(streamId);
 
-            const ffmpegInput = await sdk.mediaManager.convertMediaObjectToJSON<FFmpegInput>(await getVideoStream(destination), ScryptedMimeTypes.FFmpegInput);
-            if (ffmpegInput.mediaStreamOptions?.video?.codec !== 'h264')
-                this.warnStep(console, `Stream ${stepName} is using codec ${ffmpegInput.mediaStreamOptions?.video?.codec}. h264 is recommended.`);
+            await this.validate(console, stepName + ' (Codec)', async () => {
+                const ffmpegInput = await sdk.mediaManager.convertMediaObjectToJSON<FFmpegInput>(await getVideoStream(destination), ScryptedMimeTypes.FFmpegInput);
+                if (ffmpegInput.mediaStreamOptions?.video?.codec !== 'h264')
+                    this.warnStep(console, `Stream ${stepName} is using codec ${ffmpegInput.mediaStreamOptions?.video?.codec}. h264 is recommended.`);
+            });
 
             await validateMedia(stepName, getVideoStream(destination));
             const start = Date.now();
@@ -331,6 +427,26 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
             timeout: 5000,
         }).then(r => r.body.trim()));
 
+        await this.validate(this.console, 'System Time Accuracy', async () => {
+            const response = await httpFetch({
+                url: 'https://cloudflare.com',
+                responseType: 'text',
+                timeout: 10000,
+            });
+            const dateHeader = response.headers.get('date');
+            if (!dateHeader) {
+                throw new Error('No date header in response');
+            }
+
+            const serverTime = new Date(dateHeader).getTime(); const localTime = Date.now();
+            const difference = Math.abs(serverTime - localTime);
+            const differenceSeconds = Math.floor(difference / 1000);
+
+            if (differenceSeconds > 5) {
+                throw new Error(`Time drift detected: ${differenceSeconds} seconds difference from accurate time source.`);
+            }
+        });
+
         await this.validate(this.console, 'IPv6 (wtfismyip.com)', httpFetch({
             url: 'https://wtfismyip.com/text',
             family: 6,
@@ -338,6 +454,30 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
             timeout: 5000,
         }).then(r => r.body.trim()));
 
+        await this.validate(this.console, 'Scrypted Cloud Services', async () => {
+            const endpoints = [
+                'https://home.scrypted.app',
+                'https://billing.scrypted.app'
+            ];
+
+            for (const endpoint of endpoints) {
+                try {
+                    const response = await httpFetch({
+                        url: endpoint,
+                        timeout: 5000,
+                    });
+
+                    if (response.statusCode >= 400) {
+                        throw new Error(`${endpoint} returned status ${response.statusCode}`);
+                    }
+                } catch (error) {
+                    throw new Error(`${endpoint} is not accessible: ${(error as Error).message}`);
+                }
+            }
+
+            return 'Both endpoints accessible';
+        });
+
         await this.validate(this.console, 'Scrypted Server Address', async () => {
             const addresses = await sdk.endpointManager.getLocalAddresses();
             const hasIPv4 = addresses?.find(address => net.isIPv4(address));
@@ -412,18 +552,47 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
                 throw new Error('Invalid response received from short lived URL.');
         });
 
+        if (cloudPlugin) {
+            await this.validate(this.console, 'Cloud IPv4 Address', async () => {
+                const externalAddress = await sdk.endpointManager.getCloudEndpoint();
+                if (!externalAddress)
+                    throw new Error('Scrypted Cloud endpoint not found.');
+                const url = new URL(externalAddress);
+                const { hostname } = url;
+                if (net.isIP(hostname))
+                    return;
+                const addresses = await dns.promises.lookup(hostname, { all: true });
+                const hasIPv4 = addresses.find(address => address.family === 4);
+                if (!hasIPv4)
+                    this.warnStep(this.console, 'No IPv4 address found for Scrypted Cloud endpoint.');
+                else
+                    return hasIPv4.address;
+            });
+
+            await this.validate(this.console, 'Cloud IPv6 Address', async () => {
+                const externalAddress = await sdk.endpointManager.getCloudEndpoint();
+                if (!externalAddress)
+                    throw new Error('Scrypted Cloud endpoint not found.');
+
+                const url = new URL(externalAddress);
+                const { hostname } = url;
+                if (net.isIP(hostname))
+                    return;
+                const addresses = await dns.promises.lookup(hostname, { all: true });
+                const hasIPv6 = addresses.find(address => address.family === 6);
+                if (!hasIPv6)
+                    this.warnStep(this.console, 'No IPv6 address found for Scrypted Cloud endpoint.');
+                else
+                    return hasIPv6.address;
+            });
+        }
+
         if ((hasCUDA || process.platform === 'win32') && onnxPlugin) {
             await this.validate(this.console, 'ONNX Plugin', async () => {
                 const settings = await onnxPlugin.getSettings();
                 const executionDevice = settings.find(s => s.key === 'execution_device');
                 if (executionDevice?.value?.toString().includes('CPU'))
                     this.warnStep(this.console, 'GPU device unvailable or not passed through to container.');
-
-                const zidane = await sdk.mediaManager.createMediaObjectFromUrl('https://docs.scrypted.app/img/scrypted-nvr/troubleshooting/zidane.jpg');
-                const detected = await onnxPlugin.detectObjects(zidane);
-                const personFound = detected.detections!.find(d => d.className === 'person' && d.score > .9);
-                if (!personFound)
-                    throw new Error('Person not detected in test image.');
             });
         }
 
@@ -433,15 +602,34 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
                 const availbleDevices = settings.find(s => s.key === 'available_devices');
                 if (!availbleDevices?.value?.toString().includes('GPU'))
                     this.warnStep(this.console, 'GPU device unvailable or not passed through to container.');
-
-                const zidane = await sdk.mediaManager.createMediaObjectFromUrl('https://docs.scrypted.app/img/scrypted-nvr/troubleshooting/zidane.jpg');
-                const detected = await openvinoPlugin.detectObjects(zidane);
-                const personFound = detected.detections!.find(d => d.className === 'person' && d.score > .9);
-                if (!personFound)
-                    throw new Error('Person not detected in test image.');
             });
         }
 
+        await this.validateNVR();
+
+        await this.validate(this.console, 'External Resource Access', async () => {
+            const urls = [
+                'https://huggingface.co/koushd/clip/resolve/main/requirements.txt',
+                'https://raw.githubusercontent.com/koush/openvino-models/refs/heads/main/scrypted_labels.txt',
+                'https://registry.npmjs.org/@scrypted/server'
+            ];
+
+            for (const url of urls) {
+                try {
+                    const response = await httpFetch({
+                        url,
+                        timeout: 5000,
+                    });
+
+                    if (response.statusCode >= 400) {
+                        throw new Error(`${url} returned status ${response.statusCode}`);
+                    }
+                } catch (error) {
+                    throw new Error(`${url} is not accessible: ${(error as Error).message}`);
+                }
+            }
+        });
+
         if (nvrPlugin) {
             await this.validate(this.console, "GPU Decode", async () => {
                 const ffmpegPath = await sdk.mediaManager.getFFmpegPath();
@@ -526,7 +714,7 @@ class DiagnosticsPlugin extends ScryptedDeviceBase implements Settings {
                     if (image.width !== 320)
                         throw new Error('Unexpected image with from GPU transform.')
                     const detected = await openvinoPlugin.detectObjects(zidane);
-                    const personFound = detected.detections!.find(d => d.className === 'person' && d.score > .9);
+                    const personFound = detected.detections!.find(d => d.className === 'person' && d.score > .8);
                     if (!personFound)
                         throw new Error('Person not detected in test image.');
                 }

plugins/doorbird/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@scrypted/doorbird",
-   "version": "0.0.4",
+   "version": "0.0.6",
    "lockfileVersion": 3,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/doorbird",
-         "version": "0.0.4",
+         "version": "0.0.6",
          "dependencies": {
             "doorbird": "2.6.0"
          },
@@ -24,6 +24,7 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
@@ -35,29 +36,30 @@
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.108",
+         "version": "0.5.33",
          "dev": true,
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
             "@rollup/plugin-virtual": "^3.0.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^5.3.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.2",
             "tslib": "^2.8.1",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
@@ -70,9 +72,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.0.1",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.11"
+            "typedoc": "^0.28.5"
          }
       },
       "node_modules/@scrypted/common": {

plugins/doorbird/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@scrypted/doorbird",
-   "version": "0.0.4",
+   "version": "0.0.6",
    "scripts": {
       "scrypted-setup-project": "scrypted-setup-project",
       "prescrypted-setup-project": "scrypted-package-json",

plugins/doorbird/src/main.ts

@@ -1,15 +1,35 @@
-import { authHttpFetch } from "@scrypted/common/src/http-auth-fetch";
-import { listenZero } from '@scrypted/common/src/listen-cluster';
-import { ffmpegLogInitialOutput, safePrintFFmpegArguments } from "@scrypted/common/src/media-helpers";
-import { readLength } from "@scrypted/common/src/read-stream";
-import sdk, { BinarySensor, Camera, DeviceCreator, DeviceCreatorSettings, DeviceInformation, DeviceProvider, FFmpegInput, Intercom, MediaObject, MotionSensor, PictureOptions, ResponseMediaStreamOptions, ScryptedDeviceBase, ScryptedDeviceType, ScryptedInterface, ScryptedMimeTypes, Setting, Settings, VideoCamera } from '@scrypted/sdk';
-import child_process, { ChildProcess } from 'child_process';
-import { randomBytes } from 'crypto';
+import {httpFetch} from '../../../server/src/fetch/http-fetch';
+import {listenZero} from '@scrypted/common/src/listen-cluster';
+import {ffmpegLogInitialOutput, safePrintFFmpegArguments} from "@scrypted/common/src/media-helpers";
+import {readLength, StreamEndError} from "@scrypted/common/src/read-stream";
+import sdk, {
+    BinarySensor,
+    Camera,
+    DeviceCreator,
+    DeviceCreatorSettings,
+    DeviceInformation,
+    DeviceProvider,
+    FFmpegInput,
+    Intercom,
+    MediaObject,
+    MotionSensor,
+    PictureOptions,
+    ResponseMediaStreamOptions,
+    ScryptedDeviceBase,
+    ScryptedDeviceType,
+    ScryptedInterface,
+    ScryptedMimeTypes,
+    Setting,
+    Settings,
+    VideoCamera
+} from '@scrypted/sdk';
+import child_process, {ChildProcess} from 'child_process';
+import {randomBytes} from 'crypto';
 import net from 'net';
-import { PassThrough, Readable } from "stream";
-import { ApiMotionEvent, ApiRingEvent, DoorbirdAPI } from "./doorbird-api";
+import {PassThrough, Readable} from "stream";
+import {ApiMotionEvent, ApiRingEvent, DoorbirdAPI} from "./doorbird-api";
 
-const { deviceManager, mediaManager } = sdk;
+const {deviceManager, mediaManager} = sdk;
 
 class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, VideoCamera, Settings, BinarySensor, MotionSensor {
     doorbirdApi: DoorbirdAPI | undefined;
@@ -22,6 +42,8 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
     audioRXClientSocket: net.Socket;
     pendingPicture: Promise<MediaObject>;
 
+    private static readonly TRANSMIT_AUDIO_CHUNK_SIZE: number = 256;
+
     constructor(nativeId: string, public provider: DoorbirdCamProvider) {
         super(nativeId);
         this.binaryState = false;
@@ -89,7 +111,7 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
     public async getPictureOptions(): Promise<PictureOptions[]> {
         return [{
             id: 'VGA',
-            picture: { width: 640, height: 480 }
+            picture: {width: 640, height: 480}
         }];
     }
 
@@ -141,6 +163,22 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
                 placeholder: 'rtsp://192.168.2.100/my_doorbird_video_stream',
                 value: this.storage.getItem('rtspUrl'),
                 description: 'Use this in case you are already using another RTSP server/proxy (e.g. mediamtx, go2rtc, etc.) to limit the number of streams from the camera.',
+            },
+            {
+                key: 'audioDenoise',
+                type: 'boolean',
+                subgroup: 'Advanced',
+                title: 'Denoise',
+                value: this.storage.getItem('audioDenoise') === 'true',
+                description: 'Denoise both input and output audio streams to reduce background noises.',
+            },
+            {
+                key: 'audioSpeechEnhancement',
+                type: 'boolean',
+                subgroup: 'Advanced',
+                title: 'Speech Enhancement',
+                value: this.storage.getItem('audioSpeechEnhancement') === 'true',
+                description: 'Apply band filtering and dynamic normalization to both audio streams.',
             }
         ];
     }
@@ -159,25 +197,47 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
     }
 
     async startAudioTransmitter(media: MediaObject): Promise<void> {
+        this.console.log('Doorbird: Init audio transmitter...');
         const ffmpegInput: FFmpegInput = JSON.parse((await mediaManager.convertMediaObjectToBuffer(media, ScryptedMimeTypes.FFmpegInput)).toString());
 
         const ffmpegArgs = ffmpegInput.inputArguments.slice();
         ffmpegArgs.push(
-            '-vn', '-dn', '-sn',
+            // Do not process video streams (disable video)
+            '-vn',
+            // Do not process data streams (e.g. timed metadata)
+            '-dn',
+            // Do not process subtitle streams
+            '-sn',
+            // Encode audio using PCM µ-law (G.711 codec, 8-bit logarithmic compression)
             '-acodec', 'pcm_mulaw',
-            '-flags', '+global_header',
+            // Bypass internal I/O buffering (write directly to output)
+            "-avioflags", "direct",
+            // Disable input buffering
+            '-fflags', '+flush_packets+nobuffer',
+            // Force flushing packets after every frame
+            '-flush_packets', '1',
+            // Use global headers (required by some muxers) and enable low-latency flags
+            '-flags', '+global_header+low_delay',
+            // Set number of audio channels to mono
             '-ac', '1',
-            '-ar', '8k',
+            // Set audio sample rate to 8000 Hz (expected by Doorbird)
+            '-ar', '8000',
+            // Force raw µ-law output format (no container)
             '-f', 'mulaw',
+            // Do not buffer or delay packets in the muxer
+            '-muxdelay', '0',
+            // --- Audio Filtering ---
+            ...(this.getAudioFilter()),
+            // Output to file descriptor 3 (e.g. pipe:3, for inter-process communication)
             'pipe:3'
         );
 
-        safePrintFFmpegArguments(console, ffmpegArgs);
+        safePrintFFmpegArguments(this.console, ffmpegArgs);
         const cp = child_process.spawn(await mediaManager.getFFmpegPath(), ffmpegArgs, {
             stdio: ['pipe', 'pipe', 'pipe', 'pipe'],
         });
         this.audioTXProcess = cp;
-        ffmpegLogInitialOutput(console, cp);
+        ffmpegLogInitialOutput(this.console, cp);
         cp.on('exit', () => this.console.log('Doorbird: Audio transmitter ended.'));
         cp.stdout.on('data', data => this.console.log(data.toString()));
         cp.stderr.on('data', data => this.console.log(data.toString()));
@@ -188,43 +248,60 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
         const password: string = this.getPassword();
         const audioTxUrl: string = `${this.getHttpBaseAddress()}/bha-api/audio-transmit.cgi`;
 
-        this.console.log('Doorbird: Starting audio transmitter...');
-
         (async () => {
-            this.console.log('Doorbird: audio transmitter started.');
 
