Releases: 9001/copyparty
incoming eta
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
recent important news
- v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
- v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details
🧪 new features
- incoming uploads (and their ETA) are shown in the controlpanel 609c592 844194e
- list total directory sizes 427597b
- show the total size and number of files of each directory in listings
- makes browsing a bit slower (up to 30%) so can be disabled with
--no-dirsz
- sizes are calculated during startup, so it requires
-e2dsa
- file-uploads will recalculate the sizes immediately, but a full rescan is necessary to see changes caused by moves/deletes
- optimizations;
🩹 bugfixes
- fix sqlite indexes d67e9cc
- upload handshakes would get exponentially slow if a volume has more than 200'000 files
- reindex on startup can be 150x faster in some rare cases (same filename in MANY folders)
- the database is now around 10% larger (likely worst-case)
- misc ux: 58835b2
- shares: show media tags
- html hydrator assumed a folder named
foo.txt
was a doc - due to sessions, use
pwd
as password placeholder on services
🔧 other changes
- add example for uploading screenshots from linux with flameshot 1c2acdc
- nginx example: use unix-sockets for higher performance a5ce103
- #97 chinese translation was improved, thx again @ultwcz 7a573ca
🗿 known issues
- prometheus metrics are busted
- workaround: disable monitoring of volume status with
--nos-vst
- workaround: disable monitoring of volume status with
⚠️ not the latest version!
session
blessed by ⑨, this release is certified strong (artist)
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
recent important news
- v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
- v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details
new features
- login sessions b540517
- a random session cookie is generated for each known user, replacing the previous plaintext login cookie
- the logout button will nuke the session on all clients where that user is logged in
- the sessions are stored in the database at
--ses-db
, default~/.config/copyparty/sessions.db
(docker uses/cfg/sessions.db
similar to the other runtime configs)- if you run multiple copyparty instances, much like shares and user-changeable passwords you'll want to keep a separate db for each instance
- can be mostly disabled with
--no-ses
when it turns out to be buggy
bugfixes
- v1.13.8 broke the u2c
--ow
option to replace/overwrite files on the server during upload 6eee601
⚠️ not the latest version!
fill the drives
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
recent important news
- v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
- v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details
upload deduplication now disabled by default
because many people found the behavior surprising. This also makes it easier to use copyparty together with other software, since there is no risk of damage to symlinks if there are no symlinks to damage
to enable deduplication, use either --dedup
(old-default, symlink-based), or --hardlink
(will use hardlinks when possible), or --hardlink-only
(disallow symlinks). To choose the approach that fits your usecase, see file deduplication in the readme
verification of local file consistency was also added; this happens when someone uploads a dupe, to ensure that no other software has modified the local file since last reindex. This unfortunately makes uploading of duplicate files much slower, and can be disabled with --safe-dedup 1
if you know that only copyparty will be modifying the filesystem
new features
- dedup improvements:
- verify consistency of local files before using them as dedup source 6e671c5
- if a local file has been altered by other software since the last reindexing, then this will now be detected
- verify consistency of local files before using them as dedup source 6e671c5
- u2c (commandline uploader): add mode to print hashes of local files 08848be
- if you've lost a file but you know its
wark
(file identifier), you can now use u2c.exe to scan your whole filesystem for it:u2c - .
- if you've lost a file but you know its
- #96 use local timezone in log messages b599fba
bugfixes
- dedup fixes:
- database consistency verifier (
-e2vp
):- support filenames with newlines, and warn about missing files b0de84c
- opengraph/
--og
: fix viewing textfiles e5a836c - up2k.js: fix confusing message when uploading many copies of the same file f1130db
other changes
- disable upload deduplication by default a2e0f98
- up2k.js: increase handshake timeout to several minutes because of the dedup changes c5988a0
- copyparty.exe: update to python 3.12.6
⚠️ not the latest version!
another
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
recent important news
- v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details
bugfixes
- a network glitch could cause the uploader UI to panic d9e9526
⚠️ not the latest version!
