Releases: 9001/copyparty
descript.ion
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- "medialinks"; instead of the usual hotlink, the basic-uploader (as used by sharex and such) can return a link that opens the file in the media viewer c9281f8
- enable for all uploads with volflag
medialinks
, or just for one upload by adding?media
to the post url
- enable for all uploads with volflag
- thumbnails are now fully compatible with dirkeys/filekeys 52e0622
--th-covers
will respect filename order, selecting the first matching filename as the folder thumbnail 1cdb170- new hook: bittorrent downloader bd3b386 803e156
- hooks: d749683
- can be restricted to only run when user has specific permissions
- user permissions are also included in the json message to the hook
- new syntax to prepend args to the hook's command
- (all this will be better documented after some additional upcoming hook-related features, see
--help-hooks
for now)
- support
descript.ion
usenet metadata; will parse and render into directory listings when possible 927c3bc- directory listings are now 2% slower, eh who's keeping count anyways
- tftp-server: 4525925
- improved support for buggy clients
- improved ipv6 support, especially on macos
- improved robustness on unreliable networks
- #85 new option
--gsel
to default-enable the client setting to select files by ctrl-clicking them in the grid 9a87ee2 - music player: set audio volume by scrollwheel 36d6d29
bugfixes
- race-the-beam (downloading an unfinished upload) could get interrupted near the end, requiring a manual resume in the browser's download manager to finish f37187a
- ftp-server: when accessing the root folder of servers without a root folder, it could mention inaccessible folders 84e8e1d
- ftp-server: uploads will automatically replace existing files if user has delete perms 0a9f4c6
- windows 2000 expects this behavior, otherwise it'll freak out and delete stuff and then not actually upload it, nice
- new option
--ftp-no-ow
restores old default behavior of rejecting upload if target filename exists
- music player:
- music player preloader: db6059e
- stop searching after 5 folders of nothing
- don't crash playback by walking into error-pages
--og
(rich discord embeds) was incompatible with viewing markdown docs d75a2c7--cgen
(configfile generator) much less jank d5de3f2
other changes
- mention that HTTP/2 is still usually slower than HTTP/1.1 dfe7f1d
- give up much sooner if a client is supposed to send a request body but isn't c549f36
- support running copyparty as a server on windows 2000 and winXP 8c73e0c 2fd12a8
- updated deps 6e58514
- copyparty.exe: python 3.12, pillow 10.4, pyinstaller 6.9
- dompurify 3.1.6
💾 what to download?
download link | is it good? | description |
---|---|---|
copyparty-sfx.py | ✅ the best 👍 | runs anywhere! only needs python |
a docker image | it's ok | good if you prefer docker 🐋 |
copyparty.exe | for win8 or later; built-in thumbnailer | |
u2c.exe | CLI uploader as a win7+ exe (video) | |
copyparty.pyz | similar to the regular sfx, mostly worse | |
copyparty32.exe | ⛔️ dangerous | for win7 -- never expose to the internet! |
cpp-winpe64.exe | ⛔️ dangerous | runs on 64bit WinPE, otherwise useless |
700+
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- keep tags when transcoding music to opus/mp3 07ea629
- useful for batch-downloading folders with on-the-fly transcoding
- excessively large tags will be individually dropped (traktor beatmaps, cover-art, xmp)
bugfixes
- optimization for large amounts (700+) of tcp connections / clients 07b2bf1
select()
was used for non-https downloads and mdns/ssdp initialization, which would start spinning at more than 1024 FDs, so now theypoll()
when possible (so not on windows)- default max number of connections on windows was lowered to 486 since windows maxes out at 512 FDs
- the markdown editor autoindent would duplicate
<hr>
692175f
other changes
- #83: more intuitive behavior for
--df
and thedf
volflag 5ad6545 - print helpful warning if OS restrictions make it impossible to persist config b629d18
- censor filesystem paths in the download-as-zip error summary 5919607
u2c.exe
: explain that https is disabled bef9617- ux: 60c96f9
- hide lightbox buttons when a video is playing
- move audio seekbar text down a bit so it hides less of the waveform and minute-markers
- updated dompurify to 3.1.5 f00b939
- updated docker images to alpine 3.20
💾 what to download?
