copyparty 1.18.0__py3-none-any.whl → 1.18.1__py3-none-any.whl

copyparty/__init__.py

@@ -77,6 +77,7 @@ web/deps/prismd.css
 web/deps/scp.woff2
 web/deps/sha512.ac.js
 web/deps/sha512.hw.js
+web/idp.html
 web/iiam.gif
 web/md.css
 web/md.html

copyparty/__main__.py

@@ -1085,12 +1085,16 @@ def add_cert(ap, cert_path):
 
 
 def add_auth(ap):
+    idp_db = os.path.join(E.cfg, "idp.db")
     ses_db = os.path.join(E.cfg, "sessions.db")
     ap2 = ap.add_argument_group('IdP / identity provider / user authentication options')
     ap2.add_argument("--idp-h-usr", metavar="HN", type=u, default="", help="bypass the copyparty authentication checks if the request-header \033[33mHN\033[0m contains a username to associate the request with (for use with authentik/oauth/...)\n\033[1;31mWARNING:\033[0m if you enable this, make sure clients are unable to specify this header themselves; must be washed away and replaced by a reverse-proxy")
     ap2.add_argument("--idp-h-grp", metavar="HN", type=u, default="", help="assume the request-header \033[33mHN\033[0m contains the groupname of the requesting user; can be referenced in config files for group-based access control")
     ap2.add_argument("--idp-h-key", metavar="HN", type=u, default="", help="optional but recommended safeguard; your reverse-proxy will insert a secret header named \033[33mHN\033[0m into all requests, and the other IdP headers will be ignored if this header is not present")
     ap2.add_argument("--idp-gsep", metavar="RE", type=u, default="|:;+,", help="if there are multiple groups in \033[33m--idp-h-grp\033[0m, they are separated by one of the characters in \033[33mRE\033[0m")
+    ap2.add_argument("--idp-db", metavar="PATH", type=u, default=idp_db, help="where to store the known IdP users/groups (if you run multiple copyparty instances, make sure they use different DBs)")
+    ap2.add_argument("--idp-store", metavar="N", type=int, default=1, help="how to use \033[33m--idp-db\033[0m; [\033[32m0\033[0m] = entirely disable, [\033[32m1\033[0m] = write-only (effectively disabled), [\033[32m2\033[0m] = remember users, [\033[32m3\033[0m] = remember users and groups.\nNOTE: Will remember and restore the IdP-volumes of all users for all eternity if set to 2 or 3, even when user is deleted from your IdP")
+    ap2.add_argument("--idp-adm", metavar="U,U", type=u, default="", help="comma-separated list of users allowed to use /?idp (the cache management UI)")
     ap2.add_argument("--no-bauth", action="store_true", help="disable basic-authentication support; do not accept passwords from the 'Authenticate' header at all. NOTE: This breaks support for the android app")
     ap2.add_argument("--bauth-last", action="store_true", help="keeps basic-authentication enabled, but only as a last-resort; if a cookie is also provided then the cookie wins")
     ap2.add_argument("--ses-db", metavar="PATH", type=u, default=ses_db, help="where to store the sessions database (if you run multiple copyparty instances, make sure they use different DBs)")

copyparty/__version__.py

@@ -1,8 +1,8 @@
 # coding: utf-8
 
-VERSION = (1, 18, 0)
+VERSION = (1, 18, 1)
 CODENAME = "logtail"
-BUILD_DT = (2025, 6, 22)
+BUILD_DT = (2025, 7, 7)
 
 S_VERSION = ".".join(map(str, VERSION))
 S_BUILD_DT = "{0:04d}-{1:02d}-{2:02d}".format(*BUILD_DT)

copyparty/authsrv.py

@@ -21,6 +21,7 @@ from .util import (
     DEF_MTE,
     DEF_MTH,
     EXTS,
+    HAVE_SQLITE3,
     IMPLICATIONS,
     MIMES,
     SQLITE_VER,
@@ -32,6 +33,7 @@ from .util import (
     afsenc,
     get_df,
     humansize,
+    min_ex,
     odfusion,
     read_utf8,
     relchk,
@@ -44,6 +46,9 @@ from .util import (
     vsplit,
 )
 
+if HAVE_SQLITE3:
+    import sqlite3
+
 if TYPE_CHECKING:
     from .broker_mp import BrokerMp
     from .broker_thr import BrokerThr
@@ -928,6 +933,10 @@ class AuthSrv(object):
                 return False
 
             self.idp_accs[uname] = gnames
+            try:
+                self._update_idp_db(uname, gname)
+            except:
+                self.log("failed to update the --idp-db:\n%s" % (min_ex(),), 3)
 
             t = "reinitializing due to new user from IdP: [%r:%r]"
             self.log(t % (uname, gnames), 3)
@@ -940,6 +949,21 @@ class AuthSrv(object):
         broker.ask("reload", False, True).get()
         return True
 
