chore(release): 2.35.0

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.dockerignore

@@ -1,2 +1,7 @@
-*
-!filebrowser
+.venv
+dist
+.idea
+frontend/node_modules
+frontend/dist
+filebrowser.db
+docs/index.md

.github/CODEOWNERS

@@ -2,4 +2,4 @@
 # Unless a later match takes precedence, @o1egl will be requested for
 # review when someone opens a pull request.
 
-*       @o1egl
+*       @o1egl @hacdias

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,22 +0,0 @@
----
-name: Bug report
-about: Create a report to help us improve
----
-
-**Description**
-A clear and concise description of what the issue is about. What are you trying to do?
-
-**Expected behaviour**
-What did you expect to happen?
-
-**What is happening instead?**
-Please, give full error messages and/or log.
-
-**Additional context**
-Add any other context about the problem here. If applicable, add screenshots to help explain your problem.
-
-**How to reproduce?**
-Tell us how to reproduce this issue. How can someone who is starting from scratch reproduce this behaviour as minimally as possible?
-
-**Files**
-A list of relevant files for this issue. Large files can be uploaded one-by-one or in a tarball/zipfile.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,53 @@
+name: Bug Report
+description: Report a bug in FileBrowser.
+labels: [bug, triage]
+body:
+  - type: checkboxes
+    attributes:
+      label: Checklist
+      description: Please verify that you've followed these steps
+      options:
+        - label: This is a bug report, not a question.
+          required: true
+        - label: I have searched on the [issue tracker](https://github.com/filebrowser/filebrowser/issues?q=is%3Aissue) for my bug.
+          required: true
+        - label: I am running the latest [FileBrowser version](https://github.com/filebrowser/filebrowser/releases) or have an issue updating.
+          required: true
+  - type: textarea
+    id: version
+    attributes:
+      label: Version
+      render: Text
+      description: |
+        Enter the version of FileBrowser you are using.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Description
+      description: |
+        A clear and concise description of what the issue is about. What are you trying to do?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: What did you expect to happen?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: What actually happened?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Reproduction Steps
+      description: |
+        Tell us how to reproduce this issue. How can someone who is starting from scratch reproduce this behavior as minimally as possible?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Files
+      description: |
+        A list of relevant files for this issue. Large files can be uploaded one-by-one or in a tarball/zipfile.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: GitHub Discussions
+    url: https://github.com/filebrowser/filebrowser/discussions
+    about: Please ask questions and discuss features here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,16 +0,0 @@
----
-name: Feature request
-about: Suggest an idea for this project
----
-
-**Is your feature request related to a problem? Please describe.**
-Add a clear and concise description of what the problem is. E.g. *I'm always frustrated when [...]*
-
-**Describe the solution you'd like**
-Add a clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-Add a clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,16 +1,16 @@
-**Description**
-Please explain the changes you made here.
-If the feature changes current behaviour, explain why your solution is better.
+## Description
 
-:rotating_light: Before submitting your PR, please read [community](https://github.com/filebrowser/community), and indicate which issues (in any of the repos) are either fixed or closed by this PR. See [GitHub Help: Closing issues using keywords](https://help.github.com/articles/closing-issues-via-commit-messages/).
+<!-- Please explain the changes you made here. -->
 
-- [ ] DO make sure you are requesting to **pull a topic/feature/bugfix branch** (right side). Don't request your master!
-- [ ] DO make sure you are making a pull request against the **master branch** (left side). Also you should start *your branch* off *our master*.
-- [ ] DO make sure that File Browser can be successfully built. See [builds](https://github.com/filebrowser/community/blob/master/builds.md) and [development](https://github.com/filebrowser/community/blob/master/development.md).
-- [ ] DO make sure that related issues are opened in other repositories. I.e., the frontend, caddy plugins or the web page need to be updated accordingly.
-- [ ] AVOID breaking the continuous integration build.
+## Additional Information
 
-**Further comments**
-If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did, what alternatives you considered, etc.
+<!-- If it is a relatively large or complex change, please add more information to explain what you did, how you did it, if you considered any alternatives, etc. -->
 
-:heart: Thank you!
+## Checklist
+
+Before submitting your PR, please indicate which issues are either fixed or closed by this PR. See [GitHub Help: Closing issues using keywords](https://help.github.com/articles/closing-issues-via-commit-messages/).
+
+- [ ] I am aware the project is currently in maintenance-only mode. See [README](https://github.com/filebrowser/community/blob/master/README.md)
+- [ ] I am aware that translations MUST be made through [Transifex](https://app.transifex.com/file-browser/file-browser/) and that this PR is NOT a translation update
+- [ ] I am making a PR against the `master` branch.
+- [ ] I am sure File Browser can be successfully built. See [builds](https://github.com/filebrowser/community/blob/master/builds.md) and [development](https://github.com/filebrowser/community/blob/master/development.md).

.github/workflows/main.yaml

@@ -3,54 +3,93 @@ name: main
 on:
   push:
     branches:
-      - 'master'
+      - "master"
     tags:
-      - 'v*'
+      - "v*"
   pull_request:
 
 jobs:
+  # linters
+  lint-frontend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v4
+        with:
+          package_json_file: "frontend/package.json"
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "22.x"
+          cache: "pnpm"
+          cache-dependency-path: "frontend/pnpm-lock.yaml"
+      - run: make lint-frontend
+  lint-backend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 1.23.0
+      - run: make lint-backend
   lint:
     runs-on: ubuntu-latest
+    needs: [lint-frontend, lint-backend]
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
-        with:
-          go-version: 1.16
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '14'
-      - run: npm i -g commitlint
-      - run: make lint
-  test:
+      - run: echo "done"
+
+  # tests
+  test-frontend:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v4
         with:
-          go-version: 1.16
-      - uses: actions/setup-node@v2
+          package_json_file: "frontend/package.json"
+      - uses: actions/setup-node@v4
         with:
-          node-version: '14'
-      - run: make test
+          node-version: "22.x"
+          cache: "pnpm"
+          cache-dependency-path: "frontend/pnpm-lock.yaml"
+      - run: make test-frontend
+  test-backend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 1.23.0
+      - run: make test-backend
+  test:
+    runs-on: ubuntu-latest
+    needs: [test-frontend, test-backend]
+    steps:
+      - run: echo "done"
+
+  # release
   release:
     runs-on: ubuntu-latest
     needs: [lint, test]
     if: startsWith(github.event.ref, 'refs/tags/v')
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: actions/setup-go@v2
+      - uses: actions/setup-go@v5
         with:
-          go-version: 1.16
-      - uses: actions/setup-node@v2
+          go-version: 1.23.0
+      - uses: pnpm/action-setup@v4
         with:
-          node-version: '14'
+          package_json_file: "frontend/package.json"
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "22.x"
+          cache: "pnpm"
+          cache-dependency-path: "frontend/pnpm-lock.yaml"
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
-      - name: Build fronetend
+      - name: Build frontend
         run: make build-frontend
       - name: Login to Docker Hub
         uses: docker/login-action@v1
@@ -61,6 +100,6 @@ jobs:
         uses: goreleaser/goreleaser-action@v2
         with:
           version: latest
-          args: release --rm-dist
+          args: release --clean
         env:
-          GITHUB_TOKEN: ${{ secrets.GH_PAT }}
+          GITHUB_TOKEN: ${{ secrets.GH_PAT }}

.github/workflows/pr-lint.yaml

@@ -0,0 +1,46 @@
+name: "Lint PR"
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+      - edited
+      - synchronize
+
+permissions:
+  pull-requests: write
+
+jobs:
+  main:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v5
+        id: lint_pr_title
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: marocchino/sticky-pull-request-comment@v2
+        # When the previous steps fails, the workflow would stop. By adding this
+        # condition you can continue the execution with the populated error message.
+        if: always() && (steps.lint_pr_title.outputs.error_message != null)
+        with:
+          header: pr-title-lint-error
+          message: |
+            Hey there and thank you for opening this pull request! 👋🏼
+            
+            We require pull request titles to follow the [Conventional Commits specification](https://www.conventionalcommits.org/en/v1.0.0/) and it looks like your proposed title needs to be adjusted.
+
+            Details:
+            
+            ```
+            ${{ steps.lint_pr_title.outputs.error_message }}
+            ```
+
+      # Delete a previous comment when the issue has been resolved
+      - if: ${{ steps.lint_pr_title.outputs.error_message == null }}
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          header: pr-title-lint-error
+          delete: true

.github/workflows/site-pr.yml

@@ -0,0 +1,20 @@
+name: Build Site
+
+on:
+  pull_request:
+    paths:
+      - 'www'
+      - '*.md'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build site
+        run: make site

.github/workflows/site-publish.yml

@@ -0,0 +1,32 @@
+name: Build and Deploy Site
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  deploy:
+    permissions:
+      contents: read
+      deployments: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build site
+        run: make site
+
+      - name: Deploy to Cloudflare Pages
+        uses: cloudflare/wrangler-action@v3
+        with:
+          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          command: pages deploy www/public --project-name=${{ secrets.CLOUDFLARE_PROJECT_NAME }}
+          gitHubToken: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -1,15 +1,15 @@
 *.db
-*.lock
 *.bak
 _old
 rice-box.go
 .idea/
-filebrowser
-dist/
+/filebrowser
+/filebrowser.exe
+/dist
+.venv
 
 .DS_Store
 node_modules
-/frontend/dist
 
 # local env files
 .env.local
@@ -30,3 +30,15 @@ yarn-error.log*
 *.sw*
 bin/
 build/
+
+# Vue distributable files
+/frontend/dist/*
+!/frontend/dist/.gitkeep
+
+# Playwright files
+/frontend/test-results/
+/frontend/playwright-report/
+/frontend/playwright/.cache/
+
+default.nix
+Dockerfile.dev

.golangci.yml

@@ -1,131 +1,132 @@
-linters-settings:
-  dupl:
-    threshold: 100
-  exhaustive:
-    default-signifies-exhaustive: false
-  funlen:
-    lines: 100
-    statements: 50
-  goconst:
-    min-len: 2
-    min-occurrences: 2
-  gocritic:
-    enabled-tags:
-      - diagnostic
-      - experimental
-      - opinionated
-      - performance
-      - style
-    disabled-checks:
-      - dupImport # https://github.com/go-critic/go-critic/issues/845
-      - ifElseChain
-      - octalLiteral
-      - whyNoLint
-      - wrapperFunc
-  gocyclo:
-    min-complexity: 15
-  goimports:
-    local-prefixes: github.com/filebrowser/filebrowser
-  golint:
-    min-confidence: 0
-  gomnd:
-    settings:
-      mnd:
-        # don't include the "operation" and "assign"
-        checks: argument,case,condition,return
-  govet:
-    check-shadowing: true
-  lll:
-    line-length: 140
-  maligned:
-    suggest-new: true
-  misspell:
-    locale: US
-  nolintlint:
-    allow-leading-space: true # don't require machine-readable nolint directives (i.e. with no leading space)
-    allow-unused: false # report any unused nolint directives
-    require-explanation: false # don't require an explanation for nolint directives
-    require-specific: false # don't require nolint directives to be specific about which linter is being skipped
+version: "2"
 
 linters:
-  # please, do not use `enable-all`: it's deprecated and will be removed soon.
-  # inverted configuration with `enable-all` and `disable` is not scalable during updates of golangci-lint
-  disable-all: true
+  # inverted configuration with `default: all` and `disable` is not scalable during updates of golangci-lint
+  default: none
   enable:
     - bodyclose
-    - deadcode
-    - depguard
     - dogsled
     - dupl
     - errcheck
+    - errorlint
+    - exhaustive
     - funlen
+    - gocheckcompilerdirectives
     - gochecknoinits
-    - goconst
     - gocritic
     - gocyclo
-    - goimports
-    - golint
-    - gomnd
+    - godox
     - goprintffuncname
     - gosec
-    - gosimple
     - govet
     - ineffassign
-    - interfacer
     - lll
     - misspell
+    - mnd
     - nakedret
     - nolintlint
+    - prealloc
+    - revive
     - rowserrcheck
-    - scopelint
     - staticcheck
-    - structcheck
-    - stylecheck
-    - typecheck
+    - testifylint
     - unconvert
     - unparam
     - unused
-    - varcheck
     - whitespace
-    - prealloc
+  settings:
+    dupl:
+      threshold: 100
+    exhaustive:
+      default-signifies-exhaustive: false
+    funlen:
+      lines: 100
+      statements: 50
+    gocritic:
+      disabled-checks:
+        - dupImport # https://github.com/go-critic/go-critic/issues/845
+        - ifElseChain
+        - octalLiteral
+        - whyNoLint
+        - wrapperFunc
+      enabled-tags:
+        - diagnostic
+        - experimental
+        - opinionated
+        - performance
+        - style
+    gocyclo:
+      min-complexity: 15
+    govet:
+      enable:
+        - nilness
+        - shadow
+    lll:
+      line-length: 140
+    misspell:
+      locale: US
+    mnd:
+      # don't include the "operation" and "assign"
+      checks:
+        - argument
+        - case
+        - condition
+        - return
+      ignored-numbers:
+        - "0"
+        - "1"
+        - "2"
+        - "3"
+        - "0666"
+        - "0700"
+        - "0700"
+      ignored-functions:
+        - strings.SplitN
+        - make
+    nolintlint:
+      allow-unused: false # report any unused nolint directives
+      require-explanation: false # require an explanation for nolint directives
+      require-specific: true # require nolint directives to be specific about which linter is being skipped
+    staticcheck:
+      checks:
+        - "all"
+        - "-QF*"
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    rules:
+      - linters:
+          - gochecknoinits
+        path: cmd/.*.go
+      - linters:
+          - dupl
+          - funlen
+          - gochecknoinits
+          - gocyclo
+          - lll
+          - scopelint
+        path: .*_test.go
+      - linters:
+          - misspell
+        text: "[aA]uther"
+      - linters:
+          - mnd
+        text: strconv.Parse
+    paths:
+      - frontend/
 
-  # don't enable:
-  # - asciicheck
-  # - exhaustive (TODO: enable after next release; current release at time of writing is v1.27)
-  # - gochecknoglobals
-  # - gocognit
-  # - godot
-  # - godox
-  # - goerr113
-  # - maligned
-  # - nestif
-  # - testpackage
-  # - wsl
-
-issues:
-  exclude-rules:
-    - path: cmd/.*.go
-      linters:
-        - gochecknoinits
-    - path: .*_test.go
-      linters:
-        - lll
-        - gochecknoinits
-        - gocyclo
-        - funlen
-        - dupl
-        - scopelint
-    - text: "Auther"
-      linters:
-        - misspell
-
-run:
-  skip-dirs:
-    - frontend/
-  skip-files:
-    - http/rice-box.go
-
-# golangci.com configuration
-# https://github.com/golangci/golangci/wiki/Configuration
-service:
-  golangci-lint-version: 1.27.x # use the fixed version to not introduce new linters unexpectedly
+formatters:
+  enable:
+    - goimports
+  settings:
+    goimports:
+      local-prefixes:
+        - github.com/filebrowser/filebrowser
+  exclusions:
+    generated: lax
+    paths:
+      - frontend/

.goreleaser.yml

@@ -1,51 +1,49 @@
+version: 2
+
 project_name: filebrowser
 
 env:
   - GO111MODULE=on
 
-before:
-  hooks:
-    - make bundle-frontend
-
-build:
-  env:
-    - CGO_ENABLED=0
-  ldflags:
-    - -s -w -X github.com/filebrowser/filebrowser/v2/version.Version={{ .Version }} -X github.com/filebrowser/filebrowser/v2/version.CommitSHA={{ .ShortCommit }}
-  main: main.go
-  binary: filebrowser
-  goos:
-    - darwin
-    - linux
-    - windows
-    - freebsd
-  goarch:
-    - amd64
-    - 386
-    - arm
-    - arm64
-  goarm:
-    - 5
-    - 6
-    - 7
-  ignore:
-    - goos: darwin
-      goarch: 386
-    - goos: freebsd
-      goarch: arm
+builds:
+  - env:
+      - CGO_ENABLED=0
+    ldflags:
+      - -s -w -X github.com/filebrowser/filebrowser/v2/version.Version={{ .Version }} -X github.com/filebrowser/filebrowser/v2/version.CommitSHA={{ .ShortCommit }}
+    main: main.go
+    binary: filebrowser
+    goos:
+      - darwin
+      - linux
+      - windows
+      - freebsd
+    goarch:
+      - amd64
+      - "386"
+      - arm
+      - arm64
+      - riscv64
+    goarm:
+      - "5"
+      - "6"
+      - "7"
+    ignore:
+      - goos: darwin
+        goarch: "386"
+      - goos: freebsd
+        goarch: arm
 
 archives:
-  -
-    name_template: "{{.Os}}-{{.Arch}}{{if .Arm}}v{{.Arm}}{{end}}-{{ .ProjectName }}"
-    format: tar.gz
+  - name_template: "{{.Os}}-{{.Arch}}{{if .Arm}}v{{.Arm}}{{end}}-{{ .ProjectName }}"
+    formats: ["tar.gz"]
     format_overrides:
       - goos: windows
-        format: zip
+        formats: ["zip"]
 
 dockers:
-  -
-    dockerfile: Dockerfile
-    use_buildx: true
+  # Alpine docker images
+  - dockerfile: Dockerfile
+    use: buildx
     build_flag_templates:
       - "--pull"
       - "--label=org.opencontainers.image.created={{.Date}}"
@@ -59,9 +57,10 @@ dockers:
     image_templates:
       - "filebrowser/filebrowser:{{ .Tag }}-amd64"
       - "filebrowser/filebrowser:v{{ .Major }}-amd64"
-  -
-    dockerfile: Dockerfile
-    use_buildx: true
+    extra_files:
+      - docker
+  - dockerfile: Dockerfile
+    use: buildx
     build_flag_templates:
       - "--pull"
       - "--label=org.opencontainers.image.created={{.Date}}"
@@ -75,9 +74,10 @@ dockers:
     image_templates:
       - "filebrowser/filebrowser:{{ .Tag }}-arm64"
       - "filebrowser/filebrowser:v{{ .Major }}-arm64"
-  -
-    dockerfile: Dockerfile
-    use_buildx: true
+    extra_files:
+      - docker
+  - dockerfile: Dockerfile
+    use: buildx
     build_flag_templates:
       - "--pull"
       - "--label=org.opencontainers.image.created={{.Date}}"
@@ -88,13 +88,14 @@ dockers:
       - "--platform=linux/arm/v6"
     goos: linux
     goarch: arm
-    goarm: '6'
+    goarm: "6"
     image_templates:
       - "filebrowser/filebrowser:{{ .Tag }}-armv6"
       - "filebrowser/filebrowser:v{{ .Major }}-armv6"
-  -
-    dockerfile: Dockerfile
-    use_buildx: true
+    extra_files:
+      - docker
+  - dockerfile: Dockerfile
+    use: buildx
     build_flag_templates:
       - "--pull"
       - "--label=org.opencontainers.image.created={{.Date}}"
@@ -105,38 +106,92 @@ dockers:
       - "--platform=linux/arm/v7"
     goos: linux
     goarch: arm
-    goarm: '7'
+    goarm: "7"
     image_templates:
       - "filebrowser/filebrowser:{{ .Tag }}-armv7"
       - "filebrowser/filebrowser:v{{ .Major }}-armv7"
+    extra_files:
+      - docker
+
+  ## s6-overlay docker images
+  - dockerfile: Dockerfile.s6
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/amd64"
+    goos: linux
+    goarch: amd64
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-amd64-s6"
+    extra_files:
+      - docker
+  - dockerfile: Dockerfile.s6.aarch64
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm64"
+    goos: linux
+    goarch: arm64
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-arm64-s6"
+    extra_files:
+      - docker
+
 docker_manifests:
   - name_template: "filebrowser/filebrowser:latest"
     image_templates:
       - "filebrowser/filebrowser:{{ .Tag }}-amd64"
       - "filebrowser/filebrowser:{{ .Tag }}-arm64"
-      - "filebrowser/filebrowser:{{ .Tag }}-armv6"
       - "filebrowser/filebrowser:{{ .Tag }}-armv7"
   - name_template: "filebrowser/filebrowser:{{ .Tag }}"
     image_templates:
       - "filebrowser/filebrowser:{{ .Tag }}-amd64"
       - "filebrowser/filebrowser:{{ .Tag }}-arm64"
-      - "filebrowser/filebrowser:{{ .Tag }}-armv6"
       - "filebrowser/filebrowser:{{ .Tag }}-armv7"
   - name_template: "filebrowser/filebrowser:v{{ .Major }}"
     image_templates:
       - "filebrowser/filebrowser:v{{ .Major }}-amd64"
       - "filebrowser/filebrowser:v{{ .Major }}-arm64"
-      - "filebrowser/filebrowser:v{{ .Major }}-armv6"
       - "filebrowser/filebrowser:v{{ .Major }}-armv7"
-brews:
+  ## s6 image manifests
+  - name_template: "filebrowser/filebrowser:s6"
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64-s6"
+  - name_template: "filebrowser/filebrowser:{{ .Tag }}-s6"
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64-s6"
+  - name_template: "filebrowser/filebrowser:v{{ .Major }}-s6"
+    image_templates:
+      - "filebrowser/filebrowser:v{{ .Major }}-amd64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-arm64-s6"
+
+homebrew_casks:
   - name: filebrowser
-    tap:
+    repository:
       owner: filebrowser
       name: homebrew-tap
-    folder: Formula
-    homepage: https://filebrowser.org
     commit_author:
       name: FileBrowser Robot
       email: robot@filebrowser.org
+    homepage: https://github.com/filebrowser/filebrowser
     description: File Browser is a create-your-own-cloud-kind of software where you can install it on a server, direct it to a path and then access your files through a nice web interface
-    license: "MIT"
+    hooks:
+      post:
+        install: |
+          if system_command("/usr/bin/xattr", args: ["-h"]).exit_status == 0
+            system_command "/usr/bin/xattr", args: ["-dr", "com.apple.quarantine", "#{staged_path}/filebrowser"]
+          end

.tx/config

@@ -1,10 +0,0 @@
-[main]
-host = https://www.transifex.com
-lang_map = pt_BR: pt-br, zh_CN: zh-cn, zh_HK: zh-hk, zh_TW: zh-tw, nl_BE: nl-be, sv_SE: sv-se
-
-[file-browser.file-browser]
-file_filter = frontend/src/i18n/<lang>.json
-minimum_perc = 50
-source_file = frontend/src/i18n/en.json
-source_lang = en
-type = KEYVALUEJSON

