Skip to content

Releases: 9001/copyparty

incoming eta

16 Sep 01:21
@9001 9001
v1.15.3
c0c0a1a
Compare
Choose a tag to compare
incoming eta Latest
Latest

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

cpanel-upload-eta2-or8

  • incoming uploads (and their ETA) are shown in the controlpanel 609c592 844194e
  • list total directory sizes 427597b
    • show the total size and number of files of each directory in listings
    • makes browsing a bit slower (up to 30%) so can be disabled with --no-dirsz
    • sizes are calculated during startup, so it requires -e2dsa
      • file-uploads will recalculate the sizes immediately, but a full rescan is necessary to see changes caused by moves/deletes
  • optimizations;
    • reduce broker overhead when multiprocessing is disabled 4e75534
      • should reduce cpu usage by uploads, thumbnails, prometheus metrics
    • reduce cpu usage from downloading thumbnails 7d64879

🩹 bugfixes

  • fix sqlite indexes d67e9cc
    • upload handshakes would get exponentially slow if a volume has more than 200'000 files
    • reindex on startup can be 150x faster in some rare cases (same filename in MANY folders)
    • the database is now around 10% larger (likely worst-case)
  • misc ux: 58835b2
    • shares: show media tags
    • html hydrator assumed a folder named foo.txt was a doc
    • due to sessions, use pwd as password placeholder on services

🔧 other changes

🗿 known issues

  • prometheus metrics are busted
    • workaround: disable monitoring of volume status with --nos-vst

💾 what to download?

download link is it good? description
copyparty-sfx.py ✅ the best 👍 runs anywhere! only needs python
a docker image it's ok good if you prefer docker 🐋
copyparty.exe ⚠️ acceptable for win8 or later; built-in thumbnailer
u2c.exe ⚠️ acceptable CLI uploader as a win7+ exe (video)
copyparty.pyz ⚠️ acceptable similar to the regular sfx, mostly worse
copyparty32.exe ⛔️ dangerous for win7 -- never expose to the internet!
cpp-winpe64.exe ⛔️ dangerous runs on 64bit WinPE, otherwise useless
  • except for u2c.exe, all of the options above are mostly equivalent
  • the zip and tar.gz files below are just source code
  • python packages are available at PyPI

Contributors

ultwcz
Assets 8
Loading

session

09 Sep 23:59
@9001 9001
v1.15.1
e9d962f
Compare
Choose a tag to compare
session

blessed by ⑨, this release is certified strong (artist)

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

new features

  • login sessions b540517
    • a random session cookie is generated for each known user, replacing the previous plaintext login cookie
    • the logout button will nuke the session on all clients where that user is logged in
    • the sessions are stored in the database at --ses-db, default ~/.config/copyparty/sessions.db (docker uses /cfg/sessions.db similar to the other runtime configs)
    • can be mostly disabled with --no-ses when it turns out to be buggy

bugfixes

  • v1.13.8 broke the u2c --ow option to replace/overwrite files on the server during upload 6eee601

⚠️ not the latest version!

Assets 8
Loading

fill the drives

08 Sep 20:09
@9001 9001
v1.15.0
c140eee
Compare
Choose a tag to compare
fill the drives

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

upload deduplication now disabled by default

because many people found the behavior surprising. This also makes it easier to use copyparty together with other software, since there is no risk of damage to symlinks if there are no symlinks to damage

to enable deduplication, use either --dedup (old-default, symlink-based), or --hardlink (will use hardlinks when possible), or --hardlink-only (disallow symlinks). To choose the approach that fits your usecase, see file deduplication in the readme

verification of local file consistency was also added; this happens when someone uploads a dupe, to ensure that no other software has modified the local file since last reindex. This unfortunately makes uploading of duplicate files much slower, and can be disabled with --safe-dedup 1 if you know that only copyparty will be modifying the filesystem

new features

  • dedup improvements:
    • verify consistency of local files before using them as dedup source 6e671c5
      • if a local file has been altered by other software since the last reindexing, then this will now be detected
  • u2c (commandline uploader): add mode to print hashes of local files 08848be
    • if you've lost a file but you know its wark (file identifier), you can now use u2c.exe to scan your whole filesystem for it: u2c - .
  • #96 use local timezone in log messages b599fba

bugfixes

  • dedup fixes:
    • symlinks could break if moved/renamed inside a volume where deduplication was disabled after some files within had already been deduplicated 4401de0
    • when moving/renaming, only consider symlinks between volumes if xlink volflag is set b5ad936
  • database consistency verifier (-e2vp):
    • support filenames with newlines, and warn about missing files b0de84c
  • opengraph/--og: fix viewing textfiles e5a836c
  • up2k.js: fix confusing message when uploading many copies of the same file f1130db

other changes

  • disable upload deduplication by default a2e0f98
  • up2k.js: increase handshake timeout to several minutes because of the dedup changes c5988a0
  • copyparty.exe: update to python 3.12.6

⚠️ not the latest version!