+    def _update_idp_db(self, uname , gname )  :
+        if not self.args.idp_store:
+            return
+
+
+        db = sqlite3.connect(self.args.idp_db)
+        cur = db.cursor()
+
+        cur.execute("delete from us where un = ?", (uname,))
+        cur.execute("insert into us values (?,?)", (uname, gname))
+
+        db.commit()
+        cur.close()
+        db.close()
+
     def _map_volume_idp(
         self,
         src ,
@@ -1088,6 +1112,7 @@ class AuthSrv(object):
          * any non-zero value from IdP group header
          * otherwise take --grps / [groups]
         """
+        self.load_idp_db(bool(self.idp_accs))
         ret = {un: gns[:] for un, gns in self.idp_accs.items()}
         ret.update({zs: [""] for zs in acct if zs not in ret})
         for gn, uns in grps.items():
@@ -1648,7 +1673,6 @@ class AuthSrv(object):
         shr = enshare[1:-1]
         shrs = enshare[1:]
         if enshare:
-            import sqlite3
 
             zsd = {"d2d": True, "tcolor": self.args.tcolor}
             shv = VFS(self.log_func, "", shr, shr, AXS(), zsd)
@@ -2613,6 +2637,42 @@ class AuthSrv(object):
             zs = str(vol.flags.get("tcolor") or self.args.tcolor)
             vol.flags["tcolor"] = zs.lstrip("#")
 
+    def load_idp_db(self, quiet=False)  :
+        # mutex me
+        level = self.args.idp_store
+        if level < 2 or not self.args.idp_h_usr:
+            return
+
+
+        db = sqlite3.connect(self.args.idp_db)
+        cur = db.cursor()
+        from_cache = cur.execute("select un, gs from us").fetchall()
+        cur.close()
+        db.close()
+
+        self.idp_accs.clear()
+        self.idp_usr_gh.clear()
+
+        gsep = self.args.idp_gsep
+        n = []
+        for uname, gname in from_cache:
+            if level < 3:
+                if uname in self.idp_accs:
+                    continue
+                gname = ""
+            gnames = [x.strip() for x in gsep.split(gname)]
+            gnames.sort()
+
+            # self.idp_usr_gh[uname] = gname
+            self.idp_accs[uname] = gnames
+            n.append(uname)
+
+        if n and not quiet:
+            t = ", ".join(n[:9])
+            if len(n) > 9:
+                t += "..."
+            self.log("found %d IdP users in db (%s)" % (len(n), t))
+
     def load_sessions(self, quiet=False)  :
         # mutex me
         if self.args.no_ses:
@@ -2620,7 +2680,6 @@ class AuthSrv(object):
             self.sesa = {}
             return
 
-        import sqlite3
 
         ases = {}
         blen = (self.args.ses_len // 4) * 4  # 3 bytes in 4 chars
@@ -2667,7 +2726,6 @@ class AuthSrv(object):
         if self.args.no_ses:
             return
 
-        import sqlite3
 
         db = sqlite3.connect(self.args.ses_db)
         cur = db.cursor()

copyparty/httpcli.py

@@ -1294,6 +1294,9 @@ class HttpCli(object):
             if "ru" in self.uparam:
                 return self.tx_rups()
 
+            if "idp" in self.uparam:
+                return self.tx_idp()
+
         if "h" in self.uparam:
             return self.tx_mounts()
 
@@ -5077,15 +5080,24 @@ class HttpCli(object):
         return ""  # unhandled / fallthrough
 
     def scanvol(self)  :
-        if not self.can_admin:
-            raise Pebkac(403, "'scanvol' not allowed for user " + self.uname)
-
         if self.args.no_rescan:
             raise Pebkac(403, "the rescan feature is disabled in server config")
 
-        vn, _ = self.asrv.vfs.get(self.vpath, self.uname, True, True)
+        vpaths = self.uparam["scan"].split(",/")
+        if vpaths == [""]:
+            vpaths = [self.vpath]
+
+        vols = []
+        for vpath in vpaths:
+            vn, _ = self.asrv.vfs.get(vpath, self.uname, True, True)
+            vols.append(vn.vpath)
+            if self.uname not in vn.axs.uadmin:
+                self.log("rejected scanning [%s] => [%s];" % (vpath, vn.vpath), 3)
+                raise Pebkac(403, "'scanvol' not allowed for user " + self.uname)
+
+        self.log("trying to rescan %d volumes: %r" % (len(vols), vols))
 
-        args = [self.asrv.vfs.all_vols, [vn.vpath], False, True]
+        args = [self.asrv.vfs.all_vols, vols, False, True]
 
         x = self.conn.hsrv.broker.ask("up2k.rescan", *args)
         err = x.get()
@@ -5504,6 +5516,32 @@ class HttpCli(object):
         self.reply(html.encode("utf-8"), status=200)
         return True
 
