blender/flamenco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,189 Commits 1 Branch 0 Tags
Go to file
Clone
Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Sybren A. Stüvel 8813538c31 Bump Go from 1.23.1 to 1.24.4 
This fixes four security issues:

Vulnerability #1: GO-2025-3751
    Sensitive headers not cleared on cross-origin redirect in net/http
  More info: https://pkg.go.dev/vuln/GO-2025-3751
  Standard library
    Found in: net/http@go1.23.5
    Fixed in: net/http@go1.23.10
    Example traces found:
      #1: pkg/api/openapi_client.gen.go:1212:20: api.Client.TaskOutputProducedWithBody calls http.Client.Do
      #2: pkg/api/openapi_spec.gen.go:318:36: api.GetSwagger calls openapi3.Loader.LoadFromData, which eventually calls http.Get

Vulnerability #2: GO-2025-3750
    Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in
    syscall
  More info: https://pkg.go.dev/vuln/GO-2025-3750
  Standard library
    Found in: os@go1.23.5
    Fixed in: os@go1.23.10
    Platforms: windows
    Example traces found:
      #1: internal/manager/last_rendered/image_processing.go:54:24: last_rendered.saveJPEG calls os.Create
      #2: internal/manager/api_impl/meta.go:144:28: api_impl.Flamenco.CheckSharedStoragePath calls os.CreateTemp
      #3: internal/manager/job_compilers/scripts.go:54:31: job_compilers.loadScriptsFrom calls fs.ReadDir, which calls os.File.ReadDir
      #4: pkg/shaman/filestore/testing.go:107:25: filestore.LinkTestFileStore calls filepath.Walk, which eventually calls os.File.Readdirnames
      #5: internal/manager/local_storage/local_storage.go:116:22: local_storage.getSuitableStorageRoot calls os.Getwd
      #6: pkg/shaman/filestore/testing.go:107:25: filestore.LinkTestFileStore calls filepath.Walk, which calls os.Lstat
      #7: pkg/shaman/checkout/manager.go:274:24: checkout.Manager.SymlinkToCheckout calls os.MkdirAll
      #8: pkg/shaman/filestore/testing.go:38:30: filestore.CreateTestStore calls os.MkdirTemp
      #9: pkg/shaman/touch/touch.go:26:2: touch.init calls os.init, which calls os.NewFile
      #10: internal/manager/task_logs/task_logs.go:183:22: task_logs.Storage.Tail calls os.Open
      #11: internal/manager/config/config.go:662:23: config.Conf.Write calls os.OpenFile
      #12: cmd/blender-runner/blender-runner.go:43:35: blender.main calls exec.Cmd.StderrPipe, which calls os.Pipe
      #13: internal/manager/job_compilers/scripts.go:54:31: job_compilers.loadScriptsFrom calls fs.ReadDir, which eventually calls os.ReadDir
      #14: internal/manager/config/config.go:199:30: config.loadConf calls os.ReadFile
      #15: pkg/shaman/checkout/manager.go:196:11: checkout.Manager.EraseCheckout calls os.Remove
      #16: pkg/shaman/checkout/manager.go:189:24: checkout.Manager.EraseCheckout calls os.RemoveAll
      #17: internal/manager/config/config.go:647:21: config.Conf.Overwrite calls os.Rename
      #18: cmd/blender-runner/blender-runner.go:52:21: blender.main calls exec.Cmd.Start, which calls os.StartProcess
      #19: pkg/shaman/checkout/manager.go:175:18: checkout.Manager.EraseCheckout calls os.Stat
      #20: pkg/shaman/checkout/manager.go:244:18: checkout.Manager.SymlinkToCheckout calls os.Symlink
      #21: cmd/sqlc-export-schema/main.go:87:24: sqlc.saveSchema calls os.WriteFile
      #22: web/web_app.go:55:24: web.FSWrapper.Open calls echo.defaultFS.Open, which calls os.dirFS.Open
      #23: internal/manager/job_compilers/scripts.go:54:31: job_compilers.loadScriptsFrom calls fs.ReadDir, which calls os.dirFS.ReadDir
      #24: internal/manager/config/config.go:662:23: config.Conf.Write calls os.OpenFile, which eventually calls syscall.Open

Vulnerability #3: GO-2025-3563
    Request smuggling due to acceptance of invalid chunked data in net/http
  More info: https://pkg.go.dev/vuln/GO-2025-3563
  Standard library
    Found in: net/http/internal@go1.23.5
    Fixed in: net/http/internal@go1.23.8
    Example traces found:
      #1: pkg/shaman/hasher/copier.go:51:21: hasher.Copy calls http.body.Read, which eventually calls internal.chunkedReader.Read

