Skip to content

Releases: 9001/copyparty

an idp fix for xmas

23 Dec 18:35
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

☃️🎄 there is still time 🎅🎁

❄️❄️❄️ please enjoy some appropriate music -- you'll probably like this more than the idp thing honestly ❄️❄️❄️

🧪 new features

  • more improvements to the recent-uploads feature 87598dc
    • move html rendering to clientside
      • any changes to the filter-text applies in real-time
      • loads 50% faster, reduces server-load by 30%
      • inhibits search engines from indexing it

🩹 bugfixes

  • using idp without e2d could mess with uploads dd6e9ea
  • u2c (commandline uploader): fix window title 946a8c5
  • mDNS/SSDP: fix incorrect log colors when multiple primary IPs are lost 552897a

🔧 other changes

  • ui: make it more obvious that the volume-control is a volume-control 7f04437
  • copyparty.exe: update deps (jinja2, markupsafe, pyinstaller) c0dacbc
  • improve safety of custom plugins 988a722
    • if you've made your own plugins which expect certain values (host-header, filekeys) to be html-safe, then you'll want to upgrade
    • also fixes rss-feed xml if password contains special characters

💾 what to download?

download link is it good? description
copyparty-sfx.py ✅ the best 👍 runs anywhere! only needs python
a docker image it's ok good if you prefer docker 🐋
copyparty.exe ⚠️ acceptable for win8 or later; built-in thumbnailer
u2c.exe ⚠️ acceptable CLI uploader as a win7+ exe (video)
copyparty.pyz ⚠️ acceptable similar to the regular sfx, mostly worse
copyparty32.exe ⛔️ dangerous for win7 -- never expose to the internet!
cpp-winpe64.exe ⛔️ dangerous runs on 64bit WinPE, otherwise useless
  • except for u2c.exe, all of the options above are mostly equivalent
  • the zip and tar.gz files below are just source code
  • python packages are available at PyPI

merry \x58mas

19 Dec 01:20
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

☃️🎄 it is time 🎅🎁

❄️❄️❄️ please enjoy some appropriate music (trust me on this one, you won't regret it) ❄️❄️❄️

🧪 new features

  • list of recent uploads eaa4b04
    • new button in the controlpanel; can be disabled with --no-ups-page
    • only users with the dot-permission can see dotfiles
    • only admins can see uploader-ip and upload-times
      • enable --ups-when to let all users see upload-times
  • #125 log decoded request-URLs 73f7249
    • non-ascii filenames would make the accesslog a wall of %E5%B9%BB%E6%83%B3%E9%83%B7 so print the decoded URL in addition to the original one, which is left as-is for debugging purposes

🩹 bugfixes

  • #126 improve dotfile handling 4c4e48b
    • was impossible to delete a folder which contained hidden files if the user did not have the permission to see hidden files
    • would also affect moving, renaming, copying folders, in which case the dotfiles would not be carried over to the new location
    • now, dotfiles are always deleted, and always moved/copied into a new destination, on the condition that this is safe -- if the user has the dotfile permission in the target loocation but not in the source location, the dotfiles will be left behind to avoid accidentally making then browsable
  • ux: cosmetic eta/idle-timer fixes 01a3eb2

🔧 other changes

  • warn on ambiguous comments in config files da5ad2a
  • avoid writing mojibake to the log 3051b13
    • use \x-encoding for unprintable text

⚠️ not the latest version!

4chrome

11 Dec 23:08
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • #124 add workaround for a chrome bug (crash during upload) 24ce46b

  • #122 "hybrid IdP", regular users can still auth while IdP is enabled 64501fd

    • previously, enabling IdP would entirely disable password-based login
    • now, password-auth is attempted for requests without a valid IdP header

🩹 bugfixes

  • the terminal window title would only change if --no-ansi was specified, which is exactly the opposite of what it should be (and now is) doing db3c0b0

🔧 other changes

  • mDNS: better log messages when several IPs are added/removed a49bf81
  • webdeps: update dompurify 0686860

this release includes a build of copyparty-winpe64.exe since the last one was almost a year ago

  • winpe64.exe is only for very specific usecases, you almost definitely do not want to download it, please just grab the regular copyparty.exe instead (works on all 64bit machines running win8 or newer)