+            this.console.log('Doorbird: Audio transmitter started.');
             const passthrough = new PassThrough();
-            authHttpFetch({
-                method: 'POST',
-                url: audioTxUrl,
-                credential: {
-                    username,
-                    password,
-                },
-                headers: {
-                    'Content-Type': 'audio/basic',
-                    'Content-Length': '9999999'
-                },
-                data: passthrough,
-            });
+            const abortController = new AbortController();
+            let totalBytesWritten: number = 0;
 
             try {
-                while (true) {
-                    const data = await readLength(socket, 1024);
-                    passthrough.push(data);
-                }
-            }
-            catch (e) {
-            }
-            finally {
-                this.console.log('Doorbird: audio transmitter finished.');
-                passthrough.end();
-            }
+                // Perform POST request instantly instead of unneeded handling with DIGEST authentication.
+                // Credentials will be thrown into network by all other requests anyway.
+                httpFetch({
+                    url: audioTxUrl,
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'audio/basic',
+                        'Content-Length': '9999999',
+                        'Authorization': this.getBasicAuthorization(username, password),
+                    },
+                    signal: abortController.signal,
+                    body: passthrough,
+                    responseType: 'readable',
+                })
 
-            this.stopAudioTransmitter();
+                while (true) {  // Loop will be broken by StreamEndError.
+
+                    // Read the next chunk of audio data from the Doorbird camera.
+                    const data = await readLength(socket, DoorbirdCamera.TRANSMIT_AUDIO_CHUNK_SIZE);
+                    if (data.length === 0) {
+                        break;
+                    }
+
+                    // Actually write the data to the passthrough stream.
+                    passthrough.push(data);
+
+                    // Add the length of the data to the total bytes written.
+                    totalBytesWritten += data.length;
+                }
+            } catch (e) {
+                if (!(e instanceof StreamEndError)) {
+                    this.console.error('Doorbird: Audio transmitter error', e);
+                }
+            } finally {
+                this.console.log(`Doorbird: Audio transmitter finished. bytesOut=${totalBytesWritten}ms`);
+                passthrough.destroy();
+                abortController.abort();
+            }
+            this.stopIntercom();
         })();
     }
 
+    private getBasicAuthorization(username: string, password: string) {
+        return `Basic ${Buffer.from(`${username}:${password}`).toString('base64')}`;
+    }
+
     stopAudioTransmitter() {
         this.audioTXProcess?.kill('SIGKILL');
         this.audioTXProcess = undefined;
@@ -238,18 +315,53 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
 
         const ffmpegPath = await mediaManager.getFFmpegPath();
 
+        const audioFilters = this.getAudioFilter();
+
         const ffmpegArgs = [
+            // Suppress printing the FFmpeg banner. Keeps logs clean.
             '-hide_banner',
+            // Disable periodic progress/statistics logging. Reduces noise and CPU usage.
             '-nostats',
+
+            // --- Low-latency Input Flags ---
+            // Reduce input buffer latency by flushing packets immediately and disabling demuxer buffering.
+            '-fflags', '+flush_packets+nobuffer',
+            // Do not spend time analyzing the stream to determine properties. Crucial for live streams.
             '-analyzeduration', '0',
+            // Set a very small probe size to speed up initial connection, as we already know the format.
             '-probesize', '32',
+            // Read input at its native frame rate to ensure real-time processing.
             '-re',
+
+            // --- Input Format Specification ---
+            // Set the audio sample rate to 8000 Hz, matching the Doorbird's stream.
             '-ar', '8000',
+            // Set the number of audio channels to 1 (mono).
             '-ac', '1',
+            // Force the input format to be interpreted as G.711 µ-law.
             '-f', 'mulaw',
+            // Specify the input URL for the Doorbird's audio stream.
             '-i', `${audioRxUrl}`,
-            '-acodec', 'copy',
+
+            // --- Audio Filtering ---
+            ...(audioFilters),
+
+            // --- Low-latency Output Flags ---
+            // Enable low-delay flags in the encoder, preventing frame buffering for lookahead.
+            '-flags', '+global_header+low_delay',
+            // Bypass FFmpeg's internal I/O buffering, writing directly to the output pipe.
+            '-avioflags', 'direct',
+            // Force flushing packets to the output immediately after encoding.
+            '-flush_packets', '1',
+            // Set the maximum demux-decode delay to zero, preventing buffering in the muxer.
+            '-muxdelay', '0',
+
+            // --- Output Format Specification ---
+            // Re-encode the audio to PCM µ-law after the filter has been applied, or just copy it if no filters are applied.
+            '-acodec', (audioFilters.length > 0 ? 'pcm_mulaw' : 'copy'),
+            // Force the output container format to raw µ-law.
             '-f', 'mulaw',
+            // Output the processed audio to file descriptor 3 (the pipe).
             'pipe:3'
         ];
 
@@ -262,7 +374,7 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
 
         cp.on('exit', () => {
             this.console.log('Doorbird: audio receiver ended.')
-            this.audioRXProcess = undefined;
+            this.stopIntercom();
         });
         cp.stdout.on('data', data => this.console.log(data.toString()));
         cp.stderr.on('data', data => this.console.log(data.toString()));
@@ -298,24 +410,60 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
 
     async getVideoStream(options?: ResponseMediaStreamOptions): Promise<MediaObject> {
 
-        const port = await this.startAudioRXServer();
+        const audioRtspStreamPort = await this.startAudioRXServer();
 
         const ffmpegInput: FFmpegInput = {
             url: undefined,
             inputArguments: [
+                // --- Low-latency Input Flags (for both streams) ---
+                // Suppress printing the FFmpeg banner.
+                '-hide_banner',
+                // Disable periodic progress/statistics logging.
+                '-nostats',
+                // Set the log level to 'error' to suppress verbose informational messages.
+                '-loglevel', 'error',
+
+                // Reduce input buffer latency by flushing packets immediately and disabling demuxer buffering.
+                // '+nobuffer' is particularly important for live streams.
+                '-fflags', '+flush_packets+nobuffer',
+                // Do not spend time analyzing the stream to determine properties. Crucial for live streams.
                 '-analyzeduration', '0',
+                // Set a very small probe size to speed up initial connection, as we know the formats.
                 '-probesize', '32',
-                '-fflags', 'nobuffer',
+                // Request low-delay flags from decoders.
                 '-flags', 'low_delay',
+
+                // --- Video Input (Input 0) ---
+                // Force the input format to be interpreted as RTSP.
                 '-f', 'rtsp',
+                // Use TCP for RTSP transport for better reliability over potentially lossy networks.
                 '-rtsp_transport', 'tcp',
+                // Specify the input URL for the Doorbird's RTSP video stream.
                 '-i', `${this.getRtspAddress()}`,
+
+                // --- Audio Input (Input 1) ---
+                // Force the format of the second input to be interpreted as G.711 µ-law.
                 '-f', 'mulaw',
+                // Set the number of audio channels to 1 (mono) for the audio input.
                 '-ac', '1',
+                // Set the audio sample rate to 8000 Hz for the audio input.
                 '-ar', '8000',
+                // Explicitly define the channel layout as mono.
                 '-channel_layout', 'mono',
-                '-use_wallclock_as_timestamps', 'true',
-                '-i', `tcp://127.0.0.1:${port}?tcp_nodelay=1`,
+                // Use the system's wall clock for timestamps. This helps synchronize the separate audio
+                // and video streams, which do not share a common clock source.
+                '-use_wallclock_as_timestamps', '1',
+                // Specify the second input as the local TCP socket providing the audio stream.
+                // `tcp_nodelay=1` disables Nagle's algorithm, reducing latency for small packets.
+                '-i', `tcp://127.0.0.1:${audioRtspStreamPort}?tcp_nodelay=1`,
+                // --- Output Stream Handling ---
+                // Increase the maximum delay for the muxing queue to 5 seconds (in microseconds).
+                // This prevents the "Delay between the first packet and last packet" error
+                // by allowing more time for packets from different streams to arrive.
+                '-max_delay', '5000000',
+                // Finish encoding when the shortest input stream (the video) ends.
+                // This ensures ffmpeg terminates if the video stream is interrupted by Doorbird.
+                '-shortest',
             ],
             mediaStreamOptions: options,
         };
@@ -332,12 +480,29 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
 
         const ffmpegPath = await mediaManager.getFFmpegPath();
         const ffmpegArgs = [
+            // Suppress printing the FFmpeg banner.
             '-hide_banner',
+            // Disable periodic progress/statistics logging.
             '-nostats',
+            // Read input at its native frame rate to ensure real-time processing.
             '-re',
+            // Use the lavfi (libavfilter) virtual input device.
             '-f', 'lavfi',
+            // Specify the input source as a null audio source (silence) with a sample rate of 8000 Hz and mono channel layout.
             '-i', 'anullsrc=r=8000:cl=mono',
+
+            // --- Low-latency Output Flags ---
+            // Bypass FFmpeg's internal I/O buffering, writing directly to the output pipe.
+            '-avioflags', 'direct',
+            // Force flushing packets to the output immediately after encoding.
+            '-flush_packets', '1',
+            // Set the maximum demux-decode delay to zero, preventing buffering in the muxer.
+            '-muxdelay', '0',
+
+            // --- Output Format Specification ---
+            // Force the output container format to raw µ-law.
             '-f', 'mulaw',
+            // Output the processed audio to file descriptor 3 (the pipe).
             'pipe:3'
         ];
 
@@ -370,6 +535,7 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
 
         const server = net.createServer(async (clientSocket) => {
             clearTimeout(serverTimeout);
+            this.console.log(`Doorbird: audio connection from client ${JSON.stringify(clientSocket.address())}`);
 
             this.audioRXClientSocket = clientSocket;
 
@@ -379,13 +545,14 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
                 this.stopSilenceGenerator();
                 this.audioRXClientSocket = null;
             });
+
         });
         const serverTimeout = setTimeout(() => {
             this.console.log('Doorbird: timed out waiting for tcp client from ffmpeg');
             server.close();
         }, 30000);
         const port = await listenZero(server, '127.0.0.1');
-
+        this.console.log(`Doorbird: audio server started on port ${port}`);
         return port;
     }
 
@@ -412,8 +579,7 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
     getRtspAddress() {
         if (this.storage.getItem('rtspUrl') !== undefined) {
             return this.storage.getItem('rtspUrl');
-        }
-        else {
+        } else {
             return this.getRtspDefaultAddress();
         }
     }
@@ -437,6 +603,52 @@ class DoorbirdCamera extends ScryptedDeviceBase implements Intercom, Camera, Vid
     getPassword() {
         return this.storage.getItem('password');
     }
+
+    setAudioDenoise(enabled: boolean) {
+        this.storage.setItem('audioDenoise', enabled.toString());
+    }
+
+    getAudioDenoise(): boolean {
+        return this.storage.getItem('audioDenoise') === 'true';
+    }
+
+    setAudioSpeechEnhancement(enabled: boolean) {
+        this.storage.setItem('audioSpeechEnhancement', enabled.toString());
+    }
+
+    getAudioSpeechEnhancement(): boolean {
+        return this.storage.getItem('audioSpeechEnhancement') === 'true';
+    }
+
+    private getAudioFilter() {
+        const filters: string[] = [];
+        if (this.getAudioDenoise()) {
+            // Apply noise reduction using the 'afftdn' filter.
+            // - 'afftdn=nf=-50' removes background noise below -50 dB (e.g. hiss, hum)
+            // - 'agate=threshold=0.06:attack=20:release=250' gates quiet sounds:
+            //      threshold=0.06  → suppresses signals below ~-24 dBFS (breaths, room noise)
+            //      attack=20       → gate opens smoothly in 20 ms to preserve speech onset
+            //      release=250     → gate closes slowly in 250 ms to avoid cutting word ends
+            filters.push('afftdn=nf=-50', 'agate=threshold=0.06:attack=20:release=250');
+        }
+        if (this.getAudioSpeechEnhancement()) {
+            // Apply high-pass and low-pass filters to remove frequencies outside the human voice range and apply dynamic normalization.
+            // - 'highpass=f=200'      → removes low rumbles below 200 Hz (e.g. touch intercom while speaking, low street noise)
+            // - 'lowpass=f=3000'      → removes harsh highs above 3 kHz to reduce hiss/sibilance
+            // - 'acompressor=threshold=0.1:ratio=4:attack=20:release=200'
+            //      threshold=0.1      → starts compressing above ~-20 dBFS
+            //      ratio=4            → reduces dynamic range by a 4:1 ratio
+            //      attack=20          → begins compression quickly to catch loud speech
+            //      release=200        → smooths out gain after loud parts
+            // - 'volume=4'            → boosts output gain 4x after compression
+            filters.push('highpass=f=200', 'lowpass=f=3000', 'acompressor=threshold=0.1:ratio=4:attack=20:release=200', 'volume=4');
+        }
+
+        if (filters.length === 0) {
+            return [];
+        }
+        return ['-af', filters.join(',')];
+    }
 }
 
 export class DoorbirdCamProvider extends ScryptedDeviceBase implements DeviceProvider, DeviceCreator {
@@ -472,8 +684,7 @@ export class DoorbirdCamProvider extends ScryptedDeviceBase implements DevicePro
                 info.mac = deviceInfo.serialNumber;
                 info.manufacturer = 'Bird Home Automation GmbH';
                 info.managementUrl = 'https://webadmin.doorbird.com';
-            }
-            catch (e) {
+            } catch (e) {
                 this.console.error('Error adding Doorbird camera', e);
                 throw e;
             }
@@ -490,6 +701,8 @@ export class DoorbirdCamProvider extends ScryptedDeviceBase implements DevicePro
         device.putSetting('password', password);
         device.setIPAddress(settings.ip.toString());
         device.setHttpPortOverride(settings.httpPort?.toString());
+        device.setAudioDenoise(settings.audioDenoise === 'true');
+        device.setAudioSpeechEnhancement(settings.audioSpeechEnhancement === 'true');
 
         return nativeId;
     }

plugins/google-home/src/common.ts

@@ -32,11 +32,11 @@ export function syncResponse(device: ScryptedDevice, type: string): homegraph_v1
             defaultNames: [],
             nicknames: [],
         },
-        otherDeviceIds: [
+        otherDeviceIds: (device.type !== ScryptedDeviceType.Camera && device.type !== ScryptedDeviceType.Doorbell) ? [
             {
                 deviceId: device.id,
             }
-        ],
+        ] : undefined,
         attributes: {},
         traits: [],
         type,

plugins/hikvision-doorbell/README.md

@@ -8,6 +8,18 @@ Most commonly this plugin is used with 2 plugins: Rebroadcast and HomeKit.
 Device must have built-in motion detection (most Hikvision doorbells have this).
 If the doorbell do not have motion detection, you will have to use a separate plugin or device to achieve this (e.g., `opencv`, `pam-diff`, or `dummy-switch`) and group it to the doorbell.
 
+## ⚠️ Important: Version 2.x Breaking Changes
+
+Version 2 of this plugin is **not compatible** with version 1.x. Before installing or upgrading to version 2:
+- **Option 1**: Completely remove the old plugin from Scrypted
+- **Option 2**: Delete all devices that belong to the old plugin
+
+After removing the old version, you will need to reconfigure all doorbell devices from scratch.
+
+### Firmware Requirements
+
+This version **requires firmware v3.7 or higher**. Older firmware versions are not supported.
+
 ## Two Way Audio
 
 Two Way Audio is supported if the audio codec is set to G.711ulaw on the doorbell, which is usually the default audio codec. This audio codec will also work with HomeKit. Changing the audio codec from G.711ulaw will cause Two Way Audio to fail on the doorbells that were tested.

plugins/hikvision-doorbell/fs/ALERT_README.md

@@ -1,4 +1,5 @@
 # Tamper Alert Mechanism Interface
 
-This device serves as a companion for the Hikvision Doorbell device. It provides an interface for interacting with the doorbell tamper alert, which is integrated into models such as the DS-KV6113.
-In the settings section, you can see the linked (parent) device, as well as the IP address of the Hikvision Doorbell (phisical device). These fields are not editable, they are for information purposes only.
+This device serves as a companion for the Hikvision Doorbell device. It provides an interface for interacting with the doorbell's tamper alert sensor, which is integrated into models such as the DS-KV6113-PE1(C).
+
+When the doorbell's tamper sensor is triggered, this device will turn **on**. You can manually turn it **off** in the Scrypted web interface. This device is automatically removed when the parent doorbell device is deleted.

plugins/hikvision-doorbell/fs/DOORBELL_README.md

@@ -1,26 +1,45 @@
 # Hikvision Doorbell
 
-At the moment, plugin was tested with the **DS-KV6113PE1[C]** model `doorbell` with firmware version: **V2.2.65 build 231213**, in the following modes:
+**⚠️ Important: Version 2.x Breaking Changes**
+
+Version 2 of this plugin is **not compatible** with version 1.x. Before installing or upgrading to version 2:
+- **Option 1**: Completely remove the old plugin from Scrypted
+- **Option 2**: Delete all devices that belong to the old plugin
+
+After removing the old version, you will need to reconfigure all doorbell devices from scratch.
+
+## Introduction
+
+At the moment, plugin was tested with the **DS-KV6113-PE1(C)** model `doorbell` with firmware version: **V3.7.0 build 250818**, in the following modes:
 
 - the `doorbell` is connected to the `Hik-Connect` service;
-- the `doorbell` is connected to a local SIP proxy (asterisk);
 - the `doorbell` is connected to a fake SIP proxy, which this plugin runs.
 
