Falocalrepo-server

Latest version: v3.4.0

Safety actively analyzes 682404 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 5

3.4.0

New Features

* Editing 📝
* User profiles, submissions, and journals can be edited or deleted directly from the web UI
* Files can be sorted, deleted, or added
* When using authentication, specific users can be given editing rights with the new `--editor` option
* Comments search 💬
* Search comments and open the relevant submission or journal
* Advanced search operators 🔎
* Exact matches with equal (`==`) and not equal (`!=`) instead of using `^` and `$`
* Comparison matches with greater-than (`>`, `>=`) and lower-than (`<`, `<=`)
* Substring matches (`%=`) (to force it on columns that do not use it by default)
* Mix & match operators `date %-03-% >= 2020`
* Completely overhauled server application with [starlette](https://starlette.io)
* Overhauled database queries and caching system
* Faster loading of submissions, journals, and user pages
* Added option to limit results for faster queries
* Added option to turn off caching to save on memory
* Support multiple users/passwords for authentication
* Support logging out
* Rewritten frontend
* Navigate search results directly from submission and journal pages (only available when caching is enabled)
* Support viewing PDF files in the browser (desktop only)
* Improve file selector for submissions
* Better zoom behaviour for images
* Collapsible comment trees
* Improved loading placeholders
* Show user icons in comments and gallery, scraps, favorites, etc. pages
* Sort tables by clicking on headers

Changes

* Search URLs have been simplified
* `/{entries type}` to search entries (users, submissions, journals, comments)
* `/{entries type}/{user}` to search entries (submissions, gallery, scraps, favorites, journals, comments) for a
specific user
* Removed `/submission/{id}/files` routes, can use `/submission/{id}/zip` instead
* Removed JSON endpoints
* Journals can only be viewed as a list
* Removed floating comments button from submission and journal pages
* The comments counter un the properties box can be clicked instead

Dependencies

* [bootstrap 5.3.3](https://blog.getbootstrap.com/2024/02/20/bootstrap-5-3-3/)
* [starlette ^0.37.2](https://pypi.org/project/starlette/0.37.2)
* [itsdangerous ^2.2.0](https://pypi.org/project/itsdangerous/2.2.0)
* [orjson ^3.10.3](https://pypi.org/project/orjson/3.10.3)
* Fix [CVE-2024-27454](https://cve.org/CVERecord?id=CVE-2024-27454)
* [baize ^0.20.8](https://pypi.org/project/baize/0.20.8)
* [python-multipart ^0.0.9](https://pypi.org/project/python-multipart/0.0.9)
* [pillow ^10.3.0](https://pypi.org/project/pillow/^10.3.0)
* [uvicorn ^0.29.0](https://pypi.org/project/uvicorn/^0.29.0)
* [Jinja2 ^3.1.4](https://pypi.org/project/Jinja2/^3.1.4)
* [click-help-colors ^0.9.4](https://pypi.org/project/click-help-colors/^0.9.4)
* [beautifulsoup4 ^4.12.3](https://pypi.org/project/beautifulsoup4/^4.12.3)
* [lxml ^5.2.1](https://pypi.org/project/lxml/^5.2.1)
* removed: [fastapi ^0.109.2](https://pypi.org/project/fastapi/^0.109.2)

3.3.6

Fixes

* Fix crash at startup when the program was installed from scratch instead of upgraded
* The new 2.x version of Pydantic introduced breaking changes from version 1.x which falocalrepo-server was based
upon

Dependencies

* [pydantic-settings ^2.0.3](https://pypi.org/project/pydantic-settings/2.0.3/)

3.3.5

Fixes

* Fix square brackets [] being removed from usernames

3.3.4

Fixes

* Fix the browser not loading the correct stylesheet when upgrading the program due to caching

Dependencies

* [falocalrepo-database ~5.4.5](https://pypi.org/project/falocalrepo-database/5.4.5/)
* [chardet ^5.2.0](https://pypi.org/project/chardet/5.2.0/)
* [pillow ^10.0.1](https://pypi.org/project/pillow/10.0.1/)
* Fix [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863)
* [fastapi ^0.103.2](https://pypi.org/project/fastapi/0.103.2/)
* Fix [CVE-2023-29159](https://www.cve.org/CVERecord?id=CVE-2023-29159)
* Fix [CVE-2023-30798](https://www.cve.org/CVERecord?id=CVE-2023-30798)
* Fix [GHSA-74m5-2c7w-9w3x](https://github.com/advisories/GHSA-74m5-2c7w-9w3x)
* [uvicorn ^0.23.2](https://pypi.org/project/uvicorn/0.23.2/)
* [click ^8.1.7](https://pypi.org/project/click/8.1.7/)
* [click-help-colors ^0.9.2](https://pypi.org/project/click-help-colors/0.9.2/)
* [beautifulsoup4 ^4.12.2](https://pypi.org/project/beautifulsoup4/4.12.2/)
* [lxml ^4.9.3](https://pypi.org/project/lxml/4.9.3/)

3.3.3

Not secure
Fixes

* Fix thumbnails for non-media files being stuck in infinite loading when more than one file was present
* Fix zoom button showing up for non-visual files when more than one file was present

Dependencies

* Use [falocalrepo-database ~5.4.3](https://pypi.org/project/falocalrepo-database/5.4.3)
* Use [fastapi ^0.87.0](https://pypi.org/project/fastapi/0.87.0)
* Use [uvicorn ^0.19.0](https://pypi.org/project/uvicorn/0.19.0)
* Use [Pillow ^9.3.0](https://pypi.org/project/pillow/9.3.0)

3.3.2

Not secure
New Features

* Grid view for submissions with multiple files 📱
* New button added to the file switcher that toggles a grid view showing all the files for a submission, regardless
of type
* Flash files are not minimized because of the way they are drawn, making it impossible to have the size change
responsively, a "SWF" tag is shown in their place instead

Changes

* Add subtle animations and shadow effects to sticky files
* Improve loading animations and "not found" badges
* Update theme-color to match dark/light mode
* Support dynamic toolbar tinting on browsers that support it
* Disable double-tap to zoom on mobile devices
* Avoid issues with buttons on some browsers causing unintentional zoom
* Pinch to zoom is still available
* Reduce height of non-expanded submission files on desktop
* Improve caching behaviour by storing reverse order in advance

Fixes

* Fix user icons not showing up properly in submissions, journals, and user profiles
* Fix ruffle errors not showing up
* Ruffle does not elevate its errors to the client so they cannot be caught and displayed in the like other errors
* Fix "Thumbnail not found" error badges overflowing

Dependencies

* Use [bootstrap 5.2.2](https://blog.getbootstrap.com/2022/10/03/bootstrap-5-2-2/)
* Use [fastapi ^0.85.1](https://pypi.org/project/fastapi/0.85.1)

Page 1 of 5

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.