Skip to content

r1945-ls255

Latest
Latest

Choose a tag to compare

View all tags
@LinuxServer-CI LinuxServer-CI released this 05 Jan 21:39
r1945-ls255
f3ef68e
This commit was signed with the committer’s verified signature.
LinuxServer-CI LinuxServer.io CI
SSH Key Fingerprint: fh11rWL5oCDRdg8ER4TS1r8mdK7lLmwPcJouqXZgNko
Verified
Learn about vigilant mode.

CI Report:

https://ci-tests.linuxserver.io/linuxserver/projectsend/r1945-ls255/index.html

LinuxServer Changes:

Full Changelog: r1945-ls254...r1945-ls255

Remote Changes:

⚠️ IMPORTANT - READ BEFORE UPDATING

This is ProjectSend's biggest release to date with extensive changes to core systems.

Before updating: BACKUP, BACKUP, BACKUP!!!

Please ensure you have:

  • ✅ Complete database backup
  • ✅ Full file system backup (especially the upload folder)
  • ✅ Copy of your sys.config.php file
  • ✅ Verified your backups are restorable

Major changes include:

  • Complete permissions system overhaul
  • New encryption capabilities
  • Database schema updates
  • Authentication system changes

While we've tested extensively, backing up is critical. Don't skip this step!

ZIP file hash: 71a99f5d0bea0d12a5b8d8068e46947cd0ca2dc7124511af3231faf559f16628

Full changelog in https://projectsend.org/landing/changelog/r1945.php

⚠️ DO NOT MISS THE CHANGELOG! ⚠️

What's New in ProjectSend r1945

🔐 Security & Enterprise Features

  • Server-Side File Encryption: AES-256-GCM authenticated encryption for files at rest with support for cloud storage
  • Advanced Permissions System: Complete overhaul with granular controls and custom role creation
  • Enhanced LDAP/Active Directory: Improved enterprise authentication with dynamic role management and smart fallbacks
  • Security Fixes:
    • XSS vulnerability fixes in file editor and custom download aliases (reported by Raducu Alexandru-ionut)
    • Server software info escaping
    • Secure random string generation (found by hassan al-khafaji)
    • Prevention of unauthorized file previews

📁 File Management

  • Download Limits: Set per-user or total download caps with automatic enforcement and abuse prevention
  • Disk Quota Management: Per-account storage limits with real-time usage tracking
  • Redesigned File Editor: Modern tabbed interface with bulk operations and mobile optimization
  • External Storage Integration: AWS S3 support with flexible upload destinations and file import capabilities
  • Batch File Encryption Tool: Encrypt multiple files at once
  • Enhanced Folder System: Improved folder visibility for clients with better permission handling
    (contributions by Matani-Git)

🎨 Customization & UI

  • 9 New Themes: Expanded from 3 to 9 professional themes including Modern, Retro90s, Dark Cards, Business, and Google-like templates
  • Email Templates & Themes: Visual editor with CKEditor integration, multiple professional designs and dynamic variables
  • Custom Fields System: Add custom fields for users and clients with drag-and-drop ordering and multiple field types
  • Enhanced User Interface:
    • Unsaved changes warnings
    • Data preservation on validation failures
    • Light/dark mode toggle for admin pages
    • Improved form validation and required field indicators
    • Cards view for manage files with details sidebar

⚙️ System Improvements

  • System Auto Update: Automatic updates with zero downtime and configurable channels (stable/beta)
  • Regenerate Thumbnails: Advanced thumbnail regeneration tool with filtering, custom dimensions, and date range support
  • Multiple CAPTCHA Methods: Choose from reCAPTCHA v2, v3, or Cloudflare Turnstile
  • Remember Me Option: Persistent login sessions with configurable duration
  • Favicon Customization: Upload custom favicon files
  • Dashboard Widgets: New download analytics and storage analytics widgets with drag-drop positioning
  • Roles Manager: Complete role and permission management interface with custom role creation

🐛 Bug Fixes & Improvements

  • Fixed session expiring with "Remember me" checked
  • Fixed missing "Manage files" link with correct permissions
  • Fixed SMTP authentication (by dawnstrider)
  • Fixed username validation to allow underscores (by xia-stan)
  • Fixed folder display issues for clients (by Matani-Git)
  • Fixed 500 error when users upload files (by Matani-Git)
  • Fixed actions log sorting (by rainyday4me)
  • Fixed custom downloads table missing ID
  • Fixed video preview functionality (by Nimon77)
  • Fixed double X in close modal button (by rob4226)
  • Fixed uploads folder .htaccess (by log4en)
  • Fixed bad redirects (found by MGPhil)
  • Fixed cronjob example (by ehawman)
  • Registration bug fix (by bmartin13)
  • Fixed deprecated dynamic property warnings (by raduhazsda)
  • Fixed plupload styling for dark mode
  • Preserve form data on errors
  • Light mode set as default
  • Added missing CSRF protections
  • Fixed toggle styling

🔧 Technical Improvements

  • PHPStan implementation with baseline (Co-authored by Claude)
  • Updated dependencies: axios, @babel/traverse, follow-redirects
  • GitHub Actions for security scanning and build status
  • Composer validation fixes
  • Support for environment variables in SMTP configuration (by redondi88)
  • CodeMirror loaded from local lib (node_modules can be excluded)
  • Auto-calculation of version numbers for releases
  • Improved chunk size configuration (fixes #1203)
  • Added results per page option to manage files

📦 Dependency Updates

  • Updated CKEditor 5
  • Bumped axios from 1.1.3 to 1.6.0
  • Bumped follow-redirects from 1.15.2 to 1.15.6
  • Bumped @babel/traverse from 7.18.13 to 7.23.2
  • Updated various other dependencies for security and compatibility

🙏 Special Thanks

Special thanks to all contributors who helped make this release possible: dawnstrider, xia-stan, Matani-Git, rainyday4me, Nimon77, rob4226, log4en, MGPhil, ehawman, bmartin13, raduhazsda, redondi88, hassan al-khafaji, Raducu Alexandru-ionut, and all other community members who reported issues and provided feedback.

Assets 2
Loading