github imagegenius/docker-immich v1.82.0-ig197

12 months ago

ImageGenius Changes:

house cleaning

immich Changes:

v1.82.0

Warning

Action Required - BREAKING CHANGE

  • The mobile app and server must be on the same version to work correctly.
  • We removed a section from the default docker-compose.yml that passed the IMMICH_SERVER_URL and IMMICH_WEB_URL environment variables to immich-proxy. If your setup requires those, make sure you keep them passed through.
  • We have improved the time bucket grouping algorithm (see more below). To take advantage of this feature, please run the job to “Extract Metadata” for all assets.
    image

Security

We identified two security flaws that have been fixed and, therefore, urge all Immich users to upgrade as soon as possible.

  • The first flaw link is of medium severity and could sometimes lead to information disclosure. This was reported to us by Andrea Alemani. Accessing the metadata of assets outside of the shared album was possible when using the shared album feature. This does not leak the entire photo/video content. Still, it includes the thumbhash (a very low-resolution placeholder) and information such as capture time, original filename, and file checksum.
  • The other link is also an information disclosure classified as low severity. The signup process used a previously public endpoint (/api/user/count) to determine if the server had an initial administrator account. The endpoint revealed the number of user accounts on the Immich server, which is undesirable. We have added authentication to this endpoint and migrated the server initialization status to an alternative endpoint. This flaw was found by internal security testing (DAST) by the Immich team.

In addition, we have discovered that thumbnails (which can be downloaded from right-click -> save images as…) contain the full EXIF (metadata) information. Normally, you might expect this metadata to be scrubbed (as do Facebook, Google Photos, Twitter, etc.), but it isn’t. We are not able to fix it ourselves without significant performance degradation but have to wait for an upstream package. We advise users not to use the public-sharing feature if they have concerns about sharing metadata.

Highlights

Welcome to release v1.82.0 of Immich. This release is packed with many improvements, so buckle your seat belt and zoom on to the highlights below:

  • Trash Feature
  • Web Client WebSocket Feature
  • Library Scanning Performance
  • Time Bucket Grouping Accuracy
  • Storage Template Improvements
  • Notable fix: no longer read iOS-modified photos as “FullSizeRender” - Thanks, @xick, for fixing the issue upstream. You can fix the older assets by removing them from your immich server and reuploading the files, and they will have the original name.

Trash Feature

This release introduces the new trash feature, which is similar to the trash section on your native photo viewer. When a photo is deleted from Immich, it will go into the trash and stay there for 30 days before being permanently removed from Immich, which includes the database and the file system for non-external library assets. You can access the page from the sidebar on the web and the app drawer menu in the mobile app. Like with most features in Immich, you can adjust the trash duration or even opt out of the feature entirely from the Administration Settings. This has been a highly requested feature, and we hope you enjoy it. Let us know if you run into any issues using it.

Web Client WebSocket

Several actions in the web client previously required the user to manually refresh the page to see changes. In this release, we added a WebSocket connection to the web application, eliminating some of these manual refreshes and improving the user experience. Events that are now pushed from the server include:

  • When a new feature photo is selected for a person
  • When an asset is trashed, deleted, or restored
  • When the server connects/disconnects
  • When features are enabled/disabled (search, trash, map, machine learning, auth options, etc.)
  • When server configuration is updated (trash days, map URL, OAuth button text)

With web sockets in place now both in the web and mobile apps, we hope to find additional ways to improve the user experience and push updates as they happen to appropriate clients.

Library Scanning Improvements

Library scanning performance has been significantly improved in this release. Specifically, the implementation for the initial scan has been greatly improved. Previously, this job had quadratic time complexity but has since been improved to linear time. On a library with 250k assets, the time to queue a library refresh has gone down from 10+ minutes (@etnoy said: I couldn’t be bothered to wait longer for a list comparison) to around 30 seconds.

Additionally, marking assets as offline has been improved as well. This process is used to execute a single query per asset, which adds up when large numbers of assets go offline. We have optimized this to use a single (bulk) update statement. For reference, marking 16k assets as offline went down from several minutes to a few seconds.

Lastly, we have added an index for asset lookups by path, which should decrease the amount of pressure on put on the database during library refreshes.

The default library job concurrency has been increased from 1 to 5.

These improvements will make it much easier to use Immich with large collections. Please let us know if you are still seeing performance bottlenecks in the library jobs. We plan to continue to iterate and improve this area in the future, and your feedback is very helpful in identifying issues.

Asset Time Buckets Grouping (web)

Assets are grouped by buckets on the web, and this was a problematic and complicated task when considering photos taken in different time zones. Even more so when considering a database, server, and client, which may all be running in different timezones, now, with a new database column localDateTime, we can query, sort, and group assets by the local date and time they were taken and show them consistently in the right bucket (in the correct order), regardless of the server or viewing timezone.

Storage Template Improvements

The storage template feature was added in the early days of Immich and has helped many people automatically organize the underlying files into a clean, predictable structure. However, the additional file move operations that were introduced with the feature have also been the cause of some nasty bugs, like #2877. In this release, we have hardened the move operations, which have significantly improved the resiliency of storage template move operations. Additionally, we have added a new page at Administration > Repair, which gives a report of orphaned and untracked files, with some initial tools to help correct previously orphaned files.

image


Please consider supporting the project.

Support

If you find the project helpful, you can support Immich via the following channels.

It is a great way to let me know that you want me to continue developing and working on this project for years to come.

Changelogs

Server

Machine Learning

Web

Mobile

Others

New Contributors

Full Changelog: immich-app/immich@v1.81.1...v1.82.0

Don't miss a new docker-immich release

NewReleases is sending notifications on new releases.