 ## Settings
 
 ### Support door lock opening
 
-Most of these doorbells have the ability to control an electromechanical lock. To implement the lock controller software interface in Scrypted, you need to create a separate device with the `Lock` type. Such a device is created automatically if you enable the **Expose Door Lock Controller** checkbox.
+The doorbell can control electromechanical locks connected to it. To enable lock control in Scrypted, go to the doorbell device settings, navigate to **Advanced Settings**, and select **Locks** in the **Provided devices** option.
 
-The lock controller is linked to this device (doorbell). Therefore, when the doorbell is deleted, the associated lock controller will also be deleted.
+This will create dependent lock device(s) with the `Lock` type. The plugin automatically detects how many doors the doorbell supports (typically 1, but some models support multiple doors). If multiple doors are supported, each lock device will be named with its door number (e.g., "Door Lock 1", "Door Lock 2"). 
+
+Lock devices are automatically removed when the parent doorbell device is deleted.
+
+### Support contact sensors
+
+Door open/close status monitoring is available through contact sensors. To enable this functionality in Scrypted, go to the doorbell device settings, navigate to **Advanced Settings**, and select **Contact Sensors** in the **Provided devices** option.
+
+This will create dependent contact sensor device(s) with the `BinarySensor` type. The plugin automatically detects how many doors the doorbell supports (typically 1, but some models support multiple doors). If multiple doors are supported, each contact sensor will be named with its door number (e.g., "Contact Sensor 1", "Contact Sensor 2").
+
+Contact sensor devices are automatically removed when the parent doorbell device is deleted.
 
 ### Support tamper alert
 
-Most of a doorbells have a tamper alert. To implement the tamper alert software interface in Scrypted, you need to create a separate device with the `Switch` type. Such a device is created automatically if you enable the **Expose Tamper Alert Controller** checkbox. If you leave this checkbox disabled, the tamper signal will be interpreted as a `Motion Detection` event.
+For security, the doorbell includes a built-in tamper detection sensor. To enable tamper alert monitoring in Scrypted, go to the doorbell device settings, navigate to **Advanced Settings**, and select **Tamper Alert** in the **Provided devices** option. If you don't enable this option, tamper alert signals will be interpreted as `Motion Detection` events.
 
-If the tamper on the doorbell is triggered, the controller (`Switch`) will **turn on**. You can **turn off** the switch manually in the Scrypted web interface only.
+This will create a dependent tamper alert device with the `BinarySensor` type. When the doorbell's tamper sensor is triggered, the device will turn **on**. You can manually turn it **off** in the Scrypted web interface. 
 
-The tamper alert controller is linked to this device (doorbell). Therefore, when the doorbell is deleted, the associated tamper alert controller will also be deleted.
+The tamper alert device is automatically removed when the parent doorbell device is deleted.
 
 ### Setting up a receiving call (the ability to ringing)
 
@@ -44,10 +63,17 @@ This mode should be used when you have a separate SIP gateway and all your inter
 
 #### Emulate SIP Proxy
 
-This mode should be used when you have a `doorbell` but no **Indoor Station**, and you want to connect this `doorbell` to Scrypted server only.
+This mode should be used when you have a `doorbell` but no **Indoor Station**, and you want to connect the `doorbell` directly to the Scrypted server.
 
-In this mode, the plugin creates a fake SIP proxy that listens for a connection on the specified port (or auto-select a port if not specified). The task of this server is to receive a notification about a call and, in the event of an intercom start (two way audio), simulate picking up the handset so that the `doorbell` switches to conversation mode (stops ringing).
+In this mode, the plugin creates a fake SIP proxy that listens for connections on the specified port (or auto-selects a port if left blank). This server receives call notifications and, when intercom starts (two-way audio), simulates picking up the handset so the `doorbell` switches to conversation mode (stops ringing).
 
-On the additional tab, configure the desired port, and you can also enable the **Autoinstall Fake SIP Proxy** checkbox, for not to configure `doorbell` manually.
+**Important**: When you enable this mode, the plugin **automatically configures the doorbell** with the necessary SIP settings. You don't need to configure the doorbell manually.
 
-In the `doorbell` settings you can configure the connection to the fake SIP proxy manually. You should specify the IP address of the Scrypted server and the port of the fake proxy. The contents of the other fields do not matter, since the SIP proxy authorizes the “*client*” using the known doorbell’s IP address.
+On the additional settings tab, you can configure:
+- **Port**: The listening port for the fake SIP proxy (leave blank for automatic selection)
+- **Room Number**: Virtual room number (1-9999) that represents this fake SIP proxy
+- **SIP Proxy Phone Number**: Phone number representing the fake SIP proxy (default: 10102)
+- **Doorbell Phone Number**: Phone number representing the doorbell (default: 10101)
+- **Button Number**: Call button number for doorbells with multiple buttons (1-99, default: 1)
+
+The plugin automatically applies these settings to the doorbell device via ISAPI. If the doorbell is temporarily unreachable, the plugin will retry the configuration automatically.

plugins/hikvision-doorbell/fs/ENTRY_SENSOR_README.md

@@ -0,0 +1,9 @@
+# Binary Sensor Interface
+
+This device serves as a companion for the Hikvision Doorbell device. It provides a binary sensor interface for monitoring the door opening state, which is integrated into models such as the DS-KV6113.
+
+The Binary Sensor monitors the door opening state and reports:
+- **Closed** (binaryState: false) - Door is closed
+- **Open** (binaryState: true) - Door is open
+
+This sensor provides a simple binary state indication that can be used for automation and monitoring purposes.

plugins/hikvision-doorbell/fs/LOCK_README.md

@@ -1,4 +1,3 @@
 # Lock Opening Mechanism Interface
 
-This device serves as a companion for the Hikvision Doorbell device. It provides an interface for interacting with the lock opening mechanism, which is integrated into models such as the DS-KV6113.
-In the settings section, you can see the linked (parent) device, as well as the IP address of the Hikvision Doorbell (phisical device). These fields are not editable, they are for information purposes only.
+This device serves as a companion for the Hikvision Doorbell device. It provides an interface for interacting with the lock opening mechanism, which is integrated into models such as the DS-KV6113.

plugins/hikvision-doorbell/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@vityevato/hikvision-doorbell",
-   "version": "1.0.1",
+   "version": "2.0.0d",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
       "": {
          "name": "@vityevato/hikvision-doorbell",
-         "version": "1.0.1",
+         "version": "2.0.0d",
          "license": "Apache",
          "dependencies": {
             "@scrypted/common": "file:../../common",
@@ -30,39 +30,41 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
          "devDependencies": {
-            "@types/node": "^20.11.0",
+            "@types/node": "^20.19.11",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2"
          }
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.118",
+         "version": "0.5.48",
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
             "@rollup/plugin-virtual": "^3.0.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.2",
             "tslib": "^2.8.1",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
@@ -75,60 +77,62 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.0.1",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.11"
+            "typedoc": "^0.28.5"
          }
       },
       "../../server": {
          "name": "@scrypted/server",
-         "version": "0.138.1",
+         "version": "0.142.9",
          "hasInstallScript": true,
          "license": "ISC",
          "dependencies": {
             "@scrypted/ffmpeg-static": "^6.1.0-build3",
-            "@scrypted/node-pty": "^1.0.22",
-            "@scrypted/types": "^0.3.108",
+            "@scrypted/node-pty": "^1.0.25",
+            "@scrypted/types": "^0.5.43",
             "adm-zip": "^0.5.16",
-            "body-parser": "^1.20.3",
+            "body-parser": "^2.2.0",
             "cookie-parser": "^1.4.7",
-            "dotenv": "^16.4.5",
-            "engine.io": "^6.6.2",
-            "express": "^4.21.1",
+            "dotenv": "^16.5.0",
+            "engine.io": "^6.6.4",
+            "express": "^5.1.0",
             "follow-redirects": "^1.15.9",
-            "http-auth": "^4.2.0",
-            "level": "^8.0.1",
+            "http-auth": "^4.2.1",
+            "level": "^10.0.0",
             "lodash": "^4.17.21",
+            "mime-types": "^3.0.1",
             "node-dijkstra": "^2.5.0",
             "node-forge": "^1.3.1",
-            "node-gyp": "^10.2.0",
-            "py": "npm:@bjia56/portable-python@^0.1.112",
-            "semver": "^7.6.3",
-            "sharp": "^0.33.5",
+            "node-gyp": "^11.2.0",
+            "py": "npm:@bjia56/portable-python@^0.1.141",
+            "semver": "^7.7.2",
+            "sharp": "^0.34.2",
             "source-map-support": "^0.5.21",
             "tar": "^7.4.3",
             "tslib": "^2.8.1",
-            "typescript": "^5.5.4",
+            "typescript": "^5.8.3",
             "whatwg-mimetype": "^4.0.0",
-            "ws": "^8.18.0"
+            "ws": "^8.18.2"
          },
          "bin": {
             "scrypted-serve": "bin/scrypted-serve"
          },
          "devDependencies": {
             "@types/adm-zip": "^0.5.7",
-            "@types/cookie-parser": "^1.4.8",
-            "@types/express": "^5.0.0",
+            "@types/cookie-parser": "^1.4.9",
+            "@types/express": "^5.0.3",
             "@types/follow-redirects": "^1.14.4",
             "@types/http-auth": "^4.1.4",
-            "@types/lodash": "^4.17.13",
-            "@types/node": "^22.10.1",
+            "@types/lodash": "^4.17.17",
+            "@types/mime-types": "^3.0.1",
+            "@types/node": "^24.0.3",
             "@types/node-dijkstra": "^2.5.6",
             "@types/node-forge": "^1.3.11",
-            "@types/semver": "^7.5.8",
+            "@types/semver": "^7.7.0",
             "@types/source-map-support": "^0.5.10",
             "@types/whatwg-mimetype": "^3.0.2",
-            "@types/ws": "^8.5.13",
+            "@types/ws": "^8.18.1",
             "rimraf": "^6.0.1"
          }
       },
@@ -249,7 +253,8 @@
          "version": "file:../../common",
          "requires": {
             "@scrypted/sdk": "file:../sdk",
-            "@types/node": "^20.11.0",
+            "@scrypted/types": "^0.5.27",
+            "@types/node": "^20.19.11",
             "http-auth-utils": "^5.0.1",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2",
@@ -259,28 +264,29 @@
       "@scrypted/sdk": {
          "version": "file:../../sdk",
          "requires": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
             "@rollup/plugin-virtual": "^3.0.2",
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.0.1",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.43.0",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.2",
             "ts-node": "^10.9.2",
             "tslib": "^2.8.1",
-            "typedoc": "^0.26.11",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typedoc": "^0.28.5",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          }
       },
@@ -288,44 +294,46 @@
          "version": "file:../../server",
          "requires": {
             "@scrypted/ffmpeg-static": "^6.1.0-build3",
-            "@scrypted/node-pty": "^1.0.22",
-            "@scrypted/types": "^0.3.108",
+            "@scrypted/node-pty": "^1.0.25",
+            "@scrypted/types": "^0.5.43",
             "@types/adm-zip": "^0.5.7",
-            "@types/cookie-parser": "^1.4.8",
-            "@types/express": "^5.0.0",
+            "@types/cookie-parser": "^1.4.9",
+            "@types/express": "^5.0.3",
             "@types/follow-redirects": "^1.14.4",
             "@types/http-auth": "^4.1.4",
-            "@types/lodash": "^4.17.13",
-            "@types/node": "^22.10.1",
+            "@types/lodash": "^4.17.17",
+            "@types/mime-types": "^3.0.1",
+            "@types/node": "^24.0.3",
             "@types/node-dijkstra": "^2.5.6",
             "@types/node-forge": "^1.3.11",
-            "@types/semver": "^7.5.8",
+            "@types/semver": "^7.7.0",
             "@types/source-map-support": "^0.5.10",
             "@types/whatwg-mimetype": "^3.0.2",
-            "@types/ws": "^8.5.13",
+            "@types/ws": "^8.18.1",
             "adm-zip": "^0.5.16",
-            "body-parser": "^1.20.3",
+            "body-parser": "^2.2.0",
             "cookie-parser": "^1.4.7",
-            "dotenv": "^16.4.5",
-            "engine.io": "^6.6.2",
-            "express": "^4.21.1",
+            "dotenv": "^16.5.0",
+            "engine.io": "^6.6.4",
+            "express": "^5.1.0",
             "follow-redirects": "^1.15.9",
-            "http-auth": "^4.2.0",
-            "level": "^8.0.1",
+            "http-auth": "^4.2.1",
+            "level": "^10.0.0",
             "lodash": "^4.17.21",
+            "mime-types": "^3.0.1",
             "node-dijkstra": "^2.5.0",
             "node-forge": "^1.3.1",
-            "node-gyp": "^10.2.0",
-            "py": "npm:@bjia56/portable-python@^0.1.112",
+            "node-gyp": "^11.2.0",
+            "py": "npm:@bjia56/portable-python@^0.1.141",
             "rimraf": "^6.0.1",
-            "semver": "^7.6.3",
-            "sharp": "^0.33.5",
+            "semver": "^7.7.2",
+            "sharp": "^0.34.2",
             "source-map-support": "^0.5.21",
             "tar": "^7.4.3",
             "tslib": "^2.8.1",
-            "typescript": "^5.5.4",
+            "typescript": "^5.8.3",
             "whatwg-mimetype": "^4.0.0",
-            "ws": "^8.18.0"
+            "ws": "^8.18.2"
          }
       },
       "@types/ip": {

plugins/hikvision-doorbell/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@vityevato/hikvision-doorbell",
-   "version": "1.0.1",
+   "version": "2.0.8",
    "description": "Hikvision Doorbell Plugin for Scrypted",
    "author": "Roman Sokolov",
    "license": "Apache",

plugins/hikvision-doorbell/src/auth-request.ts

@@ -7,6 +7,8 @@ import * as Auth from 'http-auth-client';
 export interface AuthRequestOptions extends Http.RequestOptions {
     sessionAuth?: Auth.Basic | Auth.Digest | Auth.Bearer;
     responseType: HttpFetchResponseType;
+    // Internal: number of digest retries performed for this request
+    digestRetry?: number;
 }
 
 export type  AuthRequestBody = string | Buffer | Readable;
@@ -15,11 +17,13 @@ export class AuthRequst {
 
     private username: string;
     private password: string;
+    private console: Console;
     private auth: Auth.Basic | Auth.Digest | Auth.Bearer;
 
     constructor(username:string, password: string, console: Console) {
         this.username = username;
         this.password = password;
+        this.console = console;
     }
 
     async request(url: string, options: AuthRequestOptions, body?: AuthRequestBody) {
@@ -38,23 +42,44 @@ export class AuthRequst {
 
             const req = Http.request(url, opt)
 