+    def tx_idp(self)  :
+        if self.uname.lower() not in self.args.idp_adm_set:
+            raise Pebkac(403, "'idp' not allowed for user " + self.uname)
+
+        cmd = self.uparam["idp"]
+        if cmd.startswith("rm="):
+            import sqlite3
+
+            db = sqlite3.connect(self.args.idp_db)
+            db.execute("delete from us where un=?", (cmd[3:],))
+            db.commit()
+            db.close()
+
+            self.conn.hsrv.broker.ask("reload", False, False).get()
+
+            self.redirect("", "?idp")
+            return True
+
+        rows = [
+            [k, "[%s]" % ("], [".join(v))]
+            for k, v in sorted(self.asrv.idp_accs.items())
+        ]
+        html = self.j2s("idp", this=self, rows=rows, now=int(time.time()))
+        self.reply(html.encode("utf-8"), status=200)
+        return True
+
     def tx_shares(self)  :
         if self.uname == "*":
             self.loud_reply("you're not logged in")
@@ -5578,7 +5616,7 @@ class HttpCli(object):
             self.conn.hsrv.broker.ask("reload", False, False).get()
             self.conn.hsrv.broker.ask("up2k.wake_rescanner").get()
 
-        self.redirect(self.args.SRS + "?shares")
+        self.redirect("", "?shares")
         return True
 
     def handle_share(self, req  )  :

copyparty/httpconn.py

@@ -219,3 +219,6 @@ class HttpConn(object):
             if self.u2idx:
                 self.hsrv.put_u2idx(str(self.addr), self.u2idx)
                 self.u2idx = None
+
+            if self.rproxy:
+                self.set_rproxy()

copyparty/httpsrv.py

@@ -171,6 +171,7 @@ class HttpSrv(object):
             "browser",
             "browser2",
             "cf",
+            "idp",
             "md",
             "mde",
             "msg",
@@ -308,6 +309,8 @@ class HttpSrv(object):
 
         Daemon(self.broker.say, "sig-hsrv-up1", ("cb_httpsrv_up",))
 
+        saddr = ("", 0)  # fwd-decl for `except TypeError as ex:`
+
         while not self.stopping:
             if self.args.log_conn:
                 self.log(self.name, "|%sC-ncli" % ("-" * 1,), c="90")
@@ -389,6 +392,19 @@ class HttpSrv(object):
                 self.log(self.name, "accept({}): {}".format(fno, ex), c=6)
                 time.sleep(0.02)
                 continue
+            except TypeError as ex:
+                # on macOS, accept() may return a None saddr if blocked by LittleSnitch;
+                # unicode(saddr[0]) ==> TypeError: 'NoneType' object is not subscriptable
+                if tcp and not saddr:
+                    t = "accept(%s): failed to accept connection from client due to firewall or network issue"
+                    self.log(self.name, t % (fno,), c=3)
+                    try:
+                        sck.close()  # type: ignore
+                    except:
+                        pass
+                    time.sleep(0.02)
+                    continue
+                raise
 
             if self.args.log_conn:
                 t = "|{}C-acc2 \033[0;36m{} \033[3{}m{}".format(

copyparty/svchub.py

@@ -82,6 +82,7 @@ if PY2:
     range = xrange  # type: ignore
 
 
+VER_IDP_DB = 1
 VER_SESSION_DB = 1
 VER_SHARES_DB = 2
 
@@ -252,11 +253,15 @@ class SvcHub(object):
                 self.log("root", "effective %s is %s" % (zs, getattr(args, zs)))
 
         if args.ah_cli or args.ah_gen:
+            args.idp_store = 0
             args.no_ses = True
             args.shr = ""
 
+        if args.idp_store and args.idp_h_usr:
+            self.setup_db("idp")
+
         if not self.args.no_ses:
-            self.setup_session_db()
+            self.setup_db("ses")
 
         args.shr1 = ""
         if args.shr:
@@ -415,25 +420,57 @@ class SvcHub(object):
             except:
                 pass
 
-    def setup_session_db(self)  :
+    def _db_onfail_ses(self)  :
+        self.args.no_ses = True
+
+    def _db_onfail_idp(self)  :
+        self.args.idp_store = 0
+
+    def setup_db(self, which )  :
+        """
+        the "non-mission-critical" databases; if something looks broken then just nuke it
+        """
+        if which == "ses":
+            native_ver = VER_SESSION_DB
+            db_path = self.args.ses_db
+            desc = "sessions-db"
+            pathopt = "ses-db"
+            sanchk_q = "select count(*) from us"
+            createfun = self._create_session_db
+            failfun = self._db_onfail_ses
+        elif which == "idp":
+            native_ver = VER_IDP_DB
+            db_path = self.args.idp_db
+            desc = "idp-db"
+            pathopt = "idp-db"
+            sanchk_q = "select count(*) from us"
+            createfun = self._create_idp_db
+            failfun = self._db_onfail_idp
+        else:
+            raise Exception("unknown cachetype")
+
+        if not db_path.endswith(".db"):
+            zs = "config option --%s (the %s) was configured to [%s] which is invalid; must be a filepath ending with .db"
+            self.log("root", zs % (pathopt, desc, db_path), 1)
+            raise Exception(BAD_CFG)
+
         if not HAVE_SQLITE3:
-            self.args.no_ses = True
-            t = "WARNING: sqlite3 not available; disabling sessions, will use plaintext passwords in cookies"
-            self.log("root", t, 3)
+            failfun()
+            if which == "ses":
+                zs = "disabling sessions, will use plaintext passwords in cookies"
+            elif which == "idp":
+                zs = "disabling idp-db, will be unable to remember IdP-volumes after a restart"
+            self.log("root", "WARNING: sqlite3 not available; %s" % (zs,), 3)
             return
 
