]> git.p6c8.net - jirafeau.git/blob - CHANGELOG.md
13564df88c7346570bb950f52528ccd9d1659f52
[jirafeau.git] / CHANGELOG.md
1 # Jirafeau's change log
2
3 ## Note about upgrading
4
5 "in-place upgrade" refers to this general procedure:
6
7 1. Backup your Jirafeau installation!
8 2. Block access to Jirafeau
9 3. Checkout the new version with Git using the [tagged release](https://gitlab.com/jirafeau/Jirafeau/tags)
10 * If you have installed Jirafeau just by uploading files on your server, you can download the desired version, overwrite/remove all files and chown/chmod files if needed. Keep a backup of your local configuration file tough.
11 4. With you browser, go to your Jirafeau root page
12 5. Follow the installation wizard, it should propose you the same data folder or even update automatically
13 6. Check your `/lib/config.local.php` and compare it with the `/lib/config.original.php` to see if new configuration items are available. If a new item is missing in your `config.local.php`, this may trigger some errors as Jirafeau may expect to have them.
14
15 ## Version 4.6.1
16
17 - Removed the download button and the corresponding link for encrypted files from the admin interface
18 - Fixed an issue with sending the wrong filesize after decrypting an encrypted file
19 - Fixed the possibility to bypass the check for CVE-2022-30110 (prevent preview of SVG images) by sending a manipulated HTTP request with a MIME type like "image/svg+XML".
20 - We now provide Docker images for AMD64 and ARM64 systems
21 - Lots of code refactoring and cleanup
22 - Few more little fixes
23 - Typo and spelling mistakes
24 - Upgrade from 4.6.0: in-place upgrade
25
26 New configuration items:
27 - `one_time_download_preselected` for preselecting the checkbox for deleting the file after the first download
28
29 ## Version 4.6.0
30
31 - New configuration options for allowing to require, check or generate file download passwords
32 - Re-implemented server side encryption using PHP's `Sodium` extension (the formerly used `mcrypt` extension is deprecated)
33 - Keep and show basic download stats
34 - Removed Lighttpd's `mod_usertrack` from Docker config
35 - Added `<meta name="viewport"…` to template header to support responsive themes
36 - Removed usage of deprecated `strftime()` function
37 - Few more little fixes
38 - Typo and spelling mistakes
39 - Upgrade from 4.5.0: in-place upgrade
40
41 New configuration items:
42 - `download_password_requirement`, `download_password_gen_len`, `download_password_gen_chars`, `download_password_policy` and `download_password_policy_regex` for configuring file download passwords
43 - `admin_ip` for limiting access to the admin interface to certain IP addresses
44 - `admin_http_auth_user` is now an array (the possibility to use a string is preserved for backward compatibility)
45
46 ## Version 4.5.0
47
48 - Even more new translation, thanks a lot to all contributors!
