Copyparty

Latest version: v1.16.1

Safety actively analyzes 681866 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 18 of 46

1.3.8

Not secure
* read-only demo server at https://a.ocv.me/pub/demo/
* latest gzip edition of the sfx: [v1.0.14](https://github.com/9001/copyparty/releases/tag/v1.0.14#:~:text=release-specific%20notes)

new features
* new arg `--df 4` and volflag `:c,df=4g` to guarantee 4 GiB free disk space by rejecting uploads
* some features no longer block new uploads while they're processing
* `-e2v` file integrity checker
* `-e2ts` initial tag scanner
* hopefully fixes a [deadlock](https://www.youtube.com/watch?v=DkKoMveT_jo&t=3s) someone ran into (but probably doesn't)
* (the "deadlock" link is an addictive demoscene banger -- the actual issue is 10)
* reduced the impact of some features which still do
* defer `--re-maxage` reindexing if there was a write (upload/rename/...) recently
* `--db-act` sets minimum idle period before reindex can start (default 10sec)
* bbox / image-viewer: add video hotkeys 0..9 to seek 0%..90%
* audio-player: add audio crossfeed (left-right channel mixer / vocal isolation)
* splashpage (`/?h`) shows time since the most recent write

bugfixes
* a11y:
* enter-key should always trigger onclick
* only focus password box if in-bounds
* improve skip-to-files
* prisonparty: volume labeling in root folders
* other minor stuff
* forget deleted shadowed files from the db
* be less noisy if a client disconnects mid-reply
* up2k.js less eager to thrash slow server HDDs

other changes
* show client's upload ETA in server log
* dump stacks and issue `lsof` on the db if a transaction is stuck
* will hopefully help if there's any more deadlocks
* [up2k-hook-ytid](https://github.com/9001/copyparty/blob/hovudstraum/contrib/plugins/up2k-hook-ytid.js) (the overengineered up2k.js plugin example) now has an mp4/webm/mkv metadata parser

1.3.7

Not secure
* read-only demo server at https://a.ocv.me/pub/demo/
* latest gzip edition of the sfx: [v1.0.14](https://github.com/9001/copyparty/releases/tag/v1.0.14#:~:text=release-specific%20notes)

new features
* `up2k.js`: **improved upload speeds!**
* **...when there's many small files** (or the browser is slow)
* add [potato mode](https://user-images.githubusercontent.com/241032/179336639-8ecc01ea-2662-4cb6-8048-5be3ad599f33.png) -- lightweight UI for faster uploads from slow boxes
* enables automatically if it detects a cpu bottleneck (not very accurate)
* **...on really fast connections (LAN / fiber)**
* batch progress updates to reduce repaints
* **...when there is a mix of big and small files**
* sort the uploads by size, smallest first, for optimal cpu/network usage
* can be overridden to alphabetical order in the settings tab
* new arg `--u2sort` changes the default + overrides the override button
* improve upload pacing when alphabetical order is enabled
* mainly affecting single files that are 300 GiB +
* `up2k.js`: add [up2k hooks](https://github.com/9001/copyparty/blob/hovudstraum/contrib/plugins/up2k-hooks.js)
* specify *client-side* rules to reject files as they are dropped into the browser
* not a hard-reject since people can use [up2k.py](https://github.com/9001/copyparty/blob/hovudstraum/bin/up2k.py) and whatnot, more like a hint
* `up2k.py`: add file integrity checker
* new arg `-e2v` to scan volumes and verify file checksums on startup
* `-e2vu` updates the db on mismatch, `-e2vp` panics
* uploads are blocked while the scan is running -- might get fixed at some point
* for now it prints a warning
* bbox / image-viewer: doubletap a picture to enter fullscreen mode
* md-editor: `ctrl-c/x` affects current line if no selection, and `ctrl-e` is fullscreen
* tag-parser plugins:
* add support for passing metadata from one mtp to another (parser dependencies)
* the `p` flag in [vidchk](https://github.com/9001/copyparty/blob/hovudstraum/bin/mtag/vidchk.py) usage makes it run after the base parser, eating its output
* add [rclone uploader](https://github.com/9001/copyparty/blob/hovudstraum/bin/mtag/rclone-upload.py) which optionally and by default depends on vidchk

bugfixes
* sfx would crash if it got the same PID as recently (for example across two reboots)
* audio equalizer on recent chromes
* still can't figure out why chrome sometimes drops the mediasession
* bbox: don't attach click events to videos
* up2k.py:
* more sensible behavior w/ blank files
* avoid some extra directory scans when deleting files
* faster shutdown on `ctrl-c` during volume indexing
* warning from the thumbnail cleaner if the volume has no thumbnails
* `>fixing py2 support` `>2022`

other changes
* up2k.js:
* sends a summary of the upload queue to [the server log](https://github.com/9001/copyparty#up2k)
* shows a toast while loading huge filedrops to indicate it's still alive
* sfx: disable guru meditation unless running on windows
* avoids hanging systemd on certain crashes
* logs the state of all threads if sqlite hits a timeout