Assets 9
Loading

another

02 Sep 01:37
@9001 9001
v1.14.4
5a009a2
Compare
Choose a tag to compare
another

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

  • v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

bugfixes

  • a network glitch could cause the uploader UI to panic d9e9526

⚠️ not the latest version!

Assets 8
Loading

important dedup fix

30 Aug 23:38
@9001 9001
v1.14.3
abcdf47
Compare
Choose a tag to compare
important dedup fix

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

important bugfix ☢️

this version fixes a file deduplication bug which was introduced in v1.13.8, released 2024-08-13

its worst-case outcome is loss of data in the following scenario:

  • someone uploads a file into a folder where that filename is already taken, but the file contents are different, and the server already has a copy of that new file elsewhere under a different name

specific example:

  • the server has two existing files, logo.png and logo-v2.png, in the same volume but not necessarily in the same folder, and those files contain different data
  • you have a local copy of logo-v2.png on your laptop, but your local filename is logo.png
  • you upload your local logo.png onto the server, into the same folder as the server's logo.png
  • because the files contain different data, the server accidentally replaces the contents of logo.png with your version

if you have been using the database feature (globally with -e2dsa or volflag e2ds), and you suspect you may have hit this bug, then it is a good idea to make a backup of the up2k databases for all your volumes (the files with names starting with up2k.db) before restarting copyparty and before you do anything else, especially if you do not have serverlogs from far back in time -- if you have either the databases and/or the serverlogs, then it is possible to identify replaced files with some manual work

you can check if you hit the bug using one of the following two approaches:

  • if your OS has the gnu find command, do a search for empty files with find -type f -size 0
  • using copyparty (any OS), do the following steps:
    • make sure that reindex-on-startup is enabled; either globally with -e2dsa or volflag e2ds
    • then install this new copyparty version
    • click the search tab [🔎] and type the number 0 into the maximum MiB textbox

if you find any empty files with a filename that indicates it was autogenerated to avoid a name collision, for example logo.png-1725040569.239207-kbt0xteO.png, and the value of the number after logo.png is larger than 1723507200 (unixtime for 2024-08-13), then this indicates that logo.png may have been replaced by another upload

if you have the serverlogs from when the original upload of logo.png was made, then this can be used to identify the original contents of the file that was replaced, and to look for other copies. Please get in touch on the discord for assistance if necessary

new features

  • shares: add revival and expiration extension ad2371f
    • share-owners can revive expired shares for --shr-rt minutes (default 1 day)
    • ...and extend expiration time by adding 1 minute or 1 hour to the timer
  • sfx customizer improvements 03b13e8
    • improved translations stripper
    • add more examples

bugfixes

other changes

⚠️ not the latest version!

Assets 8
Loading

bing chilling

23 Aug 23:47
@9001 9001
v1.14.2
cec0e0c
Compare
Choose a tag to compare
bing chilling

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

new features

  • #94 @ultwcz translated the UI to Chinese (thx!) 92edea1
  • #84 improvements to shares: 8122dde
    • if one or more files are selected for sharing, they are placed into a virtual folder
    • more appropriate password UI for accessing protected shares
    • human-readable timestamps in shares listing
  • u2c (commandline uploader): support multiple exclusion patterns f356faa

bugfixes

  • remove confusing logmessage when downloading a zerobyte file 9f034d9
  • shares: 7ff4696
    • fix crash if the root volume is unmapped
    • log-spam on config reload
    • password coalescing
    • add chrome support

other changes

⚠️ not the latest version!

Contributors

ultwcz
Assets 9
Loading

one step forward

19 Aug 00:26
@9001 9001
v1.14.1
70009cd
Compare
Choose a tag to compare
one step forward

if i turn back now, then this will always follow... one step forward, forward

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

new features

  • #92 users can change their own passwords 83fb569 00da744
    • this feature is default-disabled; see readme
  • #84 share files/folders by creating a temporary url 7c2beba
    • inspired by other file servers; click the share-button to create a link like example.com/share/enkz8g374o8g
      • primary usecase is to sneak past authentication services (see issue description)
    • the create-share UI has options to accept uploads into the share, and/or set expiration time
    • this feature is default-disabled; see readme

bugfixes

  • #93 fixes for vproxy / location-based / not-vhost-based reverse-proxying 0b46b1a
    • using --rp-loc to reverse-proxy from a subfolder made some UI stuff break
  • listening on unix-sockets: 687df2f
    • fix x-forwarded-for support, and avoid a possible container-specific collision
    • new syntax which allows setting unix-permissions and unix-group
      • -i unix:770:www:/tmp/party.sock (see --help-bind for more examples)
  • using relocation hooks (introduced in previous ver) could cause dedup issues c8f4aea b0af4b3
  • custom fonts using @import css statements 5a62cb4
  • invert volume scrollwheel 7d8d943

other changes

  • changed the button colors in theme 2 (pm-monokai) from red to yellow 5153db6
    • the red buttons look better, but are too confusing because usually red means off

⚠️ not the latest version!