 
-        # policy:
-        # the sessions-db is whatever, if something looks broken then just nuke it
-
-        db_path = self.args.ses_db
         db_lock = db_path + ".lock"
         try:
             create = not os.path.getsize(db_path)
         except:
             create = True
         zs = "creating new" if create else "opening"
-        self.log("root", "%s sessions-db %s" % (zs, db_path))
+        self.log("root", "%s %s %s" % (zs, desc, db_path))
 
         for tries in range(2):
             sver = 0
@@ -443,17 +480,19 @@ class SvcHub(object):
                 try:
                     zs = "select v from kv where k='sver'"
                     sver = cur.execute(zs).fetchall()[0][0]
-                    if sver > VER_SESSION_DB:
-                        zs = "this version of copyparty only understands session-db v%d and older; the db is v%d"
-                        raise Exception(zs % (VER_SESSION_DB, sver))
+                    if sver > native_ver:
+                        zs = "this version of copyparty only understands %s v%d and older; the db is v%d"
+                        raise Exception(zs % (desc, native_ver, sver))
 
-                    cur.execute("select count(*) from us").fetchone()
+                    cur.execute(sanchk_q).fetchone()
                 except:
                     if sver:
                         raise
-                    sver = 1
-                    self._create_session_db(cur)
-                err = self._verify_session_db(cur, sver, db_path)
+                    sver = createfun(cur)
+
+                err = self._verify_db(
+                    cur, which, pathopt, db_path, desc, sver, native_ver
+                )
                 if err:
                     tries = 99
                     self.args.no_ses = True
@@ -461,10 +500,10 @@ class SvcHub(object):
                 break
 
             except Exception as ex:
-                if tries or sver > VER_SESSION_DB:
+                if tries or sver > native_ver:
                     raise
-                t = "sessions-db is unusable; deleting and recreating: %r"
-                self.log("root", t % (ex,), 3)
+                t = "%s is unusable; deleting and recreating: %r"
+                self.log("root", t % (desc, ex), 3)
                 try:
                     cur.close()  # type: ignore
                 except:
@@ -492,8 +531,31 @@ class SvcHub(object):
         for cmd in sch:
             cur.execute(cmd)
         self.log("root", "created new sessions-db")
+        return 1
 
-    def _verify_session_db(self, cur , sver , db_path )  :
+    def _create_idp_db(self, cur )  :
+        sch = [
+            r"create table kv (k text, v int)",
+            r"create table us (un text, gs text)",
+            # username, groups
+            r"create index us_un on us(un)",
+            r"insert into kv values ('sver', 1)",
+        ]
+        for cmd in sch:
+            cur.execute(cmd)
+        self.log("root", "created new idp-db")
+        return 1
+
+    def _verify_db(
+        self,
+        cur ,
+        which ,
+        pathopt ,
+        db_path ,
+        desc ,
+        sver ,
+        native_ver ,
+    )  :
         # ensure writable (maybe owned by other user)
         db = cur.connection
 
@@ -505,9 +567,16 @@ class SvcHub(object):
         except:
             owner = 0
 
+        if which == "ses":
+            cons = "Will now disable sessions and instead use plaintext passwords in cookies."
+        elif which == "idp":
+            cons = "Each IdP-volume will not become available until its associated user sends their first request."
+        else:
+            raise Exception()
+
         if not lock_file(db_path + ".lock"):
-            t = "the sessions-db [%s] is already in use by another copyparty instance (pid:%d). This is not supported; please provide another database with --ses-db or give this copyparty-instance its entirely separate config-folder by setting another path in the XDG_CONFIG_HOME env-var. You can also disable this safeguard by setting env-var PRTY_NO_DB_LOCK=1. Will now disable sessions and instead use plaintext passwords in cookies."
-            return t % (db_path, owner)
+            t = "the %s [%s] is already in use by another copyparty instance (pid:%d). This is not supported; please provide another database with --%s or give this copyparty-instance its entirely separate config-folder by setting another path in the XDG_CONFIG_HOME env-var. You can also disable this safeguard by setting env-var PRTY_NO_DB_LOCK=1. %s"
+            return t % (desc, db_path, owner, pathopt, cons)
 
         vars = (("pid", os.getpid()), ("ts", int(time.time() * 1000)))
         if owner:
@@ -519,9 +588,9 @@ class SvcHub(object):
             for k, v in vars:
                 cur.execute("insert into kv values(?, ?)", (k, v))
 
-        if sver < VER_SESSION_DB:
+        if sver < native_ver:
             cur.execute("delete from kv where k='sver'")
-            cur.execute("insert into kv values('sver',?)", (VER_SESSION_DB,))
+            cur.execute("insert into kv values('sver',?)", (native_ver,))
 
         db.commit()
         cur.close()
@@ -870,6 +939,12 @@ class SvcHub(object):
                 vs = os.path.expandvars(os.path.expanduser(vs))
                 setattr(al, k, vs)
 