  • the only difference between winpe64.exe and copyparty32.exe is that winpe64.exe works in the win7x64 PE (rescue-env), which makes it almost entirely useless, and every bit as dangerous to use as copyparty32.exe


⚠️ not the latest version!

ux is hard

07 Dec 01:26
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • improve the upload ui so it explains how to abort an unfinished upload when someone uploads to the wrong folder by accident be6afe2
    • also reduces serverload slightly when cloning an incoming file to multiple destinations
  • u2c (commandline uploader): windows improvements 9163780
    • now supports globbing (filename wildcards) on windows
    • progressbar in the windows taskbar (requires conemu or the "new windows terminal")

⚠️ not the latest version!

120%

04 Dec 00:54
Compare
Choose a tag to compare

note: docker images were last updated 2024-12-06, 17:26 UTC (alpine 3.21, python 3.12.8)

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • #120 add option --srch-excl and volflag srch_excl for excluding certain paths from search results 697a4fa
  • mDNS: add workaround for avahi/avahi#379 6c1cf68 94d1924
    • Avahi mDNS Reflection, sometimes used in intricate LAN setups, doesn't understand NSEC records and corrupts them
    • the workaround makes copyparty able to read the corrupted packets, but clients without a similar workaround will require either --zm4 or --zm6 so copyparty doesn't include the usual NSEC records
      • this is mentioned in a very loud warning in the logs when necessary
  • mDNS: option to silently ignore buggy devices instead of spamming the log with parser errors 395af05
  • webdav: support listing unmapped root with infinite recursion (Depth:0) 21a3f36
  • embed current sort config into media URLs (gallery/music) 0f257c9 4cfdc4c 0167082
    • ensures that anyone clicking your link will see the files in the same order as you
    • can be confgured serverside (--hsortn, volflag hsortn) and clientside (#sort in settings)
  • URL and UI options to disable checksum calculation of PUT, bup, basic uploads c5a000d

🩹 bugfixes

  • webdav: more correct login challenge 2ce8233
    • the previous behavior could make some clients reluctant to send the password
  • #120 forget metadata of all files (including uploads) when shadowed d168b2a
    • thanks to @Gremious for all the debugging to narrow this down!
  • #120 drop volume caches if relevant config is changed (mainly indexing filters) 2f83c6c
  • #121 couldn't access arbitrary toplevel files from accounts with h permission 1f5f42f

🔧 other changes

  • exclude thumbnails from accesslog by default 9082c47
  • filesearch: show a final summary of time-elapsed and average hashing speed 8a631f0
  • improve phrasing of debug messages during indexing at startup 127f414
  • --license no longer depends on opensource.org at build time 33c4ccf
  • update deps 6cedcfb
    • copyparty.exe: python 3.12.7 => 3.12.8
    • webdeps: hashwasm, dompurify

⚠️ not the latest version!

webdav upload fix

24 Nov 00:03
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • add --nsort and volflag nsort to default-enable natural sort of filenames with leading digits 8f7ffcf
  • video-player: support .mov files which contain browser-native codecs 2d0cbdf

🩹 bugfixes

  • #119 v1.16.0 broke webdav uploads from rclone and possibly other clients 7dfbfc7
    • a collection of webdav unittests will be added soon to prevent similar issues in the future
  • #118 ip-ranges can be mixed with lan when specifying the list of trusted proxies for x-forwarded-for with --xff-src
  • ux:
    • in the grid-view, markdown files would open in the generic text viewer 520ac8f
    • qr-codes (create-share, view-share) didn't render on chrome db069c3
    • qr-codes could cause layout-shifting 5afb562
    • fix layout-shifting for ongoing downloads in controlpanel 9c8507a
    • cosmetic eta jank b10843d

🔧 other changes

  • upto 7% faster folder listings due to refactoring for more ux knobs 0c43b59
  • fix resource leaks (only affected tests/debug) 2ab8924

⚠️ not the latest version!

cbz thumbnails

15 Nov 22:53
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • thumbnails of .cbz manga archives 4d15dd6

🩹 bugfixes

  • when running with -j0, download-ETA could break in complex volume layouts 10fc476
  • linking to the image gallery didn't quite work if multiselect was enabled 56a0499
  • password-hashing parameters (cpu/ram cost) could not be customized 1f17752
    • the defaults must be perfect considering nobody ever tried changing them ¯\(ツ)

🔧 other changes

  • add intentional crash on startup if two volumes are configured to use the same histpath 2b63d7d
    • prevents funky deadlocks and an eventual database loss in case of a no-thoughts-head-empty moment, purely hypothetical of course 🗿

⚠️ not the latest version!