CHANGELOG.md

@@ -2,6 +2,853 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.35.0](https://github.com/filebrowser/filebrowser/compare/v2.34.2...v2.35.0) (2025-06-30)
+
+
+### Features
+
+* Long press selects item in single click mode ([8d75220](https://github.com/filebrowser/filebrowser/commit/8d7522049ced83f28f0933b55772c32e3ad04627))
+
+
+### Bug Fixes
+
+* shell value must be joined by blank space ([4403cd3](https://github.com/filebrowser/filebrowser/commit/4403cd35720dbda5a8bb1013b92582accf3317bc))
+* update documentation links ([38d0366](https://github.com/filebrowser/filebrowser/commit/38d0366acf88352b5a9a97c45837b0f865efae0b))
+
+### [2.34.2](https://github.com/filebrowser/filebrowser/compare/v2.34.1...v2.34.2) (2025-06-29)
+
+
+### Bug Fixes
+
+* mitigate unprotected shares ([2b5d6cb](https://github.com/filebrowser/filebrowser/commit/2b5d6cbb996a61a769acc56af0acc12eec2d8d8f))
+
+### [2.34.1](https://github.com/filebrowser/filebrowser/compare/v2.34.0...v2.34.1) (2025-06-29)
+
+
+### Bug Fixes
+
+* exclude to-be-moved folder from move dialog ([#5235](https://github.com/filebrowser/filebrowser/issues/5235)) ([7354eb6](https://github.com/filebrowser/filebrowser/commit/7354eb6cf966244141277c2808988855c004f908))
+* passthrough the minimum password length ([#5236](https://github.com/filebrowser/filebrowser/issues/5236)) ([bf37f88](https://github.com/filebrowser/filebrowser/commit/bf37f88c32222ad9c186482bb97338a9c9b4a93c))
+
+## [2.34.0](https://github.com/filebrowser/filebrowser/compare/v2.33.10...v2.34.0) (2025-06-29)
+
+
+### Features
+
+* Translate frontend/src/i18n/en.json in fa ([0acd69c](https://github.com/filebrowser/filebrowser/commit/0acd69c537ce2909ff62c4bb6980982524ece221))
+* Translate frontend/src/i18n/en.json in fa ([#5233](https://github.com/filebrowser/filebrowser/issues/5233)) ([09f679f](https://github.com/filebrowser/filebrowser/commit/09f679fae43398f5b87d21acc9d974d4d053392f))
+* update translations for project File Browser ([#5226](https://github.com/filebrowser/filebrowser/issues/5226)) ([a5ea2a2](https://github.com/filebrowser/filebrowser/commit/a5ea2a266bef619d1c4322266d1aa7d397d2c856))
+
+
+### Bug Fixes
+
+* abort ongoing requests when changing pages ([#3927](https://github.com/filebrowser/filebrowser/issues/3927)) ([93c4b2e](https://github.com/filebrowser/filebrowser/commit/93c4b2e03c5176da01a7e00a03c03ffcce279bc8))
+* add configurable minimum password length ([#5225](https://github.com/filebrowser/filebrowser/issues/5225)) ([464b644](https://github.com/filebrowser/filebrowser/commit/464b644adf22a2178414a6f1e4fa286276de81d2))
+* do not expose the name of the root directory ([#5224](https://github.com/filebrowser/filebrowser/issues/5224)) ([0892559](https://github.com/filebrowser/filebrowser/commit/089255997a653c284cd4249990b58bed00086c61))
+* Graceful shutdown ([8230eb7](https://github.com/filebrowser/filebrowser/commit/8230eb7ab51ccbd00b03f5b9d6964fa4aae331d4))
+
+
+### Reverts
+
+* Revert "docs: change cloudflare environment (#5231)" (#5232) ([9e273cd](https://github.com/filebrowser/filebrowser/commit/9e273cd9475d57b9500034e8b341ff8b620bcab8)), closes [#5231](https://github.com/filebrowser/filebrowser/issues/5231) [#5232](https://github.com/filebrowser/filebrowser/issues/5232)
+
+
+### Build
+
+* add an arm64 target for the site image ([#5229](https://github.com/filebrowser/filebrowser/issues/5229)) ([f5e531c](https://github.com/filebrowser/filebrowser/commit/f5e531c8ae0b9b18717e184856ace0ce19beef82))
+* bump golangci-lint to 2.1.6 ([1d494ff](https://github.com/filebrowser/filebrowser/commit/1d494ff3159ef939cfb4980ccde6f27df3e738b5))
+* **deps:** bump brace-expansion from 1.1.11 to 1.1.12 in /tools ([#5228](https://github.com/filebrowser/filebrowser/issues/5228)) ([5a07291](https://github.com/filebrowser/filebrowser/commit/5a072913062a6b2b0e5c74a02ca7710218ed3e5e))
+* **deps:** bump github.com/go-viper/mapstructure/v2 ([f32f273](https://github.com/filebrowser/filebrowser/commit/f32f27383d1fafa074f038cc873bd37b7f20ee27))
+* **deps:** bump github.com/go-viper/mapstructure/v2 in /tools ([5331969](https://github.com/filebrowser/filebrowser/commit/5331969163f5ae1fd2389f665059fc9e4a98db15))
+* publish docs to cloudflare pages ([#5230](https://github.com/filebrowser/filebrowser/issues/5230)) ([8861933](https://github.com/filebrowser/filebrowser/commit/8861933cf845b104e072f35e5f37d7c26097c9dc))
+
+### [2.33.10](https://github.com/filebrowser/filebrowser/compare/v2.33.9...v2.33.10) (2025-06-26)
+
+
+### Bug Fixes
+
+* correctly check if command is allowed when using shell ([4d830f7](https://github.com/filebrowser/filebrowser/commit/4d830f707fc4314741fd431e70c2ce50cd5a3108))
+* correctly split shell ([f84a6db](https://github.com/filebrowser/filebrowser/commit/f84a6db680b6df1c7c8f06f1816f7e4c9e963668))
+* ignore linting error ([e735491](https://github.com/filebrowser/filebrowser/commit/e735491c57b12c3b19dd2e4b570723df78f4eb44))
+
+### [2.33.9](https://github.com/filebrowser/filebrowser/compare/v2.33.8...v2.33.9) (2025-06-26)
+
+
+### Bug Fixes
+
+* check exact match on command allow list ([e2e1e49](https://github.com/filebrowser/filebrowser/commit/e2e1e4913085cca8917e0f69171dc28d3c6af1b6))
+* remove auth token from /api/command ([d5b39a1](https://github.com/filebrowser/filebrowser/commit/d5b39a14fd3fc0d1c364116b41289484df7c27b2))
+* remove unused import ([c232d41](https://github.com/filebrowser/filebrowser/commit/c232d41f903d3026ec290bbe819b6c59a933048e))
+
+### [2.33.8](https://github.com/filebrowser/filebrowser/compare/v2.33.7...v2.33.8) (2025-06-25)
+
+### [2.33.7](https://github.com/filebrowser/filebrowser/compare/v2.33.6...v2.33.7) (2025-06-25)
+
+
+### Bug Fixes
+
+* correctly parse negative boolean flags ([221451a](https://github.com/filebrowser/filebrowser/commit/221451a5179c8f139819a315b80d0ecb0e7220c3))
+* linting issues ([4bfbf33](https://github.com/filebrowser/filebrowser/commit/4bfbf332499fc8aea5f6df6aae1efa0de918d1ae))
+* linting issues ([e74c958](https://github.com/filebrowser/filebrowser/commit/e74c95886226c0ee429af1860eed21dd1f8601aa))
+
+### [2.33.6](https://github.com/filebrowser/filebrowser/compare/v2.33.5...v2.33.6) (2025-06-24)
+
+
+### Bug Fixes
+
+* remove incorrect default for password flag ([23bd8f6](https://github.com/filebrowser/filebrowser/commit/23bd8f67155081d707d4799393d3b1e2bebeaa34))
+
+### [2.33.5](https://github.com/filebrowser/filebrowser/compare/v2.33.4...v2.33.5) (2025-06-24)
+
+
+### Features
+
+* update languages for project File Browser ([#5190](https://github.com/filebrowser/filebrowser/issues/5190)) ([f330764](https://github.com/filebrowser/filebrowser/commit/f33076462a133935ca97fb6c7345303fe350e167))
+
+
+### Bug Fixes
+
+* actually register the czech language ([#5189](https://github.com/filebrowser/filebrowser/issues/5189)) ([0268506](https://github.com/filebrowser/filebrowser/commit/0268506f80d33d2d31e38055e12530241d27a11b))
+
+### [2.33.4](https://github.com/filebrowser/filebrowser/compare/v2.33.3...v2.33.4) (2025-06-22)
+
+
+### Features
+
+* translation updates for project File Browser ([#5179](https://github.com/filebrowser/filebrowser/issues/5179)) ([f714e71](https://github.com/filebrowser/filebrowser/commit/f714e71a356c2301f394d651c9b6c467440508e3))
+
+### [2.33.3](https://github.com/filebrowser/filebrowser/compare/v2.33.2...v2.33.3) (2025-06-22)
+
+
+### Bug Fixes
+
+* keep command behavior in Dockerfile ([7c0c782](https://github.com/filebrowser/filebrowser/commit/7c0c7820efbbed2f0499353cc76ecb85d00ff7c3))
+* update search hotkey in help prompt ([#5178](https://github.com/filebrowser/filebrowser/issues/5178)) ([2741616](https://github.com/filebrowser/filebrowser/commit/2741616473636d40b7e9f14c9906ada08d328c3c))
+
+### [2.33.2](https://github.com/filebrowser/filebrowser/compare/v2.33.1...v2.33.2) (2025-06-21)
+
+
+### Bug Fixes
+
+* create user dir on signup ([0ca8059](https://github.com/filebrowser/filebrowser/commit/0ca8059d8dea4fe079146471ce4f24acc96021f2))
+
+### [2.33.1](https://github.com/filebrowser/filebrowser/compare/v2.33.0...v2.33.1) (2025-06-21)
+
+
+### Bug Fixes
+
+* downloadUrl of file preview ([#3728](https://github.com/filebrowser/filebrowser/issues/3728)) ([8a14018](https://github.com/filebrowser/filebrowser/commit/8a14018861fe581672bbd27cdc3ae5691f70a108))
+* remove auth query parameter from download and preview links ([cbb7124](https://github.com/filebrowser/filebrowser/commit/cbb712484d3bdabc033acaf3b696ef4f5865813d))
+* search uses ctrl+shift+f instead of hijacking browser's ctrl+f ([#4638](https://github.com/filebrowser/filebrowser/issues/4638)) ([a02b297](https://github.com/filebrowser/filebrowser/commit/a02b2972ebde2a58806ad1377bad46e748b63166))
+
+## [2.33.0](https://github.com/filebrowser/filebrowser/compare/v2.32.3...v2.33.0) (2025-06-18)
+
+
+### Features
+
+* improved docker image volumes and permissions ([#5160](https://github.com/filebrowser/filebrowser/issues/5160)) ([2e26393](https://github.com/filebrowser/filebrowser/commit/2e26393a022df0eaa9e08727407aba8b997aa728))
+
+### [2.32.3](https://github.com/filebrowser/filebrowser/compare/v2.32.2...v2.32.3) (2025-06-17)
+
+### [2.32.2](https://github.com/filebrowser/filebrowser/compare/v2.32.1...v2.32.2) (2025-06-17)
+
+
+### Features
+
+* updated for project File Browser ([#5159](https://github.com/filebrowser/filebrowser/issues/5159)) ([c34c0af](https://github.com/filebrowser/filebrowser/commit/c34c0afecf3242b16ad5d5584cd90a6ad323361c))
+
+### [2.32.1](https://github.com/filebrowser/filebrowser/compare/v2.32.0...v2.32.1) (2025-06-16)
+
+
+### Features
+
+* add Vietnamese translation ([#3840](https://github.com/filebrowser/filebrowser/issues/3840)) ([56b80b6](https://github.com/filebrowser/filebrowser/commit/56b80b6d9b4710538765ba7df5da1f03898f6b81))
+* improve pt-br translations with new keys and refinements ([#4903](https://github.com/filebrowser/filebrowser/issues/4903)) ([a882fb6](https://github.com/filebrowser/filebrowser/commit/a882fb6c85ab6ccc845ed0bf3908d8e5e60ce346))
+* update translation ko.json ([#3852](https://github.com/filebrowser/filebrowser/issues/3852)) ([d9ebd65](https://github.com/filebrowser/filebrowser/commit/d9ebd65ffcf9b2166fec708d51849796d12b16e0))
+
+
+### Bug Fixes
+
+* err shadowing lint ([c606a01](https://github.com/filebrowser/filebrowser/commit/c606a01a2d20932fb32ee896234d57631f8c47e4))
+* generate random admin password on quick setup ([a46acba](https://github.com/filebrowser/filebrowser/commit/a46acba5f92ee044661880d6ae349e289d984328)), closes [#3646](https://github.com/filebrowser/filebrowser/issues/3646)
+* imports lint ([54b91b8](https://github.com/filebrowser/filebrowser/commit/54b91b8ff0b8ee1f02f72425ab97d27a5d942fc3))
+* set videojs locale ([#3742](https://github.com/filebrowser/filebrowser/issues/3742)) ([71a8f56](https://github.com/filebrowser/filebrowser/commit/71a8f5662c207e3cd4ee714a5b5a961121f510cd))
+
+
+### Build
+
+* **deps-dev:** bump vite from 6.0.11 to 6.1.6 in /frontend ([#3886](https://github.com/filebrowser/filebrowser/issues/3886)) ([5355629](https://github.com/filebrowser/filebrowser/commit/5355629fd1e7bd85ee3222fca22da899ba23ea95))
+* **deps:** bump golang.org/x/crypto from 0.31.0 to 0.35.0 ([#3865](https://github.com/filebrowser/filebrowser/issues/3865)) ([0ba9505](https://github.com/filebrowser/filebrowser/commit/0ba9505a19cb369653fc9f8260dc02fcc6587629))
+* **deps:** bump golang.org/x/net from 0.33.0 to 0.38.0 ([#3869](https://github.com/filebrowser/filebrowser/issues/3869)) ([cfea84f](https://github.com/filebrowser/filebrowser/commit/cfea84fd5e7ec9c1d2366293e5db12baaa4e3a81))
+* **deps:** bump vue-i18n from 11.0.1 to 11.1.2 in /frontend ([#3786](https://github.com/filebrowser/filebrowser/issues/3786)) ([35d1c09](https://github.com/filebrowser/filebrowser/commit/35d1c092434b80b22c89a614a02122e9f5965b39))
+
+## [2.32.0](https://github.com/filebrowser/filebrowser/compare/v2.31.2...v2.32.0) (2025-01-31)
+
+
+### Features
+
+* create user on proxy authentication if user does not exist ([#3569](https://github.com/filebrowser/filebrowser/issues/3569)) ([209acf2](https://github.com/filebrowser/filebrowser/commit/209acf2429b06e2e8d78218937c59fd7e7edd1be))
+
+
+### Bug Fixes
+
+* add proper healthcheck for S6 containers ([#3691](https://github.com/filebrowser/filebrowser/issues/3691)) ([045064f](https://github.com/filebrowser/filebrowser/commit/045064f8b8bf9f86058e877448085e38da8b3f2e))
+* disk usage refreshing ([#3692](https://github.com/filebrowser/filebrowser/issues/3692)) ([bbdd313](https://github.com/filebrowser/filebrowser/commit/bbdd313705b8d253f0c47ad717a6e47b2f46e719))
+* Fix user creation on proxy auth ([#3666](https://github.com/filebrowser/filebrowser/issues/3666)) ([5300d00](https://github.com/filebrowser/filebrowser/commit/5300d00d2e7dbb80a252aff57e100113f02506c3))
+* prompts disappearing on copy / move / upload ([#3537](https://github.com/filebrowser/filebrowser/issues/3537)) ([d1c84a8](https://github.com/filebrowser/filebrowser/commit/d1c84a84123c77dede05c023b3697a432b56122c))
+
+
+### Refactorings
+
+* Fix eslint warnings ([#3698](https://github.com/filebrowser/filebrowser/issues/3698)) ([0201f9c](https://github.com/filebrowser/filebrowser/commit/0201f9c5c4dd2a4d5a3503e59cdb8045e8d3a91f)), closes [#3407](https://github.com/filebrowser/filebrowser/issues/3407)
+
+
+### Build
+
+* **deps:** bump cross-spawn from 7.0.3 to 7.0.6 in /tools ([#3601](https://github.com/filebrowser/filebrowser/issues/3601)) ([25372ed](https://github.com/filebrowser/filebrowser/commit/25372edb5c0e616e82b76b5f523633af57d347e0))
+* **deps:** bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 ([#3574](https://github.com/filebrowser/filebrowser/issues/3574)) ([2fdea73](https://github.com/filebrowser/filebrowser/commit/2fdea73430011846276a1cda52458f1d670f5ea7))
+* **deps:** bump golang.org/x/crypto from 0.26.0 to 0.31.0 ([#3634](https://github.com/filebrowser/filebrowser/issues/3634)) ([e92dbb4](https://github.com/filebrowser/filebrowser/commit/e92dbb4bb8b7894264fbf0a48a641712c3b68766))
+* **deps:** bump golang.org/x/net from 0.23.0 to 0.33.0 ([#3712](https://github.com/filebrowser/filebrowser/issues/3712)) ([1194cfe](https://github.com/filebrowser/filebrowser/commit/1194cfe0097a70399c1f06cf0f514b9d70fa463c))
+* **deps:** bump vue-i18n from 9.10.2 to 9.14.2 in /frontend ([#3618](https://github.com/filebrowser/filebrowser/issues/3618)) ([0659594](https://github.com/filebrowser/filebrowser/commit/065959451d3ba12019c6151274aa4e6904cdca99))
+* fix go releaser ([ba797cd](https://github.com/filebrowser/filebrowser/commit/ba797cda3135eddb9b7165dc5ceb932399cb54df))
+* update to node 22 and pnpm ([#3616](https://github.com/filebrowser/filebrowser/issues/3616)) ([d51a343](https://github.com/filebrowser/filebrowser/commit/d51a3438201274a1b826be1b775ca1035ade20c5))
+
+### [2.31.2](https://github.com/filebrowser/filebrowser/compare/v2.31.1...v2.31.2) (2024-10-03)
+
+
+### Bug Fixes
+
+* added whitespace before version ([#3510](https://github.com/filebrowser/filebrowser/issues/3510)) ([2b37e69](https://github.com/filebrowser/filebrowser/commit/2b37e696c9bde4d0c453de236a3555d982346bbb))
+* change location of custom init scripts ([#3493](https://github.com/filebrowser/filebrowser/issues/3493)) ([406d4f7](https://github.com/filebrowser/filebrowser/commit/406d4f78845a1684df7c9c457b208f4dd9b2a930))
+* files list alignment ([#3494](https://github.com/filebrowser/filebrowser/issues/3494)) ([64400ff](https://github.com/filebrowser/filebrowser/commit/64400ffda8b09f66b8662a3c9400235139800a4d))
+* german translation spelling typos ([#3469](https://github.com/filebrowser/filebrowser/issues/3469)) ([1e7c415](https://github.com/filebrowser/filebrowser/commit/1e7c41505fb6a3b9baa1534787492a186e09bcfb))
+
+
+### Build
+
+* **deps-dev:** bump vite from 5.2.7 to 5.4.6 in /frontend ([#3496](https://github.com/filebrowser/filebrowser/issues/3496)) ([ec7b643](https://github.com/filebrowser/filebrowser/commit/ec7b643e8e9499f7ff226ec7f8e63a9df9890352))
+* **deps:** bump rollup from 4.21.3 to 4.22.4 in /frontend ([#3504](https://github.com/filebrowser/filebrowser/issues/3504)) ([03d74ee](https://github.com/filebrowser/filebrowser/commit/03d74ee7582196c09720f8d488056339f06c446c))
+
+### [2.31.1](https://github.com/filebrowser/filebrowser/compare/v2.31.0...v2.31.1) (2024-08-30)
+
+
+### Bug Fixes
+
+* command not found in shell ([#3438](https://github.com/filebrowser/filebrowser/issues/3438)) ([121d9ab](https://github.com/filebrowser/filebrowser/commit/121d9abecdc7d4e923cfc5023519995938a6ccae))
+
+
+### Build
+
+* update to alpine 3.20 ([#3447](https://github.com/filebrowser/filebrowser/issues/3447)) ([7de6bc4](https://github.com/filebrowser/filebrowser/commit/7de6bc4a912b5734dd0df02ed8391e78619e2615))
+
+## [2.31.0](https://github.com/filebrowser/filebrowser/compare/v2.30.0...v2.31.0) (2024-08-29)
+
+
+### Features
+
+* add Czech translation ([#3416](https://github.com/filebrowser/filebrowser/issues/3416)) ([8e67a12](https://github.com/filebrowser/filebrowser/commit/8e67a12f260caefcbe419c2281025b9b15f02bf3))
+* Added epub preview. Resolves [#3375](https://github.com/filebrowser/filebrowser/issues/3375) ([#3376](https://github.com/filebrowser/filebrowser/issues/3376)) ([99a6382](https://github.com/filebrowser/filebrowser/commit/99a6382b320874e94f9bd74708f46dd9a7485d3c))
+* implement markdown file preview in Ace editor ([#3431](https://github.com/filebrowser/filebrowser/issues/3431)) ([b0f4604](https://github.com/filebrowser/filebrowser/commit/b0f4604f44e6a35e07df3000f106f523cd942cfc))
+* support mime type for epub extension ([#3425](https://github.com/filebrowser/filebrowser/issues/3425)) ([f6f7e5f](https://github.com/filebrowser/filebrowser/commit/f6f7e5fea3ff7073ee652008a51cb5445a6f3d5d))
+
+
+### Bug Fixes
+
+* clipboard copy in safari ([#3261](https://github.com/filebrowser/filebrowser/issues/3261)) ([1fccc5d](https://github.com/filebrowser/filebrowser/commit/1fccc5d649add2a56c55e75cf9dec4851e6d7cbf))
+* CSS selectors for listing icons ([#3277](https://github.com/filebrowser/filebrowser/issues/3277)) ([2a90cdf](https://github.com/filebrowser/filebrowser/commit/2a90cdfdaff8655c7cb1167c01994a0978dece8f))
+* fix catalan i18n file ([090272e](https://github.com/filebrowser/filebrowser/commit/090272e3b7c56a940c4aa2d28f860c574aa17d53))
+* fixing an issue where the upload indicator would "jump" around in the UI ([#3354](https://github.com/filebrowser/filebrowser/issues/3354)) ([7be5644](https://github.com/filebrowser/filebrowser/commit/7be564495226bc6846289a56edb8893511036c6e))
+* **frontend:** N files selected hint use i18n ([#3390](https://github.com/filebrowser/filebrowser/issues/3390)) ([10bf3cf](https://github.com/filebrowser/filebrowser/commit/10bf3cffbf8eb7d95fe4e1cc6acf1012329744b9))
+* pdf preview header ([#3274](https://github.com/filebrowser/filebrowser/issues/3274)) ([a838868](https://github.com/filebrowser/filebrowser/commit/a8388689f3019083f263845900f683ddc13884dc))
+* pull down to refresh within editor ([#3378](https://github.com/filebrowser/filebrowser/issues/3378)) ([21783ed](https://github.com/filebrowser/filebrowser/commit/21783ed91a13ad52afdb411e43faf14fb6ef6e42))
+
+
+### Build
+
+* bump go libs ([b596567](https://github.com/filebrowser/filebrowser/commit/b596567c6163d57eaefbf3e30d84cfca65c24cdf))
+* bump go version to 1.23.0 ([364fdaa](https://github.com/filebrowser/filebrowser/commit/364fdaaf0c1eace82ff8637d337cc1b32e5e9972))
+* bump golangci-lint to 1.60.3 ([a6347c8](https://github.com/filebrowser/filebrowser/commit/a6347c88586e584b4565277b0010fa9ff2576b1f))
+* **deps-dev:** bump braces from 3.0.2 to 3.0.3 in /frontend ([#3316](https://github.com/filebrowser/filebrowser/issues/3316)) ([e8589be](https://github.com/filebrowser/filebrowser/commit/e8589be6409a2b29edd44ee2edd3fbf6b2d72724))
+* **deps-dev:** bump ws from 8.16.0 to 8.17.1 in /frontend ([#3321](https://github.com/filebrowser/filebrowser/issues/3321)) ([c3465f9](https://github.com/filebrowser/filebrowser/commit/c3465f99136506d51b813be4f31b289e708da0ce))
+* **deps:** bump golang.org/x/image from 0.15.0 to 0.18.0 ([#3335](https://github.com/filebrowser/filebrowser/issues/3335)) ([30a8ddf](https://github.com/filebrowser/filebrowser/commit/30a8ddf113862e3de2c09547662b7f2af8a30dfe))
+* fix goreleaser file ([056cfa8](https://github.com/filebrowser/filebrowser/commit/056cfa8facdca4c397a6b245028d4c9d3f0ca518))
+
+## [2.30.0](https://github.com/filebrowser/filebrowser/compare/v2.29.0...v2.30.0) (2024-05-19)
+
+
+### Features
+
+* allow multi-select with SHIFT key in singleClick mode ([#3185](https://github.com/filebrowser/filebrowser/issues/3185)) ([2e47a03](https://github.com/filebrowser/filebrowser/commit/2e47a038d63de8f848b070578c1d71f765438a24))
+* Enhance MIME Type Detection for Additional File Extensions ([#3183](https://github.com/filebrowser/filebrowser/issues/3183)) ([be62f56](https://github.com/filebrowser/filebrowser/commit/be62f56782551e17d6d5dc23bc29cc56ef961a66))
+
+
+### Bug Fixes
+
+* add overlay for sidebar on mobile ([#3197](https://github.com/filebrowser/filebrowser/issues/3197)) ([3b48f75](https://github.com/filebrowser/filebrowser/commit/3b48f75301287fe94cbbacff184b4db03f37f7ea))
+* current folder name in page title ([#3200](https://github.com/filebrowser/filebrowser/issues/3200)) ([e336a25](https://github.com/filebrowser/filebrowser/commit/e336a25ad29ed8b956169d426992860a877ee551))
+* Fixing the inability to play MKV video files online and enhancing the auxiliary features of the VideoPlayer. ([#3181](https://github.com/filebrowser/filebrowser/issues/3181)) ([782375b](https://github.com/filebrowser/filebrowser/commit/782375b1cb4c4f954468c30ec277ce021c82b40d))
+* shell window size ([#3198](https://github.com/filebrowser/filebrowser/issues/3198)) ([4c5b612](https://github.com/filebrowser/filebrowser/commit/4c5b612cb2563817f9da50413c7cf9e89b4c4d4a))
+* The file type icon in the file list is sensitive to the case of the suffix name ([#3187](https://github.com/filebrowser/filebrowser/issues/3187)) ([a9c327c](https://github.com/filebrowser/filebrowser/commit/a9c327cc0687796a3c7bfafd4ddabf4342859e31))
+
+## [2.29.0](https://github.com/filebrowser/filebrowser/compare/v2.28.0...v2.29.0) (2024-04-30)
+
+
+### Features
+
+* Display Upload Progress as Percentage and File Size / Total File Size ([#3111](https://github.com/filebrowser/filebrowser/issues/3111)) ([236ca63](https://github.com/filebrowser/filebrowser/commit/236ca637f99e373adfeaaefc5db6af50bd15b6bf))
+* migrate to vue 3 ([#2689](https://github.com/filebrowser/filebrowser/issues/2689)) ([5100e58](https://github.com/filebrowser/filebrowser/commit/5100e587d73831ecdb5e3bd35a78fef96ad248a4))
+
+
+### Bug Fixes
+
+* abort upload behavior to properly handle server-side deletion and frontend state reset ([#3114](https://github.com/filebrowser/filebrowser/issues/3114)) ([434e49b](https://github.com/filebrowser/filebrowser/commit/434e49bf59e4ddf7ec90893fa3fd53faee8c9cbb))
+* apply proper zindex to modal dialogs ([#3172](https://github.com/filebrowser/filebrowser/issues/3172)) ([821f51e](https://github.com/filebrowser/filebrowser/commit/821f51ea5ad1f5c2eb72441bc761031cacee43e1))