+        for k in "idp_adm".split(" "):
+            vs = getattr(al, k)
+            vsa = [x.strip() for x in vs.split(",")]
+            vsa = [x.lower() for x in vsa if x]
+            setattr(al, k + "_set", set(vsa))
+
         zs = "dav_ua1 sus_urls nonsus_urls ua_nodoc ua_nozip"
         for k in zs.split(" "):
             vs = getattr(al, k)

copyparty/th_srv.py

@@ -93,6 +93,10 @@ try:
         if os.environ.get("PRTY_NO_PIL_AVIF"):
             raise Exception()
 
+        if ".avif" in Image.registered_extensions():
+            HAVE_AVIF = True
+            raise Exception()
+
         import pillow_avif  # noqa: F401  # pylint: disable=unused-import
 
         HAVE_AVIF = True

copyparty/web/idp.html

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+	<meta charset="utf-8">
+	<title>{{ s_doctitle }}</title>
+	<meta http-equiv="X-UA-Compatible" content="IE=edge">
+	<meta name="viewport" content="width=device-width, initial-scale=0.8">
+    <meta name="robots" content="noindex, nofollow">
+	<meta name="theme-color" content="#{{ tcolor }}">
+	<link rel="stylesheet" media="screen" href="{{ r }}/.cpr/shares.css?_={{ ts }}">
+	<link rel="stylesheet" media="screen" href="{{ r }}/.cpr/ui.css?_={{ ts }}">
+{{ html_head }}
+</head>
+
+<body>
+	<div id="wrap">
+		<a href="{{ r }}/?idp">refresh</a>
+		<a href="{{ r }}/?h">control-panel</a>
+
+        <table id="tab"><thead><tr>
+            <th>forget</th>
+            <th>user</th>
+            <th>groups</th>
+        </tr></thead><tbody>
+        {% for un, gn in rows %}
+        <tr>
+            <td><a href="{{ r }}/?idp=rm={{ un|e }}">forget</a></td>
+            <td>{{ un|e }}</td>
+            <td>{{ gn|e }}</td>
+        </tr>
+        {% endfor %}
+        </tbody></table>
+        {% if not rows %}
+        (there are no IdP users in the cache)
+        {% endif %}
+    </div>
+	<a href="#" id="repl">π</a>
+	<script>
+
+var SR="{{ r }}",
+	lang="{{ lang }}",
+	dfavico="{{ favico }}";
+
+var STG = window.localStorage;
+document.documentElement.className = (STG && STG.cpp_thm) || "{{ this.args.theme }}";
+
+</script>
+<script src="{{ r }}/.cpr/util.js?_={{ ts }}"></script>
+{%- if js %}
+<script src="{{ js }}_={{ ts }}"></script>
+{%- endif %}
+</body>
+</html>
+

copyparty/web/splash.html

@@ -135,6 +135,10 @@
 
 		<h1 id="cc">other stuff:</h1>
 		<ul>
+			{%- if this.uname in this.args.idp_adm_set %}
+			<li><a id="ag" href="{{ r }}/?idp">view idp cache</a></li>
+			{% endif %}
+
 			{%- if this.uname != '*' and this.args.shr %}
 			<li><a id="y" href="{{ r }}/?shares">edit shares</a></li>
 			{% endif %}

{copyparty-1.18.0.dist-info → copyparty-1.18.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: copyparty
-Version: 1.18.0
+Version: 1.18.1
 Summary:   Portable file server with accelerated resumable uploads, deduplication, WebDAV, FTP, zeroconf, media indexer, video thumbnails, audio transcoding, and write-only folders
 Author-email: ed <copyparty@ocv.me>
 License: MIT
@@ -1559,7 +1559,6 @@ the same arguments can be set as volflags, in addition to `d2d`, `d2ds`, `d2t`,
 note:
 * upload-times can be displayed in the file listing by enabling the `.up_at` metadata key, either globally with `-e2d -mte +.up_at` or per-volume with volflags `e2d,mte=+.up_at` (will have a ~17% performance impact on directory listings)
 * `e2tsr` is probably always overkill, since `e2ds`/`e2dsa` would pick up any file modifications and `e2ts` would then reindex those, unless there is a new copyparty version with new parsers and the release note says otherwise
-* the rescan button in the admin panel has no effect unless the volume has `-e2ds` or higher
 
 config file example (these options are recommended btw):
 
@@ -2786,7 +2785,7 @@ enable [thumbnails](#thumbnails) of...
 * **images:** `Pillow` and/or `pyvips` and/or `ffmpeg` (requires py2.7 or py3.5+)
 * **videos/audio:** `ffmpeg` and `ffprobe` somewhere in `$PATH`
 * **HEIF pictures:** `pyvips` or `ffmpeg` or `pyheif-pillow-opener` (requires Linux or a C compiler)
-* **AVIF pictures:** `pyvips` or `ffmpeg` or `pillow-avif-plugin`
+* **AVIF pictures:** `pyvips` or `ffmpeg` or `pillow-avif-plugin` or pillow v11.3+
 * **JPEG XL pictures:** `pyvips` or `ffmpeg`
 