+            // Apply timeout if specified (Node.js http.request doesn't use timeout from options)
+            if (opt.timeout) {
+                req.setTimeout (opt.timeout, () => {
+                    req.destroy (new Error (`Request timeout after ${opt.timeout}ms`));
+                });
+            }
+
             req.once('response', async (resp) => {
+                try {
+                    if (resp.statusCode == 401) {
 
-                if (resp.statusCode == 401) {
+                        // Hikvision quirk: even if we already had a sessionAuth, a fresh
+                        // WWW-Authenticate challenge may require rebuilding credentials.
+                        // Limit the number of digest rebuilds to avoid infinite loops.
+                        const attempt = (opt.digestRetry ?? 0);
+                        if (attempt >= 2) {
+                            // Give up after a couple of rebuild attempts and surface the 401 response
+                            resolve(await this.parseResponse (opt.responseType, resp));
+                            return;
+                        }
 
-                    if (opt.sessionAuth) {
-                        resolve(await this.parseResponse (opt.responseType, resp));
-                        return;
+                        const newAuth = this.createAuth(resp.headers['www-authenticate'], !!this.auth);
+                        // Clear cached auth to avoid stale nonce reuse
+                        this.auth = undefined;
+                        opt.sessionAuth = newAuth;
+                        opt.digestRetry = attempt + 1;
+                        const result = await this.request(url, opt, body);
+                        resolve(result);
                     }
-
-                    opt.sessionAuth = this.createAuth(resp.headers['www-authenticate'], !!this.auth);
-                    this.auth = undefined;
-                    const result = await this.request(url, opt, body);
-                    resolve(result);
-                }
-                else {
-                    this.auth = opt.sessionAuth;
-                    resolve(await this.parseResponse(opt.responseType, resp));
+                    else {
+                        // Cache the negotiated session auth only if it was provided for this request.
+                        if (opt.sessionAuth) {
+                        this.auth = opt.sessionAuth;
+                        }
+                        resolve(await this.parseResponse(opt.responseType, resp));
+                    }
+                } catch (error) {
+                    reject(error);
                 }
             });
 
@@ -73,7 +98,6 @@ export class AuthRequst {
                 req.end();
             }
             else {
-
                 this.readableBody(req, body).pipe(req);
                 req.flushHeaders();
             }
@@ -155,6 +179,10 @@ export class AuthRequst {
             readable.once('end', () => {
                 resolve(result);
             });
+
+            readable.once('error', (error) => {
+                reject(error);
+            });
         });
     }
 
@@ -170,6 +198,10 @@ export class AuthRequst {
             readable.once('end', () => {
                 resolve(result);
             });
+
+            readable.once('error', (error) => {
+                reject(error);
+            });
         });
     }
 

plugins/hikvision-doorbell/src/debug-console.ts

@@ -0,0 +1,43 @@
+import { Console } from 'console';
+
+/**
+ * Interface for managing debug state
+ */
+export interface DebugController {
+    setDebugEnabled(enabled: boolean): void;
+    getDebugEnabled(): boolean;
+}
+
+/**
+ * Mutates an existing Console object to provide conditional debug output
+ * @param console - The console object to mutate
+ * @returns Controller object for managing debug state
+ */
+export function makeDebugConsole(console: Console): DebugController {
+    let debugEnabled = process.env.DEBUG === 'true' || 
+                      process.env.NODE_ENV === 'development';
+    
+    // Store original debug method
+    const originalDebug = console.debug.bind (console);
+    
+    // Replace debug method with conditional version
+    console.debug = (message?: any, ...optionalParams: any[]): void => {
+        if (debugEnabled) 
+        {
+            const now = new Date();
+            const timestamp = now.toISOString();
+            originalDebug (`[DEBUG ${timestamp}] ${message}`, ...optionalParams);
+        }
+    };
+    
+    // Return controller for managing debug state
+    return {
+        setDebugEnabled(enabled: boolean): void {
+            debugEnabled = enabled;
+        },
+        
+        getDebugEnabled(): boolean {
+            return debugEnabled;
+        }
+    };
+}

plugins/hikvision-doorbell/src/entry-sensor.ts

@@ -0,0 +1,30 @@
+import { BinarySensor, Readme, ScryptedDeviceBase, ScryptedInterface } from "@scrypted/sdk";
+import { HikvisionDoorbellAPI } from "./doorbell-api";
+import type { HikvisionCameraDoorbell } from "./main";
+import * as fs from 'fs/promises';
+import { join } from 'path';
+
+export class HikvisionEntrySensor extends ScryptedDeviceBase implements BinarySensor, Readme {
+
+    constructor(public camera: HikvisionCameraDoorbell, nativeId: string, public doorNumber: string = '1') 
+    {
+        super (nativeId);
+        this.binaryState = this.binaryState || false;
+    }
+
+    async getReadmeMarkdown(): Promise<string> 
+    {
+        const fileName = join (process.cwd(), 'ENTRY_SENSOR_README.md');
+        return fs.readFile (fileName, 'utf-8');
+    }
+
+
+    private getClient(): HikvisionDoorbellAPI {
+        return this.camera.getClient();
+    }
+
+    static deviceInterfaces: string[] = [
+        ScryptedInterface.BinarySensor,
+        ScryptedInterface.Readme
+    ];
+}

plugins/hikvision-doorbell/src/http-stream-switcher.ts

@@ -0,0 +1,144 @@
+import { PassThrough } from 'stream';
+import { EventEmitter } from 'events';
+
+/**
+ * HTTP Stream Switcher
+ * Receives data from single source and writes to single active PassThrough stream
+ * Supports seamless stream switching without stopping the data source
+ */
+export interface HttpSession {
+    sessionId: string;
+    stream: PassThrough;
+    putPromise: Promise<any>;
+}
+
+export class HttpStreamSwitcher extends EventEmitter
+{
+    private currentStream?: PassThrough;
+    private currentSession?: HttpSession;
+    private byteCount: number = 0;
+    private streamSwitchCount: number = 0;
+
+    constructor (private console: Console) {
+        super();
+    }
+
+    /**
+     * Write data to current active stream
+     */
+    write (data: Buffer): void
+    {
+        if (!this.currentStream) {
+            // No active stream, drop data
+            return;
+        }
+
+        try {
+            const canWrite = this.currentStream.write (data);
+            this.byteCount += data.length;
+            
+            if (!canWrite) {
+                // Stream buffer is full, apply backpressure
+                this.console.warn ('Stream buffer full, applying backpressure');
+            }
+        } catch (error) {
+            this.console.error ('Error writing to stream:', error);
+            this.clearSession();
+        }
+    }
+
+    /**
+     * Switch to new HTTP session
+     * Old session will be ended gracefully
+     */
+    switchSession (session: HttpSession): void
+    {
+        const oldSession = this.currentSession;
+        
+        if (oldSession) {
+            this.console.debug (`Switching HTTP session ${oldSession.sessionId} -> ${session.sessionId} (${this.byteCount} bytes sent)`);
+            
+            // End old stream gracefully
+            try {
+                oldSession.stream.end();
+            } catch (e) {
+                // Ignore errors on old stream
+            }
+            
+            this.streamSwitchCount++;
+        } else {
+            this.console.debug (`Setting initial HTTP session ${session.sessionId}`);
+        }
+
+        this.currentSession = session;
+        this.currentStream = session.stream;
+        this.byteCount = 0;
+
+        // Setup error handler for new stream
+        session.stream.on ('error', (error) => {
+            this.console.error (`Stream error for session ${session.sessionId}:`, error);
+            if (this.currentSession === session) {
+                this.clearSession();
+            }
+        });
+
+        session.stream.on ('close', () => {
+            this.console.debug (`Stream closed for session ${session.sessionId}`);
+            if (this.currentSession === session) {
+                this.clearSession();
+            }
+        });
+    }
+
+    /**
+     * Clear current session without replacement
+     */
+    private clearSession(): void
+    {
+        this.currentStream = undefined;
+        this.currentSession = undefined;
+    }
+
+    /**
+     * Get current session ID
+     */
+    getCurrentSessionId(): string | undefined
+    {
+        return this.currentSession?.sessionId;
+    }
+
+    /**
+     * Check if given putPromise is current
+     */
+    isCurrentPutPromise (putPromise: Promise<any>): boolean
+    {
+        return this.currentSession?.putPromise === putPromise;
+    }
+
+    /**
+     * Get current session
+     */
+    getCurrentSession(): HttpSession | undefined
+    {
+        return this.currentSession;
+    }
+
+    /**
+     * Destroy switcher and cleanup
+     */
+    destroy(): void
+    {
+        this.console.debug (`Destroying HTTP switcher (sent ${this.byteCount} bytes, ${this.streamSwitchCount} switches)`);
+        
+        if (this.currentStream) {
+            try {
+                this.currentStream.end();
+            } catch (e) {
+                // Ignore
+            }
+            this.currentStream = undefined;
+        }
+        
+        this.removeAllListeners();
+    }
+}

plugins/hikvision-doorbell/src/lock.ts

@@ -1,24 +1,42 @@
-import sdk, { ScryptedDeviceBase, SettingValue, ScryptedInterface, Setting, Settings, Lock, LockState, Readme } from "@scrypted/sdk";
+import { Lock, LockState, Readme, ScryptedDeviceBase, ScryptedInterface } from "@scrypted/sdk";
 import { HikvisionDoorbellAPI } from "./doorbell-api";
-import { HikvisionDoorbellProvider } from "./main";
+import type { HikvisionCameraDoorbell } from "./main";
 import * as fs from 'fs/promises';
 import { join } from 'path';
 
-const { deviceManager } = sdk;
+export class HikvisionLock extends ScryptedDeviceBase implements Lock, Readme {
 
-export class HikvisionLock extends ScryptedDeviceBase implements Lock, Settings, Readme {
-
-    // timeout: NodeJS.Timeout;
-
-    private provider: HikvisionDoorbellProvider;
-
-    constructor(nativeId: string, provider: HikvisionDoorbellProvider) {
+    constructor (public camera: HikvisionCameraDoorbell, nativeId: string, public doorNumber: string = '1') {
         super (nativeId);
-
         this.lockState = this.lockState || LockState.Unlocked;
-        this.provider = provider;
         
-        // provider.updateLock (nativeId, this.name);
+        // Initialize lock state by attempting to close the lock
+        this.initializeLockState();
+    }
+
+    /**
+     * Initialize lock state by attempting to close the lock.
+     * If close command succeeds, assume the lock is now locked.
+     * If it fails, assume the lock state remains as default.
+     */
+    private async initializeLockState(): Promise<void>
+    {
+        try {
+            const capabilities = await this.getClient().getDoorControlCapabilities();
+            const command = capabilities.availableCommands.includes ('close') ? 'close' : 'resume';
+            
+            // Attempt to close/lock the door
+            await this.getClient().controlDoor (this.doorNumber, command);
+            
+            // If successful, set state to Locked
+            this.lockState = LockState.Locked;
+            this.camera.console.info (`Lock ${this.doorNumber} initialized as Locked (close command succeeded)`);
+            
+        } catch (error) {
+            // If command fails, keep default state
+            this.camera.console.warn (`Lock ${this.doorNumber} initialization failed: ${error}. Using default state.`);
+            this.lockState = LockState.Unlocked;
+        }
     }
 
     async getReadmeMarkdown(): Promise<string> 
@@ -27,52 +45,24 @@ export class HikvisionLock extends ScryptedDeviceBase implements Lock, Settings,
         return fs.readFile (fileName, 'utf-8');
     }
 
-    lock(): Promise<void> {
-        return this.getClient().closeDoor();
-    }
-    unlock(): Promise<void> {
-        return this.getClient().openDoor();
-    }
-
-    async getSettings(): Promise<Setting[]> {
-        const cameraNativeId = this.storage.getItem (HikvisionDoorbellProvider.CAMERA_NATIVE_ID_KEY);
-        const state = deviceManager.getDeviceState (cameraNativeId);
-        return [
-            {
-                key: 'parentDevice',
-                title: 'Linked Doorbell Device Name',
-                description: 'The name of the associated doorbell plugin device (for information)',
-                value: state.id,
-                readonly: true,
-                type: 'device',
-            },
-            {
-                key: 'ip',
-                title: 'IP Address',
-                description: 'IP address of the doorbell device (for information)',
-                value: this.storage.getItem ('ip'),
-                readonly: true,
-                type: 'string',
-            }
-        ]
-    }
-    async putSetting(key: string, value: SettingValue): Promise<void> {
-        this.storage.setItem(key, value.toString());
-    }
-
-    getClient(): HikvisionDoorbellAPI
+    async lock(): Promise<void>
     {
-        const ip = this.storage.getItem ('ip');
-        const port = this.storage.getItem ('port');
-        const user = this.storage.getItem ('user');
-        const pass = this.storage.getItem ('pass');
+        const capabilities = await this.getClient().getDoorControlCapabilities();
+        const command = capabilities.availableCommands.includes ('close') ? 'close' : 'resume';
+        await this.getClient().controlDoor (this.doorNumber, command);
+    }
 
-        return this.provider.createSharedClient(ip, port, user, pass, this.console, this.storage);
+    async unlock(): Promise<void>
+    {
+        await this.getClient().controlDoor (this.doorNumber, 'open');
+    }
+
+    private getClient(): HikvisionDoorbellAPI {
+        return this.camera.getClient();
     }
 
     static deviceInterfaces: string[] = [
         ScryptedInterface.Lock,
-        ScryptedInterface.Settings,
         ScryptedInterface.Readme
     ];
 }

plugins/hikvision-doorbell/src/rtp-stream-switcher.ts

@@ -0,0 +1,121 @@
+import { EventEmitter } from 'events';
+import dgram from 'dgram';
+import { udpSocketType } from './utils';
+
+/**
+ * RTP Stream Switcher
+ * Receives RTP packets from single source and sends to single active target
+ * Supports seamless target switching without stopping the data source
+ * Supports both IPv4 and IPv6
+ */
+export interface RtpTarget {
+    ip: string;
+    port: number;
+    socket: dgram.Socket;
+}
+
+export class RtpStreamSwitcher extends EventEmitter 
+{
+    private currentTarget?: RtpTarget;
+    private packetCount: number = 0;
+    private targetSwitchCount: number = 0;
+
+    constructor (private console: Console) {
+        super();
+    }
+
+    /**
+     * Switch to new RTP target
+     * Old target will be closed gracefully
+     */
+    switchTarget (ip: string, port: number): void
+    {
+        const oldTarget = this.currentTarget;
+        
+        if (oldTarget) {
+            this.console.debug (`Switching RTP target ${oldTarget.ip}:${oldTarget.port} -> ${ip}:${port} (${this.packetCount} packets sent)`);
+            
+            // Close old socket gracefully
+            try {
+                oldTarget.socket.close();
+            } catch (e) {
+                // Ignore errors on old socket
+            }
+            
+            this.targetSwitchCount++;
+        } else {
+            this.console.debug (`Setting initial RTP target ${ip}:${port}`);
+        }
+
+        const socketType = udpSocketType (ip);
+        const socket = dgram.createSocket (socketType);
+        
+        // Setup error handler for new socket
+        socket.on ('error', (err) => {
+            this.console.error (`Socket error for target ${ip}:${port}:`, err);
+            if (this.currentTarget?.socket === socket) {
+                this.clearTarget();
+            }
+        });
+
+        this.currentTarget = { ip, port, socket };
+        this.packetCount = 0;
+        
+        this.console.info (`RTP target set: ${ip}:${port} (${socketType})`);
+    }
+
+    /**
+     * Clear current target without replacement
+     */
+    private clearTarget(): void
+    {
+        this.currentTarget = undefined;
+    }
+
+    /**
+     * Send RTP packet to current active target
+     */
+    sendRtp (rtp: Buffer): void
+    {
+        if (!this.currentTarget) {
+            // No active target, drop packet
+            return;
+        }
+
+        this.packetCount++;
+
+        try {
+            this.currentTarget.socket.send (rtp, this.currentTarget.port, this.currentTarget.ip, (err) => {
+                if (err) {
+                    this.console.error (`Failed to send RTP packet:`, err);
+                }
+            });
+        } catch (error) {
+            this.console.error (`Error sending RTP packet:`, error);
+            this.clearTarget();
+        }
+
+        if (this.packetCount % 100 === 0) {
+            this.console.debug (`Sent ${this.packetCount} RTP packets to current target`);
+        }
+    }
+
+    /**
+     * Destroy switcher and cleanup
+     */
+    destroy(): void
+    {
+        this.console.debug (`Destroying RTP switcher (sent ${this.packetCount} packets, ${this.targetSwitchCount} switches)`);
+        
+        if (this.currentTarget) {
+            try {
+                this.currentTarget.socket.close();
+            } catch (e) {
+                // Ignore
+            }
+            this.currentTarget = undefined;
+        }
+        
+        this.removeAllListeners();
+    }
+}

plugins/hikvision-doorbell/src/sip-manager.ts

@@ -4,17 +4,27 @@ import { localServiceIpAddress, rString, udpSocketType, unq } from './utils';
 import { isV4Format } from 'ip';
 import dgram from 'node:dgram';
 import { timeoutPromise } from "@scrypted/common/src/promise-utils";
+import { parseSdp } from '@scrypted/common/src/sdp-utils';
 
