]> git.p6c8.net - jirafeau.git/blob - CHANGELOG.md
Jirafeau 4.6.1 is ready
[jirafeau.git] / CHANGELOG.md
1 # Jirafeau's change log
2
3 ## Note about upgrading
4
5 "in-place upgrade" refers to this general procedure:
6
7 1. Backup your Jirafeau installation!
8 2. Block access to Jirafeau
9 3. Checkout the new version with Git using the [tagged release](https://gitlab.com/jirafeau/Jirafeau/tags)
10 * If you have installed Jirafeau just by uploading files on your server, you can download the desired version, overwrite/remove all files and chown/chmod files if needed. Keep a backup of your local configuration file tough.
11 4. With you browser, go to your Jirafeau root page
12 5. Follow the installation wizard, it should propose you the same data folder or even update automatically
13 6. Check your `/lib/config.local.php` and compare it with the `/lib/config.original.php` to see if new configuration items are available. If a new item is missing in your `config.local.php`, this may trigger some errors as Jirafeau may expect to have them.
14
15 ## Version 4.6.1
16
17 - Removed the download button and the corresponding link for encrypted files from the admin interface
18 - Fixed an issue with sending the wrong filesize after decrypting an encrypted file
19 - Fixed the possibility to bypass the check for CVE-2022-30110 (prevent preview of SVG images) by sending a manipulated HTTP request with a MIME type like "image/svg+XML".
20 - We now provide Docker images for AMD64 and ARM64 systems
21 - Lots of code refactoring and cleanup
22 - Few more little fixes
23 - Typo and spelling mistakes
24
25 New configuration items:
26 - `one_time_download_preselected` for preselecting the checkbox for deleting the file after the first download
27
28 ## Version 4.6.0
29
30 - New configuration options for allowing to require, check or generate file download passwords
31 - Re-implemented server side encryption using PHP's `Sodium` extension (the formerly used `mcrypt` extension is deprecated)
32 - Keep and show basic download stats
33 - Removed Lighttpd's `mod_usertrack` from Docker config
34 - Added `<meta name="viewport"…` to template header to support responsive themes
35 - Removed usage of deprecated `strftime()` function
36 - Few more little fixes
37 - Typo and spelling mistakes
38
39 New configuration items:
40 - `download_password_requirement`, `download_password_gen_len`, `download_password_gen_chars`, `download_password_policy` and `download_password_policy_regex` for configuring file download passwords
41 - `admin_ip` for limiting access to the admin interface to certain IP addresses
42 - `admin_http_auth_user` is now an array (the possibility to use a string is preserved for backward compatibility)
43
44 ## Version 4.5.0
45
46 - Even more new translation, thanks a lot to all contributors!
47 - Support for automatic dark theme
48 - Fixed wobling admin buttons (light and dark default themes)
49 - Disable file deduplication by default
50 - Fix side effects of setting too high values in php configuration for async upload
51 - Add support for X-Sendfile
52 - Retry on more type of possible errors
53 - Move docker image to PHP 8.1
54 - Print more error details in case of issue
55 - Few more little fixes
56 - IRC channel to discuss :)
57
58 New configuration items:
59 - `max_upload_chunk_size_bytes` option
60 - `dark_style` option
61 - Defaulting `file_hash` option from `md5` to `random`
62
63 ## Version 4.4.0
64
65 - Add docker options
66 - Admin pannel can output informations for bug opening
67 - Fixes for PHP 8
68 - Fix autocomplete field for passwords
69 - Fix file previewing
70 - Disallow file preview for image/svg+xml files
71 - Expiry after a fortnight (2 weeks)
72 - Typo and spelling mistakes
73 - Upgrade from 4.3.0: in-place upgrade
74
75 New configuration items:
76 - `fortnight` value in `availabilities` array (default to `true`)
