there is a discord server with an @everyone in case of future important updates
v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
- all serverlogs reviewed so far (5 public servers) showed no signs of exploitation

new features

new permission h disables directory listing (so works like g) except it redirects to the folder's index.html instead of 404
- index.html is accessible by anyone with h even if filekeys are enabled
- well suited for running a shared-webhosting gig (thx kipu) especially now that the...
markdown editor can now be used on non-markdown files if account has write and delete
- hotkey e to edit a textfile while it's open in the textfile viewer
SMB: account permissions now work fully as intended, thanks to impacket 0.11
- but enabling --smb is still strongly discouraged as it's a massive security hazard
download-as-zip can be 2.5x faster on tiny files, at least 15% faster in general
download folders as pax-format tarfiles with ?tar=pax or ?tar=pax,xz:9

bugfixes

422-autoban accidentally triggered when uploading lots of duplicate files (thx hiem!)
--css-browser and --js-browser now accepts URLs with cache directives
- --css-browser=/the.css?cache=600 (seconds) or --js-browser=/.res/the.js?cache=i (7 days)
SMB: avoid windows freaking out and disconnecting if it hits an offline volume
hotkey shift-r to rotate pictures counter-clockwise didn't do anything
hacker theme wasn't hacker enough (everything is monospace now)

download link	is it good?	description
copyparty-sfx.py	✅ the best 👍	runs anywhere! only needs python
a docker image	it's ok	good if you prefer docker 🐋
copyparty.exe	⚠️ acceptable	for win8 or later; built-in thumbnailer
u2c.exe	⚠️ acceptable	CLI uploader as a win7+ exe (video)
copyparty32.exe	⛔️ dangerous	for win7 -- never expose to the internet!
cpp-winpe64.exe	⛔️ dangerous	runs on 64bit WinPE, otherwise useless