-
+export interface SipAudioTarget {
+    ip: string;
+    port: number;
+}
 
 enum DialogStatus 
 {
   Idle,
+  // Incoming call states
   Ringing,
   Answer,
-  AnswerAc,
-  Hangup,
-  HangupAc,
+  Bye,
+  ByeOk,
+  // Outgoing call states
+  Inviting,
+  InviteAc,
+  // Connected states (in/out)
+  Connected,
+  // Registration
   Regitering
 }
 
@@ -30,42 +40,90 @@ const clientRegistrationExpires = 3600; // in seconds
 
 export interface SipRegistration
 {
-  user: string;
-  password: string;
-  ip: string;
-  port: number;
-  callId: string;
-  realm?: string;
+  user: string; // username for registration
+  password: string; // password for registration
+  ip: string; // ip address for registration or doorbell ip
+  port: number; // port for registration or doorbell port
+  callId: string; // call id for registration (local phone number)
+  realm?: string; // realm for registration
+  doorbellId: string; // doorbell id for registration (remote phone number)
 }
 
 export class SipManager {
 
   localIp: string;
   localPort: number;
+  remoteAudioTarget?: SipAudioTarget;
+  audioCodec?: string;
+
+  private onInviteHandler?: () => void;
+  private onStopRingingHandler?: () => void;
+  private onHangupHandler?: () => void;
+  
+  private callId: string = '10012';
 
   constructor(private ip: string, private console: Console, private storage: Storage) {
   }
 
+  setOnInviteHandler (handler: () => void)
+  {
+    this.onInviteHandler = handler;
+  }
+
+  setOnStopRingingHandler (handler: () => void)
+  {
+    this.onStopRingingHandler = handler;
+  }
+
+  setOnHangupHandler (handler: () => void)
+  {
+    this.onHangupHandler = handler;
+  }
+
+  private parseSdpAudioTarget (sdpContent?: string): SipAudioTarget | undefined
+  {
+    if (!sdpContent) return undefined;
+
+    try {
+      const parsed = parseSdp (sdpContent);
+      
+      // Find audio section
+      const audioSection = parsed.msections.find (s => s.type === 'audio');
+      if (!audioSection) {
+        this.console.warn ('No audio section found in SDP');
+        return undefined;
+      }
+
+      // Extract IP from header (c=IN IP4 ...)
+      const cLine = parsed.header.lines.find (l => l.startsWith ('c='));
+      const ipMatch = cLine?.match (/c=IN IP[46] ([\d.:a-fA-F]+)/);
+      const ip = ipMatch?.[1];
+
+      const port = audioSection.port;
+
+      if (ip && port) {
+        this.console.debug (`Parsed SDP audio target: ${ip}:${port}`);
+        return { ip, port };
+      }
+    } catch (e) {
+      this.console.error (`Failed to parse SDP: ${e}`);
+    }
+
+    return undefined;
+  }
+
   async startClient (creds: SipRegistration)
   {
     this.clientMode = true;
 
     this.stop();
     await this.startServer();
-
-    this.clientCreds = creds;
-    // {
-    //   user: '4442',
-    //   password: '4443',
-    //   ip: '10.210.210.150',
-    //   port: 5060,
-    //   callId: '4442'
-    // }
+    this.remoteCreds = creds;
 
     return this.register();
   }
 
-  async startGateway (port?: number) 
+  async startGateway (callId?: string, port?: number) 
   {
     if (this.clientMode && sip.stop) {
       await this.unregister();
@@ -77,6 +135,9 @@ export class SipManager {
     if (port) {
       this.localPort = port;
     }
+    if (callId) {
+      this.callId = callId;
+    }
     return this.startServer (!port);
   }
 
@@ -91,7 +152,6 @@ export class SipManager {
     {
       const ring = this.state.msg;
 
-      let bye = true;
       let rs = this.makeRs (ring, 200, 'Ok');
 
       rs.content = this.fakeSdpContent();
@@ -99,11 +159,11 @@ export class SipManager {
       
       try {
         await timeoutPromise<void> (waitResponseTimeout, new Promise<void> (resolve => { 
-          this.state = {
+          this.setState ({
             status: DialogStatus.Answer,
             msg: ring,
             waitAck: resolve
-          }
+          });
           sip.send (rs);
         }));
       } catch (error) {
@@ -111,56 +171,262 @@ export class SipManager {
       }
       // await Promise.race ([waitAck, awaitTimeout (waitResponseTimeout)]);
 
-      this.state = {
-        status: DialogStatus.AnswerAc,
+      this.setState ({
+        status: DialogStatus.Connected,
         msg: ring
-      }
-      const byeMsg = this.bye (ring);
+      });
+    }
+  }
 
-      try 
+  async invite(): Promise<boolean>
+  {
+    if (this.state.status !== DialogStatus.Idle) {
+      this.console.warn ('Cannot send INVITE: dialog not idle');
+      return false;
+    }
+
+    if (!this.remoteCreds) {
+      this.console.error ('Cannot send INVITE: no remote credentials');
+      return false;
+    }
+
+    const creds = this.remoteCreds;
+    const fromUri = sip.parseUri (`sip:${creds.callId}@${this.localIp}:${this.localPort}`);
+    const toUri = sip.parseUri (`sip:${creds.doorbellId}@${creds.ip}:${creds.port}`);
+
+    const inviteMsg = {
+      method: 'INVITE',
+      uri: toUri,
+      headers: {
+        to: { uri: toUri },
+        from: { uri: fromUri, params: { tag: rString() } },
+        'call-id': `${rString()}@${this.localIp}:${this.localPort}`,
+        cseq: { seq: 1, method: 'INVITE' },
+        contact: [{ uri: fromUri }],
+        'content-type': 'application/sdp',
+      },
+      content: this.fakeSdpContent()
+    };
+
+    this.setState ({
+      status: DialogStatus.Inviting,
+      msg: inviteMsg
+    });
+
+    try {
+      // Send INVITE and collect all responses until final (200 or 4xx/5xx/6xx)
+      const response = await timeoutPromise<any> (waitResponseTimeout * 3, new Promise<any> ((resolve, reject) => {
+        sip.send (inviteMsg, (rs) => {
+          if (rs.status >= 100 && rs.status < 200) {
+            // Provisional response (100 Trying, 180 Ringing)
+            this.console.debug (`INVITE: Provisional response ${rs.status}`);
+            // Don't resolve, callback will be called again for final response
+          } else if (rs.status >= 200) {
+            // Final response (200 OK or error)
+            resolve (rs);
+          }
+        });
+      }));
+
+      if (response.status === 200) 
       {
-         const doit = new Promise<boolean> (resolve => {
-
-          sip.send (byeMsg, (rs) => {
-            this.console.log (`BYE response:\n${sip.stringify (rs)}`);
-            if (rs.status == 200) {
-              this.state.status = DialogStatus.HangupAc;
-              resolve(true);
-            }
-          });
-          this.state.status = DialogStatus.Hangup;
-  
+        this.console.info ('INVITE: Call accepted (200 OK)');
+        
+        // Parse remote SDP
+        this.remoteAudioTarget = this.parseSdpAudioTarget (response.content);
+        
+        this.setState ({
+          status: DialogStatus.InviteAc,
+          msg: response
         });
 
-        var result = await timeoutPromise<boolean> (waitResponseTimeout, doit);
-      } catch (error) {
-        this.console.error (`Wait OK error: ${error}`);
-      }
+        // Send ACK
+        const ackMsg = {
+          method: 'ACK',
+          uri: toUri,
+          headers: {
+            to: response.headers.to,
+            from: inviteMsg.headers.from,
+            'call-id': inviteMsg.headers['call-id'],
+            cseq: { seq: 1, method: 'ACK' },
+            contact: inviteMsg.headers.contact,
+          }
+        };
 
-      // const result = await Promise.race ([waitOk, awaitTimeout(waitResponseTimeout).then (()=> false)])
-      if (!result) {
-        this.console.error (`When BYE, timeut occurred`);
-      }
+        sip.send (ackMsg);
 
+        this.setState ({
+          status: DialogStatus.Connected,
+          msg: response
+        });
+
+        return true;
+      } 
+      else if (response.status >= 400) 
+      {
+        this.console.error (`INVITE failed: ${response.status} ${response.reason}`);
+        this.clearState();
+        return false;
+      }
+    } 
+    catch (error) {
+      this.console.error (`INVITE error: ${error}`);
       this.clearState();
+      return false;
     }
+
+    this.clearState();
+    return false;
+  }
+
+  async hangup(): Promise<boolean>
+  {
+    if (this.state.status !== DialogStatus.Connected) {
+      this.console.warn ('Cannot send BYE: dialog not connected');
+      return false;
+    }
+
+    const byeMsg = this.bye (this.state.msg);
+
+    try 
+    {
+       const doit = new Promise<boolean> (resolve => {
+
+        sip.send (byeMsg, (rs) => {
+          this.console.info (`BYE response:\n${sip.stringify (rs)}`);
+          if (rs.status == 200) {
+            this.setState ({ status: DialogStatus.ByeOk, msg: byeMsg });
+            resolve (true);
+          }
+        });
+        this.setState ({ status: DialogStatus.Connected, msg: byeMsg });
+
+      });
+
+      var result = await timeoutPromise<boolean> (waitResponseTimeout, doit);
+    } catch (error) {
+      this.console.error (`Wait OK error: ${error}`);
+      return false;
+    }
+
+    // const result = await Promise.race ([waitOk, awaitTimeout(waitResponseTimeout).then (()=> false)])
+    if (!result) {
+      this.console.error (`When BYE, timeout occurred`);
+      return false;
+    }
+
+    this.clearState();
+    return true;
   }
 
   private state: SipState = { status: DialogStatus.Idle};
   private clientMode: boolean = false;
   private authCtx: any = { nc: 1 };
   private registrationExpires: number = clientRegistrationExpires;
-  private clientCreds: SipRegistration;
+  private remoteCreds: SipRegistration;
+
+  private setState (newState: SipState)
+  {
+    const oldStatus = this.state.status;
+    const newStatus = newState.status;
+    
+    this.state = newState;
+    
+    // Hook for future actions on state transitions
+    this.onStateChange (oldStatus, newStatus);
+  }
+
+  private onStateChange(oldStatus: DialogStatus, newStatus: DialogStatus) 
+  {
+    if (oldStatus === newStatus)
+      return;
+
+    this.console.debug (`State transition: ${DialogStatus[oldStatus]} -> ${DialogStatus[newStatus]}`);
+
+    switch (oldStatus) 
+    {
+      case DialogStatus.Ringing:
+        if (this.onStopRingingHandler) {
+          // Call handler asynchronously to avoid blocking SIP message flow
+          setImmediate (() => {
+            try {
+              this.onStopRingingHandler();
+            } catch (e) {
+              this.console.error(`Error in onStopRinging handler: ${e}`);
+            }
+          });
+        }
+        return;
+    }
+
+    switch (newStatus) 
+    {
+
+      case DialogStatus.Ringing:
+        if (this.onInviteHandler) {
+          // Call handler asynchronously to avoid blocking SIP message flow
+          setImmediate (() => {
+            try {
+              this.onInviteHandler();
+            } catch (e) {
+              this.console.error(`Error in onInvite handler: ${e}`);
+            }
+          });
+        }
+        return;
+
+      case DialogStatus.Bye:
+        if (this.onHangupHandler) {
+          // Call handler asynchronously to avoid blocking SIP message flow
+          setImmediate (() => {
+            try {
+              this.onHangupHandler();
+            } catch (e) {
+              this.console.error(`Error in onHangup handler: ${e}`);
+            }
+          });
+        }
+        return;
+    }
+  }
 
 
-  private incomeRegister(rq: any): boolean {
-
-    let rs = sip.makeResponse(rq, 200, 'OK');
+  private incomeRegister (rq: any): boolean
+  {
+    // Parse registration request to extract credentials
+    const fromUri = sip.parseUri (rq.headers.from.uri);
+    const contactUri = rq.headers.contact && rq.headers.contact[0] && sip.parseUri (rq.headers.contact[0].uri);
+    const toUri = sip.parseUri (rq.headers.to.uri);
+    
+    const user = fromUri.user || toUri.user; // username for registration
+    const doorbellId = toUri.user || fromUri.user; // remote phone number (doorbell extension)
+    const ip = contactUri?.host || fromUri.host;
+    const port = contactUri?.port || fromUri.port || 5060;
+    
+    if (!user || !ip || !doorbellId) {
+      this.console.warn ('REGISTER: Missing user, doorbellId or IP in request');
+      return false;
+    }
+    
+    // Store registration (only one client supported in gateway mode)
+    this.remoteCreds = {
+      user,
+      password: '', // Password will be handled via digest auth if needed
+      ip,
+      port,
+      callId: this.callId,
+      doorbellId,
+      realm: undefined
+    };
+    
+    this.console.debug (`REGISTER: Stored registration for user ${user} from ${ip}:${port}`);
+    
+    let rs = sip.makeResponse (rq, 200, 'OK');
     rs.headers.contact = rq.headers.contact;
-    sip.send(rs);
-
+    rs.headers.expires = rq.headers.expires || clientRegistrationExpires;
+    sip.send (rs);
+    
     return true;
-
   }
 
   private async startServer (findFreePort: boolean = true) 
@@ -176,10 +442,10 @@ export class SipManager {
         await sip.start({
           logger: { 
             send: (message, addrInfo) => {  
-              this.console.log(`send to ${addrInfo.address}:\n${sip.stringify(message)}`); 
+              this.console.debug (`send to ${addrInfo.address}:\n${sip.stringify(message)}`); 
             },
             recv: (message, addrInfo) => {  
-              this.console.log(`recv to ${addrInfo.address}:\n${sip.stringify(message)}`); 
+              this.console.debug (`recv to ${addrInfo.address}:\n${sip.stringify(message)}`); 
             }
           },
           address: this.localIp,
@@ -246,13 +512,21 @@ export class SipManager {
   { 
     if (this.state.status === DialogStatus.Idle)
     {
+      // Parse SDP to extract audio target
+      this.remoteAudioTarget = this.parseSdpAudioTarget (rq.content);
+      
       rq.headers.to = {uri: rq.headers.to.uri, params: { tag: 'govno' }};
-      this.state = {
-        status: DialogStatus.Ringing,
-        msg: rq
-      }
+      
+      // Send 180 Ringing FIRST, before changing state
       let rs = this.makeRs(rq, 180, 'Ringing');
       sip.send(rs);
+      
+      // Then update state (this will trigger onInviteHandler asynchronously)
+      this.setState ({
+        status: DialogStatus.Ringing,
+        msg: rq
+      });
+      
       return true;
     }
     return false;
@@ -281,11 +555,12 @@ export class SipManager {
 
   private incomeBye (rq: any): boolean 
   {
-    if (this.state.status == DialogStatus.AnswerAc ||
-        this.state.status == DialogStatus.Hangup) 
+    if (this.state.status == DialogStatus.Connected ||
+        this.state.status == DialogStatus.Bye) 
     {
-      this.clearState();
+      this.setState ({ status: DialogStatus.Bye, msg: rq });
       sip.send (this.makeRs (rq, 200, 'OK'));
+      this.clearState();
       return true;
     }
     return false;
@@ -299,37 +574,27 @@ export class SipManager {
     return rs;
   }
 