 enable sending [zeromq messages](#zeromq) from event-hooks: `pyzmq`
@@ -2817,7 +2816,7 @@ set any of the following environment variables to disable its associated optiona
 | `PRTY_NO_MUTAGEN`    | do not use [mutagen](https://pypi.org/project/mutagen/) for reading metadata from media files; will fallback to ffprobe |
 | `PRTY_NO_PIL`        | disable all [Pillow](https://pypi.org/project/pillow/)-based thumbnail support; will fallback to libvips or ffmpeg |
 | `PRTY_NO_PILF`       | disable Pillow `ImageFont` text rendering, used for folder thumbnails |
-| `PRTY_NO_PIL_AVIF`   | disable 3rd-party Pillow plugin for [AVIF support](https://pypi.org/project/pillow-avif-plugin/) |
+| `PRTY_NO_PIL_AVIF`   | disable Pillow avif support (internal and/or [plugin](https://pypi.org/project/pillow-avif-plugin/)) |
 | `PRTY_NO_PIL_HEIF`   | disable 3rd-party Pillow plugin for [HEIF support](https://pypi.org/project/pyheif-pillow-opener/) |
 | `PRTY_NO_PIL_WEBP`   | disable use of native webp support in Pillow |
 | `PRTY_NO_PSUTIL`     | do not use [psutil](https://pypi.org/project/psutil/) for reaping stuck hooks and plugins on Windows |