important dedup fix
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
important bugfix ☢️
this version fixes a file deduplication bug which was introduced in v1.13.8, released 2024-08-13
its worst-case outcome is loss of data in the following scenario:
- someone uploads a file into a folder where that filename is already taken, but the file contents are different, and the server already has a copy of that new file elsewhere under a different name
specific example:
- the server has two existing files,
logo.png
andlogo-v2.png
, in the same volume but not necessarily in the same folder, and those files contain different data - you have a local copy of
logo-v2.png
on your laptop, but your local filename islogo.png
- you upload your local
logo.png
onto the server, into the same folder as the server'slogo.png
- because the files contain different data, the server accidentally replaces the contents of
logo.png
with your version
if you have been using the database feature (globally with -e2dsa
or volflag e2ds
), and you suspect you may have hit this bug, then it is a good idea to make a backup of the up2k databases for all your volumes (the files with names starting with up2k.db
) before restarting copyparty and before you do anything else, especially if you do not have serverlogs from far back in time -- if you have either the databases and/or the serverlogs, then it is possible to identify replaced files with some manual work
you can check if you hit the bug using one of the following two approaches:
- if your OS has the gnu find command, do a search for empty files with
find -type f -size 0
- using copyparty (any OS), do the following steps:
- make sure that reindex-on-startup is enabled; either globally with
-e2dsa
or volflage2ds
- then install this new copyparty version
- click the search tab
[🔎]
and type the number0
into themaximum MiB
textbox
- make sure that reindex-on-startup is enabled; either globally with
if you find any empty files with a filename that indicates it was autogenerated to avoid a name collision, for example logo.png-1725040569.239207-kbt0xteO.png
, and the value of the number after logo.png
is larger than 1723507200
(unixtime for 2024-08-13), then this indicates that logo.png
may have been replaced by another upload
if you have the serverlogs from when the original upload of logo.png
was made, then this can be used to identify the original contents of the file that was replaced, and to look for other copies. Please get in touch on the discord for assistance if necessary
new features
- shares: add revival and expiration extension ad2371f
- share-owners can revive expired shares for
--shr-rt
minutes (default 1 day) - ...and extend expiration time by adding 1 minute or 1 hour to the timer
- share-owners can revive expired shares for
- sfx customizer improvements 03b13e8
- improved translations stripper
- add more examples
bugfixes
other changes
- copyparty.exe: update to pyinstaller 6.10.0
- textviewer wordwrapping c4e2b0f
- add logo 7037e73 ee35974
⚠️ not the latest version!
bing chilling
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- #94 @ultwcz translated the UI to Chinese (thx!) 92edea1
- #84 improvements to shares: 8122dde
- if one or more files are selected for sharing, they are placed into a virtual folder
- more appropriate password UI for accessing protected shares
- human-readable timestamps in shares listing
- u2c (commandline uploader): support multiple exclusion patterns f356faa
bugfixes
- remove confusing logmessage when downloading a zerobyte file 9f034d9
- shares: 7ff4696
- fix crash if the root volume is unmapped
- log-spam on config reload
- password coalescing
- add chrome support
other changes
⚠️ not the latest version!
one step forward
if i turn back now, then this will always follow... one step forward, forward
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- #92 users can change their own passwords 83fb569 00da744
- this feature is default-disabled; see readme
- #84 share files/folders by creating a temporary url 7c2beba
- inspired by other file servers; click the share-button to create a link like
example.com/share/enkz8g374o8g
- primary usecase is to sneak past authentication services (see issue description)
- the create-share UI has options to accept uploads into the share, and/or set expiration time
- this feature is default-disabled; see readme
- inspired by other file servers; click the share-button to create a link like
bugfixes
- #93 fixes for vproxy / location-based / not-vhost-based reverse-proxying 0b46b1a
- using
--rp-loc
to reverse-proxy from a subfolder made some UI stuff break
- using
- listening on unix-sockets: 687df2f
- fix
x-forwarded-for
support, and avoid a possible container-specific collision - new syntax which allows setting unix-permissions and unix-group
-i unix:770:www:/tmp/party.sock
(see--help-bind
for more examples)
- fix
- using relocation hooks (introduced in previous ver) could cause dedup issues c8f4aea b0af4b3
- custom fonts using
@import
css statements 5a62cb4 - invert volume scrollwheel 7d8d943
other changes
- changed the button colors in theme 2 (pm-monokai) from red to yellow 5153db6
- the red buttons look better, but are too confusing because usually red means off
⚠️ not the latest version!
hook into place
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- #86 intentional side-effects from hooks 6c94a63
- use hooks (plugins) to conditionally move uploads into another folder depending on filename, extension, uploader ip/name, file contents, ...