Vulnerability #4: GO-2025-3447
    Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec
  More info: https://pkg.go.dev/vuln/GO-2025-3447
  Standard library
    Found in: crypto/internal/nistec@go1.23.5
    Fixed in: crypto/internal/nistec@go1.23.6
    Platforms: ppc64le
    Example traces found:
      #1: internal/manager/config/config.go:666:13: config.Conf.Write calls fmt.Fprintf, which eventually calls nistec.P256Point.ScalarBaseMult
      #2: internal/manager/config/config.go:666:13: config.Conf.Write calls fmt.Fprintf, which eventually calls nistec.P256Point.ScalarMult
      #3: internal/manager/config/config.go:666:13: config.Conf.Write calls fmt.Fprintf, which eventually calls nistec.P256Point.SetBytes
2025-06-17 10:35:34 +02:00
.gitea/issue_template
Remove checkbox from Custom Job Type issue template
2024-05-16 12:32:13 +02:00
.vscode
Git-ignore .vscode/launch.json
2023-07-10 14:10:49 +02:00
addon
Addon: bump BAT v1.18 → 1.19
2025-06-16 12:46:38 +02:00
cmd
Add 'task poker' command
2025-05-20 18:52:00 +02:00
internal
Avoid error when fetching task that was assigned to soft-deleted worker
2025-05-26 17:57:51 +02:00
magefiles
Bumped version to 3.8-alpha1
2025-04-03 12:26:13 +02:00
pkg
Update Darwin system information implementation (#104361)
2025-03-25 10:45:57 +01:00
web
Add make check target
2025-06-17 10:15:58 +02:00
.editorconfig
Webapp: tweak the .editorconfig and .prettierrc files + re-format
2023-09-11 17:22:18 +02:00
.env.example
Makefile: include SSH port in .env file
2025-04-03 12:14:36 +02:00
.gitattributes
Mark go.sum as 'generated'
2024-07-01 11:59:52 +02:00
.gitignore
Build with Magefile (#104341)
2024-10-04 21:59:44 +02:00
.gitlab-ci.yml
Configure SAST in .gitlab-ci.yml, creating this file if it does not already exist
2022-01-03 18:50:58 +00:00
.prettierrc
Webapp: tweak the .editorconfig and .prettierrc files + re-format
2023-09-11 17:22:18 +02:00
CHANGELOG.md
Addon: bump BAT v1.18 → 1.19
2025-06-16 12:46:38 +02:00
CONFIG_DESIGN.md
Partial design doc for configuration handling
2022-02-21 19:47:52 +01:00
debug-job-echo.sh
Fix T99434: Two-way Variables
2022-07-22 11:58:35 +02:00
debug-job-render.sh
Fix T99434: Two-way Variables
2022-07-22 11:58:35 +02:00
debug-worker-add.sh
Add a test script to add a mock Worker (#104394)
2025-06-10 11:41:19 +02:00
deploy.sh
Rename add-on to flamenco-addon.zip
2023-08-01 13:05:02 +02:00
go.mod
Bump Go from 1.23.1 to 1.24.4
2025-06-17 10:35:34 +02:00
go.sum
Build with Magefile (#104341)
2024-10-04 21:59:44 +02:00
LICENSE
License: license all code under "GPL-3.0-or-later"
2022-03-07 15:26:46 +01:00
mage.go
Build with Magefile (#104341)
2024-10-04 21:59:44 +02:00
Makefile
Add make check target
2025-06-17 10:15:58 +02:00
README.md
Add-on & README: Change "Flamenco 3" to just "Flamenco"
2024-08-26 18:24:24 +02:00
sqlc.yaml
Transition from ex-GORM structs to sqlc structs (4/5)
2024-12-04 14:00:19 +01:00

README.md

Flamenco

This repository contains the sources for Flamenco. The Manager, Worker, and Blender add-on sources are all combined in this one repository.

The documentation is available on https://flamenco.blender.org/, including instructions on how to set up a development environment & build Flamenco for the first time.

To access the documentation offline, go to the web/project-website/content directory here in the source files.

License

Flamenco is licensed under the GPLv3+ license.

Description
Flamenco render farm management system - Docker development environment fork
Readme GPL-3.0 88 MiB
Languages
JavaScript 55.1%
Go 32.7%
Vue 5%
Python 3.6%
HTML 1.8%
Other 1.7%