77
78 ## Version 4.3.0
79
80 - Fix various docker errors
81 - Fix various upload errors
82 - Add composer (useful for CI)
83 - Code cleaning
84 - Add option 'store_uploader_ip' to avoid uploaders ip logging
85 - Upgrade from 4.2.0: in-place upgrade
86
87 New configuration items:
88 - `store_uploader_ip` (default to `true`)
89
90 ## Version 4.2.0
91
92 - New file_hash option to eventually speed-up file identification process
93 - one_time_download is now optional
94 - Litespeed workaround for large files
95 - Admin interface can compute data folder size
96 - REUSE compliance test
97 - multiple docker features: mcrypt support, daily cleanup, unprivileged user
98 - Add upload password capability in script options
99 - Various bugfixes around retries and error management
100 - Automatically lower chunk size sent to server refusing large chunks
101 - Romanian lang support and other various lang support
102 - Upgrade from 4.1.1: in-place upgrade
103
104 ## Version 4.1.1
105
106 - Fix lang sanity check
107 - Upgrade from 4.1.0: in-place upgrade
108
109 ## Version 4.1.0
110
111 - Fix upload password and allowed ip (#201)
112 - Code refactorisation of IP checking
113 - Fix expiration dates
114 - Add better support for Accept-Language
115 - Cosmetic fixes
116 - More languages supported and language fixes
117 - Upgrade from 4.0.0: in-place upgrade
118
119 ## Version 4.0.0
120
121 - Removed plain-text password support for admin auth (breaking change).
122 - Default folder sub-division to 8 characters (breaking change).
123 - New option `upload_ip_nopassword` to allow a list of IP to access Jirafeau without password
124 - Bugfix with LibreJS
125 - Other minor bug fixes
126 - More languages supported
127
128 ### Upgrade from 3.4.1 to 4.0.0
129
130 You may have to change your administrator password in your config file as admin password are only stored using sha256 (SHA2).
131 To do so, edit `lib/config.local.php` and update `admin_password` option using `echo -n MyNewPassw0rd | sha256sum` command.
132
133 Subfolder division changed in Jirafeau storage. You can either start from a fresh `var-` folder or you need to migrate your data.
134
135 In order to migrate your existing data:
136 1. Be sure to have a working backup of your Jirafeau instance and/or the rest of your hosting before any operation
137 2. Go to `var-` folder
138 3. Be sure you have read and write permissions on files and folders with your current user
139 4. Run the following commands:
140 ```bash
141 # Migrate files folder
142 find files -type f ! -name "*_count" | while read f; do bn="$(basename "$f")"; dst="files/${bn:0:8}/${bn:8:8}/${bn:16:8}/${bn:24:8}/"; mkdir -p "$dst"; mv "$f" "$dst" ; mv "${f}_count" "$dst"; done; find files -maxdepth 1 -type d -iname "?" -exec rm -rf {} \;
143 # Migrate links folder
144 find links -type f | while read link; do bn="$(basename "$link")"; mkdir "links/$bn"; mv "$link" "links/$bn/"; done; find links -maxdepth 1 -type d -iname "?" -exec rm -rf {} \;
145 ```
146
147 ## Version 3.4.1
148
149 - Security fixes, thanks [Bishopfox Team](https://www.bishopfox.com/)
150 - Translation fixes
151 - Docker fix
152 - Advertise JavaScript license for LibreJS compatibility
153 - other minor fixes
154 - Upgrade from 3.4.0: in-place upgrade
155
156 ## Version 3.4.0
157
158 - Add encryption support in bash script
159 - Refactoring of lang system for simpler management
160 - Removed installation step asking for language
161 - Merged weblate contributions
162 - Fixed some spelling issues
163 - Upgrade from 3.3.0 : in-place upgrade
164
165 ## Version 3.3.0
166
167 - Added Docker Support
168 - Added a copy button next to links to copy URLs in clipboard
169 - Now use a delete page to confirm file deletion (#136)
170 - Fixed object ProgressEvent Error (#127)
171 - Added configuration tips for web servers
172 - More translations
173 - Style fixes