COPYparty

10 Nov 20:12
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • #46 #115 copy/paste files and folders cacec9c
    • cut/paste still exists, but now you can copy too
    • with a UI to rename files in case of filename collisions 56317b0
    • files are created according to the dedup settings in the target volume (either full copies or symlinks/hardlinks)
  • show currently active downloads in the controlpanel 8aba5ae
    • can be made admin-only with --dl-list=1 or disabled with --dl-list=0
    • hides filenames of hidden files, and files from volumes where the viewer doesn't have access
  • #114 async reinit on new IdP users 44ee07f
    • new IdP users can now always auth, even while a filesystem reindex is running
  • ux:
    • remember batch-rename settings from last time 6a8d5e1
    • URL parameters to force grid/thumbs on/off 5718caa

🩹 bugfixes

  • folders that fail to list due to a corrupt HDD/filesystem will now return a 404 instead of an empty listing 119e88d
    • also fixes similar issues in u2c and partyfuse
  • u2c (commandline uploader): detect and adapt to proxies with short connection keepalives c784e52
  • ui/ux:
    • show the "switch-to-https" button in 404-messages too efd8a32
    • the folder-loading indicator could steal keyboard focus d9962f6
    • hotkey-help was very trigger-happy 71d9e01

🔧 other changes

  • choose more conservative defaults when server has less than 1 GiB RAM 2bf9055
    • runs okay down to 128 MiB, but thumbnails die below 256 MiB
  • update the comparison to similar software after years of optimizations on both sides 0ce7cf5

⚠️ not the latest version!

temporary upload links

27 Oct 09:30
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

  • shares can now be uploaded into, and unpost works too 4bdcbc1
    • useful to create temporary URLs for other people to upload to
    • shares can be write-only, so visitors can't browse or see any files
  • #110 HTTP 304 (caching):
    • support If-Range for HTTP 206 159f51b
    • add server-side and client-side options to force-disable cache dd6dbdd
      • --no304=1 shows a button in the controlpanel to disable caching
      • --no304=2 makes that button auto-enabled
      • even when --no304 is not specified, accessing the URL /?setck=no304=y force-disables cache
      • when cache is force-disabled, browsers will waste a lot of network traffic / data usage
      • might help to avoid bugs in browsers or proxies, for example if media files suddenly stop loading
        • but such bugs should be exceedingly rare, so do not enable this unless actually necessary

🩹 bugfixes

  • #110 HTTP 304 (caching):
    • remove Content-Length and Content-Type response headers from 304 replies 9124023
      • browsers don't need these, and some middlewares might get confused if they're present
  • #113 fix crash on startup if -j0 was combined with --ipa or --ipu 3a0d882
  • #111 fix javascript crash if --u2sz was set to an invalid value b13899c

🔧 other changes

  • #110 HTTP 304 (caching):
    • never automatically enable k304 because the Vary header killed support for caching in msie anyways 63013cc
    • change time comparison for If-Modified-Since to require an exact timestamp match, instead of the intended "modified since". This technically violates the http-spec, but should be safer for backdating file mtimes 159f51b
  • new option --ohead to log response headers 7678a91
  • added nintendo 3ds to the list of supported browsers cb81f0a

⚠️ not the latest version!

rss server

18 Oct 23:58
Compare
Choose a tag to compare

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

🩹 bugfixes

  • #107 --df diskspace limits was incompatible with webdav 2a570bb
  • #108 up2k javascript crash (only affected the Chinese translation) a7e2a0c

🔧 other changes

  • up2k: detect buggy webworkers 5ca8f07
  • up2k: improve upload retry/timeout logic a9b4436
    • js: make handshake retries more aggressive
    • u2c: reduce chunks timeout + ^
    • main: reduce tcp timeout to 128sec (js is 42s)
    • httpcli: less confusing log messages

⚠️ not the latest version!