-  private fakeSdpContent()
-  {
-    const ipv = isV4Format (this.localIp) ? 'IP4' : 'IP6';
-    const ip = `${ipv} ${this.localIp}`;
-    return 'v=0\r\n' +
-    `o=yate 1707679323 1707679323 IN ${ip}\r\n` +
-    's=SIP Call\r\n' +
-    `c=IN ${ip}\r\n` +
-    't=0 0\r\n' +
-    'm=audio 9654 RTP/AVP 0 101\r\n' +
-    'a=rtpmap:0 PCMU/8000\r\n' +
-    'a=rtpmap:101 telephone-event/8000\r\n';
-  }
-
   private bye (rq: any): any
   {
-    const toUser = sip.parseUri(rq.headers.to.uri).user;
     let uri = rq.headers.contact[0] && rq.headers.contact[0].uri;
     if (uri === undefined) {
       uri = rq.headers.from.uri;
     }
 
+    // In SIP dialog, BYE From/To depend on who initiated the call
+    // If we received INVITE (server mode): swap headers
+    // If we sent INVITE (client mode): keep headers as is
+    const isServerMode = rq.method === 'INVITE';
+    
     let msg = {
       method: 'BYE',
       uri: uri,
       headers: {
-        to: rq.headers.from,
-        from: rq.headers.to,
+        to: isServerMode ? rq.headers.from : rq.headers.to,
+        from: isServerMode ? rq.headers.to : rq.headers.from,
         'call-id': rq.headers['call-id'],
         cseq: {method: 'BYE', seq: rq.headers.cseq.seq + 1},
-        contact: `sip:${toUser}@${this.localIp}:${this.localPort}` 
+        contact: `sip:${this.callId}@${this.localIp}:${this.localPort}` 
       }
     }
 
@@ -342,6 +607,36 @@ export class SipManager {
     return msg;
   }
 
+  private fakeSdpContent()
+  {
+    const ipv = isV4Format (this.localIp) ? 'IP4' : 'IP6';
+    const ip = `${ipv} ${this.localIp}`;
+    
+    // Determine codec payload type and name
+    let payloadType = '0';
+    let codecName = 'PCMU/8000';
+    
+    if (this.audioCodec === 'pcm_alaw' || this.audioCodec === 'alaw') {
+      payloadType = '8';
+      codecName = 'PCMA/8000';
+    } else if (this.audioCodec === 'pcm_mulaw' || this.audioCodec === 'mulaw') {
+      payloadType = '0';
+      codecName = 'PCMU/8000';
+    }
+    
+    return 'v=0\r\n' +
+    `o=yate 1707679323 1707679323 IN ${ip}\r\n` +
+    's=SIP Call\r\n' +
+    `c=IN ${ip}\r\n` +
+    't=0 0\r\n' +
+    `m=audio 9654 RTP/AVP ${payloadType} 101\r\n` +
+    `a=rtpmap:${payloadType} ${codecName}\r\n` +
+    'a=rtpmap:101 telephone-event/8000\r\n' +
+    'a=sendonly\r\n' +
+    'm=video 0 RTP/AVP 96\r\n' +
+    'a=inactive\r\n';
+  }
+
   private async getFreeUdpPort (ip: string, type: dgram.SocketType)
   {
     return new Promise<number> (resolve => {
@@ -369,7 +664,7 @@ export class SipManager {
   {
     if (this.state.status !== DialogStatus.Idle) return false;
 
-    const creds = this.clientCreds;
+    const creds = this.remoteCreds;
     const hereUri = sip.parseUri (`sip:${creds.callId}@${this.localIp}:${this.localPort}`);
 
     const initMsg = {
@@ -386,10 +681,10 @@ export class SipManager {
       }
     }  
 
-    this.state = {
+    this.setState ({
       status: DialogStatus.Regitering,
       msg: {...initMsg}
-    }
+    });
 
     if (this.authCtx.realm) {
       digest.signRequest (this.authCtx, initMsg);
@@ -431,8 +726,9 @@ export class SipManager {
 
   }
 
-  private clearState() {
-    this.state = { status: DialogStatus.Idle };
+  private clearState()
+  {
+    this.setState ({ status: DialogStatus.Idle });
   }
 
   /// Simple check that request came from doorbell
@@ -444,7 +740,7 @@ export class SipManager {
       const puri = sip.parseUri (uri);
       const ip = puri && puri.host;
       if (ip) {
-        return this.clientCreds.ip === ip || this.ip === ip;
+        return this.remoteCreds.ip === ip || this.ip === ip;
       }
     }
 

plugins/hikvision-doorbell/src/tamper-alert.ts

@@ -1,21 +1,17 @@
-import sdk, { ScryptedDeviceBase, SettingValue, ScryptedInterface, Setting, Settings, Readme, OnOff } from "@scrypted/sdk";
-import { HikvisionDoorbellProvider } from "./main";
+import { OnOff, Readme, ScryptedDeviceBase, ScryptedInterface } from "@scrypted/sdk";
+import type { HikvisionCameraDoorbell } from "./main";
 import * as fs from 'fs/promises';
 import { join } from 'path';
 import { parseBooleans } from "xml2js/lib/processors";
 
-const { deviceManager } = sdk;
-
-export class HikvisionTamperAlert extends ScryptedDeviceBase implements OnOff, Settings, Readme {
-
-    // timeout: NodeJS.Timeout;
+export class HikvisionTamperAlert extends ScryptedDeviceBase implements OnOff, Readme {
+    on: boolean = false;
 
     private static ONOFF_KEY: string = "onoff";
 
-    constructor(nativeId: string) {
-        super (nativeId);
-
-        this.on = parseBooleans (this.storage.getItem (HikvisionTamperAlert.ONOFF_KEY));
+    constructor(public camera: HikvisionCameraDoorbell, nativeId: string) {
+        super(nativeId);
+        this.on = parseBooleans(this.storage.getItem(HikvisionTamperAlert.ONOFF_KEY)) || false;
     }
 
     async getReadmeMarkdown(): Promise<string> 
@@ -24,48 +20,19 @@ export class HikvisionTamperAlert extends ScryptedDeviceBase implements OnOff, S
         return fs.readFile (fileName, 'utf-8');
     }
 
-    turnOff(): Promise<void> 
-    {
+    async turnOff(): Promise<void> {
         this.on = false;
         this.storage.setItem(HikvisionTamperAlert.ONOFF_KEY, 'false');
-        return;
     }
-    turnOn(): Promise<void> 
-    {
+    
+    async turnOn(): Promise<void> {
         this.on = true;
         this.storage.setItem(HikvisionTamperAlert.ONOFF_KEY, 'true');
-        return;
     }
 
-    async getSettings(): Promise<Setting[]> {
-        const cameraNativeId = this.storage.getItem (HikvisionDoorbellProvider.CAMERA_NATIVE_ID_KEY);
-        const state = deviceManager.getDeviceState (cameraNativeId);
-        return [
-            {
-                key: 'parentDevice',
-                title: 'Linked Doorbell Device Name',
-                description: 'The name of the associated doorbell plugin device (for information)',
-                value: state.id,
-                readonly: true,
-                type: 'device',
-            },
-            {
-                key: 'ip',
-                title: 'IP Address',
-                description: 'IP address of the doorbell device (for information)',
-                value: this.storage.getItem ('ip'),
-                readonly: true,
-                type: 'string',
-            }
-        ]
-    }
-    async putSetting(key: string, value: SettingValue): Promise<void> {
-        this.storage.setItem(key, value.toString());
-    }
 
     static deviceInterfaces: string[] = [
         ScryptedInterface.OnOff,
-        ScryptedInterface.Settings,
         ScryptedInterface.Readme
     ];
 }

plugins/hikvision-doorbell/src/types.d.ts

@@ -0,0 +1,8 @@
+// Local type declarations to support Symbol.dispose without affecting other plugins
+declare global {
+    interface SymbolConstructor {
+        readonly dispose: unique symbol;
+    }
+}
+
+export {};

plugins/hikvision-doorbell/src/utils.ts

@@ -2,22 +2,37 @@ import sdk from '@scrypted/sdk';
 import { isLoopback, isV4Format, isV6Format } from 'ip';
 import dgram from 'node:dgram';
 
+const MAX_RETRIES = 10;
+const RETRY_DELAY_SEC = 10;
+
 export async function localServiceIpAddress (doorbellIp: string): Promise<string>
 {
-    let host = "localhost";
-    try {
-        const typeCheck = isV4Format (doorbellIp) ? isV4Format : isV6Format;
-        for (const address of await sdk.endpointManager.getLocalAddresses()) {
-            if (!isLoopback(address) && typeCheck(address)) {
-                host = address;
-                break;
+    const typeCheck = isV4Format (doorbellIp) ? isV4Format : isV6Format;
+
+    for (let attempt = 0; attempt < MAX_RETRIES; attempt++)
+    {
+        try
+        {
+            const addresses = await sdk.endpointManager.getLocalAddresses();
+
+            for (const address of addresses || [])
+            {
+                if (!isLoopback (address) && typeCheck (address))
+                {
+                    return address;
+                }
             }
         }
-    }
-    catch (e) {
+        catch (e) {
+        }
+
+        // Wait before retry if addresses not available yet
+        if (attempt < MAX_RETRIES - 1) {
+            await awaitTimeout (RETRY_DELAY_SEC * 1000);
+        }
     }
 
-    return host;
+    throw new Error('Could not find local service IP address');
 }
 
 export function udpSocketType (ip: string): dgram.SocketType {

plugins/hikvision-doorbell/tsconfig.json

@@ -5,7 +5,8 @@
         "resolveJsonModule": true,
         "moduleResolution": "Node16",
         "esModuleInterop": true,
-        "sourceMap": true
+        "sourceMap": true,
+        "skipLibCheck": true
     },
     "include": [
         "src/**/*"

plugins/hikvision/package-lock.json

@@ -1,12 +1,12 @@
 {
    "name": "@scrypted/hikvision",
-   "version": "0.0.165",
+   "version": "0.0.166",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/hikvision",
-         "version": "0.0.165",
+         "version": "0.0.166",
          "license": "Apache",
          "dependencies": {
             "@scrypted/common": "file:../../common",
@@ -17,7 +17,7 @@
          },
          "devDependencies": {
             "@types/content-type": "^1.1.8",
-            "@types/node": "^20.11.30"
+            "@types/node": "^22.19.1"
          }
       },
       "../../common": {
@@ -26,34 +26,43 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
-            "@scrypted/server": "file:../server",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
-            "typescript": "^5.3.3"
+            "typescript": "^5.5.3"
          },
          "devDependencies": {
-            "@types/node": "^20.11.0",
+            "@types/node": "^20.19.11",
+            "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2"
          }
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.29",
+         "version": "0.5.52",
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.18.6",
-            "adm-zip": "^0.4.13",
-            "axios": "^1.6.5",
-            "babel-loader": "^9.1.0",
-            "babel-plugin-const-enum": "^1.1.0",
-            "esbuild": "^0.15.9",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.9",
+            "@rollup/plugin-json": "^6.1.0",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-terser": "^0.4.4",
+            "@rollup/plugin-typescript": "^12.3.0",
+            "@rollup/plugin-virtual": "^3.0.2",
+            "adm-zip": "^0.5.16",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
+            "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
-            "rimraf": "^3.0.2",
-            "tmp": "^0.2.1",
-            "ts-loader": "^9.4.2",
-            "typescript": "^4.9.4",
-            "webpack": "^5.75.0",
-            "webpack-bundle-analyzer": "^4.5.0"
+            "rimraf": "^6.0.1",
+            "rollup": "^4.52.5",
+            "tmp": "^0.2.3",
+            "ts-loader": "^9.5.4",
+            "tslib": "^2.8.1",
+            "typescript": "^5.9.3",
+            "webpack": "^5.99.9",
+            "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
             "scrypted-changelog": "bin/scrypted-changelog.js",
@@ -65,11 +74,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^18.11.18",
-            "@types/stringify-object": "^4.0.0",
-            "stringify-object": "^3.3.0",
-            "ts-node": "^10.4.0",
-            "typedoc": "^0.23.21"
+            "@types/node": "^24.9.2",
+            "ts-node": "^10.9.2",
+            "typedoc": "^0.28.14"
          }
       },
       "../sdk": {
@@ -90,11 +97,12 @@
          "dev": true
       },
       "node_modules/@types/node": {
-         "version": "20.11.30",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.30.tgz",
-         "integrity": "sha512-dHM6ZxwlmuZaRmUPfv1p+KrdD1Dci04FbdEm/9wEMouFqxYoFl5aMkt0VMAUtYRQDyYvD41WJLukhq/ha3YuTw==",
+         "version": "22.19.1",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.1.tgz",
+         "integrity": "sha512-LCCV0HdSZZZb34qifBsyWlUmok6W7ouER+oQIGBScS8EsZsQbrtFTUrDX4hOl+CS6p7cnNC4td+qrSVGSCTUfQ==",
+         "license": "MIT",
          "dependencies": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "node_modules/@types/xml2js": {
@@ -119,9 +127,10 @@
          "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
       },
       "node_modules/undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA=="
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+         "license": "MIT"
       },
       "node_modules/xml2js": {
          "version": "0.6.2",
@@ -149,35 +158,42 @@
          "version": "file:../../common",
          "requires": {
             "@scrypted/sdk": "file:../sdk",
-            "@scrypted/server": "file:../server",
-            "@types/node": "^20.11.0",
+            "@scrypted/types": "^0.5.27",
+            "@types/node": "^20.19.11",
             "http-auth-utils": "^5.0.1",
+            "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2",
-            "typescript": "^5.3.3"
+            "typescript": "^5.5.3"
          }
       },
       "@scrypted/sdk": {
          "version": "file:../../sdk",
          "requires": {
-            "@babel/preset-typescript": "^7.18.6",
-            "@types/node": "^18.11.18",
-            "@types/stringify-object": "^4.0.0",
-            "adm-zip": "^0.4.13",
-            "axios": "^1.6.5",
-            "babel-loader": "^9.1.0",
-            "babel-plugin-const-enum": "^1.1.0",
-            "esbuild": "^0.15.9",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.9",
+            "@rollup/plugin-json": "^6.1.0",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-terser": "^0.4.4",
+            "@rollup/plugin-typescript": "^12.3.0",
+            "@rollup/plugin-virtual": "^3.0.2",
+            "@types/node": "^24.9.2",
+            "adm-zip": "^0.5.16",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
+            "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
-            "rimraf": "^3.0.2",
-            "stringify-object": "^3.3.0",
-            "tmp": "^0.2.1",
-            "ts-loader": "^9.4.2",
-            "ts-node": "^10.4.0",
-            "typedoc": "^0.23.21",
-            "typescript": "^4.9.4",
-            "webpack": "^5.75.0",
-            "webpack-bundle-analyzer": "^4.5.0"
+            "rimraf": "^6.0.1",
+            "rollup": "^4.52.5",
+            "tmp": "^0.2.3",
+            "ts-loader": "^9.5.4",
+            "ts-node": "^10.9.2",
+            "tslib": "^2.8.1",
+            "typedoc": "^0.28.14",
+            "typescript": "^5.9.3",
+            "webpack": "^5.99.9",
+            "webpack-bundle-analyzer": "^4.10.2"
          }
       },
       "@types/content-type": {
@@ -187,11 +203,11 @@
          "dev": true
       },
       "@types/node": {
-         "version": "20.11.30",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.30.tgz",
-         "integrity": "sha512-dHM6ZxwlmuZaRmUPfv1p+KrdD1Dci04FbdEm/9wEMouFqxYoFl5aMkt0VMAUtYRQDyYvD41WJLukhq/ha3YuTw==",
+         "version": "22.19.1",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.1.tgz",
+         "integrity": "sha512-LCCV0HdSZZZb34qifBsyWlUmok6W7ouER+oQIGBScS8EsZsQbrtFTUrDX4hOl+CS6p7cnNC4td+qrSVGSCTUfQ==",
          "requires": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "@types/xml2js": {
@@ -213,9 +229,9 @@
          "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
       },
       "undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA=="
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ=="
       },
       "xml2js": {
          "version": "0.6.2",

