Stability

• The application runs mostly stable. The GUI interfaces are workable.
• It's supposed to run on Gtk2 and Gtk3.
• Python3 support is achieved.
  
• There haven't been any optimizations regarding memory usage and performance.
• The current internal API is vastly undocumented.

Current bugs

• Audio- and list-format support is not very robust / needs better API
• Not all keyboard shortcuts work
• Some internal UI state flags remain, that need to be substituted with Gtk callbacks.

Features

• Treeview layouts and lists are dynamically from datamap[] structure and stream{} dicts.
• Channel categories are often built-in defaults (can be freshened up however)
• Config vars and cache data get stored as JSON in ~/.config/streamtuner2/
• Plugin meta data spec is mostly used now for configuration description, and plugin management.

Missing:

• Localization (not actually planned for)

Security notes

• Directory scrapers use partially complex regular expressions - which is probably not a security risk, but might lead to faulty data. Albeit HTML entitiy cleanup and constraints are in place. (As for fragile, the InternetRadio DOM method is less exact even.)
• MEDIUM: little integrity checking for .pls / .m3u references and files
• minimal XML/SGML entity decoding (-> faulty data)
• fixed: now uses only proper Python json module (no longer Python-style dicts and eval)
• HIGH RISK: no verification of downloaded favicon image files (ico/png), as they are passed to gtk.gdk.Pixbuf (OTOH data pre-filtered by Google)
• MEDIUM: audio players / decoders are easily affected by buffer overflows from corrupt mp3/stream data. However nothing we can preassert here, streamtuner2 just passes them on.