- hooks can create additional files and tell copyparty to index them immediately, or delete an existing file based on some condition
- only one example so far though, reloc-by-ext which was a feature-request to dodge sharex#3992
- listen on unix-sockets ee9aad8
-i unix:/tmp/party.sock
stops listening on TCP ports entirely, and only listens on that unix-socket- can be combined with regular sockets,
-i 127.0.0.1,unix:/tmp/a.sock
- kinda buggy for now (need to
--xff-src=any
and doesn't let you set socket-perms yet), will be fixed in next ver - makes it 10% faster, but more importantly offers tighter access control behind reverse-proxies
- up2k stitching:
- new option
--js-other
to load custom javascript dbd42bc--js-browser
affects the filebrowser page,--js-other
does all the others- endless possibilities, such as adding a login-banner which looks like this
- list detected optional dependencies on startup 3db117d
- hopefully reduces the guesswork / jank factor by a tiny bit
bugfixes
- up2k stitching:
- put the request headers on a diet so they fit through more reverse-proxies 0da719f
- fix deadlock on s390x (IBM mainframes) 250c8c5
other changes
- add flags to disengage features and dependencies in case they cause trouble 72361c9
- optimizations
- docker: add portainer howto e136231
- update deps ca001c8
- pyftpdlib 1.5.10
- copyparty.exe: python 3.12.5
⚠️ not the latest version!
not that big
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- up2k.js: set clientside timeouts on http connections during upload 85e5498
- some reverse-proxy setups could cause uploads to hang indefinitely by eating requests; should recover nicely now
- audio-player shows statustext while loading 662541c
- bsod theme (live demo) 15ddcf5
bugfixes
- fix bugs in the long-distance upload optimizations in the previous version:
- up2k.js didn't necessarily use the expected chunksize when stitching 225bd80
- u2c (commandline uploader): 8916bce
- use the correct chunksize instead of overshooting like crazy
- could crash on exit if
-z
was enabled (so basically harmless) - the "time spent uploading" statustext that was printed on exit could multiply by
-j
and exceed walltime
- misc ux 9bb6e0d
- don't accept hotkeys until it's safe to do so
- improve messages regarding the firefox crash
- keep more console logs in memory (easier to debug)
- fix wordwrap in messageboxes on firefox a19a0fa
other changes
- changed the
xm
/ "on message" hook examples to reject users without write-access 99edba4 - docker images were rebuilt on 2024-08-02, 23:30 UTC with new optimizations: 98ffaad
- 😃 RAM usage decreased by
5-6 MiB
for most flavors;10 MiB
for dj/iv - 😕 image size grew by
4 MiB
(min),6 MiB
(ac/im/iv),9 MiB
(dj) - 😃 startup time reduced to about half
- and avoids a deadlock on IBM mainframes
- 😃 RAM usage decreased by
- updated comparison to other software 6b54972
hfs2
is dead,hfs3
andfilebrowser
improved
⚠️ not the latest version!
american sized
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone
in case of future important updates, such as vulnerabilities (most recently 2023-07-23)
new features
- long-distance uploads are now twice as fast on average 132a835
- boost tcp windowsize scaling by stitching together smaller chunks into bigger chonks so they fly better across the atlantic
- i'm not kidding, on the two routes we've tested this on we gained 1.6x / 160% (from US-West to Finland) and 2.6x / 260% (Norway to US-East)
- files that are between 4 MiB and 256 MiB see the biggest improvement; 70% faster <= 768 MiB, 40% <= 1.5 GiB, 10% <= 6G
- if this turns out to be buggy, disable it serverside with
--u2sz 1,1,1
or clientside in the browser-ui:[⚙️]
->up2k switches
-> change64
to1
- u2c.py (CLI uploader): support stitching (☝️) + print a summary with hashing and upload speeds 987bce2
- video files can play as audio 53f1e3c
- audio is extracted serverside to avoid wasting bandwidth
- extraction is lossy (converted to opus or mp3 depending on browser)
- togglebutton
🎧
in the gridview toolbar to enable/disable
- new hook: into-the-cache-it-goes.py d26a944
- avoids a cloudflare bug (race condition?) where it will send truncated files to visitors on the very first load if several people simultaneously access a file that hasn't been viewed before
bugfixes
- inline markdown/logues rendered black-on-black in firefox 54 and some other browsers from 2017 and older eeef809
- unintuitive folder thumbnail selection if folder contains both
Cover.jpg
andcover.jpg
f955d2b - the gridview toolbar got undocked after viewing a pic/vid dc449bf
other changes
- #90 recommend rclone in favor of davfs2 ef0ecf8
- improved some error messages e565ad5
- added helptext exporters to generate the online html and txt editions 5953399
- mention that cloudflare is incompatible with uploading files larger than 383.9 GiB