github axpdev-lab/aeroftp v4.0.1
AeroFTP v4.0.1
on GitHub

4 hours ago

[4.0.1] - 2026-06-04

S3 AssumeRole, AeroVault Audit Hardening and Settings Consolidation

This patch release pairs a new S3 connection mode with a round of security
hardening and cleanup. It adds native AWS STS AssumeRole support for S3 (#301),
lands the remediation from the AeroVault dual-independent audit, unifies the
profile-bridge legacy clients, folds the redundant Servers settings tab into the
Backup interoperability table (#270), and ships the first batch of community
wishlist items (#300). It also closes a silent download-corruption edge case on
embedded rsync servers such as WD MyCloud.

Added

  • S3 native AssumeRole (#301): connect to S3 by assuming an IAM role. Set a
    Role ARN (plus optional External ID, session name, duration and MFA) and the
    access keys become base credentials that AeroFTP exchanges for temporary,
    role-scoped credentials via AWS STS at connect time, then signs every request
    with them. The temporary credentials are re-assumed automatically before they
    expire, so long browsing sessions and large multipart uploads never fail with
    an expired token. Built on a hand-rolled STS client (a single SigV4-signed
    AssumeRole POST, no AWS SDK dependency) feeding the existing data-plane signer.
    Also accepts an externally supplied session token for credentials already
    obtained from STS or SSO, emitted as x-amz-security-token on signed requests
    and presigned URLs, both covered by the signature. Shown only on the generic
    S3 tile; long-term IAM keys are unaffected. Co-authored with the reporter
    (kennysliding).
  • Import before password: the .aeroftp import now loads the file before
    asking for the decryption password (KeePassXC pattern, #214/#300).
  • Open any plain-text file in the editor directly from the preview pane.
  • CLI: an --access privacy flag for put/mkdir (#252), a # reorder
    command in the interactive profiles shell, and a 2FA prompt on interactive
    master unlock.

Changed

  • Profile bridge unified: rclone, WinSCP and FileZilla import/export now run
    through the single generic dispatcher and panel, with no loss of features.
  • Settings consolidation (#270): the redundant "Servers" tab is folded into
    the "Backup" tab as an App / Format / Import / Export interoperability table;
    the Full Backup row reveals the keystore panel inline.
  • rclone: remotes are listed in a stable alphabetical order, and
    Nextcloud/ownCloud DAV roots are appended correctly on export.
  • macOS: per-architecture DMGs built from a universal2 binary.
  • Transfer: DAG engine audit fixes and a corrected Nextcloud chunk
    threshold (#288).

Fixed

  • AeroVault dual-audit remediation: closed the High-severity findings from
    the independent crypto/container audit (extract symlink write-through escape,
    reserved-key filter on credential read and delete, v1 format labeling) plus
    the remaining tranche-2 items. AeroVault crate hardened to v3 (0.4.x).
  • Download integrity on embedded rsync servers: some embedded rsync
    firmwares (e.g. WD MyCloud) close the SSH channel before the trailing protocol
    marker, which the delta-sync path could accept as a clean end and commit a
    truncated file. The delta download now validates the reconstructed size
    against the remote file list and transparently falls back to the classic SFTP
    download on any shortfall, so a partial transfer can never overwrite the
    target with corrupt data.
  • Profile duplicate keeps stored credentials: duplicating a saved server
    profile now copies its stored password or token regardless of the
    save-credentials flag, so the copy connects without re-entering the secret.
  • TOTP throttle persistence: the vault 2FA lockout counter now survives
    restarts, with a replay guard and a bounded vault read.
  • Security dependency hardening: tmp bumped to 0.2.7 for the path
    traversal fix (CVE-2026-44705), codecov-action bumped for the
    template-injection fix, plus routine dependency bumps.

Removed

  • The legacy dedicated rclone/WinSCP/FileZilla Tauri commands and the duplicate
    Settings "Servers" tab, now superseded by the unified bridge and Backup table.
    The orphaned protocol.servers label string was also dropped from all 47
    locales (T-BC-08 residual).

Downloads:

  • Windows: .msi installer, .exe, or .zip portable (no installation required)
  • macOS: .dmg disk image
  • Linux: .deb, .rpm, .snap, or .AppImage

Download AeroFTP

Check out latest releases or
releases around axpdev-lab/aeroftp v4.0.1

Don't miss a new aeroftp release

NewReleases is sending notifications on new releases.

Get notifications