download link | is it good? | description |
---|---|---|
copyparty-sfx.py | ✅ the best 👍 | runs anywhere! only needs python |
a docker image | it's ok | good if you prefer docker 🐋 |
copyparty.exe | for win8 or later; built-in thumbnailer | |
u2c.exe | CLI uploader as a win7+ exe (video) | |
copyparty.pyz | similar to the regular sfx, mostly worse | |
copyparty32.exe | ⛔️ dangerous | for win7 -- never expose to the internet! |
cpp-winpe64.exe | ⛔️ dangerous | runs on 64bit WinPE, otherwise useless |
s3xmodit.zip
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- play compressed s3xmodit chiptunes/modules c046627
- can now read gz/xz/zip-compressed s3m/xm/mod/it songs
- new filetypes supported: mdz, mdgz, mdxz, s3z, s3gz, s3xz, xmz, xmgz, xmxz, itz, itgz, itxz
- and if you need to fit even more tracks on the mixtape, try mo3
- option to batch-convert audio waveforms 38e4fdf
- volflag to improve audio waveform compression with pngquant 82ce686
- option to add or change mappings from file-extensions to mimetypes 560d7b6
- export and publish the
--help
text for online viewing 560d7b6 - another way to add your own UI translations 19d156f
bugfixes
- ensure OS signals are immediately received and processed 87c60a1
- things like reload and shutdown signals from systemd could get lost/stuck
- fix mimetype detection for uppercase file extensions 565daee
- when clicking a
.ts
file in the gridview, don't open it as text 925c7f0- ...as it's probably an mpeg transport-stream, not a typescript file
- be less aggressive in dropping volume caches e396c5c
- very minor performance gain, only really relevant if you're doing something like burning a copyparty volume onto a CD
- previously, adding or removing any volume at all was enough to drop covers cache for all volumes; now this only happens if an intersecting volume is added/removed
other changes
- updated dompurify to 3.1.2 566cbb6
- opengraph: add the full filename as url suffix 5c1e239
- so discord picks a good filename when saving an image
⚠️ not the latest version!
ctrl-v
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- upload files by
ctrl-c
from OS andctrl-v
into browser c5f7cfc- from just about any file manager (windows explorer, thunar on linux, etc.) into the copyparty web-ui
- only files, not folders, so drag-drop is still the recommended way
- empty folders show an "empty folder" banner fdda567
- opengraph / discord embeds ea270ab 36f2c44 48a6789 b15a4ef
- embeds audio with covers , images , videos , audio without coverart (links to one of the copyparty demoservers where the feature is enabled; link those in discord to test)
- images are currently not rendering correctly once clicked on android-discord (works on ios and in browser)
- default-disabled because opengraph disables hotlinking by design
- enable with
--og
and see readme and the --help
- enable with
- add option to support base64-encoded url queries parceled into the url location 69517e4
- because android-specific discord bugs prevent the use of queries in opengraph tags
- improve server performance when downloading unfinished uploads, especially on slow storage 70a3cf3
- add dynamic content into
<head>
using--html-head
which now takes files and/or jinja templates as input b6cf2d3 --au-vol
(default 50, same as before) sets default audio volume in percent da091ae- add copyparty.pyz buildscript 27485a4
- support ie4 and the version of winzip you'd find on an average windows 3.11 pc 603d0ed
bugfixes
- when logging in from the 403 page, remember and apply the original url hash f849197
- the config-reset button in the control-panel didn't clear the dotfiles preference bc2c1e4
- the search feature could discover and use stale indexes in volumes where indexing was since disabled 95d9e69
- when in doubt, periodically recheck if filesystems support sparse files f6e693f
- reduces opportunities for confusion on servers with removable media (usb flashdrives)
this release introduces copyparty.pyz, yet another way to bring copyparty where it's needed -- very limited and with many drawbacks (see readme) but may work when the others don't
⚠️ not the latest version!
race the beam
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- files can be downloaded before the upload has completed ("almost like peer-to-peer")
- watch the release trailer 👌
- if the downloader catches up with the upload, the speed is gradually slowed down so it never runs ahead
- can be disabled with
--no-pipe
- option
--no-db-ip
disables storing the uploader IP in the database bf58507 - u2c (cli uploader): option
--ow
to overwrite existing files on the server 439cb7f
bugfixes
- when running on windows, using the web-UI to abort an upload could fail 8c552f1
- rapidly PUT-uploading and then deleting files could crash the file hasher feecb3e
⚠️ not the latest version!