+* correct list item selector ([#3126](https://github.com/filebrowser/filebrowser/issues/3126)) ([#3147](https://github.com/filebrowser/filebrowser/issues/3147)) ([22a05e1](https://github.com/filebrowser/filebrowser/commit/22a05e1f02a083cf7b630e16873dad0de89b7854))
+* don't redirect to login when no auth ([#3165](https://github.com/filebrowser/filebrowser/issues/3165)) ([da5a6e0](https://github.com/filebrowser/filebrowser/commit/da5a6e051faa80134c2adf4e621426cbdf046c88))
+* Frontend bug, administrators unable to delete users ([#3170](https://github.com/filebrowser/filebrowser/issues/3170)) ([bee71d9](https://github.com/filebrowser/filebrowser/commit/bee71d93fee137cdd807cd8f7716c7da0830fae7))
+* handle quotes in healthcheck.sh ([#3130](https://github.com/filebrowser/filebrowser/issues/3130)) ([18f04a7](https://github.com/filebrowser/filebrowser/commit/18f04a7d26186927f51f46354f3b2164a68f1b41))
+* the copy method in clipboard.ts ([#3177](https://github.com/filebrowser/filebrowser/issues/3177)) ([4786187](https://github.com/filebrowser/filebrowser/commit/4786187852b8eef07e40aa00cd159ccc1e7e79dc))
+
+
+### Build
+
+* bump go version to 1.22.1 ([bbd0abb](https://github.com/filebrowser/filebrowser/commit/bbd0abbdfdbb3ddf3326247b7c6d925751dfabcb))
+* bump go version to 1.22.2 ([#3158](https://github.com/filebrowser/filebrowser/issues/3158)) ([a9da7fd](https://github.com/filebrowser/filebrowser/commit/a9da7fd56c849b5a13133136b35ef5ebee622962))
+* **deps:** bump golang.org/x/net from 0.22.0 to 0.23.0 ([#3133](https://github.com/filebrowser/filebrowser/issues/3133)) ([6b77b8d](https://github.com/filebrowser/filebrowser/commit/6b77b8d683f7357ef71af678550e78910c10ddeb))
+
+## [2.28.0](https://github.com/filebrowser/filebrowser/compare/v2.27.0...v2.28.0) (2024-04-01)
+
+
+### Features
+
+* allow to configure if home directory is automatically created from cli ([#2963](https://github.com/filebrowser/filebrowser/issues/2963)) ([a4b089a](https://github.com/filebrowser/filebrowser/commit/a4b089a6dbf9821ecede428cd7d13e69c8b85231))
+* auto hiding header bar in preview to enlarge the preview window ([#3024](https://github.com/filebrowser/filebrowser/issues/3024)) ([d706506](https://github.com/filebrowser/filebrowser/commit/d70650689c34ce9f631fda6a453fd521faef22fa))
+* close editor when click escape key ([#2947](https://github.com/filebrowser/filebrowser/issues/2947)) ([70c8261](https://github.com/filebrowser/filebrowser/commit/70c826133b8578b8712e6db8f762a15a076cd9a9))
+* enable preview in shared folder ([#3055](https://github.com/filebrowser/filebrowser/issues/3055)) ([4c233c3](https://github.com/filebrowser/filebrowser/commit/4c233c3db39ea5a00d6e602ec0ecbddecb590877))
+* focus editor when opened ([#2946](https://github.com/filebrowser/filebrowser/issues/2946)) ([b19710e](https://github.com/filebrowser/filebrowser/commit/b19710efca6daa7af56dc211d0051d500d2eea22))
+* freezing the list in the background while previewing a file ([#3004](https://github.com/filebrowser/filebrowser/issues/3004)) ([e167c3e](https://github.com/filebrowser/filebrowser/commit/e167c3e1efed8b16be45d994a8d443fda1d8cf49))
+* prompt to confirm discard editor changes ([#2948](https://github.com/filebrowser/filebrowser/issues/2948)) ([fb1a09c](https://github.com/filebrowser/filebrowser/commit/fb1a09c7c172b913c12b30975ca545e505df0c05))
+* select multiple files with ctrl even with singleClick option ([#2953](https://github.com/filebrowser/filebrowser/issues/2953)) ([d49c3df](https://github.com/filebrowser/filebrowser/commit/d49c3dfacfc0ff07e620b3ad2700e64927b06235))
+
+
+### Bug Fixes
+
+* dashboard buttons position in rtl layout ([#2949](https://github.com/filebrowser/filebrowser/issues/2949)) ([2cfee21](https://github.com/filebrowser/filebrowser/commit/2cfee2183c98d0cb67fc4e9788644ed4278e25bc))
+* editor discard prompt ([#2990](https://github.com/filebrowser/filebrowser/issues/2990)) ([34a0817](https://github.com/filebrowser/filebrowser/commit/34a08170c894321d49bb843e259a0e59e2245998))
+* files and directories are created with the correct permissions ([#2966](https://github.com/filebrowser/filebrowser/issues/2966)) ([5c5ab6b](https://github.com/filebrowser/filebrowser/commit/5c5ab6b8750a5168f0ae2a26bd5de41e0b6d9637))
+* fix lint warnings ([#2976](https://github.com/filebrowser/filebrowser/issues/2976)) ([fe5ca74](https://github.com/filebrowser/filebrowser/commit/fe5ca74aa1e4257e5cb36f1de58daa0c3548319f))
+* **healthcheck:** use address configured if not empty ([#2938](https://github.com/filebrowser/filebrowser/issues/2938)) ([81cd8fc](https://github.com/filebrowser/filebrowser/commit/81cd8fc6d307b00af278beefcdbad4158a128fea))
+* keyboard shortcut to confirm prompts ([#2932](https://github.com/filebrowser/filebrowser/issues/2932)) ([ff9502f](https://github.com/filebrowser/filebrowser/commit/ff9502ff34790c46f31d175911cd51c9b62804fb))
+* moment locale ([#2952](https://github.com/filebrowser/filebrowser/issues/2952)) ([883383a](https://github.com/filebrowser/filebrowser/commit/883383a5715d82883c51138dfb547805dfad2a3c))
+* shell direction ([#2980](https://github.com/filebrowser/filebrowser/issues/2980)) ([6d7ba65](https://github.com/filebrowser/filebrowser/commit/6d7ba65faf576ee4ed095f3d0c41775b21e498de))
+* stay in the same position after renaming or deleting ([#3039](https://github.com/filebrowser/filebrowser/issues/3039)) ([cdf8def](https://github.com/filebrowser/filebrowser/commit/cdf8def3304315bef261da7f52f8599d90b1f0f0))
+
+
+### Build
+
+* **deps-dev:** bump vite from 4.4.12 to 4.5.2 in /frontend ([#2951](https://github.com/filebrowser/filebrowser/issues/2951)) ([bf36cc0](https://github.com/filebrowser/filebrowser/commit/bf36cc00f1369dd10a422f230ccabcbeefae1517))
+* **deps:** bump google.golang.org/protobuf from 1.31.0 to 1.33.0 ([#3045](https://github.com/filebrowser/filebrowser/issues/3045)) ([05bfae2](https://github.com/filebrowser/filebrowser/commit/05bfae264a7a477d1b7db582f06f4efb24d26ec9))
+* **deps:** bump google.golang.org/protobuf in /tools ([#3044](https://github.com/filebrowser/filebrowser/issues/3044)) ([7797a4e](https://github.com/filebrowser/filebrowser/commit/7797a4ef18038a877df31bd34f2ebf70d18823f8))
+
+## [2.27.0](https://github.com/filebrowser/filebrowser/compare/v2.26.0...v2.27.0) (2024-01-02)
+
+
+### Features
+
+* allow setting theme via cli ([#2881](https://github.com/filebrowser/filebrowser/issues/2881)) ([748af71](https://github.com/filebrowser/filebrowser/commit/748af7172ce96f0b66c394e88839bd57c194ffc7))
+* display image resolutions in file details ([#2830](https://github.com/filebrowser/filebrowser/issues/2830)) ([a09dfa8](https://github.com/filebrowser/filebrowser/commit/a09dfa8d9f190243d811a841de44c4abb4403d87))
+* make user session timeout configurable by flags ([#2845](https://github.com/filebrowser/filebrowser/issues/2845)) ([391a078](https://github.com/filebrowser/filebrowser/commit/391a078cd486e618c95a0c5850326076cbc025b6))
+
+
+### Bug Fixes
+
+* delete message when delete file from preview ([3264cea](https://github.com/filebrowser/filebrowser/commit/3264cea8307dca9ab5463dc81f2a10a817eb3d54))
+* fix typo ([#2843](https://github.com/filebrowser/filebrowser/issues/2843)) ([4dbc802](https://github.com/filebrowser/filebrowser/commit/4dbc802972c930f5f42fc27507fac35c28c42afd))
+* set correct port in docker healthcheck ([#2812](https://github.com/filebrowser/filebrowser/issues/2812)) ([d59ad59](https://github.com/filebrowser/filebrowser/commit/d59ad594b8649f57f61453b0dfbc350c57b690a2))
+* typo in build error [#2903](https://github.com/filebrowser/filebrowser/issues/2903) ([#2904](https://github.com/filebrowser/filebrowser/issues/2904)) ([c4e955a](https://github.com/filebrowser/filebrowser/commit/c4e955acf4a1a8f8e8e94f697ffc838515e69a60))
+
+
+### Build
+
+* **deps-dev:** bump vite from 4.4.9 to 4.4.12 in /frontend ([#2862](https://github.com/filebrowser/filebrowser/issues/2862)) ([fc2ee37](https://github.com/filebrowser/filebrowser/commit/fc2ee373536584d024f7def62f350bdbb712d927))
+* **deps:** bump golang.org/x/crypto from 0.14.0 to 0.17.0 ([#2890](https://github.com/filebrowser/filebrowser/issues/2890)) ([821fba4](https://github.com/filebrowser/filebrowser/commit/821fba41a25ba99d47641f01b10ac51960157888))
+
+## [2.26.0](https://github.com/filebrowser/filebrowser/compare/v2.25.0...v2.26.0) (2023-11-02)
+
+
+### Features
+
+* add modern greek translation ([#2778](https://github.com/filebrowser/filebrowser/issues/2778)) ([c3079d3](https://github.com/filebrowser/filebrowser/commit/c3079d30e22385d7e677f172324cd9cbab6487ce))
+* make user session timeout configurable ([#2753](https://github.com/filebrowser/filebrowser/issues/2753)) ([7fabadc](https://github.com/filebrowser/filebrowser/commit/7fabadc871ea91ea22fe9454e2ca4b33e5c211be))
+
+
+### Bug Fixes
+
+* avoid the front-end calling api/renew loop ([#2792](https://github.com/filebrowser/filebrowser/issues/2792)) ([edd808f](https://github.com/filebrowser/filebrowser/commit/edd808f124f4ada99bcbe4bca98ddbe20e5a424c))
+* disable static resource files listing ([da1fe7c](https://github.com/filebrowser/filebrowser/commit/da1fe7c9d76a9c6a25bfa19ebd6cf8023eff5d62))
+* display file size as base 2 (KiB instead of KB) ([#2779](https://github.com/filebrowser/filebrowser/issues/2779)) ([cdcd9a3](https://github.com/filebrowser/filebrowser/commit/cdcd9a313aa50c2e6806a182b6838462d42dcafe))
+* goreleaser yaml ([4d0a68e](https://github.com/filebrowser/filebrowser/commit/4d0a68e7875274f4c939f2bfa15739a9b0ecf70a))
+* revert fetchURL changes in auth (Fixes [#2729](https://github.com/filebrowser/filebrowser/issues/2729)) ([#2739](https://github.com/filebrowser/filebrowser/issues/2739)) ([bd3c194](https://github.com/filebrowser/filebrowser/commit/bd3c1941ff8289a5dae877e08f7e25fa9b2a92c5))
+* solve docker build failed issue ([#2797](https://github.com/filebrowser/filebrowser/issues/2797)) ([6a31af6](https://github.com/filebrowser/filebrowser/commit/6a31af6c0a144128af865d802c8039fa5250e946))
+
+
+### Build
+
+* **deps-dev:** bump postcss from 8.4.27 to 8.4.31 in /frontend ([#2749](https://github.com/filebrowser/filebrowser/issues/2749)) ([21d361a](https://github.com/filebrowser/filebrowser/commit/21d361ad308d109d2a6b323597019aaa09ce1781))
+* **deps:** bump @babel/traverse in /frontend ([#2775](https://github.com/filebrowser/filebrowser/issues/2775)) ([bb4bb50](https://github.com/filebrowser/filebrowser/commit/bb4bb508a9d71516e8fa80b3a6285fe002a059d2))
+* **deps:** bump golang.org/x/image from 0.5.0 to 0.10.0 ([#2800](https://github.com/filebrowser/filebrowser/issues/2800)) ([a744bd2](https://github.com/filebrowser/filebrowser/commit/a744bd224f0ff1efc53ab94481fa76ef68788df1))
+* **deps:** bump golang.org/x/net from 0.11.0 to 0.17.0 ([#2758](https://github.com/filebrowser/filebrowser/issues/2758)) ([d574fb6](https://github.com/filebrowser/filebrowser/commit/d574fb6d1af41ec31778b0f402674e5111a7875d))
+* fix deprecated goreleaser config options ([38f7788](https://github.com/filebrowser/filebrowser/commit/38f77882559133b9ff330cfb955a9d4ea4728cf8))
+
+## [2.25.0](https://github.com/filebrowser/filebrowser/compare/v2.24.2...v2.25.0) (2023-09-14)
+
+
+### Features
+
+* add new folder button to move/create dialogs ([#2667](https://github.com/filebrowser/filebrowser/issues/2667)) ([5994224](https://github.com/filebrowser/filebrowser/commit/599422446849fa37d5ab448bbf464afb7304b99d))
+* added shell resizing ([#2648](https://github.com/filebrowser/filebrowser/issues/2648)) ([584b706](https://github.com/filebrowser/filebrowser/commit/584b706b1e310297acc2580c60442ff5c11ae432))
+* implement abort upload functionality ([#2673](https://github.com/filebrowser/filebrowser/issues/2673)) ([a404fb0](https://github.com/filebrowser/filebrowser/commit/a404fb043da2573bf04385863b2d34b1f918b8e1))
+* implement upload speed calculation and ETA estimation ([#2677](https://github.com/filebrowser/filebrowser/issues/2677)) ([ecdd684](https://github.com/filebrowser/filebrowser/commit/ecdd684bf1d537a4591caa38348102b61dd51e5d))
+
+
+### Bug Fixes
+
+* refactor path resolution logic for project root ([#2674](https://github.com/filebrowser/filebrowser/issues/2674)) ([95fec7f](https://github.com/filebrowser/filebrowser/commit/95fec7f69430c108e5cf95c428db9d671cd97a94))
+* tus upload with cloudflare proxy ([36af01d](https://github.com/filebrowser/filebrowser/commit/36af01daa6e04005ce3d18985eebaeef06f7393d)), closes [#2593](https://github.com/filebrowser/filebrowser/issues/2593)
+
+
+### Refactorings
+
+* migrate frontend tooling to vite 4 ([#2645](https://github.com/filebrowser/filebrowser/issues/2645)) ([8838a09](https://github.com/filebrowser/filebrowser/commit/8838a09cf5104deac22b6143050588040c6825e6))
+
+
+### Build
+
+* bump go version to 1.21.0 ([#2672](https://github.com/filebrowser/filebrowser/issues/2672)) ([2c97573](https://github.com/filebrowser/filebrowser/commit/2c97573301a1b13179678fb7f9bd8316539ecdff))
+* bump node version to 18 ([#2671](https://github.com/filebrowser/filebrowser/issues/2671)) ([70eba7e](https://github.com/filebrowser/filebrowser/commit/70eba7ecc9d19545c0899ae40eb3897a7c48562f))
+
+
+### Performance improvements
+
+* **backend:** optimize subtitles detection performance ([#2637](https://github.com/filebrowser/filebrowser/issues/2637)) ([374bbd3](https://github.com/filebrowser/filebrowser/commit/374bbd3ec199fddbe491ab2b74e520a10a73e54b))
+
+### [2.24.2](https://github.com/filebrowser/filebrowser/compare/v2.24.1...v2.24.2) (2023-08-08)
+
+
+### Bug Fixes
+
+* 403 error error when uploading ([#2598](https://github.com/filebrowser/filebrowser/issues/2598)) ([289c8e6](https://github.com/filebrowser/filebrowser/commit/289c8e6f32eb520cc711389f6b6a4ed94a73ecd4))
+* config init for branding.disableUsedPercentage ([#2576](https://github.com/filebrowser/filebrowser/issues/2576)) ([#2596](https://github.com/filebrowser/filebrowser/issues/2596)) ([ff1e0b8](https://github.com/filebrowser/filebrowser/commit/ff1e0b8185faf14b1f8e91830ca5e71e68ab672e))
+
+
+### Build
+
+* add riscv64 binary releases ([#2587](https://github.com/filebrowser/filebrowser/issues/2587)) ([0ac3968](https://github.com/filebrowser/filebrowser/commit/0ac39684f175487314e97403406f4d2c482e3d79))
+
+### [2.24.1](https://github.com/filebrowser/filebrowser/compare/v2.24.0...v2.24.1) (2023-07-31)
+
+
+### Bug Fixes
+
+* add directory creation code to partial upload handler ([#2575](https://github.com/filebrowser/filebrowser/issues/2575)) ([#2580](https://github.com/filebrowser/filebrowser/issues/2580)) ([912f27a](https://github.com/filebrowser/filebrowser/commit/912f27a9e3286ee4bf2a27b366a1d35b3b55799c))
+* resolved CSS rendering issue in Chrome browser ([#2582](https://github.com/filebrowser/filebrowser/issues/2582)) ([2a4a46c](https://github.com/filebrowser/filebrowser/commit/2a4a46c61a5d5376bea65b28d0eb6a7ec2fdf4e5))
+
+
+### Build
+
+* **backend:** upgrade golangci-lint to v1.53.3 ([efd41cc](https://github.com/filebrowser/filebrowser/commit/efd41cc4c147b8d2d5e61fb2642df8d934f49362))
+
+## [2.24.0](https://github.com/filebrowser/filebrowser/compare/v2.23.0...v2.24.0) (2023-07-29)
+
+
+### Features
+
+* add a healthcheck script that works with a dynamic port ([#2510](https://github.com/filebrowser/filebrowser/issues/2510)) ([ff4375c](https://github.com/filebrowser/filebrowser/commit/ff4375cf6ce849459889f892dd91304703c52dcd))
+* add a new setting that disables the display of the disk usage ([#2136](https://github.com/filebrowser/filebrowser/issues/2136)) ([428c1c6](https://github.com/filebrowser/filebrowser/commit/428c1c606d1b858ed0eb58b7c31f570bc6a9b792))
+* add Hungarian translation ([#2232](https://github.com/filebrowser/filebrowser/issues/2232)) ([11e9202](https://github.com/filebrowser/filebrowser/commit/11e92021607e12efff9fb2d5c8728483eee31199))
+* add option to copy download links from shares ([#2442](https://github.com/filebrowser/filebrowser/issues/2442)) ([a4ef02a](https://github.com/filebrowser/filebrowser/commit/a4ef02a47b53742a0ac1f639563b0c67116619c8))
+* integrate tus.io for resumable and chunked uploads ([#2145](https://github.com/filebrowser/filebrowser/issues/2145)) ([7b35815](https://github.com/filebrowser/filebrowser/commit/7b35815754690540f76e3ffe114eedb47cfd5c7e))
+
+
+### Bug Fixes
+
+* added an early return on non-existent items ([#2571](https://github.com/filebrowser/filebrowser/issues/2571)) ([2744f7d](https://github.com/filebrowser/filebrowser/commit/2744f7d5b9106c7c2eec69010e550e0939c23d80))
+* build on FreeBSD and non-Linux platforms ([#2332](https://github.com/filebrowser/filebrowser/issues/2332)) ([60d1e2d](https://github.com/filebrowser/filebrowser/commit/60d1e2d2913cce591fbee97337bd58310480269f))
+* error while using fallback of dir move ([#2349](https://github.com/filebrowser/filebrowser/issues/2349)) ([853ec90](https://github.com/filebrowser/filebrowser/commit/853ec906efbdee9013c5d34ed1d9b8fee88a6b29))
+* filter ANSI color for shell ([#2529](https://github.com/filebrowser/filebrowser/issues/2529)) ([9bcfa90](https://github.com/filebrowser/filebrowser/commit/9bcfa900f904fe683c8d9085947f57932bfe22a0))
+* goreleaser docker build ([051104b](https://github.com/filebrowser/filebrowser/commit/051104bfa061720d4402c612e61bb0fc80a946bf))
+* solve broken Docker build with alpine image ([#2486](https://github.com/filebrowser/filebrowser/issues/2486)) ([b8ee340](https://github.com/filebrowser/filebrowser/commit/b8ee3404ee480ef1fd439543ab6d46f318ff3647))
+* video preview click next or prev button subtitles not update ([#2423](https://github.com/filebrowser/filebrowser/issues/2423)) ([6744cd4](https://github.com/filebrowser/filebrowser/commit/6744cd47cef87e3a76a2190bdf123b6c2197fe6f))
+* xss vulnerability in /api/raw ([#2570](https://github.com/filebrowser/filebrowser/issues/2570)) ([#2572](https://github.com/filebrowser/filebrowser/issues/2572)) ([b508ac3](https://github.com/filebrowser/filebrowser/commit/b508ac3d4f7f0f75d6b49c99bdc661a6d2173f30))
+
+
+### Refactorings
+
+* replace username old focus logic with the autofocus attribute ([#2223](https://github.com/filebrowser/filebrowser/issues/2223)) ([2b2c108](https://github.com/filebrowser/filebrowser/commit/2b2c1085fb50ad68612ad438e527fd316d8aafee))
+
+
+### Build
+
+* **backend:** bump go version to 1.20.1 ([fa95299](https://github.com/filebrowser/filebrowser/commit/fa95299df4aa7e4c54d872e786a91ded5bdb01c1))
+* **backend:** bump go version to 1.20.6 ([9bf6b85](https://github.com/filebrowser/filebrowser/commit/9bf6b856e5411e635ba9102ff53dfe927183848e))
+* **deps-dev:** bump word-wrap from 1.2.3 to 1.2.4 in /frontend ([#2556](https://github.com/filebrowser/filebrowser/issues/2556)) ([bb34862](https://github.com/filebrowser/filebrowser/commit/bb3486286c0da112ad97456ad258ddcdfe17c154))
+* **deps:** bump minimatch from 3.0.4 to 3.1.2 in /tools ([#2561](https://github.com/filebrowser/filebrowser/issues/2561)) ([a664ba1](https://github.com/filebrowser/filebrowser/commit/a664ba1f9df45c7f6d03492c85466c5aa07c740e))
+* **deps:** bump semver from 5.7.1 to 5.7.2 in /tools ([#2546](https://github.com/filebrowser/filebrowser/issues/2546)) ([c2f1423](https://github.com/filebrowser/filebrowser/commit/c2f1423c02e4736f4c243c3164dc671879e065f3))
+* remove armv6-s6 docker target ([66dfbb3](https://github.com/filebrowser/filebrowser/commit/66dfbb303cf792b7b01650d0125d948ab8d81ddd))
+* remove armv7-s6 docker target ([4d77ce0](https://github.com/filebrowser/filebrowser/commit/4d77ce0955644551f891af3e4098c37e9cc37e40))
+
+## [2.23.0](https://github.com/filebrowser/filebrowser/compare/v2.22.4...v2.23.0) (2022-11-05)
+
+
+### Features
+
+* add rtl support ([#2178](https://github.com/filebrowser/filebrowser/issues/2178)) ([2c14146](https://github.com/filebrowser/filebrowser/commit/2c14146a314bb271be66a36c63b64852a2848e26))
+* hebrew translation ([#2168](https://github.com/filebrowser/filebrowser/issues/2168)) ([a49105d](https://github.com/filebrowser/filebrowser/commit/a49105db1d5f0d8f3d6641940ea86da959ffe006))
+* hook authentication method ([dda9a38](https://github.com/filebrowser/filebrowser/commit/dda9a389f387e94643a9a2ae56027260b210152a))
+* update Polish translation ([#2089](https://github.com/filebrowser/filebrowser/issues/2089)) ([57c99e0](https://github.com/filebrowser/filebrowser/commit/57c99e0e261b4ed4c2cf468ce3ab09f1a440b359))
+
+
+### Bug Fixes
+
+* missing video controls on mobile ([#2180](https://github.com/filebrowser/filebrowser/issues/2180)) ([a5757b9](https://github.com/filebrowser/filebrowser/commit/a5757b94e8ed492d454b9e427b7f45824cc56c5c))
+* modify the delete confirmation interface logic. ([#2138](https://github.com/filebrowser/filebrowser/issues/2138)) ([0401adf](https://github.com/filebrowser/filebrowser/commit/0401adf7f4dd76760fe26b5baee02ebc726b51a9))
+
+
+### Build
+
+* **deps:** bump ansi-html and webpack-dev-server in /frontend ([#2184](https://github.com/filebrowser/filebrowser/issues/2184)) ([3a0dace](https://github.com/filebrowser/filebrowser/commit/3a0dace9a93f9d57855801de548891010cf0830e))
+* **deps:** bump terser from 4.8.0 to 4.8.1 in /frontend ([#2054](https://github.com/filebrowser/filebrowser/issues/2054)) ([aaed985](https://github.com/filebrowser/filebrowser/commit/aaed985699b3c63092ecb02c8bc07634123360ab))
+
+### [2.22.4](https://github.com/filebrowser/filebrowser/compare/v2.22.3...v2.22.4) (2022-07-18)
+
+
+### Bug Fixes
+
+* disable cookie auth for non GET requests ([80030de](https://github.com/filebrowser/filebrowser/commit/80030dee32d161043766d57ba4e0ad0b0d99290b))
+
+
+### Build
+
+* **deps:** bump moment from 2.29.2 to 2.29.4 in /frontend ([#2036](https://github.com/filebrowser/filebrowser/issues/2036)) ([cb43770](https://github.com/filebrowser/filebrowser/commit/cb437700255e41ff559b9f5a99ab4290b2f8df87))
+* **deps:** bump shell-quote from 1.7.2 to 1.7.3 in /frontend ([#2025](https://github.com/filebrowser/filebrowser/issues/2025)) ([eaba7e5](https://github.com/filebrowser/filebrowser/commit/eaba7e5255f960141e0fc1557f87073df9f6d66a))
+
+### [2.22.3](https://github.com/filebrowser/filebrowser/compare/v2.22.2...v2.22.3) (2022-07-05)
+
+
+### Bug Fixes
+
+* use correct field name in user put api ([#2026](https://github.com/filebrowser/filebrowser/issues/2026)) ([d94acdd](https://github.com/filebrowser/filebrowser/commit/d94acdd89a0069fe87107024fd332a0d59a112fc))
+
+### [2.22.2](https://github.com/filebrowser/filebrowser/compare/v2.22.1...v2.22.2) (2022-07-01)
+
+
+### Bug Fixes
+
+* display disk capacity in a correct format ([#2013](https://github.com/filebrowser/filebrowser/issues/2013)) ([dec3d62](https://github.com/filebrowser/filebrowser/commit/dec3d629d42de567aa708154ebc4e03b5223608c))
+* don't calculate usage for files ([#1973](https://github.com/filebrowser/filebrowser/issues/1973)) ([577c0ef](https://github.com/filebrowser/filebrowser/commit/577c0efa9cff13628d5e3bac710ef568a00949e0)), closes [#1972](https://github.com/filebrowser/filebrowser/issues/1972) [#1967](https://github.com/filebrowser/filebrowser/issues/1967)
+* preview url building fix ([#1976](https://github.com/filebrowser/filebrowser/issues/1976)) ([dcf0bc6](https://github.com/filebrowser/filebrowser/commit/dcf0bc65bfcfc7df3804d7392598a92019468cf7))
+
+
+### Build
+
+* **backend:** upgrade golangci-lint to 1.46.2 ([#1991](https://github.com/filebrowser/filebrowser/issues/1991)) ([8118afd](https://github.com/filebrowser/filebrowser/commit/8118afd0ac0d25f4503c98879369764c35e7408e))