49 - Support for automatic dark theme
50 - Fixed wobling admin buttons (light and dark default themes)
51 - Disable file deduplication by default
52 - Fix side effects of setting too high values in php configuration for async upload
53 - Add support for X-Sendfile
54 - Retry on more type of possible errors
55 - Move docker image to PHP 8.1
56 - Print more error details in case of issue
57 - Few more little fixes
58 - IRC channel to discuss :)
59
60 New configuration items:
61 - `max_upload_chunk_size_bytes` option
62 - `dark_style` option
63 - Defaulting `file_hash` option from `md5` to `random`
64
65 ## Version 4.4.0
66
67 - Add docker options
68 - Admin pannel can output informations for bug opening
69 - Fixes for PHP 8
70 - Fix autocomplete field for passwords
71 - Fix file previewing
72 - Disallow file preview for image/svg+xml files
73 - Expiry after a fortnight (2 weeks)
74 - Typo and spelling mistakes
75 - Upgrade from 4.3.0: in-place upgrade
76
77 New configuration items:
78 - `fortnight` value in `availabilities` array (default to `true`)
79
80 ## Version 4.3.0
81
82 - Fix various docker errors
83 - Fix various upload errors
84 - Add composer (useful for CI)
85 - Code cleaning
86 - Add option 'store_uploader_ip' to avoid uploaders ip logging
87 - Upgrade from 4.2.0: in-place upgrade
88
89 New configuration items:
90 - `store_uploader_ip` (default to `true`)
91
92 ## Version 4.2.0
93
94 - New file_hash option to eventually speed-up file identification process
95 - one_time_download is now optional
96 - Litespeed workaround for large files
97 - Admin interface can compute data folder size
98 - REUSE compliance test
99 - multiple docker features: mcrypt support, daily cleanup, unprivileged user
100 - Add upload password capability in script options
101 - Various bugfixes around retries and error management
102 - Automatically lower chunk size sent to server refusing large chunks
103 - Romanian lang support and other various lang support
104 - Upgrade from 4.1.1: in-place upgrade
105
106 ## Version 4.1.1
107
108 - Fix lang sanity check
109 - Upgrade from 4.1.0: in-place upgrade
110
111 ## Version 4.1.0
112
113 - Fix upload password and allowed ip (#201)
114 - Code refactorisation of IP checking
115 - Fix expiration dates
116 - Add better support for Accept-Language
117 - Cosmetic fixes
118 - More languages supported and language fixes
119 - Upgrade from 4.0.0: in-place upgrade
120
121 ## Version 4.0.0
122
123 - Removed plain-text password support for admin auth (breaking change).
124 - Default folder sub-division to 8 characters (breaking change).
125 - New option `upload_ip_nopassword` to allow a list of IP to access Jirafeau without password
126 - Bugfix with LibreJS
127 - Other minor bug fixes
128 - More languages supported
129
130 ### Upgrade from 3.4.1 to 4.0.0
131
132 You may have to change your administrator password in your config file as admin password are only stored using sha256 (SHA2).
133 To do so, edit `lib/config.local.php` and update `admin_password` option using `echo -n MyNewPassw0rd | sha256sum` command.
134
135 Subfolder division changed in Jirafeau storage. You can either start from a fresh `var-` folder or you need to migrate your data.
136
137 In order to migrate your existing data:
138 1. Be sure to have a working backup of your Jirafeau instance and/or the rest of your hosting before any operation
139 2. Go to `var-` folder
140 3. Be sure you have read and write permissions on files and folders with your current user
141 4. Run the following commands:
142 ```bash
143 # Migrate files folder
144 find files -type f ! -name "*_count" | while read f; do bn="$(basename "$f")"; dst="files/${bn:0:8}/${bn:8:8}/${bn:16:8}/${bn:24:8}/"; mkdir -p "$dst"; mv "$f" "$dst" ; mv "${f}_count" "$dst"; done; find files -maxdepth 1 -type d -iname "?" -exec rm -rf {} \;
145 # Migrate links folder
146 find links -type f | while read link; do bn="$(basename "$link")"; mkdir "links/$bn"; mv "$link" "links/$bn/"; done; find links -maxdepth 1 -type d -iname "?" -exec rm -rf {} \;
147 ```
148
149 ## Version 3.4.1
150
151 - Security fixes, thanks [Bishopfox Team](https://www.bishopfox.com/)
152 - Translation fixes
153 - Docker fix
154 - Advertise JavaScript license for LibreJS compatibility
155 - other minor fixes
156 - Upgrade from 3.4.0: in-place upgrade
157
158 ## Version 3.4.0
159
160 - Add encryption support in bash script