Assets 8
Loading

hook into place

13 Aug 00:33
@9001 9001
v1.13.8
dcc9881
Compare
Choose a tag to compare
hook into place

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

new features

  • #86 intentional side-effects from hooks 6c94a63
    • use hooks (plugins) to conditionally move uploads into another folder depending on filename, extension, uploader ip/name, file contents, ...
    • hooks can create additional files and tell copyparty to index them immediately, or delete an existing file based on some condition
    • only one example so far though, reloc-by-ext which was a feature-request to dodge sharex#3992
  • listen on unix-sockets ee9aad8
    • -i unix:/tmp/party.sock stops listening on TCP ports entirely, and only listens on that unix-socket
    • can be combined with regular sockets, -i 127.0.0.1,unix:/tmp/a.sock
    • kinda buggy for now (need to --xff-src=any and doesn't let you set socket-perms yet), will be fixed in next ver
    • makes it 10% faster, but more importantly offers tighter access control behind reverse-proxies
  • up2k stitching:
    • more optimal stitch sizes for max throughput across connections c862ec1
    • improve fat32 compatibility 373194c
  • new option --js-other to load custom javascript dbd42bc
  • list detected optional dependencies on startup 3db117d
    • hopefully reduces the guesswork / jank factor by a tiny bit

bugfixes

  • up2k stitching:
    • put the request headers on a diet so they fit through more reverse-proxies 0da719f
  • fix deadlock on s390x (IBM mainframes) 250c8c5

other changes

⚠️ not the latest version!

Assets 9
Loading

not that big

29 Jul 21:09
@9001 9001
v1.13.6
b3cecab
Compare
Choose a tag to compare
not that big

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

new features

  • up2k.js: set clientside timeouts on http connections during upload 85e5498
    • some reverse-proxy setups could cause uploads to hang indefinitely by eating requests; should recover nicely now
  • audio-player shows statustext while loading 662541c
  • bsod theme (live demo) 15ddcf5

bugfixes

  • fix bugs in the long-distance upload optimizations in the previous version:
    • up2k.js didn't necessarily use the expected chunksize when stitching 225bd80
    • u2c (commandline uploader): 8916bce
      • use the correct chunksize instead of overshooting like crazy
      • could crash on exit if -z was enabled (so basically harmless)
      • the "time spent uploading" statustext that was printed on exit could multiply by -j and exceed walltime
  • misc ux 9bb6e0d
    • don't accept hotkeys until it's safe to do so
    • improve messages regarding the firefox crash
    • keep more console logs in memory (easier to debug)
    • fix wordwrap in messageboxes on firefox a19a0fa

other changes

  • changed the xm / "on message" hook examples to reject users without write-access 99edba4
  • docker images were rebuilt on 2024-08-02, 23:30 UTC with new optimizations: 98ffaad
    • 😃 RAM usage decreased by 5-6 MiB for most flavors; 10 MiB for dj/iv
    • 😕 image size grew by 4 MiB (min), 6 MiB (ac/im/iv), 9 MiB (dj)
    • 😃 startup time reduced to about half
    • and avoids a deadlock on IBM mainframes
  • updated comparison to other software 6b54972
    • hfs2 is dead, hfs3 and filebrowser improved

⚠️ not the latest version!

Assets 9
Loading

american sized

23 Jul 00:01
@9001 9001
v1.13.5
8222ccc
Compare
Choose a tag to compare
american sized

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

new features

  • long-distance uploads are now twice as fast on average 132a835
    • boost tcp windowsize scaling by stitching together smaller chunks into bigger chonks so they fly better across the atlantic
    • i'm not kidding, on the two routes we've tested this on we gained 1.6x / 160% (from US-West to Finland) and 2.6x / 260% (Norway to US-East)
      • files that are between 4 MiB and 256 MiB see the biggest improvement; 70% faster <= 768 MiB, 40% <= 1.5 GiB, 10% <= 6G
    • if this turns out to be buggy, disable it serverside with --u2sz 1,1,1 or clientside in the browser-ui: [⚙️] -> up2k switches -> change 64 to 1
  • u2c.py (CLI uploader): support stitching (☝️) + print a summary with hashing and upload speeds 987bce2
  • video files can play as audio 53f1e3c
    • audio is extracted serverside to avoid wasting bandwidth
    • extraction is lossy (converted to opus or mp3 depending on browser)
    • togglebutton 🎧 in the gridview toolbar to enable/disable
  • new hook: into-the-cache-it-goes.py d26a944
    • avoids a cloudflare bug (race condition?) where it will send truncated files to visitors on the very first load if several people simultaneously access a file that hasn't been viewed before

bugfixes

  • inline markdown/logues rendered black-on-black in firefox 54 and some other browsers from 2017 and older eeef809
  • unintuitive folder thumbnail selection if folder contains both Cover.jpg and cover.jpg f955d2b
  • the gridview toolbar got undocked after viewing a pic/vid dc449bf

other changes

  • #90 recommend rclone in favor of davfs2 ef0ecf8
  • improved some error messages e565ad5
  • added helptext exporters to generate the online html and txt editions 5953399
  • mention that cloudflare is incompatible with uploading files larger than 383.9 GiB

⚠️ not the latest version!

Assets 9
Loading