+
+### [2.22.1](https://github.com/filebrowser/filebrowser/compare/v2.22.0...v2.22.1) (2022-06-06)
+
+
+### Bug Fixes
+
+* use correct basepath prefix for preview urls ([#1971](https://github.com/filebrowser/filebrowser/issues/1971)) ([1e7d3b2](https://github.com/filebrowser/filebrowser/commit/1e7d3b25c283c556d98c65f1c2f46db4e4178995))
+
+
+### Build
+
+* **backend:** bump go version to 1.8.3 ([b16982d](https://github.com/filebrowser/filebrowser/commit/b16982df0f7da9eedb678455298b42ac55c86666))
+
+## [2.22.0](https://github.com/filebrowser/filebrowser/compare/v2.21.1...v2.22.0) (2022-06-03)
+
+
+### Features
+
+* add branding to the window title ([#1850](https://github.com/filebrowser/filebrowser/issues/1850)) ([f8dfbf7](https://github.com/filebrowser/filebrowser/commit/f8dfbf7eeecf3ee99ce906276777676f44e81e34))
+* add disk usage information to the sidebar ([d1d8e3e](https://github.com/filebrowser/filebrowser/commit/d1d8e3e3405381b01317fe07ae729d70219415a7))
+* automatically focus username field on login page ([596c732](https://github.com/filebrowser/filebrowser/commit/596c73288f5b53bd7e79ab8046136dc75ff078b9))
+* invalid symlink icon ([b14b911](https://github.com/filebrowser/filebrowser/commit/b14b9114f837cacf9f7788e88c503142a81585be))
+* page title localization ([8a43413](https://github.com/filebrowser/filebrowser/commit/8a43413f888440dc11b11c509abff45f706033d8))
+
+
+### Bug Fixes
+
+* allow CSP inline styling ([5da9d74](https://github.com/filebrowser/filebrowser/commit/5da9d74da62c69c431361bcaf0c07dc1da237ea8))
+* disable autocapitalize of login input (closes [#1910](https://github.com/filebrowser/filebrowser/issues/1910)) ([aed3af5](https://github.com/filebrowser/filebrowser/commit/aed3af58384697dc3de30f1450b837b0b74e4fa6))
+* drag-and-drop folder upload ([e677c78](https://github.com/filebrowser/filebrowser/commit/e677c78471f09f8d2c21d63d7388e908924aa6d9))
+* expired token error ([c3bd118](https://github.com/filebrowser/filebrowser/commit/c3bd1188aa396cbf00c593d259a9da0eddeeea3b))
+* folder info on upload list ([d1d7b23](https://github.com/filebrowser/filebrowser/commit/d1d7b23da6cc0c9a2f2f3e17021ec4f13ea557dd))
+* network error object message ([fc209f6](https://github.com/filebrowser/filebrowser/commit/fc209f64deff7a2793980d11ee738f7140c444cf))
+* set correct scope when user home creation is enabled ([02730bb](https://github.com/filebrowser/filebrowser/commit/02730bb9bfa3bfbfa251bb4736fc4c08d33609ab))
+
+
+### Build
+
+* **backend:** bump dependency versions ([7c9a75e](https://github.com/filebrowser/filebrowser/commit/7c9a75e72588f92d58fb58d32cdac352bce73b20))
+* **deps:** bump async from 2.6.3 to 2.6.4 in /frontend ([#1933](https://github.com/filebrowser/filebrowser/issues/1933)) ([e5fa96b](https://github.com/filebrowser/filebrowser/commit/e5fa96b666eac2e46a02bde832488baca5f2cd6d))
+* **deps:** bump eventsource from 1.1.0 to 1.1.1 in /frontend ([dd50369](https://github.com/filebrowser/filebrowser/commit/dd503695a1a8119a631643414d3a9070890f3f3c))
+* **deps:** bump minimist from 1.2.5 to 1.2.6 in /frontend ([#1889](https://github.com/filebrowser/filebrowser/issues/1889)) ([a74c72d](https://github.com/filebrowser/filebrowser/commit/a74c72db451207e1275988f3d208fa6d6f0468a9))
+* **deps:** bump minimist from 1.2.5 to 1.2.6 in /tools ([#1891](https://github.com/filebrowser/filebrowser/issues/1891)) ([f5b1e10](https://github.com/filebrowser/filebrowser/commit/f5b1e106183fb2192063a72fd195fc8c181ba8f9))
+* **deps:** bump moment from 2.29.1 to 2.29.2 in /frontend ([#1900](https://github.com/filebrowser/filebrowser/issues/1900)) ([040584c](https://github.com/filebrowser/filebrowser/commit/040584c86563d869c7a05887ef1f781bce653033))
+* **deps:** bump url-parse from 1.5.7 to 1.5.10 in /frontend ([#1841](https://github.com/filebrowser/filebrowser/issues/1841)) ([b2ad3f7](https://github.com/filebrowser/filebrowser/commit/b2ad3f73686a2abaa4fc62963fba6f83c9da9b5e))
+* **frontend:** bump node version from 14 to 16 ([ac3ead8](https://github.com/filebrowser/filebrowser/commit/ac3ead8dcef9c64c6be8b5cbbceee143b2cc77a8))
+* upgrade go version to 1.18.1 ([6bd34c7](https://github.com/filebrowser/filebrowser/commit/6bd34c76324780c1edd8625d5b22f5a84990852b))
+
+### [2.21.1](https://github.com/filebrowser/filebrowser/compare/v2.21.0...v2.21.1) (2022-02-22)
+
+
+### Bug Fixes
+
+* display user scope for admin users ([#1834](https://github.com/filebrowser/filebrowser/issues/1834)) ([6366cf0](https://github.com/filebrowser/filebrowser/commit/6366cf0b181f13eac38f69f1760d6f6f0586a5d1))
+
+## [2.21.0](https://github.com/filebrowser/filebrowser/compare/v2.20.1...v2.21.0) (2022-02-21)
+
+
+### Features
+
+* add colorized file type icons ([2948589](https://github.com/filebrowser/filebrowser/commit/2948589fcde6d1dca7f3ea52a621d8213fa3300c))
+* add gallery view mode ([8888b9f](https://github.com/filebrowser/filebrowser/commit/8888b9f44640394df9e3583db4392472d7027a4b))
+* add Ukrainian translation / update Russian translation ([#1753](https://github.com/filebrowser/filebrowser/issues/1753)) ([665e458](https://github.com/filebrowser/filebrowser/commit/665e45889cd333f1e3500e4bf38d15d229c9fe2a))
+* add upload file list with progress ([#1825](https://github.com/filebrowser/filebrowser/issues/1825)) ([cf85404](https://github.com/filebrowser/filebrowser/commit/cf85404dd25cd7fdd73aa32878b4dc5f85ee3e96))
+* smaller column width to fit 2 columns in landscape mobiles ([7870e89](https://github.com/filebrowser/filebrowser/commit/7870e89bc04f1494f2705795476b5f1c9d621e38))
+* use real image path to calculate cache key ([c198723](https://github.com/filebrowser/filebrowser/commit/c1987237d05adcce77c614e5247a181ae5cdfacd))
+
+
+### Bug Fixes
+
+* correctly handle non-ascii passwords for shared resources ([c782f21](https://github.com/filebrowser/filebrowser/commit/c782f21b0fa4511a15e7015117d075eaf5ea332c))
+* don't expose scope for non-admin users ([0942fc7](https://github.com/filebrowser/filebrowser/commit/0942fc7042fd949cce91855169d0bcf16eb75771))
+* open all the pdf files correctly ([#1742](https://github.com/filebrowser/filebrowser/issues/1742)) ([949f0f2](https://github.com/filebrowser/filebrowser/commit/949f0f277f6004904b3edfa716a8365ec93fa0fa))
+
+
+### Build
+
+* **deps:** bump browserslist from 4.16.3 to 4.19.1 in /frontend ([8089007](https://github.com/filebrowser/filebrowser/commit/80890075e802e2a4217edbb01d6417122d702f5e))
+* **deps:** bump dns-packet from 1.3.1 to 1.3.4 in /frontend ([a73d7f1](https://github.com/filebrowser/filebrowser/commit/a73d7f14b787935c6ebe525dba64b65f8ed733e2))
+* **deps:** bump follow-redirects from 1.13.3 to 1.14.8 in /frontend ([f1f7f17](https://github.com/filebrowser/filebrowser/commit/f1f7f17ade8d40fc6cfb22c79960bce299876b56))
+* **deps:** bump hosted-git-info from 2.8.8 to 2.8.9 in /frontend ([e7659ea](https://github.com/filebrowser/filebrowser/commit/e7659ea36bdf780ce17005f7170a2fef02a2d5e5))
+* **deps:** bump path-parse from 1.0.6 to 1.0.7 in /frontend ([c014966](https://github.com/filebrowser/filebrowser/commit/c01496624a7ebfc8a7c256bd919a400367281cbb))
+* **deps:** bump postcss from 7.0.35 to 7.0.39 in /frontend ([9182d33](https://github.com/filebrowser/filebrowser/commit/9182d33e1cc375473fb18989a92d20252884f096))
+* **deps:** bump ssri from 6.0.1 to 6.0.2 in /frontend ([3717186](https://github.com/filebrowser/filebrowser/commit/371718634b11f32e68165f31c51b6b1139c829ec))
+* **deps:** bump tar from 6.1.0 to 6.1.11 in /frontend ([010d16f](https://github.com/filebrowser/filebrowser/commit/010d16fc1d8f0200e5662943aef17ee89c5877b7))
+* **deps:** bump url-parse from 1.5.1 to 1.5.4 in /frontend ([8906408](https://github.com/filebrowser/filebrowser/commit/8906408a8f0ed86d1e11ea90fc573b36815c9c0d))
+* **deps:** bump url-parse from 1.5.4 to 1.5.7 in /frontend ([228ebea](https://github.com/filebrowser/filebrowser/commit/228ebea66cc871b33459406590a80ef906298e7d))
+* **deps:** bump ws from 6.2.1 to 6.2.2 in /frontend ([73c8073](https://github.com/filebrowser/filebrowser/commit/73c80732d934bc8802a6d7c7a559cad37df405f0))
+
+### [2.20.1](https://github.com/filebrowser/filebrowser/compare/v2.20.0...v2.20.1) (2021-12-21)
+
+
+### Build
+
+* revert to using the default alpine based docker image ([46d8046](https://github.com/filebrowser/filebrowser/commit/46d80464d2a67927b06a11b83fb137ad364a90ed))
+
+## [2.20.0](https://github.com/filebrowser/filebrowser/compare/v2.19.0...v2.20.0) (2021-12-20)
+
+
+### Features
+
+* detect multiple subtitle languages ([#1723](https://github.com/filebrowser/filebrowser/issues/1723)) ([c2e03bb](https://github.com/filebrowser/filebrowser/commit/c2e03bbfab97fc6716bcdd59158e9d5129bf0ea7))
+* use linuxserver based docker image ([b8f35ce](https://github.com/filebrowser/filebrowser/commit/b8f35ce9322c2b0dbf954cfd3ff584bc9f742fdd))
+
+
+### Bug Fixes
+
+* set correct default database path in the config ([988d3e5](https://github.com/filebrowser/filebrowser/commit/988d3e5bdd224509ddc2f08444560e3087e9c67d))
+* upgrade vulnerable versions of the library ([6eb3ab0](https://github.com/filebrowser/filebrowser/commit/6eb3ab063509a015ad630ab704ae3791461d0982))
+
+
+### Build
+
+* refactor makefile ([f81857a](https://github.com/filebrowser/filebrowser/commit/f81857acce25936a700945db5ef4af545eaeb1cf))
+* remove deprecated goreleaser use_buildx param ([4d1b9dd](https://github.com/filebrowser/filebrowser/commit/4d1b9dd2112002a93bb26cece07dcfd81c31dc2c))
+
+## [2.19.0](https://github.com/filebrowser/filebrowser/compare/v2.18.0...v2.19.0) (2021-11-24)
+
+
+### Features
+
+* prefetch previous and next images in preview. ([#1627](https://github.com/filebrowser/filebrowser/issues/1627)) ([7401d16](https://github.com/filebrowser/filebrowser/commit/7401d16e457bb232fd7dd7ef427e8960d465705c))
+
+
+### Bug Fixes
+
+* empty file listing on share ([e082397](https://github.com/filebrowser/filebrowser/commit/e08239781f61e7bb25d9b8c5c6cce90f34621a76))
+* relative font sizes ([c29698d](https://github.com/filebrowser/filebrowser/commit/c29698dffac769077ab7c7869569a902979ee3d7))
+
+## [2.18.0](https://github.com/filebrowser/filebrowser/compare/v2.17.2...v2.18.0) (2021-10-31)
+
+
+### Features
+
+* add ability to select file modified time format ([#1536](https://github.com/filebrowser/filebrowser/issues/1536)) ([0426629](https://github.com/filebrowser/filebrowser/commit/0426629a59c712849570d3e29956948ae7725a4a))
+* add manifest theme color param ([#1542](https://github.com/filebrowser/filebrowser/issues/1542)) ([0358e42](https://github.com/filebrowser/filebrowser/commit/0358e42d2c206732fffa77714f5a66f4fe50a69d))
+
+
+### Bug Fixes
+
+* back button behaviour in preview ([#1573](https://github.com/filebrowser/filebrowser/issues/1573)) ([deabc80](https://github.com/filebrowser/filebrowser/commit/deabc80fd7670983039dfcd29531b45002ca5d9e))
+* fix sidebar navigation on mobile devices ([#1618](https://github.com/filebrowser/filebrowser/issues/1618)) ([f09bf3e](https://github.com/filebrowser/filebrowser/commit/f09bf3e1d076b27d29ba8a91cf448a99993bc444))
+* search box is misaligned when the browser preferred font size is other than 16px ([#1613](https://github.com/filebrowser/filebrowser/issues/1613)) ([6f345be](https://github.com/filebrowser/filebrowser/commit/6f345be3e47ba57ecc1eb9a62587ab949078c125))
+* security issue in command runner (closes [#1621](https://github.com/filebrowser/filebrowser/issues/1621)) ([74b7cd8](https://github.com/filebrowser/filebrowser/commit/74b7cd8e81840537a8206317344f118093153e8d))
+* set correct editor height regardless of preferred font size ([#1614](https://github.com/filebrowser/filebrowser/issues/1614)) ([ddd4ffa](https://github.com/filebrowser/filebrowser/commit/ddd4ffa4caa6b292a3a644ecd897aba1237c7503))
+* zoom pics when dlclick at first time ([#1561](https://github.com/filebrowser/filebrowser/issues/1561)) ([b6a51be](https://github.com/filebrowser/filebrowser/commit/b6a51bed516814944f8aa41440652242d57824c5))
+
+### [2.17.2](https://github.com/filebrowser/filebrowser/compare/v2.17.1...v2.17.2) (2021-08-27)
+
+
+### Bug Fixes
+
+* bug with inlineLink not creating url properly ([#1515](https://github.com/filebrowser/filebrowser/issues/1515)) ([43a4609](https://github.com/filebrowser/filebrowser/commit/43a460993c3f0d158b876db4b20caa7963e9f361))
+
+### [2.17.1](https://github.com/filebrowser/filebrowser/compare/v2.17.0...v2.17.1) (2021-08-23)
+
+
+### Bug Fixes
+
+* internal server error if --disable-preview-resize flag is set (closes [#1510](https://github.com/filebrowser/filebrowser/issues/1510)) ([4c3099a](https://github.com/filebrowser/filebrowser/commit/4c3099a086c206dcb3bc70ee8c8da02eee61c30b))
+
+## [2.17.0](https://github.com/filebrowser/filebrowser/compare/v2.16.1...v2.17.0) (2021-08-21)
+
+
+### Features
+
+* open file option on preview ([76add9e](https://github.com/filebrowser/filebrowser/commit/76add9e5274b0373c6b983e3b20e387a14ea6c9e))
+
+
+### Bug Fixes
+
+* 401 error in share view open file button ([#1495](https://github.com/filebrowser/filebrowser/issues/1495)) ([25c8788](https://github.com/filebrowser/filebrowser/commit/25c87883908babde073390a2e2320a8e5880a87c))
+* escape quote on index template ([23d646c](https://github.com/filebrowser/filebrowser/commit/23d646c456876d06cf48e71c1e57b69de99511f0)), closes [#1501](https://github.com/filebrowser/filebrowser/issues/1501)
+* file caching directive ([c63cc5a](https://github.com/filebrowser/filebrowser/commit/c63cc5a2d25909cc4e2f2e7235f276ec66c32bf2))
+
+### [2.16.1](https://github.com/filebrowser/filebrowser/compare/v2.16.0...v2.16.1) (2021-08-04)
+
+
+### Bug Fixes
+
+* check symlink target type (closes [#1488](https://github.com/filebrowser/filebrowser/issues/1488)) ([76b466f](https://github.com/filebrowser/filebrowser/commit/76b466f6492e74cf13e66a33e7e5f597ac92b240))
+
+## [2.16.0](https://github.com/filebrowser/filebrowser/compare/v2.15.0...v2.16.0) (2021-07-26)
+
+
+### Features
+
+* browser cache directives ([190cb99](https://github.com/filebrowser/filebrowser/commit/190cb99a79a0d438eca2da13539f8c6449ad73ac))
+* display error messages on settings ([6032038](https://github.com/filebrowser/filebrowser/commit/603203848a8b2221158088b6d849609db4c0c46c))
+* file name on page title ([16a34de](https://github.com/filebrowser/filebrowser/commit/16a34defc02554a77c6ac47b9e17e69d098a09fe))
+* gzip encoding for static js files ([aa172b8](https://github.com/filebrowser/filebrowser/commit/aa172b8bb5f17d5f5cb9666bfb5ee650d8091fb5))
+* loading spinner on views navigation ([976eb55](https://github.com/filebrowser/filebrowser/commit/976eb5583dae474125fd7ddec5dc19b6c291f98f))
+* message for connection error ([5e6f14b](https://github.com/filebrowser/filebrowser/commit/5e6f14b5dcb9c5efdf526f1346e09c2d0b2f6974))
+* mod time title on file info ([7d1e030](https://github.com/filebrowser/filebrowser/commit/7d1e03075d2c27148f60813defa0f68403d1d3c2))
+* open file option on share ([1c25f6e](https://github.com/filebrowser/filebrowser/commit/1c25f6ee69bd71eed82af7020006d0e27537a967))
+* show more button on share ([ba8c09f](https://github.com/filebrowser/filebrowser/commit/ba8c09f454feeadf4a1e97547a34151a81b389d5))
+* support for IE11 browser ([7ec24d9](https://github.com/filebrowser/filebrowser/commit/7ec24d9d7794fa37825f64ca2d1575f568fb1362))
+
+
+### Bug Fixes
+
+* break resource create/update handlers on error (closes [#1464](https://github.com/filebrowser/filebrowser/issues/1464)) ([5072bbb](https://github.com/filebrowser/filebrowser/commit/5072bbb2cbf5b29d041629faa8367f15e4d145a2))
+* copying files with special characters ([20ebbf6](https://github.com/filebrowser/filebrowser/commit/20ebbf6611b734371426fb1b9cb5e388be90bf7e))
+* delete image cache when moving ([8973c45](https://github.com/filebrowser/filebrowser/commit/8973c4598ff817647f1f1ad6ee36480054cd2776))
+* don't remove files on unsuccessful updates (closes [#1456](https://github.com/filebrowser/filebrowser/issues/1456)) ([6b19ab6](https://github.com/filebrowser/filebrowser/commit/6b19ab6613b12be7f075299cd98f4b41d43827c7))
+* failure on broken symlink deletion ([8650d2f](https://github.com/filebrowser/filebrowser/commit/8650d2ffe7a29cbafa800efcecbf6a61598a9f0c))
+* inconsistent double click on listing item ([ba7e71a](https://github.com/filebrowser/filebrowser/commit/ba7e71a7c3b0cc71012e5adf94b1c642e554972e))
+* no items displayed on file listing ([18889ad](https://github.com/filebrowser/filebrowser/commit/18889ad725f7f7e5a7e3f7abcf156487556dbeaf))
+* omit file content ([209f9fa](https://github.com/filebrowser/filebrowser/commit/209f9fa77f751054512355f2b74b9b7258465d0b))
+* short commit sha and typo fix in Makefile ([#1411](https://github.com/filebrowser/filebrowser/issues/1411)) ([46ee595](https://github.com/filebrowser/filebrowser/commit/46ee59538914dc2859f0da6b32e2d062d0a01b10))
+
+## [2.15.0](https://github.com/filebrowser/filebrowser/compare/v2.14.1...v2.15.0) (2021-04-06)
+
+
+### Features
+
+* add EXIF thumbnail support for JPEG files ([#1234](https://github.com/filebrowser/filebrowser/issues/1234)) ([7dd5b34](https://github.com/filebrowser/filebrowser/commit/7dd5b34d425dfbc2782152310483cbecf85c800a))
+* dynamic autoplay on previewer ([a76e01d](https://github.com/filebrowser/filebrowser/commit/a76e01d2b78a785f3665a8b3532c7cc566bfabce))
+* dynamic item count on file listing ([6c8ee96](https://github.com/filebrowser/filebrowser/commit/6c8ee96e6a21fae5d4608bdc7a5c5a161d7dafd3))
+* dynamic zoom limit on previewer ([e410272](https://github.com/filebrowser/filebrowser/commit/e410272e6be6a0b660efe8d4eee6c6e9dd834cc5))
+
+
+### Bug Fixes
+
+* buttons without permission on header ([1516d99](https://github.com/filebrowser/filebrowser/commit/1516d9932bf9926ac8b4cb3e738a5f51e80d5b1d))
+* check modify permission on file overwrite ([59f9964](https://github.com/filebrowser/filebrowser/commit/59f9964e80c8233775f27be33a4c16a31bfe848a))
+* empty archive name on directory download ([2697093](https://github.com/filebrowser/filebrowser/commit/2697093ac151f74eea3022951d128acfe04d1dcf))
+* empty text file on editor ([e9baf0c](https://github.com/filebrowser/filebrowser/commit/e9baf0c4b688fab291cdc842ec464c7a7a816499))
+* error causes panic on upload ([e1a6f59](https://github.com/filebrowser/filebrowser/commit/e1a6f593e1824e7fa4345a61dff5b1bb8cd22d05))
+* hidden editor header on Safari ([b521dec](https://github.com/filebrowser/filebrowser/commit/b521dec8f9b14dd92248c429e902ebc639046389))
+* image quality switch on previewer ([c0d85f3](https://github.com/filebrowser/filebrowser/commit/c0d85f3d85926c8790757bf142140d19455ae8ca))
+* list item interactions on share ([87f1881](https://github.com/filebrowser/filebrowser/commit/87f1881b429877a740ea84a8e783ad4103248289))
+* missing bold variation for Roboto font ([98d79b8](https://github.com/filebrowser/filebrowser/commit/98d79b8ed955df5691a306d709b4ab60d91da408))
+* mouse wheel zoom on previewer ([fcb115f](https://github.com/filebrowser/filebrowser/commit/fcb115f42d33db2be7a4d428ec53d65d6050320b))
+* no header button animations on file listing ([fe80730](https://github.com/filebrowser/filebrowser/commit/fe80730bb135b38e4d9de470c75cbe10b1aec201))
+
+### [2.14.1](https://github.com/filebrowser/filebrowser/compare/v2.14.0...v2.14.1) (2021-03-21)
+
+
+### Bug Fixes
+
+* display public routes with header proxy auth ([da54bd6](https://github.com/filebrowser/filebrowser/commit/da54bd6c214d7ee39b71d710ddfe6dd25fc4e5d6))
+
+## [2.14.0](https://github.com/filebrowser/filebrowser/compare/v2.13.0...v2.14.0) (2021-03-21)
+
+
+### Features
+
+* add health check handler ([a721dc1](https://github.com/filebrowser/filebrowser/commit/a721dc1f314732e60d331a1a7da97d06e0e8b613))
+
+
+### Bug Fixes
+
+* hide dotfile error on share ([5f4a031](https://github.com/filebrowser/filebrowser/commit/5f4a0317ab5685fe4a558df74e604c12e04a1c10))
+* prefix handling on http router ([93a35ad](https://github.com/filebrowser/filebrowser/commit/93a35ad2516accdcb9735db509550979d01de2c3))
+* qr code url on share ([22f4be8](https://github.com/filebrowser/filebrowser/commit/22f4be8f54162b7cf494177705ffb8b09117bd01))
+* text file detection on editor ([eeadc53](https://github.com/filebrowser/filebrowser/commit/eeadc532fe6057969b3c1a4726f236851b154cfa))
+
+## [2.13.0](https://github.com/filebrowser/filebrowser/compare/v2.12.1...v2.13.0) (2021-03-14)
+
+
+### Features
+
+* dual pane settings view ([db5aad8](https://github.com/filebrowser/filebrowser/commit/db5aad8eb679cfe1b1ace5142cf342951217f0f7))
+* improved settings navbar ([5b28aa0](https://github.com/filebrowser/filebrowser/commit/5b28aa0848710b9d3ee02a2aa912856395f48bd2))
+* improved sharing prompt ([1819377](https://github.com/filebrowser/filebrowser/commit/18193778971e27d18b5a35df8c2d0e2953b48111))
+* increased header button counter size ([4fb832c](https://github.com/filebrowser/filebrowser/commit/4fb832c0422107e16f22b7aa928224f36de4978f))
+* larger previewer content ([62fff5c](https://github.com/filebrowser/filebrowser/commit/62fff5ca60da1f887c1f95fa4808d3753596dab2))
+
+
+### Bug Fixes
+
+* archive contains parent path on Windows ([54f3570](https://github.com/filebrowser/filebrowser/commit/54f35701a2bd5cb7ec0628ca9789047072c073db))
+* check rules on http resource handlers ([5bf1554](https://github.com/filebrowser/filebrowser/commit/5bf15548d0ad147acfad5000277531be2671f7ce))
+* download current dir on file listing ([488d980](https://github.com/filebrowser/filebrowser/commit/488d98045e7476ed11e53c13d9498a9db3165bbc))
+* encoded file path on share ([7955e07](https://github.com/filebrowser/filebrowser/commit/7955e0720baef3710106c7e69bbbf078d5489220))
+* full file path on share ([e017a19](https://github.com/filebrowser/filebrowser/commit/e017a199850e19dd51b960ba59402c215fd8f1af))
+* header dropdown icon color on previewer ([f8df76f](https://github.com/filebrowser/filebrowser/commit/f8df76f52684f10722ce123fec2c90e321ddf103))
+* item dragging on file listing ([326b35a](https://github.com/filebrowser/filebrowser/commit/326b35a7ac7871afcdf892ca150349665b7f6379))
+* modified time on info prompt ([11ebaec](https://github.com/filebrowser/filebrowser/commit/11ebaec5f0671ec02ebe55d4a73a514bce3a6713))
+* root path name on archive ([426b38b](https://github.com/filebrowser/filebrowser/commit/426b38bb3362d2d477d0d8aa27d880664d537431))
+* stuck icon on header button ([6a734c0](https://github.com/filebrowser/filebrowser/commit/6a734c01391b437c2842f5d97fb63f29a0017510))
+* update image cache when replacing ([81b6f4d](https://github.com/filebrowser/filebrowser/commit/81b6f4d6f6a01886583016f61f4f1951a59f244d))
+* wait for async command exit ([#1326](https://github.com/filebrowser/filebrowser/issues/1326)) ([6d5ceae](https://github.com/filebrowser/filebrowser/commit/6d5ceae8b454edd749b3b65c88aacc0a31ce9215))
+
+
+### Refactorings
+
+* migrate from rice to embed.FS ([fc55061](https://github.com/filebrowser/filebrowser/commit/fc5506179a64e9e2f57f7b6d6cce4b95f5ebc235))
+
+### [2.12.1](https://github.com/filebrowser/filebrowser/compare/v2.12.0...v2.12.1) (2021-03-07)
+
+
+### Bug Fixes
+
+* add missing default config into the docker image ([7358b3f](https://github.com/filebrowser/filebrowser/commit/7358b3fe3178c20007b4b5ef5c03705badd538c4))
+
 ## [2.12.0](https://github.com/filebrowser/filebrowser/compare/v2.11.0...v2.12.0) (2021-03-04)
 