161 - Refactoring of lang system for simpler management
162 - Removed installation step asking for language
163 - Merged weblate contributions
164 - Fixed some spelling issues
165 - Upgrade from 3.3.0 : in-place upgrade
166
167 ## Version 3.3.0
168
169 - Added Docker Support
170 - Added a copy button next to links to copy URLs in clipboard
171 - Now use a delete page to confirm file deletion (#136)
172 - Fixed object ProgressEvent Error (#127)
173 - Added configuration tips for web servers
174 - More translations
175 - Style fixes
176 - Removed useless alias API support (some old toy)
177 - Upgrade from 3.2.1 : in-place upgrade
178
179 ## Version 3.2.1
180
181 - fix download view after an upload
182 - Upgrade from 3.2.0 : in-place upgrade
183
184 ## Version 3.2.0
185
186 - Update translations from Update translations from weblate
187 - Better style
188 - Fix regression on admin password setting
189 - Upgrade from 3.1.0 : in-place upgrade
190
191 ## Version 3.1.0
192
193 - Fix regression on user authentication (see #113)
194 - Some cosmetic change
195 - Upgrade from 3.0.0 : in-place upgrade
196
197 ## Version 3.0.0
198
199 - Remove XHTML doctype, support HTML5 only → breaking change for older browsers
200 - Remove redundant code
201 - Remove baseurl usage and set absolute links instead, which for example fixes SSL issues
202 - Extend contribution guide
203 - Switch to PSR-2 code style (fix line endings, indentations, whitespaces, etc)
204 - Declare system requirements
205 - Catch API errors in upload form
206 - Allow clients to upload files depending on IP or password
207 - Set UTC as timezone to prevent date/time issues
208 - Show readable date & time information
209 - Fix UI glitches in admin panel and upload form
210 - Upgrade from 2.0.0 : in-place upgrade
211
212 ## Version 2.0.0
213
214 - Various documentation improvements
215 - Simplify automatic generation of local configuration file
216 - Set a custom title
217 - Bash Script: Enhanced help, show version, return link to web view as well
218 - »Terms of Service« refactored - Enable admin to overwrite the ToS, without changing existing source code → breaking, see upgrade notes
219
220 ### Upgrade from version 1.2.0 to 2.0.0
221
222 The "Terms of Service" text file changed.
223 To reuse a custom version of your ToS, move your ```/tos_text.php``` file to ```/lib/tos.local.txt``` and remove all HTML und PHP Tags, leaving a regular text file.
224
225 ## Version 1.2.0
226
227 - Link on API page to generate bash script
228 - More informative error codes for API
229 - Security Fix: Prevent authentication bypass for admin interface
230 - CLI script to remove expired files automatically with a cron job
231 - SHA-256 hash the admin password
232 - New theme "elegantish"
233 - Fix for JavaScript MIME-Type, prevents blocking the resource on some servers
234 - Show download link for a file in admin interface
235 - Default time for expiration (set to 'month' by default)
236 - New expiration time: 'quarter'
237 - A lot of translation contributions
238 - Code cleanups
239 - Upgrade from 1.1: in-place upgrade
240
241 ## Version 1.1
242
243 - New skins
244 - Add optional server side encryption
245 - Unlimited file size upload using HTML5 file API
246 - Show speed and estimated time during upload
247 - A lot of fixes
248 - A lot of new languages
249 - Small API to upload files
250 - Limit access to Jirafeau using IP, mask, passwords
251 - Manage (some) proxy headers
252 - Configure your maximal upload size
253 - Configure file's lifetime durations
254 - Preview URL
255 - Get Jirafeau's version in admin interface
256
257 ### Upgrade from version 1.0 to 1.1
258
259 - Download URL changed. Add a rewrite rule in your web server configuration to rename ```file.php``` to ```f.php``` to make older, still existing links work again-
260 - The default theme changed. Optionally change the theme in ```lib/config.local.php``` to "courgette"
261
262 ## Version 1.0
263
264 The very first version of Jirafeau after the fork of Jyraphe.
265
266 - Security fix
267 - Keep uploader's ip
268 - Delete link for each upload
269 - No more clear text password storage
270 - Simple language support
271 - Add an admin interface
272 - New Design
273 - Add term of use
274 - New path system to manage large number of files
275 - New option to show a page at download time
276 - Add option to activate or not preview mode

patrick-canterino.de