- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2026-03-08)
recent important news
- v1.20.9 (2025-02-25) fixed CVE-2026-27948 (XSS)
🧪 new features
- #1351 add .hidden support (thx @NecRaul!) beb634d 134e378
- cosmetic filter to exclude specific files from directory listings by adding their filenames to a textfile named
.hiddensimilar to many linux desktop file managers - the files are still easily available from various APIs; this is not a security feature, just a way to keep things neat and tidy
- cosmetic filter to exclude specific files from directory listings by adding their filenames to a textfile named
- #1381 thumbnail pregeneration 7d6b037
- usually/generally not a good idea; readme explains it
- shares: now possible to grant the
.permission to see dotfiles 66f9c95
🩹 bugfixes
- #1372 #1333 no thumbnails if the server OS was too old to have JXL support and the webbrowser was asking for JXL 1afe48b
- #1363 new-version alert would only appear if the visitor had the Admin permission in the webroot specifically; now
Ain any volume is sufficient 6eb4f0a - 66f1ef6 should have blocked mkdir too and now it does (thx @restriction!) ac60a1d
- setting the
nohtmlornoscriptvolflags on the webroot would break the web-UI eb028c9 - shares: the -ed global-option did not make dotfiles visible in shares 66f9c95
- the
dotsvolflag still doesn't, but that one is intentional
- the
🔧 other changes
- tried to stop libvips from gobbling up obscene amounts of ram while creating jxl thumbnails abdbd69
- jxl support in libvips is now default-disabled unless the libc is musl and the allocator is mallocng, which means alpine linux
- in other words, libvips is still fully enabled in the
ivanddjdocker images if you do not enable mimalloc
- in other words, libvips is still fully enabled in the
- all other deployments will now have slightly slower jxl thumbnail generation by using ffmpeg instead (it's fine really)
- new global-option --th-vips-jxl lets you force-enable it if you dare
- jxl support in libvips is now default-disabled unless the libc is musl and the allocator is mallocng, which means alpine linux
- volflags
nohtmlandnoscriptnow available as global-options--no-htmland--no-script5f3b76c- and the
-ssparanoia option now also enables--no-html --no-readme --no-logues
- and the
- --flo 2 now removes colors from logfiles even if -q is not set 8c6d8a3
- update dompurify to 3.3.3 6a9e6da
- docs:
- #1360 versus.md: more readable headers (thx @eugenesvk!) e71e190
- #1367 mention --shr-who in the readme (thx @TWhiteShadow!) 4688410
🌠 fun facts
- it is easter soon edc2017
💾 what to download?
| download link | is it good? | description |
|---|---|---|
| copyparty-sfx.py | ✅ the best 👍 | runs anywhere! only needs python |
| copyparty-en.py | ✅ also good | same but english-only, no i18n |
| a docker image | it's ok | good if you prefer docker 🐋 |
| copyparty.exe | ⚠️ acceptable | for win8 or later; built-in thumbnailer |
| u2c.exe | ⚠️ acceptable | CLI uploader as a win7+ exe (video) |
| copyparty.pyz | ⚠️ acceptable | similar to the regular sfx, mostly worse |
| copyparty-en.pyz | ⚠️ acceptable | english-only, no smb-server |
| copyparty32.exe | ⛔️ dangerous | for win7 -- never expose to the internet! |
| cpp-winpe64.exe | ⛔️ dangerous | runs on 64bit WinPE, otherwise useless |
| bootable usb | ┐(゚∀゚)┌ | a surprisingly useful joke (x86_64) |