 

CODE-OF-CONDUCT.md

@@ -0,0 +1,46 @@
+# Code of Conduct
+
+## Contributor Covenant Code of Conduct
+
+### Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+### Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+### Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+### Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+### Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at hacdias@gmail.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+### Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.4, available at [https://contributor-covenant.org/version/1/4](https://contributor-covenant.org/version/1/4).
+

CONTRIBUTING.md

@@ -0,0 +1,91 @@
+# Contributing
+
+If you're interested in contributing to this project, this is the best place to start. Before contributing to this project, please take a bit of time to read our [Code of Conduct](code-of-conduct.md). Also, note that this project is open-source and licensed under [Apache License 2.0](LICENSE).
+
+## Project Structure
+
+The backend side of the application is written in [Go](https://golang.org/), while the frontend (located on a subdirectory of the same name) is written in [Vue.js](https://vuejs.org/). Due to the tight coupling required by some features, basic knowledge of both Go and Vue.js is recommended.
+
+* Learn Go: [https://github.com/golang/go/wiki/Learn](https://github.com/golang/go/wiki/Learn)
+* Learn Vue.js: [https://vuejs.org/guide/introduction.html](https://vuejs.org/guide/introduction.html)
+
+We encourage you to use git to manage your fork. To clone the main repository, just run:
+
+```bash
+git clone https://github.com/filebrowser/filebrowser
+```
+
+## Build
+
+### Frontend
+
+We are using [Node.js](https://nodejs.org/en/) on the frontend to manage the build process. The steps to build it are:
+
+```bash
+# From the root of the repo, go to frontend/
+cd frontend
+
+# Install the dependencies
+pnpm install
+
+# Build the frontend
+pnpm run build
+```
+
+This will install the dependencies and build the frontend so you can then embed it into the Go app. Although, if you want to play with it, you'll get bored of building it after every change you do. So, you can run the command below to watch for changes:
+
+```bash
+pnpm run dev
+```
+
+### Backend
+
+First of all, you need to download the required dependencies. We are using the built-in `go mod` tool for dependency management. To get the modules, run:
+
+```bash
+go mod download
+```
+
+The magic of File Browser is that the static assets are bundled into the final binary. For that, we use [Go embed.FS](https://golang.org/pkg/embed/). The files from `frontend/dist` will be embedded during the build process.
+
+To build File Browser is just like any other Go program:
+
+```bash
+go build
+```
+
+To create a development build use the "dev" tag, this way the content inside the frontend folder will not be embedded in the binary but will be reloaded at every change:
+
+```bash
+go build -tags dev
+```
+
+## Translations
+
+Translations are managed on Transifex, which is an online website where everyone can contribute and translate strings for our project. It automatically syncs with the main language file \(in English\) and,, for you to contribute, you just need to:
+
+1. Go to our Transifex web page: [app.transifex.com/file-browser/file-browser](https://app.transifex.com/file-browser/file-browser/)
+2. Click on **Join the project** and pick your language. We'll accept you as soon as possible. If you're language is not on the list, please request it via the interface.
+
+Translations are automatically pushed to GitHub via an integration.
+
+## Authentication Provider
+
+To build a new authentication provider, you need to implement the [Auther interface](https://github.com/filebrowser/filebrowser/blob/master/auth/auth.go), whose method will be called on the login page after the user has submitted their login data.
+
+```go
+// Auther is the authentication interface.
+type Auther interface {
+    // Auth is called to authenticate a request.
+    Auth(r *http.Request, s *users.Storage, root string) (*users.User, error)
+}
+```
+
+After implementing the interface you should:
+
+1. Add it to [`auth` directory](https://github.com/filebrowser/filebrowser/blob/master/auth).
+2. Add it to the [configuration parser](https://github.com/filebrowser/filebrowser/blob/master/cmd/config.go) for the CLI.
+3. Add it to the [`authBackend.Get`](https://github.com/filebrowser/filebrowser/blob/master/storage/bolt/auth.go).
+
+If you need to add more flags, please update the function `addConfigFlags`.
+

Dockerfile

@@ -1,10 +1,32 @@
-FROM alpine:latest
-RUN apk --update add ca-certificates
-RUN apk --update add mailcap
+FROM alpine:3.22
+
+RUN apk update && \
+  apk --no-cache add ca-certificates mailcap curl jq tini
+
+# Make user and create necessary directories
+ENV UID=1000
+ENV GID=1000
+
+RUN addgroup -g $GID user && \
+  adduser -D -u $UID -G user user && \
+  mkdir -p /config /database /srv && \
+  chown -R user:user /config /database /srv
+
+# Copy files and set permissions
+COPY filebrowser /bin/filebrowser
+COPY docker/common/ /
+COPY docker/alpine/ /
+
+RUN chown -R user:user /bin/filebrowser /defaults healthcheck.sh init.sh
+
+# Define healthcheck script
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s CMD /healthcheck.sh
+
+# Set the user, volumes and exposed ports
+USER user
+
+VOLUME /srv /config /database
 
-VOLUME /srv
 EXPOSE 80
 
-COPY filebrowser /filebrowser
-
-ENTRYPOINT [ "/filebrowser" ]
+ENTRYPOINT [ "tini", "--", "/init.sh", "filebrowser", "--config", "/config/settings.json" ]

Dockerfile.s6

@@ -0,0 +1,23 @@
+FROM ghcr.io/linuxserver/baseimage-alpine:3.22
+
+RUN apk update && \
+  apk --no-cache add ca-certificates mailcap curl jq
+
+# Make user and create necessary directories
+RUN mkdir -p /config /database /srv && \
+  chown -R abc:abc /config /database /srv
+
+# Copy files and set permissions
+COPY filebrowser /bin/filebrowser
+COPY docker/common/ /
+COPY docker/s6/ /
+
+RUN chown -R abc:abc /bin/filebrowser /defaults healthcheck.sh
+
+# Define healthcheck script
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s CMD /healthcheck.sh
+
+# Set the volumes and exposed ports
+VOLUME /srv /config /database
+
+EXPOSE 80

Dockerfile.s6.aarch64

@@ -0,0 +1,23 @@
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.22
+
+RUN apk update && \
+  apk --no-cache add ca-certificates mailcap curl jq
+
+# Make user and create necessary directories
+RUN mkdir -p /config /database /srv && \
+  chown -R abc:abc /config /database /srv
+
+# Copy files and set permissions
+COPY filebrowser /bin/filebrowser
+COPY docker/common/ /
+COPY docker/s6/ /
+
+RUN chown -R abc:abc /bin/filebrowser /defaults healthcheck.sh
+
+# Define healthcheck script
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s CMD /healthcheck.sh
+
+# Set the volumes and exposed ports
+VOLUME /srv /config /database
+
+EXPOSE 80

LICENSE

@@ -187,7 +187,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2018 File Browser contributors
+   Copyright 2018 File Browser Contributors
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

Makefile

@@ -1,100 +1,88 @@
-SHELL := /bin/bash
-BASE_PATH := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-VERSION ?= $(shell git describe --tags --always --match=v* 2> /dev/null || \
-           			cat $(CURDIR)/.version 2> /dev/null || echo v0)
-VERSION_HASH = $(shell git rev-parse HEAD)
+include common.mk
+include tools.mk
 
-BIN = $(BASE_PATH)/bin
-PATH := $(BIN):$(PATH)
-export PATH
+LDFLAGS += -X "$(MODULE)/version.Version=$(VERSION)" -X "$(MODULE)/version.CommitSHA=$(VERSION_HASH)"
 
-# printing
-V = 0
-Q = $(if $(filter 1,$V),,@)
-M = $(shell printf "\033[34;1m▶\033[0m")
+SITE_DOCKER_FLAGS = \
+	-v $(CURDIR)/www:/docs \
+	-v $(CURDIR)/LICENSE:/docs/docs/LICENSE \
+	-v $(CURDIR)/SECURITY.md:/docs/docs/security.md \
+	-v $(CURDIR)/CHANGELOG.md:/docs/docs/changelog.md \
+	-v $(CURDIR)/CODE-OF-CONDUCT.md:/docs/docs/code-of-conduct.md \
+	-v $(CURDIR)/CONTRIBUTING.md:/docs/docs/contributing.md
 
-GO = GOGC=off go
-# go module
-MODULE = $(shell env GO111MODULE=on $(GO) list -m)
+## Build:
 
-DATE    ?= $(shell date +%FT%T%z)
-VERSION ?= $(shell git describe --tags --always --match=v* 2> /dev/null || \
-			cat $(CURDIR)/.version 2> /dev/null || echo v0)
-VERSION_HASH = 	$(shell git rev-parse HEAD)
-BRANCH = $(shell git rev-parse --abbrev-ref HEAD)
-
-LDFLAGS += -X "$(MODULE)/varsion.Version=$(VERSION)" -X "$(MODULE)/varsion.CommitSHA=$(VERSION_HASH)"
-
-# tools
-$(BIN):
-	@mkdir -p $@
-$(BIN)/%: | $(BIN) ; $(info $(M) installing $(PACKAGE)…)
-	$Q env GOBIN=$(BIN) $(GO) install $(PACKAGE)
-
-GOLANGCI_LINT = $(BIN)/golangci-lint
-$(BIN)/golangci-lint: PACKAGE=github.com/golangci/golangci-lint/cmd/golangci-lint@v1.37.1
-
-GOIMPORTS = $(BIN)/goimports
-$(BIN)/goimports: PACKAGE=golang.org/x/tools/cmd/goimports@v0.1.0
-
-RICE = $(BIN)/rice
-$(BIN)/rice: PACKAGE=github.com/GeertJohan/go.rice/rice@v1.0.2
-
-## build: Build
 .PHONY: build
-build: | build-frontend build-backend ; $(info $(M) building…)
+build: | build-frontend build-backend ## Build binary
 
-## build-frontend: Build frontend
 .PHONY: build-frontend
-build-frontend: | ; $(info $(M) building frontend…)
-	$Q cd frontend && npm ci && npm run build
+build-frontend: ## Build frontend
+	$Q cd frontend && pnpm install --frozen-lockfile && pnpm run build
 
-## build-backend: Build backend
 .PHONY: build-backend
-build-backend: bundle-frontend | ; $(info $(M) building backend…)
-	$Q $(GO) build -ldflags '$(LDFLAGS)' -o filebrowser
+build-backend: ## Build backend
+	$Q $(go) build -ldflags '$(LDFLAGS)' -o .
 
-bundle-frontend: | $(RICE) ; $(info $(M) building backend…)
-	$Q cd ./http && rm -rf rice-box.go && $(RICE) embed-go
-
-## test: Run all tests
 .PHONY: test
-test: | test-frontend test-backend ; $(info $(M) running tests…)
+test: | test-frontend test-backend ## Run all tests
 
-## test-frontend: Run frontend tests
 .PHONY: test-frontend
-test-frontend: | ; $(info $(M) running frontend tests…)
+test-frontend: ## Run frontend tests
+	$Q cd frontend && pnpm install --frozen-lockfile && pnpm run typecheck
 
-## test-backend: Run backend tests
 .PHONY: test-backend
-test-backend: | $(RICE) ; $(info $(M) running backend tests…)
-	$Q $(GO) test -v ./...
+test-backend: ## Run backend tests
+	$Q $(go) test -v ./...
 
