Log MP4 metadata write map and add Producer write-key fallback

[ChrisAdamsdevelopment]

Motivation

• ExifTool output for MP4 files was showing only ItemList:Title, so we need to determine whether missing Artist/Producer/Copyright is due to the frontend/backend not supplying values or due to ExifTool/QuickTime tag compatibility.
• Add minimal diagnostics and a non-invasive Producer-key fallback so we can observe the exact write map in logs and improve the chance Producer is accepted by the container without reintroducing XMP or Creator fallbacks.

Description

• Add a backend debug log immediately after buildMetaToWrite that prints metaToWrite with lyrics keys filtered out via metaToWriteWithoutLyrics using console.info('[process] metadata write map', metaToWriteWithoutLyrics).
• Write Producer to both ItemList:Producer and a QuickTime-compatible fallback Keys:Producer when a producer is present.
• Update verification to read Producer from ['Producer','ItemList:Producer','Keys:Producer'] so the new fallback is recognized as a successful write.
• Files changed: server/processor.js only.

Testing

• Ran node --check server/processor.js which succeeded.
• Verified the source diff contains only the intended changes to server/processor.js (local diff inspection succeeded).

---

Codex Task

Summary by Sourcery

Log MP4 metadata write map during processing and add a QuickTime-compatible Producer tag fallback for writing and verification.

New Features:

• Add logging of the metadata write map during media file processing with lyrics-related keys filtered out.
• Write Producer metadata to both ItemList:Producer and Keys:Producer when a producer value is present.
• Update metadata verification to recognize Producer values written to Keys:Producer in addition to existing tags.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Adds logging for the MP4 metadata write map (with lyrics filtered out) and introduces a QuickTime-compatible fallback for writing and verifying the Producer tag in MP4 files, all within server/processor.js.

File-Level Changes

Change	Details	Files
Log the metadata write map used for MP4 processing, excluding lyrics-related keys, to aid diagnostics.	After building metaToWrite in processMediaFile, derive metaToWriteWithoutLyrics by filtering out keys matching /lyrics/i. Log the filtered metadata map via console.info with the prefix '[process] metadata write map' before invoking exiftool.write.	server/processor.js
Expand Producer writing and verification to include a QuickTime-compatible Keys:Producer fallback.	When a safeProducer is present in buildMetaToWrite, write it to both ItemList:Producer and Keys:Producer instead of only ItemList:Producer. Update buildQualityVerification to read Producer from ['Producer','ItemList:Producer','Keys:Producer'] so that the new fallback tag is recognized during verification.	server/processor.js

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The new console.info('[process] metadata write map', metaToWriteWithoutLyrics) runs unconditionally and may be noisy or leak user metadata in production; consider gating it behind a debug flag or environment check.
• The metaToWriteWithoutLyrics filtering logic is inline and regex-based; if similar filtered logging is needed elsewhere, consider extracting a small helper (e.g. filterLyricsKeys(meta)) for reuse and easier adjustment of the filtering rule.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The new `console.info('[process] metadata write map', metaToWriteWithoutLyrics)` runs unconditionally and may be noisy or leak user metadata in production; consider gating it behind a debug flag or environment check.
- The `metaToWriteWithoutLyrics` filtering logic is inline and regex-based; if similar filtered logging is needed elsewhere, consider extracting a small helper (e.g. `filterLyricsKeys(meta)`) for reuse and easier adjustment of the filtering rule.

## Individual Comments

### Comment 1
<location path="server/processor.js" line_range="164-165" />
<code_context>
   const wipeMarkers = detectMarkers(wipeTags);
   const wipeVerificationPassed = wipeMarkers.length === 0;
   const metaToWrite = buildMetaToWrite(platform, metadata);
+  const metaToWriteWithoutLyrics = Object.fromEntries(Object.entries(metaToWrite).filter(([key]) => !/lyrics/i.test(key)));
+  console.info('[process] metadata write map', metaToWriteWithoutLyrics);
   try {
     await exiftool.write(outputPath, metaToWrite, ['-overwrite_original']);
</code_context>
<issue_to_address>
**🚨 issue (security):** Logging full metadata (minus lyrics) may expose sensitive user data and adds noise in production logs.

This logs nearly the entire metadata map for every file, which can include user-identifiable details and will be very noisy in production. Please either move this to a debug/trace logger with environment gating, or narrow it to only the minimal fields needed for diagnostics (e.g., a small subset of keys or summary counts).
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

🚨 issue (security): Logging full metadata (minus lyrics) may expose sensitive user data and adds noise in production logs.

This logs nearly the entire metadata map for every file, which can include user-identifiable details and will be very noisy in production. Please either move this to a debug/trace logger with environment gating, or narrow it to only the minimal fields needed for diagnostics (e.g., a small subset of keys or summary counts).

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 630b6c70ed

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Gate metadata write-map logging behind debug flag

processMediaFile now unconditionally logs metaToWriteWithoutLyrics, which still contains user-supplied fields like title, artist, producer, description, comment, and keywords. In production this persists potentially sensitive user metadata in server logs for every job, expanding data exposure beyond what was previously logged (which only emitted booleans for description/tags/lyrics). This diagnostic should be opt-in (eg. debug-level/env-guarded) or redacted to avoid leaking user content.

Useful? React with 👍 / 👎.