174 - Removed useless alias API support (some old toy)
175 - Upgrade from 3.2.1 : in-place upgrade
176
177 ## Version 3.2.1
178
179 - fix download view after an upload
180 - Upgrade from 3.2.0 : in-place upgrade
181
182 ## Version 3.2.0
183
184 - Update translations from Update translations from weblate
185 - Better style
186 - Fix regression on admin password setting
187 - Upgrade from 3.1.0 : in-place upgrade
188
189 ## Version 3.1.0
190
191 - Fix regression on user authentication (see #113)
192 - Some cosmetic change
193 - Upgrade from 3.0.0 : in-place upgrade
194
195 ## Version 3.0.0
196
197 - Remove XHTML doctype, support HTML5 only → breaking change for older browsers
198 - Remove redundant code
199 - Remove baseurl usage and set absolute links instead, which for example fixes SSL issues
200 - Extend contribution guide
201 - Switch to PSR-2 code style (fix line endings, indentations, whitespaces, etc)
202 - Declare system requirements
203 - Catch API errors in upload form
204 - Allow clients to upload files depending on IP or password
205 - Set UTC as timezone to prevent date/time issues
206 - Show readable date & time information
207 - Fix UI glitches in admin panel and upload form
208 - Upgrade from 2.0.0 : in-place upgrade
209
210 ## Version 2.0.0
211
212 - Various documentation improvements
213 - Simplify automatic generation of local configuration file
214 - Set a custom title
215 - Bash Script: Enhanced help, show version, return link to web view as well
216 - »Terms of Service« refactored - Enable admin to overwrite the ToS, without changing existing source code → breaking, see upgrade notes
217
218 ### Upgrade from version 1.2.0 to 2.0.0
219
220 The "Terms of Service" text file changed.
221 To reuse a custom version of your ToS, move your ```/tos_text.php``` file to ```/lib/tos.local.txt``` and remove all HTML und PHP Tags, leaving a regular text file.
222
223 ## Version 1.2.0
224
225 - Link on API page to generate bash script
226 - More informative error codes for API
227 - Security Fix: Prevent authentication bypass for admin interface
228 - CLI script to remove expired files automatically with a cron job
229 - SHA-256 hash the admin password
230 - New theme "elegantish"
231 - Fix for JavaScript MIME-Type, prevents blocking the resource on some servers
232 - Show download link for a file in admin interface
233 - Default time for expiration (set to 'month' by default)
234 - New expiration time: 'quarter'
235 - A lot of translation contributions
236 - Code cleanups
237 - Upgrade from 1.1: in-place upgrade
238
239 ## Version 1.1
240
241 - New skins
242 - Add optional server side encryption
243 - Unlimited file size upload using HTML5 file API
244 - Show speed and estimated time during upload
245 - A lot of fixes
246 - A lot of new languages
247 - Small API to upload files
248 - Limit access to Jirafeau using IP, mask, passwords
249 - Manage (some) proxy headers
250 - Configure your maximal upload size
251 - Configure file's lifetime durations
252 - Preview URL
253 - Get Jirafeau's version in admin interface
254
255 ### Upgrade from version 1.0 to 1.1
256
257 - Download URL changed. Add a rewrite rule in your web server configuration to rename ```file.php``` to ```f.php``` to make older, still existing links work again-
258 - The default theme changed. Optionally change the theme in ```lib/config.local.php``` to "courgette"
259
260 ## Version 1.0
261
262 The very first version of Jirafeau after the fork of Jyraphe.
263
264 - Security fix
265 - Keep uploader's ip
266 - Delete link for each upload
267 - No more clear text password storage
268 - Simple language support
269 - Add an admin interface
270 - New Design
271 - Add term of use
272 - New path system to manage large number of files
273 - New option to show a page at download time
274 - Add option to activate or not preview mode

patrick-canterino.de