-## lint: Lint
 .PHONY: lint
-lint: lint-frontend lint-backend lint-commits | ; $(info $(M) running all linters…)
+lint: lint-frontend lint-backend ## Run all linters
 
-## lint-frontend: Lint frontend
 .PHONY: lint-frontend
-lint-frontend: | ; $(info $(M) running frontend linters…)
-	$Q cd frontend && npm ci && npm run lint
+lint-frontend: ## Run frontend linters
+	$Q cd frontend && pnpm install --frozen-lockfile && pnpm run lint
 
-## lint-backend: Lint backend
 .PHONY: lint-backend
-lint-backend: | $(GOLANGCI_LINT) ; $(info $(M) running backend linters…)
-	$Q $(GOLANGCI_LINT) run
+lint-backend: | $(golangci-lint) ## Run backend linters
+	$Q $(golangci-lint) run -v
 
-## lint-commits: Lint commits
 .PHONY: lint-commits
-lint-commits: | ; $(info $(M) running commitlint…)
+lint-commits: $(commitlint) ## Run commit linters
 	$Q ./scripts/commitlint.sh
 
-## bump-version: Bump app version
+fmt: $(goimports) ## Format source files
+	$Q $(goimports) -local $(MODULE) -w $$(find . -type f -name '*.go' -not -path "./vendor/*")
+
+clean: clean-tools ## Clean
+
+## Release:
+
 .PHONY: bump-version
-bump-version: | ; $(info $(M) creating a new release…)
+bump-version: $(standard-version) ## Bump app version
 	$Q ./scripts/bump_version.sh
 
-## help: Show this help
-.PHONY: help
-help:
-	@sed -n 's/^## //p' $(MAKEFILE_LIST) | column -t -s ':' |  sed -e 's/^/ /' | sort
+.PHONY: site
+site: ## Build site
+	@rm -rf www/public
+	docker build -f www/Dockerfile --progress=plain -t filebrowser.site www
+	docker run --rm $(SITE_DOCKER_FLAGS) filebrowser.site build -d "public"
+
+.PHONY: site-serve
+site-serve: ## Serve site for development
+	docker build -f www/Dockerfile --progress=plain -t filebrowser.site www
+	docker run --rm -it -p 8000:8000 $(SITE_DOCKER_FLAGS) filebrowser.site
+
+## Help:
+help: ## Show this help
+	@echo ''
+	@echo 'Usage:'
+	@echo '  ${YELLOW}make${RESET} ${GREEN}<target> [options]${RESET}'
+	@echo ''
+	@echo 'Options:'
+	@$(call global_option, "V [0|1]", "enable verbose mode (default:0)")
+	@echo ''
+	@echo 'Targets:'
+	@awk 'BEGIN {FS = ":.*?## "} { \
+		if (/^[a-zA-Z_-]+:.*?##.*$$/) {printf "    ${YELLOW}%-20s${GREEN}%s${RESET}\n", $$1, $$2} \
+		else if (/^## .*$$/) {printf "  ${CYAN}%s${RESET}\n", substr($$1,4)} \
+		}' $(MAKEFILE_LIST)

README.md

@@ -2,32 +2,37 @@
   <img src="https://raw.githubusercontent.com/filebrowser/logo/master/banner.png" width="550"/>
 </p>
 
-![Preview](https://user-images.githubusercontent.com/5447088/50716739-ebd26700-107a-11e9-9817-14230c53efd2.gif)
-
 [![Build](https://github.com/filebrowser/filebrowser/actions/workflows/main.yaml/badge.svg)](https://github.com/filebrowser/filebrowser/actions/workflows/main.yaml)
-[![Go Report Card](https://goreportcard.com/badge/github.com/filebrowser/filebrowser?style=flat-square)](https://goreportcard.com/report/github.com/filebrowser/filebrowser)
-[![Documentation](https://img.shields.io/badge/godoc-reference-blue.svg?style=flat-square)](http://godoc.org/github.com/filebrowser/filebrowser)
-[![Version](https://img.shields.io/github/release/filebrowser/filebrowser.svg?style=flat-square)](https://github.com/filebrowser/filebrowser/releases/latest)
-[![Chat IRC](https://img.shields.io/badge/freenode-%23filebrowser-blue.svg?style=flat-square)](http://webchat.freenode.net/?channels=%23filebrowser)
+[![Go Report Card](https://goreportcard.com/badge/github.com/filebrowser/filebrowser)](https://goreportcard.com/report/github.com/filebrowser/filebrowser)
+[![Documentation](https://img.shields.io/badge/godoc-reference-blue.svg)](http://godoc.org/github.com/filebrowser/filebrowser)
+[![Version](https://img.shields.io/github/release/filebrowser/filebrowser.svg)](https://github.com/filebrowser/filebrowser/releases/latest)
+[![Chat IRC](https://img.shields.io/badge/freenode-%23filebrowser-blue.svg)](http://webchat.freenode.net/?channels=%23filebrowser)
 
-filebrowser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit your files. It allows the creation of multiple users and each user can have its own directory. It can be used as a standalone app or as a middleware.
+File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview and edit your files. It is a **create-your-own-cloud**-kind of software where you can just install it on your server, direct it to a path and access your files through a nice web interface.
 
-## Features
+## Documentation
 
-Please refer to our docs at [https://filebrowser.org/features](https://filebrowser.org/features)
+Documentation on how to install, configure, and contribute to this project is hosted at [filebrowser.org](https://filebrowser.org).
 
-## Install
+## Project Status
 
-For installation instructions please refer to our docs at [https://filebrowser.org/installation](https://filebrowser.org/installation).
+> [!WARNING]
+>
+> This project is currently on **maintenance-only** mode, and is looking for new maintainers. For more information, please read the [discussion #4906](https://github.com/filebrowser/filebrowser/discussions/4906). Therefore, please note the following:
+>
+> - It can take a while until someone gets back to you. Please be patient.
+> - [Issues][issues] are only being used to track bugs. Any unrelated issues will be converted into a [discussion][discussions].
+> - No new features will be implemented until further notice. The priority is on triaging issues and merge bug fixes.
+> 
+> If you're interested in maintaining this project, please reach out via the discussion above.
 
-## Configuration
-
-[Authentication Method](https://filebrowser.org/configuration/authentication-method) - You can change the way the user authenticates with the filebrowser server
-
-[Command Runner](https://filebrowser.org/configuration/command-runner) - The command runner is a feature that enables you to execute any shell command you want before or after a certain event.
-
-[Custom Branding](https://filebrowser.org/configuration/custom-branding) - You can customize your File Browser installation by change its name to any other you want, by adding a global custom style sheet and by using your own logotype if you want.
+[issues]: https://github.com/filebrowser/filebrowser/issues
+[discussions]: https://github.com/filebrowser/filebrowser/discussions
 
 ## Contributing
 
-If you're interested in contributing to this project, our docs are best places to start [https://filebrowser.org/contributing](https://filebrowser.org/contributing).
+Contributions are always welcome. To start contributing to this project, read our [guidelines](CONTRIBUTING.md) first.
+
+## License
+
+[Apache License 2.0](LICENSE) © File Browser Contributors

SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 2.x     | :white_check_mark: |
+| < 2.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Vulnerabilities with critical impact should be reported on the [Security](https://github.com/filebrowser/filebrowser/security) page of this repository, which is a private way of communicating vulnerabilities to maintainers. This project is in maintenance-only mode and it can take a while until someone gets back to you.
+
+If it is not a critical vulnerability, please open an issue and we will categorize it as a security issue. By giving visibility, we can get more help from the community at fixing such issues.
+
+When reporting an issue, where possible, please provide at least:
+
+* The commit version the issue was identified at
+* A proof of concept (plaintext; no binaries)
+* Steps to reproduce
+* Your recommended remediation(s), if any.
+
+The File Browser team is a volunteer-only effort, and may reach back out for clarification.

auth/auth.go

@@ -3,13 +3,14 @@ package auth
 import (
 	"net/http"
 
+	"github.com/filebrowser/filebrowser/v2/settings"
 	"github.com/filebrowser/filebrowser/v2/users"
 )
 
 // Auther is the authentication interface.
 type Auther interface {
 	// Auth is called to authenticate a request.
-	Auth(r *http.Request, s users.Store, root string) (*users.User, error)
+	Auth(r *http.Request, usr users.Store, stg *settings.Settings, srv *settings.Server) (*users.User, error)
 	// LoginPage indicates if this auther needs a login page.
 	LoginPage() bool
 }

auth/hook.go

@@ -0,0 +1,303 @@
+package auth
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"log"
+	"net/http"
+	"os"
+	"os/exec"
+	"strings"
+
+	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
+	"github.com/filebrowser/filebrowser/v2/files"
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+// MethodHookAuth is used to identify hook auth.
+const MethodHookAuth settings.AuthMethod = "hook"
+
+type hookCred struct {
+	Password string `json:"password"`
+	Username string `json:"username"`
+}
+
+// HookAuth is a hook implementation of an Auther.
+type HookAuth struct {
+	Users    users.Store        `json:"-"`
+	Settings *settings.Settings `json:"-"`
+	Server   *settings.Server   `json:"-"`
+	Cred     hookCred           `json:"-"`
+	Fields   hookFields         `json:"-"`
+	Command  string             `json:"command"`
+}
+
+// Auth authenticates the user via a json in content body.
+func (a *HookAuth) Auth(r *http.Request, usr users.Store, stg *settings.Settings, srv *settings.Server) (*users.User, error) {
+	var cred hookCred
+
+	if r.Body == nil {
+		return nil, os.ErrPermission
+	}
+
+	err := json.NewDecoder(r.Body).Decode(&cred)
+	if err != nil {
+		return nil, os.ErrPermission
+	}
+
+	a.Users = usr
+	a.Settings = stg
+	a.Server = srv
+	a.Cred = cred
+
+	action, err := a.RunCommand()
+	if err != nil {
+		return nil, err
+	}
+
+	switch action {
+	case "auth":
+		u, err := a.SaveUser()
+		if err != nil {
+			return nil, err
+		}
+		return u, nil
+	case "block":
+		return nil, os.ErrPermission
+	case "pass":
+		u, err := a.Users.Get(a.Server.Root, a.Cred.Username)
+		if err != nil || !users.CheckPwd(a.Cred.Password, u.Password) {
+			return nil, os.ErrPermission
+		}
+		return u, nil
+	default:
+		return nil, fmt.Errorf("invalid hook action: %s", action)
+	}
+}
+
+// LoginPage tells that hook auth requires a login page.
+func (a *HookAuth) LoginPage() bool {
+	return true
+}
+
+// RunCommand starts the hook command and returns the action
+func (a *HookAuth) RunCommand() (string, error) {
+	command := strings.Split(a.Command, " ")
+	envMapping := func(key string) string {
+		switch key {
+		case "USERNAME":
+			return a.Cred.Username
+		case "PASSWORD":
+			return a.Cred.Password
+		default:
+			return os.Getenv(key)
+		}
+	}
+	for i, arg := range command {
+		if i == 0 {
+			continue
+		}
+		command[i] = os.Expand(arg, envMapping)
+	}
+
+	cmd := exec.Command(command[0], command[1:]...) //nolint:gosec
+	cmd.Env = append(os.Environ(), fmt.Sprintf("USERNAME=%s", a.Cred.Username))
+	cmd.Env = append(cmd.Env, fmt.Sprintf("PASSWORD=%s", a.Cred.Password))
+	out, err := cmd.Output()
+	if err != nil {
+		return "", err
+	}
+
+	a.GetValues(string(out))
+
+	return a.Fields.Values["hook.action"], nil
+}
+
+// GetValues creates a map with values from the key-value format string
+func (a *HookAuth) GetValues(s string) {
+	m := map[string]string{}
+
+	// make line breaks consistent on Windows platform
+	s = strings.ReplaceAll(s, "\r\n", "\n")
+
+	// iterate input lines
+	for _, val := range strings.Split(s, "\n") {
+		v := strings.SplitN(val, "=", 2)
+
+		// skips non key and value format
+		if len(v) != 2 {
+			continue
+		}
+
+		fieldKey := strings.TrimSpace(v[0])
+		fieldValue := strings.TrimSpace(v[1])
+
+		if a.Fields.IsValid(fieldKey) {
+			m[fieldKey] = fieldValue
+		}
+	}
+
+	a.Fields.Values = m
+}
+
+// SaveUser updates the existing user or creates a new one when not found
+func (a *HookAuth) SaveUser() (*users.User, error) {
+	u, err := a.Users.Get(a.Server.Root, a.Cred.Username)
+	if err != nil && !errors.Is(err, fbErrors.ErrNotExist) {
+		return nil, err
+	}
+
+	if u == nil {
+		pass, err := users.ValidateAndHashPwd(a.Cred.Password, a.Settings.MinimumPasswordLength)
+		if err != nil {
+			return nil, err
+		}
+
+		// create user with the provided credentials
+		d := &users.User{
+			Username:     a.Cred.Username,
+			Password:     pass,
+			Scope:        a.Settings.Defaults.Scope,
+			Locale:       a.Settings.Defaults.Locale,
+			ViewMode:     a.Settings.Defaults.ViewMode,
+			SingleClick:  a.Settings.Defaults.SingleClick,
+			Sorting:      a.Settings.Defaults.Sorting,
+			Perm:         a.Settings.Defaults.Perm,
+			Commands:     a.Settings.Defaults.Commands,
+			HideDotfiles: a.Settings.Defaults.HideDotfiles,
+		}
+		u = a.GetUser(d)
+
+		userHome, err := a.Settings.MakeUserDir(u.Username, u.Scope, a.Server.Root)
+		if err != nil {
+			return nil, fmt.Errorf("user: failed to mkdir user home dir: [%s]", userHome)
+		}
+		u.Scope = userHome
+		log.Printf("user: %s, home dir: [%s].", u.Username, userHome)
+
+		err = a.Users.Save(u)
+		if err != nil {
+			return nil, err
+		}
+	} else if p := !users.CheckPwd(a.Cred.Password, u.Password); len(a.Fields.Values) > 1 || p {
+		u = a.GetUser(u)
+
+		// update the password when it doesn't match the current
+		if p {
+			pass, err := users.ValidateAndHashPwd(a.Cred.Password, a.Settings.MinimumPasswordLength)
+			if err != nil {
+				return nil, err
+			}
+			u.Password = pass
+		}
+
+		// update user with provided fields
+		err := a.Users.Update(u)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return u, nil
+}
+
+// GetUser returns a User filled with hook values or provided defaults
+func (a *HookAuth) GetUser(d *users.User) *users.User {
+	// adds all permissions when user is admin
+	isAdmin := a.Fields.GetBoolean("user.perm.admin", d.Perm.Admin)
+	perms := users.Permissions{
+		Admin:    isAdmin,
+		Execute:  isAdmin || a.Fields.GetBoolean("user.perm.execute", d.Perm.Execute),
+		Create:   isAdmin || a.Fields.GetBoolean("user.perm.create", d.Perm.Create),
+		Rename:   isAdmin || a.Fields.GetBoolean("user.perm.rename", d.Perm.Rename),
+		Modify:   isAdmin || a.Fields.GetBoolean("user.perm.modify", d.Perm.Modify),
+		Delete:   isAdmin || a.Fields.GetBoolean("user.perm.delete", d.Perm.Delete),
+		Share:    isAdmin || a.Fields.GetBoolean("user.perm.share", d.Perm.Share),
+		Download: isAdmin || a.Fields.GetBoolean("user.perm.download", d.Perm.Download),
+	}
+	user := users.User{
+		ID:          d.ID,
+		Username:    d.Username,
+		Password:    d.Password,
+		Scope:       a.Fields.GetString("user.scope", d.Scope),
+		Locale:      a.Fields.GetString("user.locale", d.Locale),
+		ViewMode:    users.ViewMode(a.Fields.GetString("user.viewMode", string(d.ViewMode))),
+		SingleClick: a.Fields.GetBoolean("user.singleClick", d.SingleClick),
+		Sorting: files.Sorting{
+			Asc: a.Fields.GetBoolean("user.sorting.asc", d.Sorting.Asc),
+			By:  a.Fields.GetString("user.sorting.by", d.Sorting.By),
+		},
+		Commands:     a.Fields.GetArray("user.commands", d.Commands),
+		HideDotfiles: a.Fields.GetBoolean("user.hideDotfiles", d.HideDotfiles),
+		Perm:         perms,
+		LockPassword: true,
+	}
+
+	return &user
+}
+
+// hookFields is used to access fields from the hook
+type hookFields struct {
+	Values map[string]string
+}
+
+// validHookFields contains names of the fields that can be used
+var validHookFields = []string{
+	"hook.action",
+	"user.scope",
+	"user.locale",
+	"user.viewMode",
+	"user.singleClick",
+	"user.sorting.by",
+	"user.sorting.asc",
+	"user.commands",
+	"user.hideDotfiles",
+	"user.perm.admin",
+	"user.perm.execute",
+	"user.perm.create",
+	"user.perm.rename",
+	"user.perm.modify",
+	"user.perm.delete",
+	"user.perm.share",
+	"user.perm.download",
+}
+
+// IsValid checks if the provided field is on the valid fields list
+func (hf *hookFields) IsValid(field string) bool {
+	for _, val := range validHookFields {
+		if field == val {
+			return true
+		}
+	}
+
+	return false
+}
+
+// GetString returns the string value or provided default
+func (hf *hookFields) GetString(k, dv string) string {
+	val, ok := hf.Values[k]
+	if ok {
+		return val
+	}
+	return dv
+}
+
+// GetBoolean returns the bool value or provided default
+func (hf *hookFields) GetBoolean(k string, dv bool) bool {
+	val, ok := hf.Values[k]
+	if ok {
+		return val == "true"
+	}
+	return dv
+}
+
+// GetArray returns the array value or provided default
+func (hf *hookFields) GetArray(k string, dv []string) []string {
+	val, ok := hf.Values[k]
+	if ok && strings.TrimSpace(val) != "" {
+		return strings.Split(val, " ")
+	}
+	return dv
+}

auth/json.go

@@ -26,7 +26,7 @@ type JSONAuth struct {
 }
 
 // Auth authenticates the user via a json in content body.
-func (a JSONAuth) Auth(r *http.Request, sto users.Store, root string) (*users.User, error) {
+func (a JSONAuth) Auth(r *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server) (*users.User, error) {
 	var cred jsonCred
 
 	if r.Body == nil {
@@ -39,7 +39,7 @@ func (a JSONAuth) Auth(r *http.Request, sto users.Store, root string) (*users.Us
 	}
 
 	// If ReCaptcha is enabled, check the code.
-	if a.ReCaptcha != nil && len(a.ReCaptcha.Secret) > 0 {
+	if a.ReCaptcha != nil && a.ReCaptcha.Secret != "" {
 		ok, err := a.ReCaptcha.Ok(cred.ReCaptcha) //nolint:govet
 
 		if err != nil {
@@ -51,7 +51,7 @@ func (a JSONAuth) Auth(r *http.Request, sto users.Store, root string) (*users.Us
 		}
 	}
 
-	u, err := sto.Get(root, cred.Username)
+	u, err := usr.Get(srv.Root, cred.Username)
 	if err != nil || !users.CheckPwd(cred.Password, u.Password) {
 		return nil, os.ErrPermission
 	}

auth/none.go

@@ -14,8 +14,8 @@ const MethodNoAuth settings.AuthMethod = "noauth"
 type NoAuth struct{}
 
 // Auth uses authenticates user 1.
-func (a NoAuth) Auth(r *http.Request, sto users.Store, root string) (*users.User, error) {
-	return sto.Get(root, uint(1))
+func (a NoAuth) Auth(_ *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server) (*users.User, error) {
+	return usr.Get(srv.Root, uint(1))
 }
 
 // LoginPage tells that no auth doesn't require a login page.

auth/proxy.go

@@ -1,10 +1,10 @@
 package auth
 
 import (
+	"errors"
 	"net/http"
-	"os"
 
-	"github.com/filebrowser/filebrowser/v2/errors"
+	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/settings"
 	"github.com/filebrowser/filebrowser/v2/users"
 )
@@ -18,14 +18,48 @@ type ProxyAuth struct {
 }
 
 // Auth authenticates the user via an HTTP header.
-func (a ProxyAuth) Auth(r *http.Request, sto users.Store, root string) (*users.User, error) {
+func (a ProxyAuth) Auth(r *http.Request, usr users.Store, setting *settings.Settings, srv *settings.Server) (*users.User, error) {
 	username := r.Header.Get(a.Header)
-	user, err := sto.Get(root, username)
-	if err == errors.ErrNotExist {
-		return nil, os.ErrPermission
+	user, err := usr.Get(srv.Root, username)
+	if errors.Is(err, fbErrors.ErrNotExist) {
+		return a.createUser(usr, setting, srv, username)
+	}
+	return user, err
+}
+
+func (a ProxyAuth) createUser(usr users.Store, setting *settings.Settings, srv *settings.Server, username string) (*users.User, error) {
+	const randomPasswordLength = settings.DefaultMinimumPasswordLength + 10
+	pwd, err := users.RandomPwd(randomPasswordLength)
+	if err != nil {
+		return nil, err
 	}
 
-	return user, err
+	var hashedRandomPassword string
+	hashedRandomPassword, err = users.ValidateAndHashPwd(pwd, setting.MinimumPasswordLength)
+	if err != nil {
+		return nil, err
+	}
+
+	user := &users.User{
+		Username:     username,
+		Password:     hashedRandomPassword,
+		LockPassword: true,
+	}
+	setting.Defaults.Apply(user)
+
+	var userHome string
+	userHome, err = setting.MakeUserDir(user.Username, user.Scope, srv.Root)
+	if err != nil {
+		return nil, err
+	}
+	user.Scope = userHome
+
+	err = usr.Save(user)
+	if err != nil {
+		return nil, err
+	}
+
+	return user, nil
 }
 
 // LoginPage tells that proxy auth doesn't require a login page.

cmd/cmds_add.go

@@ -14,8 +14,8 @@ var cmdsAddCmd = &cobra.Command{
 	Use:   "add <event> <command>",
 	Short: "Add a command to run on a specific event",
 	Long:  `Add a command to run on a specific event.`,
-	Args:  cobra.MinimumNArgs(2), //nolint:gomnd
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Args:  cobra.MinimumNArgs(2),
+	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
 		s, err := d.store.Settings.Get()
 		checkErr(err)
 		command := strings.Join(args[1:], " ")

cmd/cmds_ls.go

@@ -14,7 +14,7 @@ var cmdsLsCmd = &cobra.Command{
 	Short: "List all commands for each event",
 	Long:  `List all commands for each event.`,
 	Args:  cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
 		s, err := d.store.Settings.Get()
 		checkErr(err)
 		evt := mustGetString(cmd.Flags(), "event")

cmd/cmds_rm.go

@@ -23,7 +23,7 @@ You can also specify an optional parameter (index_end) so
 you can remove all commands from 'index' to 'index_end',
 including 'index_end'.`,
 	Args: func(cmd *cobra.Command, args []string) error {
-		if err := cobra.RangeArgs(2, 3)(cmd, args); err != nil { //nolint:gomnd
+		if err := cobra.RangeArgs(2, 3)(cmd, args); err != nil {
 			return err
 		}
 
