-# Note about upgrading
+# Jirafeau's change log
+
+## Note about upgrading
"in-place upgrade" refers to this general procedure:
5. Follow the installation wizard, it should propose you the same data folder or even update automatically
6. Check your `/lib/config.local.php` and compare it with the `/lib/config.original.php` to see if new configuration items are available. If a new item is missing in your `config.local.php`, this may trigger some errors as Jirafeau may expect to have them.
-# version 4.6.0 (not yet released)
+## Version 4.6.x (not yet released)
+
+- ...
+
+## Version 4.6.1
+
+- Removed the download button and the corresponding link for encrypted files from the admin interface
+- Fixed an issue with sending the wrong filesize after decrypting an encrypted file
+- Fixed the possibility to bypass the check for CVE-2022-30110 (prevent preview of SVG images) by sending a manipulated HTTP request with a MIME type like "image/svg+XML".
+- We now provide Docker images for AMD64 and ARM64 systems
+- Lots of code refactoring and cleanup
+- Few more little fixes
+- Typo and spelling mistakes
+- Upgrade from 4.6.0: in-place upgrade
+
+New configuration items:
+- `one_time_download_preselected` for preselecting the checkbox for deleting the file after the first download
+
+## Version 4.6.0
- New configuration options for allowing to require, check or generate file download passwords
- Re-implemented server side encryption using PHP's `Sodium` extension (the formerly used `mcrypt` extension is deprecated)
- Removed usage of deprecated `strftime()` function
- Few more little fixes
- Typo and spelling mistakes
+- Upgrade from 4.5.0: in-place upgrade
New configuration items:
- `download_password_requirement`, `download_password_gen_len`, `download_password_gen_chars`, `download_password_policy` and `download_password_policy_regex` for configuring file download passwords
- `admin_ip` for limiting access to the admin interface to certain IP addresses
- `admin_http_auth_user` is now an array (the possibility to use a string is preserved for backward compatibility)
-# version 4.5.0
+## Version 4.5.0
- Even more new translation, thanks a lot to all contributors!
- Support for automatic dark theme
- `dark_style` option
- Defaulting `file_hash` option from `md5` to `random`
-# version 4.4.0
+## Version 4.4.0
- Add docker options
- Admin pannel can output informations for bug opening
New configuration items:
- `fortnight` value in `availabilities` array (default to `true`)
-# version 4.3.0
+## Version 4.3.0
- Fix various docker errors
- Fix various upload errors
New configuration items:
- `store_uploader_ip` (default to `true`)
-# version 4.2.0
+## Version 4.2.0
- New file_hash option to eventually speed-up file identification process
- one_time_download is now optional
- Romanian lang support and other various lang support
- Upgrade from 4.1.1: in-place upgrade
-# Version 4.1.1
+## Version 4.1.1
- Fix lang sanity check
- Upgrade from 4.1.0: in-place upgrade
-# Version 4.1.0
+## Version 4.1.0
- Fix upload password and allowed ip (#201)
- Code refactorisation of IP checking
- More languages supported and language fixes
- Upgrade from 4.0.0: in-place upgrade
-# Version 4.0.0
+## Version 4.0.0
- Removed plain-text password support for admin auth (breaking change).
- Default folder sub-division to 8 characters (breaking change).
- Other minor bug fixes
- More languages supported
-## Upgrade from 3.4.1 to 4.0.0
+### Upgrade from 3.4.1 to 4.0.0
You may have to change your administrator password in your config file as admin password are only stored using sha256 (SHA2).
To do so, edit `lib/config.local.php` and update `admin_password` option using `echo -n MyNewPassw0rd | sha256sum` command.
find links -type f | while read link; do bn="$(basename "$link")"; mkdir "links/$bn"; mv "$link" "links/$bn/"; done; find links -maxdepth 1 -type d -iname "?" -exec rm -rf {} \;
```
-# Version 3.4.1
+## Version 3.4.1
- Security fixes, thanks [Bishopfox Team](https://www.bishopfox.com/)
- Translation fixes
- other minor fixes
- Upgrade from 3.4.0: in-place upgrade
-# Version 3.4.0
+## Version 3.4.0
- Add encryption support in bash script
- Refactoring of lang system for simpler management
- Fixed some spelling issues
- Upgrade from 3.3.0 : in-place upgrade
-# Version 3.3.0
+## Version 3.3.0
- Added Docker Support
- Added a copy button next to links to copy URLs in clipboard
- Removed useless alias API support (some old toy)
- Upgrade from 3.2.1 : in-place upgrade
-# Version 3.2.1
+## Version 3.2.1
- fix download view after an upload
- Upgrade from 3.2.0 : in-place upgrade
-# Version 3.2.0
+## Version 3.2.0
- Update translations from Update translations from weblate
- Better style
- Fix regression on admin password setting
- Upgrade from 3.1.0 : in-place upgrade
-# Version 3.1.0
+## Version 3.1.0
- Fix regression on user authentication (see #113)
- Some cosmetic change
- Upgrade from 3.0.0 : in-place upgrade
-# Version 3.0.0
+## Version 3.0.0
- Remove XHTML doctype, support HTML5 only → breaking change for older browsers
- Remove redundant code
- Fix UI glitches in admin panel and upload form
- Upgrade from 2.0.0 : in-place upgrade
-# Version 2.0.0
+## Version 2.0.0
- Various documentation improvements
- Simplify automatic generation of local configuration file
- Bash Script: Enhanced help, show version, return link to web view as well
- »Terms of Service« refactored - Enable admin to overwrite the ToS, without changing existing source code → breaking, see upgrade notes
-## Upgrade from version 1.2.0 to 2.0.0
+### Upgrade from version 1.2.0 to 2.0.0
The "Terms of Service" text file changed.
To reuse a custom version of your ToS, move your ```/tos_text.php``` file to ```/lib/tos.local.txt``` and remove all HTML und PHP Tags, leaving a regular text file.
-# Version 1.2.0
+## Version 1.2.0
- Link on API page to generate bash script
- More informative error codes for API
- Code cleanups
- Upgrade from 1.1: in-place upgrade
-# Version 1.1
+## Version 1.1
- New skins
- Add optional server side encryption
- Preview URL
- Get Jirafeau's version in admin interface
-### From version 1.0 to 1.1
+### Upgrade from version 1.0 to 1.1
- Download URL changed. Add a rewrite rule in your web server configuration to rename ```file.php``` to ```f.php``` to make older, still existing links work again-
- The default theme changed. Optionally change the theme in ```lib/config.local.php``` to "courgette"