{copyparty-1.18.0.dist-info → copyparty-1.18.1.dist-info}/RECORD

@@ -1,7 +1,7 @@
-copyparty/__init__.py,sha256=TnFSStmHlwlRIClWW8jSHxZpt3dl_kN6_pEnqBqh3mE,2638
-copyparty/__main__.py,sha256=gJlKxpBmV39xfiWp8sx5iUZsoJPhFcCAWY5RVpWsrz0,122959
-copyparty/__version__.py,sha256=QNl11l-yovzXttFgMOYiqG-Rd-5GJHs6EcPWg-ZqCSI,249
-copyparty/authsrv.py,sha256=K3dIZxJvNhrcPbXJpVIkoxWaDrQf3CYz3X-FYaVlrYw,114905
+copyparty/__init__.py,sha256=4aJw_Mt3eSNMV8sJ95Nh4ris-tBUYhCOV094Rnxa5Xo,2651
+copyparty/__main__.py,sha256=9dif5oV-BdPEeTnuiEHLSTxqDoYHJkFyecnJ94N5IRA,123786
+copyparty/__version__.py,sha256=ccuRyetxDT3Kz5z0Vg4CMZH0x07iFUmVRTMc3FX0Td4,248
+copyparty/authsrv.py,sha256=0ZNfH6_9Br2cSe-vAgf_Vp6PFakeao-ylhlqNYvEfvo,116493
 copyparty/broker_mp.py,sha256=QdOXXvV2Xn6J0CysEqyY3GZbqxQMyWnTpnba-a5lMc0,4987
 copyparty/broker_mpw.py,sha256=PpSS4SK3pItlpfD8OwVr3QmJEPKlUgaf2nuMOozixgU,3347
 copyparty/broker_thr.py,sha256=fjoYtpSscUA7-nMl4r1n2R7UK3J9lrvLS3rUZ-iJzKQ,1721
@@ -11,9 +11,9 @@ copyparty/cfg.py,sha256=6o6aLzLxZ59lusAn_PMGgldc3rEb9yyGnUnGIP5D9M8,15077
 copyparty/dxml.py,sha256=vu5uZQtwvwoqnFHbULs2Zh_y2DETu0T-ENpMZ1i2CV4,2505
 copyparty/fsutil.py,sha256=NC_CJC4TDag399vVDH9_uQfdfpTMwRFLNxERSWhlVvs,4594
 copyparty/ftpd.py,sha256=G7PApVIFeSzRo4-D-9uRb8NxYgz6nFwTEbrOk1ErYCU,17969
-copyparty/httpcli.py,sha256=r_M67eEl-qKLR6pf79TTcf_G1o0fJiOcU4fTTll7B34,228170
-copyparty/httpconn.py,sha256=mQSgljh0Q-jyWjF4tQLrHbRKRe9WKl19kGqsGMsJpWo,6880
-copyparty/httpsrv.py,sha256=pxH_Eh8ElBLvOEDejgpP9Bvk65HNEou-03aYIcgXhrs,18090
+copyparty/httpcli.py,sha256=ZeSkAhDGiu6K6k68DGnqH2u3wR0FqGzKCmcgIwQC6bU,229421
+copyparty/httpconn.py,sha256=IA9fdCjigawZ4kWhgvVN3nSiy5pb3W2qaE6rFqUYdq0,6943
+copyparty/httpsrv.py,sha256=x6dl6ZjpwYREbm-eJZYnwdkhDeCA58hw_iwUMCD1Wz8,18819
 copyparty/ico.py,sha256=-7QjF_jIxnPo4Vr0oUPksQ_U_Ef0HRsSPm3s71idOz8,3879
 copyparty/mdns.py,sha256=G73OWWg1copda47LgayCRK7qjVrk6cnUGpMR5ugmi7o,18315
 copyparty/metrics.py,sha256=1dim0ShnsD5cfspRbeN9Mt14wOIxPRtxCZY2IScikKw,8974
@@ -24,12 +24,12 @@ copyparty/smbd.py,sha256=dixFl2wlWymq_Cycc8a4cVB4gY8RSg2e3tE7Xr-aDa0,14614
 copyparty/ssdp.py,sha256=R1Z61GZOxBMF2Sk4RTxKWMOemogmcjEWG-CvLihd45k,7023
 copyparty/star.py,sha256=tV5BbX6AiQ7N4UU8DYtSTckNYeoeey4DBqq4LjfymbY,3818
 copyparty/sutil.py,sha256=E65jAaOzHlJYnqsOKDMPVT8kALPUVexpkSStWBdItkY,3231
-copyparty/svchub.py,sha256=leERN449te_yBbyChcOenjY_nuNPoFJpncLHfDMvDYE,46618
+copyparty/svchub.py,sha256=YbYJd5X0pXAyC-C2nt1rVwnwd56b8VEU1zvGkijgNeU,48921
 copyparty/szip.py,sha256=9srQzjsTBrBadf6QMh4YRAL70rkZLevAOHqXWK5jvr8,8846
 copyparty/tcpsrv.py,sha256=F5K4Qr4eBLfhdLT_39yDf6ftrhWuGTrd6DSqqp_6e-Q,20480
 copyparty/tftpd.py,sha256=tbnxUsilwyusrAUCVVjJUZnR9TIHDkE-99WLsUxAIGA,14029
 copyparty/th_cli.py,sha256=IEX5tCb0gw9Z2aRIDL9bwdvJ6g5jhWZ8OEAAz16_xN4,5426
-copyparty/th_srv.py,sha256=2omGprnKGWim6U7fjJAXI41UCZBSxRwZfS0rCDsUDps,32556
+copyparty/th_srv.py,sha256=6JXHthaZtDreWHmyRxfxN_EyNC2aQOQS5wUFYxxX-3Y,32669
 copyparty/u2idx.py,sha256=4Y5OOPyVkc-pS0z6e3p4StXAMnjHobSOMmMsvNUTD34,13674
 copyparty/up2k.py,sha256=nnR_ZKaopSNBuAjSN3Q5G_UVe6GmYD1NkxJt5QQf02o,178079
 copyparty/util.py,sha256=S-dEme_1rKf3qYgxWWahEUQUzgq_kpoO_nPbuKCwLsY,103948
@@ -55,12 +55,13 @@ copyparty/stolen/ifaddr/_posix.py,sha256=-67NdfGrCktfQPakT2fLbjl2U00QMvyBGkSvrUu
 copyparty/stolen/ifaddr/_shared.py,sha256=uNC4SdEIgdSLKvuUzsf1aM-H1Xrc_9mpLoOT43YukGs,6206
 copyparty/stolen/ifaddr/_win32.py,sha256=EE-QyoBgeB7lYQ6z62VjXNaRozaYfCkaJBHGNA8QtZM,4026
 copyparty/web/baguettebox.js.gz,sha256=r2c_hOZV_RTyl4CqWWX14FDWP8nnDVwGkDl4Sfk0rU4,8239
-copyparty/web/browser.css.gz,sha256=cjHv6i6VDjCG66W9h0S37l2-Gv7-qKBH-HpTP7kZSr4,11769
+copyparty/web/browser.css.gz,sha256=QRTGDf5GmNGCcly_pvxf0sKRCU9T9sQdhJB39_EoYkA,11789