@@ -35,7 +35,7 @@ including 'index_end'.`,
 
 		return nil
 	},
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
 		s, err := d.store.Settings.Get()
 		checkErr(err)
 		evt := args[0]
@@ -43,7 +43,7 @@ including 'index_end'.`,
 		i, err := strconv.Atoi(args[1])
 		checkErr(err)
 		f := i
-		if len(args) == 3 { //nolint:gomnd
+		if len(args) == 3 {
 			f, err = strconv.Atoi(args[2])
 			checkErr(err)
 		}

cmd/config.go

@@ -31,18 +31,24 @@ func addConfigFlags(flags *pflag.FlagSet) {
 	addServerFlags(flags)
 	addUserFlags(flags)
 	flags.BoolP("signup", "s", false, "allow users to signup")
+	flags.Bool("create-user-dir", false, "generate user's home directory automatically")
+	flags.Uint("minimum-password-length", settings.DefaultMinimumPasswordLength, "minimum password length for new users")
 	flags.String("shell", "", "shell command to which other commands should be appended")
 
 	flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type")
 	flags.String("auth.header", "", "HTTP header for auth.method=proxy")
+	flags.String("auth.command", "", "command for auth.method=hook")
 
 	flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
 	flags.String("recaptcha.key", "", "ReCaptcha site key")
 	flags.String("recaptcha.secret", "", "ReCaptcha secret")
 
 	flags.String("branding.name", "", "replace 'File Browser' by this name")
+	flags.String("branding.theme", "", "set the theme")
+	flags.String("branding.color", "", "set the theme color")
 	flags.String("branding.files", "", "path to directory with images and custom styles")
 	flags.Bool("branding.disableExternal", false, "disable external links such as GitHub links")
+	flags.Bool("branding.disableUsedPercentage", false, "disable used disk percentage graph")
 }
 
 //nolint:gocyclo
@@ -113,6 +119,20 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
 		auther = jsonAuth
 	}
 
+	if method == auth.MethodHookAuth {
+		command := mustGetString(flags, "auth.command")
+
+		if command == "" {
+			command = defaultAuther["command"].(string)
+		}
+
+		if command == "" {
+			checkErr(nerrors.New("you must set the flag 'auth.command' for method 'hook'"))
+		}
+
+		auther = &auth.HookAuth{Command: command}
+	}
+
 	if auther == nil {
 		panic(errors.ErrInvalidAuthMethod)
 	}
@@ -125,12 +145,16 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut
 
 	fmt.Fprintf(w, "Sign up:\t%t\n", set.Signup)
 	fmt.Fprintf(w, "Create User Dir:\t%t\n", set.CreateUserDir)
+	fmt.Fprintf(w, "Minimum Password Length:\t%d\n", set.MinimumPasswordLength)
 	fmt.Fprintf(w, "Auth method:\t%s\n", set.AuthMethod)
 	fmt.Fprintf(w, "Shell:\t%s\t\n", strings.Join(set.Shell, " "))
 	fmt.Fprintln(w, "\nBranding:")
 	fmt.Fprintf(w, "\tName:\t%s\n", set.Branding.Name)
 	fmt.Fprintf(w, "\tFiles override:\t%s\n", set.Branding.Files)
 	fmt.Fprintf(w, "\tDisable external links:\t%t\n", set.Branding.DisableExternal)
+	fmt.Fprintf(w, "\tDisable used disk percentage graph:\t%t\n", set.Branding.DisableUsedPercentage)
+	fmt.Fprintf(w, "\tColor:\t%s\n", set.Branding.Color)
+	fmt.Fprintf(w, "\tTheme:\t%s\n", set.Branding.Theme)
 	fmt.Fprintln(w, "\nServer:")
 	fmt.Fprintf(w, "\tLog:\t%s\n", ser.Log)
 	fmt.Fprintf(w, "\tPort:\t%s\n", ser.Port)

cmd/config_cat.go

@@ -13,7 +13,7 @@ var configCatCmd = &cobra.Command{
 	Short: "Prints the configuration",
 	Long:  `Prints the configuration.`,
 	Args:  cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(_ *cobra.Command, _ []string, d pythonData) {
 		set, err := d.store.Settings.Get()
 		checkErr(err)
 		ser, err := d.store.Settings.GetServer()

cmd/config_export.go

@@ -15,7 +15,7 @@ var configExportCmd = &cobra.Command{
 json or yaml file. This exported configuration can be changed,
 and imported again with 'config import' command.`,
 	Args: jsonYamlArg,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
 		settings, err := d.store.Settings.Get()
 		checkErr(err)
 

cmd/config_import.go

@@ -34,7 +34,7 @@ database.
 
 The path must be for a json or yaml file.`,
 	Args: jsonYamlArg,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
 		var key []byte
 		if d.hadDB {
 			settings, err := d.store.Settings.Get()
@@ -56,7 +56,7 @@ The path must be for a json or yaml file.`,
 		checkErr(err)
 
 		var rawAuther interface{}
-		if filepath.Ext(args[0]) != ".json" { //nolint:goconst
+		if filepath.Ext(args[0]) != ".json" {
 			rawAuther = cleanUpInterfaceMap(file.Auther.(map[interface{}]interface{}))
 		} else {
 			rawAuther = file.Auther
@@ -70,6 +70,8 @@ The path must be for a json or yaml file.`,
 			auther = getAuther(auth.NoAuth{}, rawAuther).(*auth.NoAuth)
 		case auth.MethodProxyAuth:
 			auther = getAuther(auth.ProxyAuth{}, rawAuther).(*auth.ProxyAuth)
+		case auth.MethodHookAuth:
+			auther = getAuther(&auth.HookAuth{}, rawAuther).(*auth.HookAuth)
 		default:
 			checkErr(errors.New("invalid auth method"))
 		}

cmd/config_init.go

@@ -22,22 +22,26 @@ this options can be changed in the future with the command
 to the defaults when creating new users and you don't
 override the options.`,
 	Args: cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
 		defaults := settings.UserDefaults{}
 		flags := cmd.Flags()
 		getUserDefaults(flags, &defaults, true)
 		authMethod, auther := getAuthentication(flags)
 
 		s := &settings.Settings{
-			Key:        generateKey(),
-			Signup:     mustGetBool(flags, "signup"),
-			Shell:      convertCmdStrToCmdArray(mustGetString(flags, "shell")),
-			AuthMethod: authMethod,
-			Defaults:   defaults,
+			Key:                   generateKey(),
+			Signup:                mustGetBool(flags, "signup"),
+			CreateUserDir:         mustGetBool(flags, "create-user-dir"),
+			MinimumPasswordLength: mustGetUint(flags, "minimum-password-length"),
+			Shell:                 convertCmdStrToCmdArray(mustGetString(flags, "shell")),
+			AuthMethod:            authMethod,
+			Defaults:              defaults,
 			Branding: settings.Branding{
-				Name:            mustGetString(flags, "branding.name"),
-				DisableExternal: mustGetBool(flags, "branding.disableExternal"),
-				Files:           mustGetString(flags, "branding.files"),
+				Name:                  mustGetString(flags, "branding.name"),
+				DisableExternal:       mustGetBool(flags, "branding.disableExternal"),
+				DisableUsedPercentage: mustGetBool(flags, "branding.disableUsedPercentage"),
+				Theme:                 mustGetString(flags, "branding.theme"),
+				Files:                 mustGetString(flags, "branding.files"),
 			},
 		}
 

cmd/config_set.go

@@ -16,7 +16,7 @@ var configSetCmd = &cobra.Command{
 	Long: `Updates the configuration. Set the flags for the options
 you want to change. Other options will remain unchanged.`,
 	Args: cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
 		flags := cmd.Flags()
 		set, err := d.store.Settings.Get()
 		checkErr(err)
@@ -49,10 +49,20 @@ you want to change. Other options will remain unchanged.`,
 				hasAuth = true
 			case "shell":
 				set.Shell = convertCmdStrToCmdArray(mustGetString(flags, flag.Name))
+			case "create-user-dir":
+				set.CreateUserDir = mustGetBool(flags, flag.Name)
+			case "minimum-password-length":
+				set.MinimumPasswordLength = mustGetUint(flags, flag.Name)
 			case "branding.name":
 				set.Branding.Name = mustGetString(flags, flag.Name)
+			case "branding.color":
+				set.Branding.Color = mustGetString(flags, flag.Name)
+			case "branding.theme":
+				set.Branding.Theme = mustGetString(flags, flag.Name)
 			case "branding.disableExternal":
 				set.Branding.DisableExternal = mustGetBool(flags, flag.Name)
+			case "branding.disableUsedPercentage":
+				set.Branding.DisableUsedPercentage = mustGetBool(flags, flag.Name)
 			case "branding.files":
 				set.Branding.Files = mustGetString(flags, flag.Name)
 			}

cmd/docs.go

@@ -39,12 +39,12 @@ var docsCmd = &cobra.Command{
 	Use:    "docs",
 	Hidden: true,
 	Args:   cobra.NoArgs,
-	Run: func(cmd *cobra.Command, args []string) {
+	Run: func(cmd *cobra.Command, _ []string) {
 		dir := mustGetString(cmd.Flags(), "path")
 		generateDocs(rootCmd, dir)
 		names := []string{}
 
-		err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
+		err := filepath.Walk(dir, func(_ string, info os.FileInfo, err error) error {
 			if err != nil || info.IsDir() {
 				return err
 			}
@@ -98,12 +98,12 @@ func generateMarkdown(cmd *cobra.Command, w io.Writer) {
 	buf.WriteString(long + "\n\n")
 
 	if cmd.Runnable() {
-		buf.WriteString(fmt.Sprintf("```\n%s\n```\n\n", cmd.UseLine()))
+		_, _ = fmt.Fprintf(buf, "```\n%s\n```\n\n", cmd.UseLine())
 	}
 
-	if len(cmd.Example) > 0 {
+	if cmd.Example != "" {
 		buf.WriteString("## Examples\n\n")
-		buf.WriteString(fmt.Sprintf("```\n%s\n```\n\n", cmd.Example))
+		_, _ = fmt.Fprintf(buf, "```\n%s\n```\n\n", cmd.Example)
 	}
 
 	printOptions(buf, cmd)

cmd/hash.go

@@ -17,7 +17,7 @@ var hashCmd = &cobra.Command{
 	Short: "Hashes a password",
 	Long:  `Hashes a password using bcrypt algorithm.`,
 	Args:  cobra.ExactArgs(1),
-	Run: func(cmd *cobra.Command, args []string) {
+	Run: func(_ *cobra.Command, args []string) {
 		pwd, err := users.HashPwd(args[0])
 		checkErr(err)
 		fmt.Println(pwd)

cmd/root.go

@@ -1,9 +1,11 @@
 package cmd
 
 import (
+	"context"
 	"crypto/tls"
 	"errors"
-	"io/ioutil"
+	"io"
+	"io/fs"
 	"log"
 	"net"
 	"net/http"
@@ -12,6 +14,7 @@ import (
 	"path/filepath"
 	"strings"
 	"syscall"
+	"time"
 
 	homedir "github.com/mitchellh/go-homedir"
 	"github.com/spf13/afero"
@@ -22,6 +25,7 @@ import (
 
 	"github.com/filebrowser/filebrowser/v2/auth"
 	"github.com/filebrowser/filebrowser/v2/diskcache"
+	"github.com/filebrowser/filebrowser/v2/frontend"
 	fbhttp "github.com/filebrowser/filebrowser/v2/http"
 	"github.com/filebrowser/filebrowser/v2/img"
 	"github.com/filebrowser/filebrowser/v2/settings"
@@ -46,7 +50,7 @@ func init() {
 	persistent.StringP("database", "d", "./filebrowser.db", "database path")
 	flags.Bool("noauth", false, "use the noauth auther when using quick setup")
 	flags.String("username", "admin", "username for the first user when using quick config")
-	flags.String("password", "", "hashed password for the first user when using quick config (default \"admin\")")
+	flags.String("password", "", "hashed password for the first user when using quick config")
 
 	addServerFlags(flags)
 }
@@ -62,10 +66,11 @@ func addServerFlags(flags *pflag.FlagSet) {
 	flags.Uint32("socket-perm", 0666, "unix socket file permissions")
 	flags.StringP("baseurl", "b", "", "base url")
 	flags.String("cache-dir", "", "file cache directory (disabled if empty)")
-	flags.Int("img-processors", 4, "image processors count")
+	flags.String("token-expiration-time", "2h", "user session timeout")
+	flags.Int("img-processors", 4, "image processors count") //nolint:mnd
 	flags.Bool("disable-thumbnails", false, "disable image thumbnails")
 	flags.Bool("disable-preview-resize", false, "disable resize of image previews")
-	flags.Bool("disable-exec", false, "disables Command Runner feature")
+	flags.Bool("disable-exec", true, "disables Command Runner feature")
 	flags.Bool("disable-type-detection-by-header", false, "disables type detection by reading file headers")
 }
 
@@ -73,7 +78,7 @@ var rootCmd = &cobra.Command{
 	Use:   "filebrowser",
 	Short: "A stylish web-based file browser",
 	Long: `File Browser CLI lets you create the database to use with File Browser,
-manage your users and all the configurations without acessing the
+manage your users and all the configurations without accessing the
 web interface.
 
 If you've never run File Browser, you'll need to have a database for
@@ -105,9 +110,9 @@ name in caps. So to set "database" via an env variable, you should
 set FB_DATABASE.
 
 Also, if the database path doesn't exist, File Browser will enter into
-the quick setup mode and a new database will be bootstraped and a new
+the quick setup mode and a new database will be bootstrapped and a new
 user created with the credentials from options "username" and "password".`,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
 		log.Println(cfgFile)
 
 		if !d.hadDB {
@@ -164,27 +169,42 @@ user created with the credentials from options "username" and "password".`,
 			checkErr(err)
 		}
 
-		sigc := make(chan os.Signal, 1)
-		signal.Notify(sigc, os.Interrupt, syscall.SIGTERM)
-		go cleanupHandler(listener, sigc)
+		assetsFs, err := fs.Sub(frontend.Assets(), "dist")
+		if err != nil {
+			panic(err)
+		}
 
-		handler, err := fbhttp.NewHandler(imgSvc, fileCache, d.store, server)
+		handler, err := fbhttp.NewHandler(imgSvc, fileCache, d.store, server, assetsFs)
 		checkErr(err)
 
 		defer listener.Close()
 
 		log.Println("Listening on", listener.Addr().String())
-		if err := http.Serve(listener, handler); err != nil {
-			log.Fatal(err)
+		srv := &http.Server{
+			Handler:           handler,
+			ReadHeaderTimeout: 60 * time.Second,
 		}
-	}, pythonConfig{allowNoDB: true}),
-}
 
-func cleanupHandler(listener net.Listener, c chan os.Signal) { //nolint:interfacer
-	sig := <-c
-	log.Printf("Caught signal %s: shutting down.", sig)
-	listener.Close()
-	os.Exit(0)
+		go func() {
+			if err := srv.Serve(listener); !errors.Is(err, http.ErrServerClosed) {
+				log.Fatalf("HTTP server error: %v", err)
+			}
+
+			log.Println("Stopped serving new connections.")
+		}()
+
+		sigc := make(chan os.Signal, 1)
+		signal.Notify(sigc, os.Interrupt, syscall.SIGTERM)
+		<-sigc
+
+		shutdownCtx, shutdownRelease := context.WithTimeout(context.Background(), 10*time.Second) //nolint:mnd
+		defer shutdownRelease()
+
+		if err := srv.Shutdown(shutdownCtx); err != nil {
+			log.Fatalf("HTTP shutdown error: %v", err)
+		}
+		log.Println("Graceful shutdown complete.")
+	}, pythonConfig{allowNoDB: true}),
 }
 
 //nolint:gocyclo
@@ -192,42 +212,42 @@ func getRunParams(flags *pflag.FlagSet, st *storage.Storage) *settings.Server {
 	server, err := st.Settings.GetServer()
 	checkErr(err)
 
-	if val, set := getParamB(flags, "root"); set {
+	if val, set := getStringParamB(flags, "root"); set {
 		server.Root = val
 	}
 
-	if val, set := getParamB(flags, "baseurl"); set {
+	if val, set := getStringParamB(flags, "baseurl"); set {
 		server.BaseURL = val
 	}
 
-	if val, set := getParamB(flags, "log"); set {
+	if val, set := getStringParamB(flags, "log"); set {
 		server.Log = val
 	}
 
 	isSocketSet := false
 	isAddrSet := false
 
-	if val, set := getParamB(flags, "address"); set {
+	if val, set := getStringParamB(flags, "address"); set {
 		server.Address = val
 		isAddrSet = isAddrSet || set
 	}
 
-	if val, set := getParamB(flags, "port"); set {
+	if val, set := getStringParamB(flags, "port"); set {
 		server.Port = val
 		isAddrSet = isAddrSet || set
 	}
 
-	if val, set := getParamB(flags, "key"); set {
+	if val, set := getStringParamB(flags, "key"); set {
 		server.TLSKey = val
 		isAddrSet = isAddrSet || set
 	}
 
-	if val, set := getParamB(flags, "cert"); set {
+	if val, set := getStringParamB(flags, "cert"); set {
 		server.TLSCert = val
 		isAddrSet = isAddrSet || set
 	}
 
-	if val, set := getParamB(flags, "socket"); set {
+	if val, set := getStringParamB(flags, "socket"); set {
 		server.Socket = val
 		isSocketSet = isSocketSet || set
 	}
@@ -241,29 +261,69 @@ func getRunParams(flags *pflag.FlagSet, st *storage.Storage) *settings.Server {
 		server.Socket = ""
 	}
 
-	_, disableThumbnails := getParamB(flags, "disable-thumbnails")
+	disableThumbnails := getBoolParam(flags, "disable-thumbnails")
 	server.EnableThumbnails = !disableThumbnails
 
-	_, disablePreviewResize := getParamB(flags, "disable-preview-resize")
+	disablePreviewResize := getBoolParam(flags, "disable-preview-resize")
 	server.ResizePreview = !disablePreviewResize
 
-	_, disableTypeDetectionByHeader := getParamB(flags, "disable-type-detection-by-header")
+	disableTypeDetectionByHeader := getBoolParam(flags, "disable-type-detection-by-header")
 	server.TypeDetectionByHeader = !disableTypeDetectionByHeader
 
-	_, disableExec := getParamB(flags, "disable-exec")
+	disableExec := getBoolParam(flags, "disable-exec")
 	server.EnableExec = !disableExec
 
+	if server.EnableExec {
+		log.Println("WARNING: Command Runner feature enabled!")
+		log.Println("WARNING: This feature has known security vulnerabilities and should not")
+		log.Println("WARNING: you fully understand the risks involved. For more information")
+		log.Println("WARNING: read https://github.com/filebrowser/filebrowser/issues/5199")
+	}
+
+	if val, set := getStringParamB(flags, "token-expiration-time"); set {
+		server.TokenExpirationTime = val
+	}
+
 	return server
 }
 
-// getParamB returns a parameter as a string and a boolean to tell if it is different from the default
+// getBoolParamB returns a parameter as a string and a boolean to tell if it is different from the default
 //
 // NOTE: we could simply bind the flags to viper and use IsSet.
 // Although there is a bug on Viper that always returns true on IsSet
 // if a flag is binded. Our alternative way is to manually check
 // the flag and then the value from env/config/gotten by viper.
 // https://github.com/spf13/viper/pull/331
-func getParamB(flags *pflag.FlagSet, key string) (string, bool) {
+func getBoolParamB(flags *pflag.FlagSet, key string) (value, ok bool) {
+	value, _ = flags.GetBool(key)
+
+	// If set on Flags, use it.
+	if flags.Changed(key) {
+		return value, true
+	}
+
+	// If set through viper (env, config), return it.
+	if v.IsSet(key) {
+		return v.GetBool(key), true
+	}
+
+	// Otherwise use default value on flags.
+	return value, false
+}
+
+func getBoolParam(flags *pflag.FlagSet, key string) bool {
+	val, _ := getBoolParamB(flags, key)
+	return val
+}
+
+// getStringParamB returns a parameter as a string and a boolean to tell if it is different from the default
+//
+// NOTE: we could simply bind the flags to viper and use IsSet.
+// Although there is a bug on Viper that always returns true on IsSet
+// if a flag is binded. Our alternative way is to manually check
+// the flag and then the value from env/config/gotten by viper.
+// https://github.com/spf13/viper/pull/331
+func getStringParamB(flags *pflag.FlagSet, key string) (string, bool) {
 	value, _ := flags.GetString(key)
 
 	// If set on Flags, use it.
@@ -280,8 +340,8 @@ func getParamB(flags *pflag.FlagSet, key string) (string, bool) {
 	return value, false
 }
 
-func getParam(flags *pflag.FlagSet, key string) string {
-	val, _ := getParamB(flags, key)
+func getStringParam(flags *pflag.FlagSet, key string) string {
+	val, _ := getStringParamB(flags, key)
 	return val
 }
 
@@ -292,7 +352,7 @@ func setupLog(logMethod string) {
 	case "stderr":
 		log.SetOutput(os.Stderr)
 	case "":
-		log.SetOutput(ioutil.Discard)
+		log.SetOutput(io.Discard)
 	default:
 		log.SetOutput(&lumberjack.Logger{
 			Filename:   logMethod,
@@ -305,9 +365,11 @@ func setupLog(logMethod string) {
 
 func quickSetup(flags *pflag.FlagSet, d pythonData) {
 	set := &settings.Settings{
-		Key:           generateKey(),
-		Signup:        false,
-		CreateUserDir: false,
+		Key:                   generateKey(),
+		Signup:                false,
+		CreateUserDir:         false,
+		MinimumPasswordLength: settings.DefaultMinimumPasswordLength,
+		UserHomeBasePath:      settings.DefaultUsersHomeBasePath,
 		Defaults: settings.UserDefaults{
 			Scope:       ".",
 			Locale:      "en",
@@ -323,10 +385,19 @@ func quickSetup(flags *pflag.FlagSet, d pythonData) {
 				Download: true,
 			},
 		},
+		AuthMethod: "",
+		Branding:   settings.Branding{},
+		Tus: settings.Tus{
+			ChunkSize:  settings.DefaultTusChunkSize,
+			RetryCount: settings.DefaultTusRetryCount,
+		},
+		Commands: nil,
+		Shell:    nil,
+		Rules:    nil,
 	}
 
 	var err error
-	if _, noauth := getParamB(flags, "noauth"); noauth {
+	if _, noauth := getStringParamB(flags, "noauth"); noauth {
 		set.AuthMethod = auth.MethodNoAuth
 		err = d.store.Auth.Save(&auth.NoAuth{})
 	} else {
@@ -339,23 +410,29 @@ func quickSetup(flags *pflag.FlagSet, d pythonData) {
 	checkErr(err)
 
 	ser := &settings.Server{
-		BaseURL: getParam(flags, "baseurl"),
-		Port:    getParam(flags, "port"),
-		Log:     getParam(flags, "log"),
-		TLSKey:  getParam(flags, "key"),
-		TLSCert: getParam(flags, "cert"),
-		Address: getParam(flags, "address"),
-		Root:    getParam(flags, "root"),
+		BaseURL: getStringParam(flags, "baseurl"),
+		Port:    getStringParam(flags, "port"),
+		Log:     getStringParam(flags, "log"),
+		TLSKey:  getStringParam(flags, "key"),
+		TLSCert: getStringParam(flags, "cert"),
+		Address: getStringParam(flags, "address"),
+		Root:    getStringParam(flags, "root"),
 	}
 
 	err = d.store.Settings.SaveServer(ser)
 	checkErr(err)
 
-	username := getParam(flags, "username")
-	password := getParam(flags, "password")
+	username := getStringParam(flags, "username")
+	password := getStringParam(flags, "password")
 
 	if password == "" {
-		password, err = users.HashPwd("admin")
+		var pwd string
+		pwd, err = users.RandomPwd(set.MinimumPasswordLength)
+		checkErr(err)
+
+		log.Println("Randomly generated password for user 'admin':", pwd)
+
+		password, err = users.ValidateAndHashPwd(pwd, set.MinimumPasswordLength)
 		checkErr(err)
 	}
 