1.3.5

Not secure
* read-only demo server at https://a.ocv.me/pub/demo/
* latest gzip edition of the sfx: [v1.0.14](https://github.com/9001/copyparty/releases/tag/v1.0.14#:~:text=release-specific%20notes)

new features
* detect + recover from cloudflare ddos-protection memes during upload
* while carefully avoiding any mention of "DDoS" in the JS because enterprise firewalls do not enjoy that
* new option `--favico` to specify a default favicon
* set to `🎉` by default, which also enables the fancy upload progress donut 👌
* baguettebox (image/video viewer):
* toolbar button `⛶` to enter fullscreen mode (same as hotkey `F`)
* tap middle of screen to show/hide toolbar
* tap left/right-side of pics to navigate prev/next
* hotkeys `[` and `]` to set A-B loop in videos
* and [URL parameters](https://a.ocv.me/pub/demo/pics-vids/#gf-e2e482ae&t=4.2-6) for that + [initial seekpoint](https://a.ocv.me/pub/demo/pics-vids/#gf-c04bb0f6&t=26s) (same as the audio player)

bugfixes
* when a tag-parser hits the timeout, `pkill` all its descendants too
* and a [new mtp flag](https://github.com/9001/copyparty/#file-parser-plugins) to override that; `kt` (kill tree, default), `km` (kill main, old default), `kn` (kill none)
* cpu-wasting spin while waiting for the final handful of files to finish tag-scraping
* detection of sparse-files support inside [prisonparty](https://github.com/9001/copyparty/tree/hovudstraum/bin#prisonpartysh) and other strict jails
* baguettebox (image/video viewer):
* crash on swipe during close
* didn't reset terminal color at the end of `?ls=v`
* don't try to thumbnail empty files (harmless but dumb)

other changes
* ux improvements
* hide the uploads table until something happens
* bump codemirror to 5.65.6

1.3.3

Not secure
* **new:** read-only demo server at https://a.ocv.me/pub/demo/
* latest gzip edition of the sfx: [v1.0.14](https://github.com/9001/copyparty/releases/tag/v1.0.14#:~:text=release-specific%20notes)

bugfixes
* **upload:** downgrade filenames to ascii if the server filesystem requires it
* **android fix:** external sdcard seems to be UCS-2 which can't into emojis
* **upload:** accurate detection of support for sparse files
* now based on filesystem behavior rather than a list of known filesystems
* **android fix:** all storage is `sdcardfs` so the list wasn't good enough
* **ux:** custom css/js did not apply to write-only folders

1.3.2

Not secure
* **new:** read-only demo server at https://a.ocv.me/pub/demo/
* latest gzip edition of the sfx: [v1.0.14](https://github.com/9001/copyparty/releases/tag/v1.0.14#:~:text=release-specific%20notes)

new features
* new option `--thickfs` to modify the list of filesystems that dont support sparse files
* default should catch most usual cases but I probably missed some
* detect and warn if filesystem was expected to support sparse files yet doesn't

bugfixes
* nonsparse: ensure chunks are flushed on linux as well
* switching between documents
* ctrl-clicking a breadcrumb entry didn't open a new tab as expected
* renaming files based on artist/title/etc tags would create subdirectories if tags contained `/`
* not dangerous -- the server correctly prevented any path traversals -- just unexpected
* markdown stuff
* numbered lists appeared as bullet-lists
* don't crash if a plugin sets a buggy timer
* plugins didn't run when viewing `README.md` inline

other changes
* in the `-ss` safety preset, replace `no-dot-mv, no-dot-ren` with `no-logues, no-readme`
* audio player continues into the next folder by default

1.3.1

Not secure
* latest gzip edition of the sfx: [v1.0.14](https://github.com/9001/copyparty/releases/tag/v1.0.14#:~:text=release-specific%20notes)

new features
* improved support for filesystems without sparse files (fat32, exfat, hpfs)
* the server no longer preallocates the whole file with zeroes before upload can start
* so you can now finally run copyparty on your android phone or tablet and upload to the sd-card instead of the internal storage
* however upload speed will suffer a bit (limited to a single tcp connection doing one chunk at a time)
* safety profiles; arguments `-s`, `-ss`, and `-sss` are aliases/presets for other safety-related arguments
* `-s` reduces attack surface from potentially dangerous software by disabling thumbnails, audio transcoding, ffmpeg, pillow, vips
* `-ss` also prevents js-injection, accidental move/deletes, broken symlinks, and enables enterprise-grade security (return 404 on 403)
* `-sss` also enables logging to disk and does a scan for dangerous symlinks at startup (possibly expensive)
* ux improvements
* a11y jumpers -- hit tab + enter to jump straight to files/folders
* hotkey `Y` to download currently playing song / vid / pic
* button to reset the hidden columns
* new themes "hacker" and "hi-con"

bugfixes
* spinlock if a client disconnects in the middle of an up2k handshake
* ftp server couldn't persist metadata when multiprocessing was enabled (`-j 0`)
* cut/paste (move) files between filesystems
* allow `Connection: keep-alive` on HTTP/1.0
* stray `[` appeared at the start of logfiles in the textviewer
* misleading log message when a completed upload expires from registry and `-e2d` was not set

other changes
* the basic uploader adds the `.PARTIAL` suffix while uploading (like up2k)
* added type hints / mypy checking
* upgrade deps (markedjs, codemirror)
* ux improvements
* delay spinners a bit
* instant feedback when switching folders
* a11y outlines in up2k ui

Page 18 of 46

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.