 copyparty/web/browser.html,sha256=auvhLVE_t0aIN0q-nk0zOWFqITgDhroMAAviBNLoFfc,4788
-copyparty/web/browser.js.gz,sha256=qgL276U3d4GAZmkdq7YaWTBxGulnDvkevXDoCi9_GJk,96443
+copyparty/web/browser.js.gz,sha256=1wAt4IULmQM0Mwn0NkbDgypXPumY28C97ViB-PWgAsI,96508
 copyparty/web/browser2.html,sha256=NRUZ08GH-e2YcGXcoz0UjYg6JIVF42u4IMX4HHwWTmg,1587
 copyparty/web/cf.html,sha256=lJThtNFNAQT1ClCHHlivAkDGE0LutedwopXD62Z8Nys,589
 copyparty/web/dbg-audio.js.gz,sha256=Ma-KZtK8LnmiwNvNKFKXMPYl_Nn_3U7GsJ6-DRWC2HE,688
+copyparty/web/idp.html,sha256=qOjjvZz6fVk0W8cXiP8fXeTp5KMa_dDV7BRzJNUModo,1481
 copyparty/web/md.css.gz,sha256=UZpN0J7ubVM05CZkbZYkQRJeGgJt_GNDEzKTGSQd8h4,2032
 copyparty/web/md.html,sha256=hz-xJVfKtaeTUQn3tGh7ebIMvLbOjVKkrMhsCTr3lGM,4200
 copyparty/web/md.js.gz,sha256=m5dpIskZZ8FD9X-L0EWpoZP-yLOo-PCWJ7j4AFtHVRI,4163
@@ -78,13 +79,13 @@ copyparty/web/shares.css.gz,sha256=SdPlZCBwz9tkPkgEo5pSPDOZSI079njxEfkJ64-iW3c,5
 copyparty/web/shares.html,sha256=YctvUrKuBYu42kxVylyW2_DEHm7Ik6uHqzfzVZ4N0ac,2545
 copyparty/web/shares.js.gz,sha256=emeY2-wjkh8x1JgaW6ny5fcC7XpZzZzfE1f-sEyntQ4,940
 copyparty/web/splash.css.gz,sha256=S8_A7JJl71xACRBYGzafeaD82OacW6Fa7oKPiNyrhAs,1087
-copyparty/web/splash.html,sha256=ouFB1P9g0K-S3LZQtOLfNz3GLXIRjyETkxo9aJZhiYk,6249
-copyparty/web/splash.js.gz,sha256=Qh0KoPWKoJ77cyzOwnhUaCTI5XUoPVV3YJURKklqpBg,2739
+copyparty/web/splash.html,sha256=0MvDe1lKfGqczi7d4nKjWjG0cRVyvs8J6sDEj3DCPSI,6376
+copyparty/web/splash.js.gz,sha256=xMl4Rly-ykhTx7LCI2MK1DpCblFWmFU9uA1rgivgen8,2771
 copyparty/web/svcs.html,sha256=cxgrhX9wD0Z_kvidry3aS9ubuGXYDj2f4ehq1X8T1EA,14227
 copyparty/web/svcs.js.gz,sha256=lMXEP9W-VlXyANlva4q0ASSxvvHYlE2CrmxGgZXZop0,713
 copyparty/web/ui.css.gz,sha256=e3iIflzddmjoyPrun_1jsu9j7fbdonNQLyhEE2oKKOQ,2819
-copyparty/web/up2k.js.gz,sha256=vf9Kth2JQ4F-XmWhjcGXqy6gA4eOkg0-EfVjAGQsW5o,24794
-copyparty/web/util.js.gz,sha256=vQj__zSM0cbBN4AoZgwhFrSCh82ZTv4CbzeufXo8tw4,15248
+copyparty/web/up2k.js.gz,sha256=_uOZzORAFO91SG3TUHd9xhKhAIXwL3fUFBNEUKnEVHY,24812
+copyparty/web/util.js.gz,sha256=qa1B5w3bW7NNOTtuiiiL1ZWboqD9YVNZMKn3y1mf-oU,15247
 copyparty/web/w.hash.js.gz,sha256=cFH6Xo4YRgH9Wr7RmHMSEfpuTmmIvEmzmSvv4RLmyPU,1193
 copyparty/web/a/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 copyparty/web/a/partyfuse.py,sha256=9p5Hpg_IBiSimv7j9kmPhCGpy-FLXSRUOYnLjJ5JifU,28049
@@ -109,9 +110,9 @@ copyparty/web/deps/prismd.css.gz,sha256=ObUlksQVr-OuYlTz-I4B23TeBg2QDVVGRnWBz8cV
 copyparty/web/deps/scp.woff2,sha256=w99BDU5i8MukkMEL-iW0YO9H4vFFZSPWxbkH70ytaAg,8612
 copyparty/web/deps/sha512.ac.js.gz,sha256=lFZaCLumgWxrvEuDr4bqdKHsqjX82AbVAb7_F45Yk88,7033
 copyparty/web/deps/sha512.hw.js.gz,sha256=UAed2_ocklZCnIzcSYz2h4P1ycztlCLj-ewsRTud2lU,7939
-copyparty-1.18.0.dist-info/licenses/LICENSE,sha256=gOr4h33pCsBEg9uIy9AYmb7qlocL4V9t2uPJS5wllr0,1072
-copyparty-1.18.0.dist-info/METADATA,sha256=AgVke4zkEUcHf9Iw-CNV1myTB72KmxPHCua7tI3DYwg,165863
-copyparty-1.18.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-copyparty-1.18.0.dist-info/entry_points.txt,sha256=4zw6a3rqASywQomiYLObjjlxybaI65LYYOTJwgKz7b0,128
-copyparty-1.18.0.dist-info/top_level.txt,sha256=LnYUPsDyk-8kFgM6YJLG4h820DQekn81cObKSu9g-sI,10
-copyparty-1.18.0.dist-info/RECORD,,
+copyparty-1.18.1.dist-info/licenses/LICENSE,sha256=gOr4h33pCsBEg9uIy9AYmb7qlocL4V9t2uPJS5wllr0,1072
+copyparty-1.18.1.dist-info/METADATA,sha256=kkkHwOVLPOVY9wUEQvNBoG2ZxxtGv0UmFsx1IIPeX1s,165791
+copyparty-1.18.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+copyparty-1.18.1.dist-info/entry_points.txt,sha256=4zw6a3rqASywQomiYLObjjlxybaI65LYYOTJwgKz7b0,128
+copyparty-1.18.1.dist-info/top_level.txt,sha256=LnYUPsDyk-8kFgM6YJLG4h820DQekn81cObKSu9g-sI,10
+copyparty-1.18.1.dist-info/RECORD,,