plugins/hikvision/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@scrypted/hikvision",
-   "version": "0.0.165",
+   "version": "0.0.166",
    "description": "Hikvision Plugin for Scrypted",
    "author": "Scrypted",
    "license": "Apache",
@@ -45,6 +45,6 @@
    },
    "devDependencies": {
       "@types/content-type": "^1.1.8",
-      "@types/node": "^20.11.30"
+      "@types/node": "^22.19.1"
    }
 }

plugins/hikvision/src/main.ts

@@ -255,6 +255,7 @@ export class HikvisionCamera extends RtspSmartCamera implements Camera, Intercom
                 detectionId,
                 timestamp: now,
                 detections,
+                sourceId: this.pluginId
             };
 
             this.onDeviceEvent(ScryptedInterface.ObjectDetector, detected);

plugins/hikvision/src/probe.ts

@@ -20,6 +20,11 @@ export async function getDeviceInfo(credential: AuthFetchCredentialState, addres
     const serialNumber = response.body.match(/>(.*?)<\/serialNumber>/)?.[1];
     const macAddress = response.body.match(/>(.*?)<\/macAddress>/)?.[1];
     const firmwareVersion = response.body.match(/>(.*?)<\/firmwareVersion>/)?.[1];
+
+    if (!deviceModel && !deviceName && !serialNumber && !macAddress && !firmwareVersion) {
+        throw new Error('Failed to parse device info from camera.');
+    }
+
     return {
         deviceModel,
         deviceName,

plugins/homekit/package-lock.json

@@ -20,7 +20,7 @@
             "@scrypted/sdk": "file:../../sdk",
             "@types/debug": "^4.1.12",
             "@types/lodash": "^4.17.7",
-            "@types/node": "^20.14.11",
+            "@types/node": "^22.18.0",
             "@types/qrcode-svg": "^1.1.5",
             "@types/url-parse": "^1.4.11"
          }
@@ -32,6 +32,7 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
@@ -49,23 +50,21 @@
             "examples/*"
          ],
          "devDependencies": {
-            "@biomejs/biome": "^1.4.1",
-            "@types/jest": "^29.5.11",
-            "@types/node": "^20.10.6",
-            "jest": "^29.7.0",
-            "knip": "^3.9.0",
-            "node-actionlint": "^1.2.2",
+            "@biomejs/biome": "1.9.4",
+            "@types/node": "^22.13.4",
+            "knip": "^5.44.1",
+            "npm-run-all2": "^7.0.2",
             "organize-imports-cli": "^0.10.0",
-            "process": "^0.11.10",
-            "ts-jest": "^29.1.1",
             "ts-node": "^10.9.2",
             "ts-node-dev": "^2.0.0",
-            "typedoc": "0.25.5",
-            "typedoc-plugin-markdown": "3.17.1",
-            "typescript": "5.3.3"
+            "tsx": "^4.19.3",
+            "typedoc": "0.27.7",
+            "typedoc-plugin-markdown": "4.4.2",
+            "typescript": "5.7.3",
+            "vitest": "3.0.5"
          },
          "engines": {
-            "node": ">=16"
+            "node": ">=18"
          }
       },
       "../../external/werift/packages/webrtc": {
@@ -123,24 +122,31 @@
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.45",
+         "version": "0.5.38",
          "dev": true,
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.18.6",
-            "adm-zip": "^0.4.13",
-            "axios": "^1.6.5",
-            "babel-loader": "^9.1.0",
-            "babel-plugin-const-enum": "^1.1.0",
-            "esbuild": "^0.15.9",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
+            "@rollup/plugin-json": "^6.1.0",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
+            "@rollup/plugin-virtual": "^3.0.2",
+            "adm-zip": "^0.5.16",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
+            "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^5.3.0",
             "raw-loader": "^4.0.2",
-            "rimraf": "^3.0.2",
-            "tmp": "^0.2.1",
-            "ts-loader": "^9.4.2",
-            "typescript": "^4.9.4",
-            "webpack": "^5.75.0",
-            "webpack-bundle-analyzer": "^4.5.0"
+            "rimraf": "^6.0.1",
+            "rollup": "^4.43.0",
+            "tmp": "^0.2.3",
+            "ts-loader": "^9.5.2",
+            "tslib": "^2.8.1",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
+            "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
             "scrypted-changelog": "bin/scrypted-changelog.js",
@@ -152,11 +158,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^18.11.18",
-            "@types/stringify-object": "^4.0.0",
-            "stringify-object": "^3.3.0",
-            "ts-node": "^10.4.0",
-            "typedoc": "^0.23.21"
+            "@types/node": "^24.0.1",
+            "ts-node": "^10.9.2",
+            "typedoc": "^0.28.5"
          }
       },
       "../HAP-NodeJS": {
@@ -271,12 +275,13 @@
          "dev": true
       },
       "node_modules/@types/node": {
-         "version": "20.14.11",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.14.11.tgz",
-         "integrity": "sha512-kprQpL8MMeszbz6ojB5/tU8PLN4kesnN8Gjzw349rDlNgsSzg90lAVj3llK99Dh7JON+t9AuscPPFW6mPbTnSA==",
+         "version": "22.18.0",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.18.0.tgz",
+         "integrity": "sha512-m5ObIqwsUp6BZzyiy4RdZpzWGub9bqLJMvZDD0QMXhxjqMHMENlj+SqF5QxoUwaQNFe+8kz8XM8ZQhqkQPTgMQ==",
          "dev": true,
+         "license": "MIT",
          "dependencies": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "node_modules/@types/qrcode-svg": {
@@ -340,6 +345,19 @@
             "url": "https://github.com/sponsors/ljharb"
          }
       },
+      "node_modules/call-bind-apply-helpers": {
+         "version": "1.0.2",
+         "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz",
+         "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==",
+         "license": "MIT",
+         "dependencies": {
+            "es-errors": "^1.3.0",
+            "function-bind": "^1.1.2"
+         },
+         "engines": {
+            "node": ">= 0.4"
+         }
+      },
       "node_modules/check-disk-space": {
          "version": "3.4.0",
          "resolved": "https://registry.npmjs.org/check-disk-space/-/check-disk-space-3.4.0.tgz",
@@ -438,18 +456,30 @@
             "node": ">=6"
          }
       },
+      "node_modules/dunder-proto": {
+         "version": "1.0.1",
+         "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
+         "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==",
+         "license": "MIT",
+         "dependencies": {
+            "call-bind-apply-helpers": "^1.0.1",
+            "es-errors": "^1.3.0",
+            "gopd": "^1.2.0"
+         },
+         "engines": {
+            "node": ">= 0.4"
+         }
+      },
       "node_modules/duplexer": {
          "version": "0.1.2",
          "resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz",
          "integrity": "sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg=="
       },
       "node_modules/es-define-property": {
-         "version": "1.0.0",
-         "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz",
-         "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==",
-         "dependencies": {
-            "get-intrinsic": "^1.2.4"
-         },
+         "version": "1.0.1",
+         "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz",
+         "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==",
+         "license": "MIT",
          "engines": {
             "node": ">= 0.4"
          }
@@ -481,6 +511,18 @@
             "url": "https://github.com/sponsors/ljharb"
          }
       },
+      "node_modules/es-object-atoms": {
+         "version": "1.1.1",
+         "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
+         "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
+         "license": "MIT",
+         "dependencies": {
+            "es-errors": "^1.3.0"
+         },
+         "engines": {
+            "node": ">= 0.4"
+         }
+      },
       "node_modules/event-stream": {
          "version": "4.0.1",
          "resolved": "https://registry.npmjs.org/event-stream/-/event-stream-4.0.1.tgz",
@@ -538,15 +580,21 @@
          }
       },
       "node_modules/get-intrinsic": {
-         "version": "1.2.4",
-         "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz",
-         "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==",
+         "version": "1.3.0",
+         "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
+         "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==",
+         "license": "MIT",
          "dependencies": {
+            "call-bind-apply-helpers": "^1.0.2",
+            "es-define-property": "^1.0.1",
             "es-errors": "^1.3.0",
+            "es-object-atoms": "^1.1.1",
             "function-bind": "^1.1.2",
-            "has-proto": "^1.0.1",
-            "has-symbols": "^1.0.3",
-            "hasown": "^2.0.0"
+            "get-proto": "^1.0.1",
+            "gopd": "^1.2.0",
+            "has-symbols": "^1.1.0",
+            "hasown": "^2.0.2",
+            "math-intrinsics": "^1.1.0"
          },
          "engines": {
             "node": ">= 0.4"
@@ -555,12 +603,26 @@
             "url": "https://github.com/sponsors/ljharb"
          }
       },
-      "node_modules/gopd": {
+      "node_modules/get-proto": {
          "version": "1.0.1",
-         "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
-         "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
+         "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz",
+         "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==",
+         "license": "MIT",
          "dependencies": {
-            "get-intrinsic": "^1.1.3"
+            "dunder-proto": "^1.0.1",
+            "es-object-atoms": "^1.0.0"
+         },
+         "engines": {
+            "node": ">= 0.4"
+         }
+      },
+      "node_modules/gopd": {
+         "version": "1.2.0",
+         "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz",
+         "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==",
+         "license": "MIT",
+         "engines": {
+            "node": ">= 0.4"
          },
          "funding": {
             "url": "https://github.com/sponsors/ljharb"
@@ -666,21 +728,11 @@
             "url": "https://github.com/sponsors/ljharb"
          }
       },
-      "node_modules/has-proto": {
-         "version": "1.0.1",
-         "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
-         "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg==",
-         "engines": {
-            "node": ">= 0.4"
-         },
-         "funding": {
-            "url": "https://github.com/sponsors/ljharb"
-         }
-      },
       "node_modules/has-symbols": {
-         "version": "1.0.3",
-         "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
-         "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==",
+         "version": "1.1.0",
+         "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz",
+         "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==",
+         "license": "MIT",
          "engines": {
             "node": ">= 0.4"
          },
@@ -937,6 +989,15 @@
          "resolved": "https://registry.npmjs.org/map-stream/-/map-stream-0.0.7.tgz",
          "integrity": "sha512-C0X0KQmGm3N2ftbTGBhSyuydQ+vV1LC3f3zPvT3RXHXNZrvfPZcoXp/N5DOa8vedX/rTMm2CjTtivFg2STJMRQ=="
       },
+      "node_modules/math-intrinsics": {
+         "version": "1.1.0",
+         "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz",
+         "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==",
+         "license": "MIT",
+         "engines": {
+            "node": ">= 0.4"
+         }
+      },
       "node_modules/minimist": {
          "version": "1.2.8",
          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
@@ -1210,10 +1271,11 @@
          "integrity": "sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw=="
       },
       "node_modules/undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
-         "dev": true
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+         "dev": true,
+         "license": "MIT"
       },
       "node_modules/which-boxed-primitive": {
          "version": "1.0.2",
@@ -1311,20 +1373,18 @@
       "@koush/werift-src": {
          "version": "file:../../external/werift",
          "requires": {
-            "@biomejs/biome": "^1.4.1",
-            "@types/jest": "^29.5.11",
-            "@types/node": "^20.10.6",
-            "jest": "^29.7.0",
-            "knip": "^3.9.0",
-            "node-actionlint": "^1.2.2",
+            "@biomejs/biome": "1.9.4",
+            "@types/node": "^22.13.4",
+            "knip": "^5.44.1",
+            "npm-run-all2": "^7.0.2",
             "organize-imports-cli": "^0.10.0",
-            "process": "^0.11.10",
-            "ts-jest": "^29.1.1",
             "ts-node": "^10.9.2",
             "ts-node-dev": "^2.0.0",
-            "typedoc": "0.25.5",
-            "typedoc-plugin-markdown": "3.17.1",
-            "typescript": "5.3.3"
+            "tsx": "^4.19.3",
+            "typedoc": "0.27.7",
+            "typedoc-plugin-markdown": "4.4.2",
+            "typescript": "5.7.3",
+            "vitest": "3.0.5"
          }
       },
       "@leichtgewicht/ip-codec": {
@@ -1336,6 +1396,7 @@
          "version": "file:../../common",
          "requires": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "@types/node": "^20.11.0",
             "http-auth-utils": "^5.0.1",
             "monaco-editor": "^0.50.0",
@@ -1346,25 +1407,30 @@
       "@scrypted/sdk": {
          "version": "file:../../sdk",
          "requires": {
-            "@babel/preset-typescript": "^7.18.6",
-            "@types/node": "^18.11.18",
-            "@types/stringify-object": "^4.0.0",
-            "adm-zip": "^0.4.13",
-            "axios": "^1.6.5",
-            "babel-loader": "^9.1.0",
-            "babel-plugin-const-enum": "^1.1.0",
-            "esbuild": "^0.15.9",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.5",
+            "@rollup/plugin-json": "^6.1.0",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-typescript": "^12.1.2",
+            "@rollup/plugin-virtual": "^3.0.2",
+            "@types/node": "^24.0.1",
+            "adm-zip": "^0.5.16",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
+            "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^5.3.0",
             "raw-loader": "^4.0.2",
-            "rimraf": "^3.0.2",
-            "stringify-object": "^3.3.0",
-            "tmp": "^0.2.1",
-            "ts-loader": "^9.4.2",
-            "ts-node": "^10.4.0",
-            "typedoc": "^0.23.21",
-            "typescript": "^4.9.4",
-            "webpack": "^5.75.0",
-            "webpack-bundle-analyzer": "^4.5.0"
+            "rimraf": "^6.0.1",
+            "rollup": "^4.43.0",
+            "tmp": "^0.2.3",
+            "ts-loader": "^9.5.2",
+            "ts-node": "^10.9.2",
+            "tslib": "^2.8.1",
+            "typedoc": "^0.28.5",
+            "typescript": "^5.8.3",
+            "webpack": "^5.99.9",
+            "webpack-bundle-analyzer": "^4.10.2"
          }
       },
       "@types/debug": {
@@ -1389,12 +1455,12 @@
          "dev": true
       },
       "@types/node": {
-         "version": "20.14.11",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.14.11.tgz",
-         "integrity": "sha512-kprQpL8MMeszbz6ojB5/tU8PLN4kesnN8Gjzw349rDlNgsSzg90lAVj3llK99Dh7JON+t9AuscPPFW6mPbTnSA==",
+         "version": "22.18.0",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.18.0.tgz",
+         "integrity": "sha512-m5ObIqwsUp6BZzyiy4RdZpzWGub9bqLJMvZDD0QMXhxjqMHMENlj+SqF5QxoUwaQNFe+8kz8XM8ZQhqkQPTgMQ==",
          "dev": true,
          "requires": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "@types/qrcode-svg": {
@@ -1440,6 +1506,15 @@
             "set-function-length": "^1.2.1"
          }
       },
+      "call-bind-apply-helpers": {
+         "version": "1.0.2",
+         "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz",
+         "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==",
+         "requires": {
+            "es-errors": "^1.3.0",
+            "function-bind": "^1.1.2"
+         }
+      },
       "check-disk-space": {
          "version": "3.4.0",
          "resolved": "https://registry.npmjs.org/check-disk-space/-/check-disk-space-3.4.0.tgz",
@@ -1506,18 +1581,25 @@
             "@leichtgewicht/ip-codec": "^2.0.1"
          }
       },
+      "dunder-proto": {
+         "version": "1.0.1",
+         "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
+         "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==",
+         "requires": {
+            "call-bind-apply-helpers": "^1.0.1",
+            "es-errors": "^1.3.0",
+            "gopd": "^1.2.0"
+         }
+      },
       "duplexer": {
          "version": "0.1.2",
          "resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz",
          "integrity": "sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg=="
       },
       "es-define-property": {
-         "version": "1.0.0",
-         "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz",
-         "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==",
-         "requires": {
-            "get-intrinsic": "^1.2.4"
-         }
+         "version": "1.0.1",
+         "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz",
+         "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g=="
       },
       "es-errors": {
          "version": "1.3.0",
@@ -1540,6 +1622,14 @@
             "stop-iteration-iterator": "^1.0.0"
          }
       },
+      "es-object-atoms": {
+         "version": "1.1.1",
+         "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
+         "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
+         "requires": {
+            "es-errors": "^1.3.0"
+         }
+      },
       "event-stream": {
          "version": "4.0.1",
          "resolved": "https://registry.npmjs.org/event-stream/-/event-stream-4.0.1.tgz",
@@ -1588,24 +1678,35 @@
          "integrity": "sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ=="
       },
       "get-intrinsic": {
-         "version": "1.2.4",
-         "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz",
-         "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==",
+         "version": "1.3.0",
+         "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
+         "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==",
          "requires": {
+            "call-bind-apply-helpers": "^1.0.2",
+            "es-define-property": "^1.0.1",
             "es-errors": "^1.3.0",
+            "es-object-atoms": "^1.1.1",
             "function-bind": "^1.1.2",
-            "has-proto": "^1.0.1",
-            "has-symbols": "^1.0.3",
-            "hasown": "^2.0.0"
+            "get-proto": "^1.0.1",
+            "gopd": "^1.2.0",
+            "has-symbols": "^1.1.0",
+            "hasown": "^2.0.2",
+            "math-intrinsics": "^1.1.0"
+         }
+      },
+      "get-proto": {
+         "version": "1.0.1",
+         "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz",
+         "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==",
+         "requires": {
+            "dunder-proto": "^1.0.1",
+            "es-object-atoms": "^1.0.0"
          }
       },
       "gopd": {
-         "version": "1.0.1",
-         "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
-         "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
-         "requires": {
-            "get-intrinsic": "^1.1.3"
-         }
+         "version": "1.2.0",
+         "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz",
+         "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg=="
       },
       "hap-nodejs": {
          "version": "1.1.0",
@@ -1688,15 +1789,10 @@
             "es-define-property": "^1.0.0"
          }
       },
-      "has-proto": {
-         "version": "1.0.1",
-         "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
-         "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="
-      },
       "has-symbols": {
-         "version": "1.0.3",
-         "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
-         "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A=="
+         "version": "1.1.0",
+         "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz",
+         "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ=="
       },
       "has-tostringtag": {
          "version": "1.0.2",
@@ -1857,6 +1953,11 @@
          "resolved": "https://registry.npmjs.org/map-stream/-/map-stream-0.0.7.tgz",
          "integrity": "sha512-C0X0KQmGm3N2ftbTGBhSyuydQ+vV1LC3f3zPvT3RXHXNZrvfPZcoXp/N5DOa8vedX/rTMm2CjTtivFg2STJMRQ=="
       },
+      "math-intrinsics": {
+         "version": "1.1.0",
+         "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz",
+         "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g=="
+      },
       "minimist": {
          "version": "1.2.8",
          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
@@ -2049,9 +2150,9 @@
          "integrity": "sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw=="
       },
       "undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
          "dev": true
       },
       "which-boxed-primitive": {

