Nick Thompson

While the /dist/src module exists now, there still seems to be an issue with the commands other than yarn starbase help. 

Can we simplify this and avoid recursive calls with something like ```ts validate(entity: Entity): void { for(const [key, value] of Object.entries(entity)) { const valid = Array.isArray(value) ? value.every(p => SUPPORTED_TYPES.includes(typeof...

As you suspected I am seeing the call fail due to CORS. As for permissions, MAL-Sync has both `http://192.168.1.230` and `` enabled.

Ah, that explains it. Looks like the request is going to `https://192.168.1.230/`

I actually already gave it that permission when testing earlier. It failing here is expected I cannot access Jellyfin via https. `https://192.168.1.230:8096/System/Info` will not work regardless of CORS.

It contains `http://192.168.1.230:8096/` which explains why switching from XHR to fetch successfully makes the calls. It looks like, for some reason, the XHR call is changing `http` to `https` only...

I believe I have found the issue. It seems like the [default CSP](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy#default_content_security_policy) in MV3 in Firefox for extensions is `"script-src 'self'; upgrade-insecure-requests;"`. This is different than the default on...