Skip to content

v0.5.0
Compare
Choose a tag to compare
@github-actions github-actions released this 09 Sep 07:16
v0.5.0
b3c59d7
This commit was signed with the committer’s verified signature. The key has expired.
ItalyPaleAle Alessandro (Ale) Segala
GPG key ID: 77272FCDE00660A9
Expired
Verified
Learn about vigilant mode.

prvt 0.5 is the largest update to date, with lots of new features and improvements! 🥳🎉

To recap the biggest changes since version 0.4:

New features:

  • Redesigned user interface, with a leaner look.
  • prvt's server now supports requests for partial content when returning files (i.e. supports HTTP Range requests). This means that it's now possible to skip ahead when downloading a video or audio file (as long as it's using a container/format that supports that, such as mp4 or mp3). It's also possible to pause and resume downloads, for example when using download managers.
  • Inline file viewer: images, videos, audios, and text files are now displayed inline within the web UI's frame.
  • In the web UI, clicking on the three dots next to a file now brings up a panel with details about the file. Additionally, the "Download" and "Delete" buttons have been moved to this panel.
  • Using the web UI, it's now possible to select multiple files at once to upload them at the same time.
  • The prvt serve command now supports two new flags for launching a server without selecting a repository (--no-repo), or without unlocking the selected repository (--no-unlock). These are useful when you want to select and unlock repositories using the REST APIs, although they're not used in the web UI (yet).
  • Added API routes for almost all operations for a repository: selecting a repository, unlocking a repository, listing keys, adding and removing keys. The only operations that remain available exclusively in the CLI are initializing a new repository and upgrading repositories from older versions of prvt. However, these APIs are not (yet) used in the web UI.
  • Added prvt ls command to return the list of files and folders in a repository, at a given path.
  • Passphrases are now identified by their "hash" in prvt repo key * commands, which ensures that their IDs never change.

Changes:

  • Enabled Continuous Integration with automated tests for prvt, both on Linux and Windows.
  • prvt is now developed against Go 1.15, which is also used to generate all pre-compiled binaries.
  • Updated info file (_info.json) to version 4, which adds an id field. This contains a random UUID that's used to identify a repository.
  • File metadata has been updated to version 2, increasing the maximum size of the metadata to ~32KB and switched serialization to use the more efficient protobuf rather than JSON.
  • The codebase underwent some refactoring to better support automated testing.
  • Operations that involve accessing the cached index file (such as listing files in a directory, etc) are now faster, especially when there are lots of files, thanks to an optimized in-memory tree.
  • GET /api/metadata/:object route how supports a path too in addition to the file's UUID.
  • You cannot add the same passphrase or GPG key more than once anymore, using prvt repo key add or the equivalent REST API.
  • Identifiers for GPG keys are normalized by using their last 64 bits only.
  • When listing keys, prvt shows the user ID of a GPG key when that's available.
  • Added GET /api/info route that shows information on the app (just like prvt version).
  • When adding files, their paths and names are now normalized using the NFKC form.

Fixes:

  • Fixed a number of Goroutine leaks when downloads were interrupted or when requesting partial ranges.
  • (Potential) Security fix: when comparing password confirmation hashes, use constant-time compare functions. This had the potential to allow side-channel attacks, although those were not demonstrated in practice. We also believe the impact of those attacks would have been minimal.
  • S3 FS: Fixed a bug that caused files being reported as existing when they did not exist in fact.
  • Local FS: file writes are now done atomically to ensure consistency.
  • Web UI: multiple fixes for Safari.
  • Web UI: Added timeouts to network requests from the web UI to the APIs (but not for file uploads).
  • CLI: Improved error reporting.
  • Updated Go and JavaScript module dependencies.
  • Many other (minor) fixes and improvements.

Compared to beta 6, this release contains a very large number of bug fixes, many of those identified thanks to having (finally) implemented automated tests using the CI. As part of this effort, some refactoring for the codebase was necessary, to enable developing automated tests.

Assets 10
Loading