plugins/homekit/package.json

@@ -48,7 +48,7 @@
       "@scrypted/sdk": "file:../../sdk",
       "@types/debug": "^4.1.12",
       "@types/lodash": "^4.17.7",
-      "@types/node": "^20.14.11",
+      "@types/node": "^22.18.0",
       "@types/qrcode-svg": "^1.1.5",
       "@types/url-parse": "^1.4.11"
    }

plugins/homekit/tsconfig.json

@@ -1,6 +1,6 @@
 {
     "compilerOptions": {
-        "module": "commonjs",
+        "module": "Node16",
         "target": "ES2021",
         "resolveJsonModule": true,
         "moduleResolution": "Node16",

plugins/ncnn/src/nc/async_infer.py

@@ -1 +1 @@
-../../../openvino/src/ov/async_infer.py
+../../../openvino/src/common/async_infer.py

plugins/objectdetector/package-lock.json

@@ -1,19 +1,19 @@
 {
    "name": "@scrypted/objectdetector",
-   "version": "0.1.72",
+   "version": "0.1.77",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
       "": {
          "name": "@scrypted/objectdetector",
-         "version": "0.1.72",
+         "version": "0.1.77",
          "license": "Apache-2.0",
          "dependencies": {
             "@scrypted/common": "file:../../common",
             "@scrypted/sdk": "file:../../sdk"
          },
          "devDependencies": {
-            "@types/node": "^20.11.0"
+            "@types/node": "^22.19.0"
          }
       },
       "../../common": {
@@ -22,39 +22,42 @@
          "license": "ISC",
          "dependencies": {
             "@scrypted/sdk": "file:../sdk",
+            "@scrypted/types": "^0.5.27",
             "http-auth-utils": "^5.0.1",
             "typescript": "^5.5.3"
          },
          "devDependencies": {
-            "@types/node": "^20.11.0",
+            "@types/node": "^20.19.11",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2"
          }
       },
       "../../sdk": {
          "name": "@scrypted/sdk",
-         "version": "0.3.106",
+         "version": "0.5.51",
          "license": "ISC",
          "dependencies": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.9",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-terser": "^0.4.4",
+            "@rollup/plugin-typescript": "^12.3.0",
             "@rollup/plugin-virtual": "^3.0.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.52.5",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.4",
             "tslib": "^2.8.1",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typescript": "^5.9.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          },
          "bin": {
@@ -67,9 +70,9 @@
             "scrypted-webpack": "bin/scrypted-webpack.js"
          },
          "devDependencies": {
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.9.2",
             "ts-node": "^10.9.2",
-            "typedoc": "^0.26.11"
+            "typedoc": "^0.28.14"
          }
       },
       "node_modules/@scrypted/common": {
@@ -81,19 +84,21 @@
          "link": true
       },
       "node_modules/@types/node": {
-         "version": "20.11.0",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.0.tgz",
-         "integrity": "sha512-o9bjXmDNcF7GbM4CNQpmi+TutCgap/K3w1JyKgxAjqx41zp9qlIAVFi0IhCNsJcXolEqLWhbFbEeL0PvYm4pcQ==",
+         "version": "22.19.0",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.0.tgz",
+         "integrity": "sha512-xpr/lmLPQEj+TUnHmR+Ab91/glhJvsqcjB+yY0Ix9GO70H6Lb4FHH5GeqdOE5btAx7eIMwuHkp4H2MSkLcqWbA==",
          "dev": true,
+         "license": "MIT",
          "dependencies": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "node_modules/undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
-         "dev": true
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+         "dev": true,
+         "license": "MIT"
       },
       "node-moving-things-tracker": {
          "version": "0.9.1",
@@ -118,7 +123,8 @@
          "version": "file:../../common",
          "requires": {
             "@scrypted/sdk": "file:../sdk",
-            "@types/node": "^20.11.0",
+            "@scrypted/types": "^0.5.27",
+            "@types/node": "^20.19.11",
             "http-auth-utils": "^5.0.1",
             "monaco-editor": "^0.50.0",
             "ts-node": "^10.9.2",
@@ -128,44 +134,46 @@
       "@scrypted/sdk": {
          "version": "file:../../sdk",
          "requires": {
-            "@babel/preset-typescript": "^7.26.0",
-            "@rollup/plugin-commonjs": "^28.0.1",
+            "@babel/preset-typescript": "^7.27.1",
+            "@rollup/plugin-commonjs": "^28.0.9",
             "@rollup/plugin-json": "^6.1.0",
-            "@rollup/plugin-node-resolve": "^15.3.0",
-            "@rollup/plugin-typescript": "^12.1.1",
+            "@rollup/plugin-node-resolve": "^16.0.1",
+            "@rollup/plugin-terser": "^0.4.4",
+            "@rollup/plugin-typescript": "^12.3.0",
             "@rollup/plugin-virtual": "^3.0.2",
-            "@types/node": "^22.10.1",
+            "@types/node": "^24.9.2",
             "adm-zip": "^0.5.16",
-            "axios": "^1.7.8",
-            "babel-loader": "^9.2.1",
+            "axios": "^1.10.0",
+            "babel-loader": "^10.0.0",
             "babel-plugin-const-enum": "^1.2.0",
             "ncp": "^2.0.0",
+            "openai": "^6.1.0",
             "raw-loader": "^4.0.2",
             "rimraf": "^6.0.1",
-            "rollup": "^4.27.4",
+            "rollup": "^4.52.5",
             "tmp": "^0.2.3",
-            "ts-loader": "^9.5.1",
+            "ts-loader": "^9.5.4",
             "ts-node": "^10.9.2",
             "tslib": "^2.8.1",
-            "typedoc": "^0.26.11",
-            "typescript": "^5.6.3",
-            "webpack": "^5.96.1",
+            "typedoc": "^0.28.14",
+            "typescript": "^5.9.3",
+            "webpack": "^5.99.9",
             "webpack-bundle-analyzer": "^4.10.2"
          }
       },
       "@types/node": {
-         "version": "20.11.0",
-         "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.0.tgz",
-         "integrity": "sha512-o9bjXmDNcF7GbM4CNQpmi+TutCgap/K3w1JyKgxAjqx41zp9qlIAVFi0IhCNsJcXolEqLWhbFbEeL0PvYm4pcQ==",
+         "version": "22.19.0",
+         "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.0.tgz",
+         "integrity": "sha512-xpr/lmLPQEj+TUnHmR+Ab91/glhJvsqcjB+yY0Ix9GO70H6Lb4FHH5GeqdOE5btAx7eIMwuHkp4H2MSkLcqWbA==",
          "dev": true,
          "requires": {
-            "undici-types": "~5.26.4"
+            "undici-types": "~6.21.0"
          }
       },
       "undici-types": {
-         "version": "5.26.5",
-         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-         "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
+         "version": "6.21.0",
+         "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+         "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
          "dev": true
       }
    }

plugins/objectdetector/package.json

@@ -1,6 +1,6 @@
 {
    "name": "@scrypted/objectdetector",
-   "version": "0.1.72",
+   "version": "0.1.77",
    "description": "Scrypted Video Analysis Plugin. Installed alongside a detection service like OpenCV or TensorFlow.",
    "author": "Scrypted",
    "license": "Apache-2.0",
@@ -49,6 +49,6 @@
       "@scrypted/sdk": "file:../../sdk"
    },
    "devDependencies": {
-      "@types/node": "^20.11.0"
+      "@types/node": "^22.19.0"
    }
 }

plugins/objectdetector/src/main.ts

@@ -56,10 +56,11 @@ class ObjectDetectionMixin extends SettingsMixinDeviceBase<VideoCamera & Camera
     zones: {
       title: 'Zones',
       type: 'string',
-      description: 'Enter the name of a new zone or delete an existing zone.',
+      description: 'Add a new zone by name to create a configurable detection area.',
       multiple: true,
       combobox: true,
       choices: [],
+      immediate: true,
     },
     motionSensorSupplementation: {
       title: 'Built-In Motion Sensor',
@@ -404,7 +405,9 @@ class ObjectDetectionMixin extends SettingsMixinDeviceBase<VideoCamera & Camera
     }, 30000);
     signal.promise.finally(() => clearInterval(interval));
 
-    const currentDetections = new Map<string, number>();
+    const stationaryDetections = new Map<string, number>();
+    const filteredDetections = new Map<string, number>();
+    const movingDetections = new Map<string, number>();
     let lastReport = 0;
 
     updatePipelineStatus('waiting result');
@@ -476,21 +479,32 @@ class ObjectDetectionMixin extends SettingsMixinDeviceBase<VideoCamera & Camera
       if (!this.hasMotionType) {
         this.plugin.trackDetection();
 
-        const numZonedDetections = zonedDetections.filter(d => d.className !== 'motion').length;
-        const numOriginalDetections = originalDetections.filter(d => d.className !== 'motion').length;
-        if (numZonedDetections !== numOriginalDetections)
-          currentDetections.set('filtered', (currentDetections.get('filtered') || 0) + 1);
+        for (const d of originalDetections) {
+          if (!zonedDetections.includes(d)) {
+            filteredDetections.set(d.className, Math.max(filteredDetections.get(d.className) || 0, d.score));
+          }
+        }
 
         for (const d of detected.detected.detections) {
-          currentDetections.set(d.className, Math.max(currentDetections.get(d.className) || 0, d.score));
+          const set = d.movement?.moving ? movingDetections : stationaryDetections;
+          set.set(d.className, Math.max(set.get(d.className) || 0, d.score));
         }
 
         if (now > lastReport + 10000) {
-          const found = [...currentDetections.entries()].map(([className, score]) => `${className} (${score})`);
-          if (!found.length)
-            found.push('[no detections]');
-          this.console.log(`[${Math.round((now - start) / 100) / 10}s] Detected:`, ...found);
-          currentDetections.clear();
+          const classScores = (set: Map<string, number>) => {
+            const found = [...set.entries()].map(([className, score]) => `${className} (${score})`);
+            if (!found.length)
+              found.push('[no detections]');
+            return found;
+          };
+
+          this.console.log(`[${Math.round((now - start) / 100) / 10}s] Detected (stationary):`, ...classScores(stationaryDetections));
+          this.console.log(`[${Math.round((now - start) / 100) / 10}s] Detected (moving)    :`, ...classScores(movingDetections));
+          this.console.log(`[${Math.round((now - start) / 100) / 10}s] Detected (filtered)  :`, ...classScores(filteredDetections));
+          this.console.log(`[${Math.round((now - start) / 100) / 10}s] Zones                : ${zones.length}`);
+          stationaryDetections.clear();
+          movingDetections.clear();
+          filteredDetections.clear();
           lastReport = now;
         }
       }
@@ -696,7 +710,7 @@ class ObjectDetectionMixin extends SettingsMixinDeviceBase<VideoCamera & Camera
     const gstreamer = sdk.systemManager.getDeviceById('@scrypted/python-codecs', 'gstreamer') || undefined;
     const libav = sdk.systemManager.getDeviceById('@scrypted/python-codecs', 'libav') || undefined;
     const ffmpeg = sdk.systemManager.getDeviceById('@scrypted/objectdetector', 'ffmpeg') || undefined;
-    const use = pipelines.find(p => p.name === frameGenerator) || webassembly || gstreamer || libav || ffmpeg;
+    const use = pipelines.find(p => p.name === frameGenerator) || webassembly || libav || gstreamer || ffmpeg;
     return use.id;
   }