ie11 fix
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- new option
--bauth-last
for when you're hosting other basic-auth services on the same domain 7b94e4e- makes it possible to log into copyparty as intended, but it still sees the passwords from the other service until you do
- alternatively, the other new option
--no-bauth
entirely disables basic-auth support, but that also kills the android app
bugfixes
- internet explorer isn't working?! FIX IT!!! 9e5253e
- audio transcoding was buggy with filekeys enabled b873365
- on windows, theoretical chance that antivirus could interrupt renaming files, so preemptively guard against that c8e3ed3
other changes
- add a "password" placeholder on the login page since you might think it's asking for a username da26ec3
- config buttons were jank on iOS b772a4f
- readme: making your homeserver accessible from the internet
⚠️ not the latest version!
scrolling stuff
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- while viewing pictures/videos, the scrollwheel can be used to view the prev/next file 844d16b
bugfixes
- #81 (scrolling suddenly getting disabled) properly fixed after @icxes found another way to reproduce it (thx) 4f0cad5
- and fixed at least one javascript glitch introduced in v1.12.0 while adding dirkeys 989cc61
- directory tree sidebar could fail to render when popping browser history into the lightbox
other changes
⚠️ not the latest version!
locksmith
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- #64 dirkeys; option to auto-generate passwords for folders, so you can give someone a link to a specific folder inside a volume without sharing the rest of the volume 10bc2d9 32c912b ef52e2c 0ae1286
- enabled by volflag
dk
(exact folder only) and/or volflagdks
(also subfolders); see readme
- enabled by volflag
- audio transcoding to mp3 if browser doesn't support opus a080759
- recursively transcode and download a folder using
?tar&mp3
- accidentally adds support for playing just about any audio format in ie11
- recursively transcode and download a folder using
- audio equalizer also applies to videos 7744226
bugfixes
- #81 scrolling could break after viewing an image in the lightbox 9c42cbe
- on phones, audio playback could stop if network is slow/unreliable 59f815f b88cc7b 59a53ba
- fixes the issue on android, but ios/safari appears to be impossible d94b5b3
other changes
- updated dompurify to 3.0.11
- copyparty.exe: updated to python 3.11.9
- support for building with pyoxidizer was removed 5ab5476
⚠️ not the latest version!
public idp volumes
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
-
global-option
--iobuf
to set a custom I/O buffersize 2b24c50- changes the default buffersize to 256 KiB everywhere (was a mix of 64 and 512)
- may improve performance of networked volumes (s3 etc.) if increased
- on gbit networks: download-as-tar is now up to 20% faster
- slightly faster FTP and TFTP too
-
global-option
--s-rd-sz
to set a custom read-size for sockets c6acd3a- changes the default from 32 to 256 KiB
- may improve performance of networked volumes (s3 etc.) if increased
- on 10gbit networks: uploading large files is now up to 17% faster
-
add url parameter
?replace
to overwrite any existing files with a multipart-post c6acd3a
bugfixes
- #79 idp volumes (introduced in v1.11.0) would only accept permissions for the user that owned the volume; was impossible to grant read/write-access to other users d30ae84
other changes
- mention the lack of persistence for idp volumes in the IdP docs 2f20d29
⚠️ not the latest version!
dont ban the pipes
the previous release had all the fun new features... this one's just bugfixes
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
no vulnerabilities since 2023-07-23
- there is a discord server with an
@everyone
in case of future important updates - v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
- v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
bugfixes
- less aggressive rejection of requests from banned IPs 51d3158
- clients would get kicked before the header was parsed (which contains the xff header), meaning the server could become inaccessible to everyone if the reverse-proxy itself were to "somehow" get banned
- ...which can happen if a server behind cloudflare also accepts non-cloudflare connections, meaning the client IP would not be resolved, and it'll ban the LAN IP instead heh
- that part still happens, but now it won't affect legit clients through the intended route
- ...which can happen if a server behind cloudflare also accepts non-cloudflare connections, meaning the client IP would not be resolved, and it'll ban the LAN IP instead heh
- the old behavior can be restored with
--early-ban
to save some cycles, and/or avoid slowloris somewhat
- clients would get kicked before the header was parsed (which contains the xff header), meaning the server could become inaccessible to everyone if the reverse-proxy itself were to "somehow" get banned
- the unpost feature could appear to be disabled on servers where no volume was mapped to
/
0287c7b - python 3.12 support for compiling the dependencies necessary to detect bpm/key in audio files 32553e4
other changes
- mention real-ip configuration in the readme ee80cdb