@@ -391,9 +468,11 @@ func initConfig() {
 	v.SetEnvPrefix("FB")
 	v.AutomaticEnv()
 	v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
+	v.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
 
 	if err := v.ReadInConfig(); err != nil {
-		if _, ok := err.(v.ConfigParseError); ok {
+		var configParseError v.ConfigParseError
+		if errors.As(err, &configParseError) {
 			panic(err)
 		}
 		cfgFile = "No config file used"

cmd/rule_rm.go

@@ -44,7 +44,7 @@ including 'index_end'.`,
 		i, err := strconv.Atoi(args[0])
 		checkErr(err)
 		f := i
-		if len(args) == 2 { //nolint:gomnd
+		if len(args) == 2 {
 			f, err = strconv.Atoi(args[1])
 			checkErr(err)
 		}

cmd/rules_ls.go

@@ -13,7 +13,7 @@ var rulesLsCommand = &cobra.Command{
 	Short: "List global rules or user specific rules",
 	Long:  `List global rules or user specific rules.`,
 	Args:  cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
 		runRules(d.store, cmd, nil, nil)
 	}, pythonConfig{}),
 }

cmd/upgrade.go

@@ -21,11 +21,11 @@ var upgradeCmd = &cobra.Command{
 import share links because they are incompatible with
 this version.`,
 	Args: cobra.NoArgs,
-	Run: func(cmd *cobra.Command, args []string) {
+	Run: func(cmd *cobra.Command, _ []string) {
 		flags := cmd.Flags()
 		oldDB := mustGetString(flags, "old.database")
 		oldConf := mustGetString(flags, "old.config")
-		err := importer.Import(oldDB, oldConf, getParam(flags, "database"))
+		err := importer.Import(oldDB, oldConf, getStringParam(flags, "database"))
 		checkErr(err)
 	},
 }

cmd/users.go

@@ -53,7 +53,7 @@ func printUsers(usrs []*users.User) {
 }
 
 func parseUsernameOrID(arg string) (username string, id uint) {
-	id64, err := strconv.ParseUint(arg, 10, 0)
+	id64, err := strconv.ParseUint(arg, 10, 64)
 	if err != nil {
 		return arg, 0
 	}

cmd/users_add.go

@@ -15,13 +15,13 @@ var usersAddCmd = &cobra.Command{
 	Use:   "add <username> <password>",
 	Short: "Create a new user",
 	Long:  `Create a new user and add it to the database.`,
-	Args:  cobra.ExactArgs(2), //nolint:gomnd
+	Args:  cobra.ExactArgs(2),
 	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
 		s, err := d.store.Settings.Get()
 		checkErr(err)
 		getUserDefaults(cmd.Flags(), &s.Defaults, false)
 
-		password, err := users.HashPwd(args[1])
+		password, err := users.ValidateAndHashPwd(args[1], s.MinimumPasswordLength)
 		checkErr(err)
 
 		user := &users.User{

cmd/users_export.go

@@ -14,7 +14,7 @@ var usersExportCmd = &cobra.Command{
 	Long: `Export all users to a json or yaml file. Please indicate the
 path to the file where you want to write the users.`,
 	Args: jsonYamlArg,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
 		list, err := d.store.Users.Gets("")
 		checkErr(err)
 

cmd/users_find.go

@@ -26,7 +26,7 @@ var usersLsCmd = &cobra.Command{
 	Run:   findUsers,
 }
 
-var findUsers = python(func(cmd *cobra.Command, args []string, d pythonData) {
+var findUsers = python(func(_ *cobra.Command, args []string, d pythonData) {
 	var (
 		list []*users.User
 		user *users.User

cmd/users_import.go

@@ -60,7 +60,7 @@ list or set it to 0.`,
 			// User exists in DB.
 			if err == nil {
 				if !overwrite {
-					checkErr(errors.New("user " + strconv.Itoa(int(user.ID)) + " is already registred"))
+					checkErr(errors.New("user " + strconv.Itoa(int(user.ID)) + " is already registered"))
 				}
 
 				// If the usernames mismatch, check if there is another one in the DB
@@ -84,6 +84,6 @@ list or set it to 0.`,
 }
 
 func usernameConflictError(username string, originalID, newID uint) error {
-	return fmt.Errorf(`can't import user with ID %d and username "%s" because the username is already registred with the user %d`,
+	return fmt.Errorf(`can't import user with ID %d and username "%s" because the username is already registered with the user %d`,
 		newID, username, originalID)
 }

cmd/users_rm.go

@@ -15,7 +15,7 @@ var usersRmCmd = &cobra.Command{
 	Short: "Delete a user by username or id",
 	Long:  `Delete a user by username or id`,
 	Args:  cobra.ExactArgs(1),
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
 		username, id := parseUsernameOrID(args[0])
 		var err error
 

cmd/users_update.go

@@ -27,8 +27,10 @@ options you want to change.`,
 		password := mustGetString(flags, "password")
 		newUsername := mustGetString(flags, "username")
 
+		s, err := d.store.Settings.Get()
+		checkErr(err)
+
 		var (
-			err  error
 			user *users.User
 		)
 
@@ -64,7 +66,7 @@ options you want to change.`,
 		}
 
 		if password != "" {
-			user.Password, err = users.HashPwd(password)
+			user.Password, err = users.ValidateAndHashPwd(password, s.MinimumPasswordLength)
 			checkErr(err)
 		}
 

cmd/utils.go

@@ -9,11 +9,12 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/asdine/storm"
+	"github.com/asdine/storm/v3"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 	yaml "gopkg.in/yaml.v2"
 
+	"github.com/filebrowser/filebrowser/v2/files"
 	"github.com/filebrowser/filebrowser/v2/settings"
 	"github.com/filebrowser/filebrowser/v2/storage"
 	"github.com/filebrowser/filebrowser/v2/storage/bolt"
@@ -86,19 +87,26 @@ func python(fn pythonFunc, cfg pythonConfig) cobraFunc {
 	return func(cmd *cobra.Command, args []string) {
 		data := pythonData{hadDB: true}
 
-		path := getParam(cmd.Flags(), "database")
+		path := getStringParam(cmd.Flags(), "database")
+		absPath, err := filepath.Abs(path)
+		if err != nil {
+			panic(err)
+		}
 		exists, err := dbExists(path)
 
 		if err != nil {
 			panic(err)
 		} else if exists && cfg.noDB {
-			log.Fatal(path + " already exists")
+			log.Fatal(absPath + " already exists")
 		} else if !exists && !cfg.noDB && !cfg.allowNoDB {
-			log.Fatal(path + " does not exist. Please run 'filebrowser config init' first.")
+			log.Fatal(absPath + " does not exist. Please run 'filebrowser config init' first.")
+		} else if !exists && !cfg.noDB {
+			log.Println("Warning: filebrowser.db can't be found. Initialing in " + strings.TrimSuffix(absPath, "filebrowser.db"))
 		}
 
+		log.Println("Using database: " + absPath)
 		data.hadDB = exists
-		db, err := storm.Open(path)
+		db, err := storm.Open(path, storm.BoltOptions(files.PermFile, nil))
 		checkErr(err)
 		defer db.Close()
 		data.store, err = bolt.NewStorage(db)
@@ -117,7 +125,7 @@ func marshal(filename string, data interface{}) error {
 		encoder := json.NewEncoder(fd)
 		encoder.SetIndent("", "    ")
 		return encoder.Encode(data)
-	case ".yml", ".yaml": //nolint:goconst
+	case ".yml", ".yaml":
 		encoder := yaml.NewEncoder(fd)
 		return encoder.Encode(data)
 	default:
@@ -181,7 +189,7 @@ func cleanUpMapValue(v interface{}) interface{} {
 }
 
 // convertCmdStrToCmdArray checks if cmd string is blank (whitespace included)
-// then returns empty string array, else returns the splitted word array of cmd.
+// then returns empty string array, else returns the split word array of cmd.
 // This is to ensure the result will never be []string{""}
 func convertCmdStrToCmdArray(cmd string) []string {
 	var cmdArray []string

cmd/version.go

@@ -15,7 +15,7 @@ func init() {
 var versionCmd = &cobra.Command{
 	Use:   "version",
 	Short: "Print the version number",
-	Run: func(cmd *cobra.Command, args []string) {
+	Run: func(_ *cobra.Command, _ []string) {
 		fmt.Println("File Browser v" + version.Version + "/" + version.CommitSHA)
 	},
 }

common.mk

@@ -0,0 +1,28 @@
+SHELL := /usr/bin/env bash
+DATE ?= $(shell date +%FT%T%z)
+BASE_PATH := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+VERSION ?= $(shell git describe --tags --always --match=v* 2> /dev/null || \
+           			cat $(CURDIR)/.version 2> /dev/null || echo v0)
+VERSION_HASH = $(shell git rev-parse HEAD)
+BRANCH = $(shell git rev-parse --abbrev-ref HEAD)
+
+go = GOGC=off go
+MODULE = $(shell env GO111MODULE=on go list -m)
+
+# printing
+# $Q (quiet) is used in the targets as a replacer for @.
+# This macro helps to print the command for debugging by setting V to 1. Example `make test-unit V=1`
+V = 0
+Q = $(if $(filter 1,$V),,@)
+# $M is a macro to print a colored ▶ character. Example `$(info $(M) running coverage tests…)` will print "▶ running coverage tests…"
+M = $(shell printf "\033[34;1m▶\033[0m")
+
+GREEN  := $(shell tput -Txterm setaf 2)
+YELLOW := $(shell tput -Txterm setaf 3)
+WHITE  := $(shell tput -Txterm setaf 7)
+CYAN   := $(shell tput -Txterm setaf 6)
+RESET  := $(shell tput -Txterm sgr0)
+
+define global_option
+    printf "  ${YELLOW}%-20s${GREEN}%s${RESET}\n" $(1) $(2)
+endef

diskcache/file_cache.go

@@ -6,7 +6,7 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"path/filepath"
 	"sync"
@@ -31,7 +31,7 @@ func New(fs afero.Fs, root string) *FileCache {
 	}
 }
 
-func (f *FileCache) Store(ctx context.Context, key string, value []byte) error {
+func (f *FileCache) Store(_ context.Context, key string, value []byte) error {
 	mu := f.getScopedLocks(key)
 	mu.Lock()
 	defer mu.Unlock()
@@ -48,21 +48,21 @@ func (f *FileCache) Store(ctx context.Context, key string, value []byte) error {
 	return nil
 }
 
-func (f *FileCache) Load(ctx context.Context, key string) (value []byte, exist bool, err error) {
+func (f *FileCache) Load(_ context.Context, key string) (value []byte, exist bool, err error) {
 	r, ok, err := f.open(key)
 	if err != nil || !ok {
 		return nil, ok, err
 	}
 	defer r.Close()
 
-	value, err = ioutil.ReadAll(r)
+	value, err = io.ReadAll(r)
 	if err != nil {
 		return nil, false, err
 	}
 	return value, true, nil
 }
 
-func (f *FileCache) Delete(ctx context.Context, key string) error {
+func (f *FileCache) Delete(_ context.Context, key string) error {
 	mu := f.getScopedLocks(key)
 	mu.Lock()
 	defer mu.Unlock()

diskcache/file_cache_test.go

@@ -40,7 +40,7 @@ func TestFileCache(t *testing.T) {
 	require.False(t, exists)
 }
 
-func checkValue(t *testing.T, ctx context.Context, fs afero.Fs, fileFullPath string, cache *FileCache, key, wantValue string) { //nolint:golint
+func checkValue(t *testing.T, ctx context.Context, fs afero.Fs, fileFullPath string, cache *FileCache, key, wantValue string) { //nolint:revive
 	t.Helper()
 	// check actual file content
 	b, err := afero.ReadFile(fs, fileFullPath)

diskcache/noop_cache.go

@@ -11,14 +11,14 @@ func NewNoOp() *NoOp {
 	return &NoOp{}
 }
 
-func (n *NoOp) Store(ctx context.Context, key string, value []byte) error {
+func (n *NoOp) Store(_ context.Context, _ string, _ []byte) error {
 	return nil
 }
 
-func (n *NoOp) Load(ctx context.Context, key string) (value []byte, exist bool, err error) {
+func (n *NoOp) Load(_ context.Context, _ string) (value []byte, exist bool, err error) {
 	return nil, false, nil
 }
 
-func (n *NoOp) Delete(ctx context.Context, key string) error {
+func (n *NoOp) Delete(_ context.Context, _ string) error {
 	return nil
 }

docker/alpine/init.sh

@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+# Backwards compatibility for old Docker image
+if [ -f "/.filebrowser.json" ]; then
+  ln -s /.filebrowser.json /config/settings.json
+
+  echo ""
+  echo "!!!!!!!!!!!!!!!!!!!!! IMPORTANT INFORMATION !!!!!!!!!!!!!!!!!!!!!"
+  echo "Symlinking /.filebrowser.json to /config/settings.json for backwards compatibility."
+  echo ""
+  echo "The volume mount configuration has changed in the latest release."
+  echo "Please rename .filebrowser.json to settings.json and mount the parent directory to /config".
+  echo "Read more on https://filebrowser.org/installation.html#docker"
+  echo ""
+  echo "This workaround will be removed in a future release."
+  echo ""
+fi
+
+# Backwards compatibility for old Docker image
+if [ -f "/database.db" ]; then
+  ln -s /database.db /database/filebrowser.db
+  
+  echo ""
+  echo "!!!!!!!!!!!!!!!!!!!!! IMPORTANT INFORMATION !!!!!!!!!!!!!!!!!!!!!"
+  echo ""
+  echo "The volume mount configuration has changed in the latest release."
+  echo "Please rename database.db to filebrowser.db and mount the parent directory to /database".
+  echo "Read more on https://filebrowser.org/installation.html#docker"
+  echo ""
+  echo "This workaround will be removed in a future release."
+  echo ""
+fi
+
+# Ensure configuration exists
+if [ ! -f "/config/settings.json" ]; then
+  cp -a /defaults/settings.json /config/settings.json
+fi
+
+exec "$@"

docker/common/defaults/settings.json

@@ -0,0 +1,8 @@
+{
+  "port": 80,
+  "baseURL": "",
+  "address": "",
+  "log": "stdout",
+  "database": "/database/filebrowser.db",
+  "root": "/srv"
+}

docker/common/healthcheck.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+set -e
+
+PORT=${FB_PORT:-$(jq -r .port /config/settings.json)}
+ADDRESS=${FB_ADDRESS:-$(jq -r .address /config/settings.json)}
+ADDRESS=${ADDRESS:-localhost}
+
+curl -f http://$ADDRESS:$PORT/health || exit 1

docker/s6/custom-cont-init.d/20-config

@@ -0,0 +1,12 @@
+#!/usr/bin/with-contenv bash
+
+# Ensure configuration exists
+if [ ! -f "/config/settings.json" ]; then
+  cp -a /defaults/settings.json /config/settings.json
+fi
+
+# permissions
+chown abc:abc \
+	/config/settings.json \
+	/database \
+	/srv

docker/s6/etc/services.d/filebrowser/run

@@ -0,0 +1,3 @@
+#!/usr/bin/with-contenv bash
+
+exec s6-setuidgid abc filebrowser -c /config/settings.json;

errors/errors.go

@@ -1,12 +1,16 @@
 package errors
 
-import "errors"
+import (
+	"errors"
+	"fmt"
+)
 
 var (
 	ErrEmptyKey             = errors.New("empty key")
 	ErrExist                = errors.New("the resource already exists")
 	ErrNotExist             = errors.New("the resource does not exist")
 	ErrEmptyPassword        = errors.New("password is empty")
+	ErrEasyPassword         = errors.New("password is too easy")
 	ErrEmptyUsername        = errors.New("username is empty")
 	ErrEmptyRequest         = errors.New("empty request")
 	ErrScopeIsRelative      = errors.New("scope is a relative path")
@@ -19,3 +23,11 @@ var (
 	ErrSourceIsParent       = errors.New("source is parent")
 	ErrRootUserDeletion     = errors.New("user with id 1 can't be deleted")
 )
+
+type ErrShortPassword struct {
+	MinimumLength uint
+}
+
+func (e ErrShortPassword) Error() string {
+	return fmt.Sprintf("password is too short, minimum length is %d", e.MinimumLength)
+}

files/file.go

@@ -6,39 +6,54 @@ import (
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/hex"
+	"errors"
 	"hash"
+	"image"
 	"io"
+	"io/fs"
 	"log"
 	"mime"
 	"net/http"
 	"os"
 	"path"
 	"path/filepath"
+	"regexp"
 	"strings"
 	"time"
 
 	"github.com/spf13/afero"
 
-	"github.com/filebrowser/filebrowser/v2/errors"
+	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/rules"
 )
 
+const PermFile = 0640
+const PermDir = 0750
+
+var (
+	reSubDirs = regexp.MustCompile("(?i)^sub(s|titles)$")
+	reSubExts = regexp.MustCompile("(?i)(.vtt|.srt|.ass|.ssa)$")
+)
+
 // FileInfo describes a file.
 type FileInfo struct {
 	*Listing
-	Fs        afero.Fs          `json:"-"`
-	Path      string            `json:"path"`
-	Name      string            `json:"name"`
-	Size      int64             `json:"size"`
-	Extension string            `json:"extension"`
-	ModTime   time.Time         `json:"modified"`
-	Mode      os.FileMode       `json:"mode"`
-	IsDir     bool              `json:"isDir"`
-	Type      string            `json:"type"`
-	Subtitles []string          `json:"subtitles,omitempty"`
-	Content   string            `json:"content,omitempty"`
-	Checksums map[string]string `json:"checksums,omitempty"`
-	Token     string            `json:"token,omitempty"`
+	Fs         afero.Fs          `json:"-"`
+	Path       string            `json:"path"`
+	Name       string            `json:"name"`
+	Size       int64             `json:"size"`
+	Extension  string            `json:"extension"`
+	ModTime    time.Time         `json:"modified"`
+	Mode       os.FileMode       `json:"mode"`
+	IsDir      bool              `json:"isDir"`
+	IsSymlink  bool              `json:"isSymlink"`
+	Type       string            `json:"type"`
+	Subtitles  []string          `json:"subtitles,omitempty"`
+	Content    string            `json:"content,omitempty"`
+	Checksums  map[string]string `json:"checksums,omitempty"`
+	Token      string            `json:"token,omitempty"`
+	currentDir []os.FileInfo     `json:"-"`
+	Resolution *ImageResolution  `json:"resolution,omitempty"`
 }
 
 // FileOptions are the options when getting a file info.
@@ -50,22 +65,94 @@ type FileOptions struct {
 	ReadHeader bool
 	Token      string
 	Checker    rules.Checker
+	Content    bool
+}
+
+type ImageResolution struct {
+	Width  int `json:"width"`
+	Height int `json:"height"`
 }
 
 // NewFileInfo creates a File object from a path and a given user. This File
 // object will be automatically filled depending on if it is a directory
 // or a file. If it's a video file, it will also detect any subtitles.
-func NewFileInfo(opts FileOptions) (*FileInfo, error) {
+func NewFileInfo(opts *FileOptions) (*FileInfo, error) {
 	if !opts.Checker.Check(opts.Path) {
 		return nil, os.ErrPermission
 	}
 
-	info, err := opts.Fs.Stat(opts.Path)
+	file, err := stat(opts)
 	if err != nil {
 		return nil, err
 	}
 
-	file := &FileInfo{
+	// Do not expose the name of root directory.
+	if file.Path == "/" {
+		file.Name = ""
+	}
+
+	if opts.Expand {
+		if file.IsDir {
+			if err := file.readListing(opts.Checker, opts.ReadHeader); err != nil { //nolint:govet
+				return nil, err
+			}
+			return file, nil
+		}
+
+		err = file.detectType(opts.Modify, opts.Content, true)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return file, err
+}
+
+func stat(opts *FileOptions) (*FileInfo, error) {
+	var file *FileInfo
+
+	if lstaterFs, ok := opts.Fs.(afero.Lstater); ok {
+		info, _, err := lstaterFs.LstatIfPossible(opts.Path)
+		if err != nil {
+			return nil, err
+		}
+		file = &FileInfo{
+			Fs:        opts.Fs,
+			Path:      opts.Path,
+			Name:      info.Name(),
+			ModTime:   info.ModTime(),
+			Mode:      info.Mode(),
+			IsDir:     info.IsDir(),
+			IsSymlink: IsSymlink(info.Mode()),
+			Size:      info.Size(),
+			Extension: filepath.Ext(info.Name()),
+			Token:     opts.Token,
+		}
+	}
+
+	// regular file
+	if file != nil && !file.IsSymlink {
+		return file, nil
+	}
+
+	// fs doesn't support afero.Lstater interface or the file is a symlink
+	info, err := opts.Fs.Stat(opts.Path)
+	if err != nil {
+		// can't follow symlink
+		if file != nil && file.IsSymlink {
+			return file, nil
+		}
+		return nil, err
+	}
+
+	// set correct file size in case of symlink
+	if file != nil && file.IsSymlink {
+		file.Size = info.Size()
+		file.IsDir = info.IsDir()
+		return file, nil
+	}
+
+	file = &FileInfo{
 		Fs:        opts.Fs,
 		Path:      opts.Path,
 		Name:      info.Name(),
@@ -77,28 +164,14 @@ func NewFileInfo(opts FileOptions) (*FileInfo, error) {
 		Token:     opts.Token,
 	}
 
-	if opts.Expand {
-		if file.IsDir {
-			if err := file.readListing(opts.Checker, opts.ReadHeader); err != nil { //nolint:govet
-				return nil, err
-			}
-			return file, nil
-		}
-
-		err = file.detectType(opts.Modify, true, true)
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	return file, err
+	return file, nil
 }
 
 // Checksum checksums a given File for a given User, using a specific
 // algorithm. The checksums data is saved on File object.
 func (i *FileInfo) Checksum(algo string) error {
 	if i.IsDir {
-		return errors.ErrIsDirectory
+		return fbErrors.ErrIsDirectory
 	}
 
 	if i.Checksums == nil {
@@ -124,7 +197,7 @@ func (i *FileInfo) Checksum(algo string) error {
 	case "sha512":
 		h = sha512.New()
 	default:
-		return errors.ErrInvalidOption
+		return fbErrors.ErrInvalidOption
 	}
 
 	_, err = io.Copy(h, reader)
@@ -136,8 +209,19 @@ func (i *FileInfo) Checksum(algo string) error {
 	return nil
 }
 
-//nolint:goconst
-//TODO: use constants
+func (i *FileInfo) RealPath() string {
+	if realPathFs, ok := i.Fs.(interface {
+		RealPath(name string) (fPath string, err error)
+	}); ok {
+		realPath, err := realPathFs.RealPath(i.Path)
+		if err == nil {
+			return realPath
+		}
+	}
+
+	return i.Path
+}
+
 func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
 	if IsNamedPipe(i.Mode) {
 		i.Type = "blob"
@@ -148,12 +232,15 @@ func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
 	// of files couldn't be opened: we'd have immediately
 	// a 500 even though it doesn't matter. So we just log it.
 
-	var buffer []byte
-
 	mimetype := mime.TypeByExtension(i.Extension)
-	if mimetype == "" && readHeader {
+
+	var buffer []byte
+	if readHeader {
 		buffer = i.readFirstBytes()
-		mimetype = http.DetectContentType(buffer)
+
+		if mimetype == "" {
+			mimetype = http.DetectContentType(buffer)
+		}
 	}
 
 	switch {
@@ -166,8 +253,17 @@ func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
 		return nil
 	case strings.HasPrefix(mimetype, "image"):
 		i.Type = "image"
+		resolution, err := calculateImageResolution(i.Fs, i.Path)
+		if err != nil {
+			log.Printf("Error calculating image resolution: %v", err)
+		} else {
+			i.Resolution = resolution
+		}
 		return nil
-	case (strings.HasPrefix(mimetype, "text") || (len(buffer) > 0 && !isBinary(buffer))) && i.Size <= 10*1024*1024: // 10 MB
+	case strings.HasSuffix(mimetype, "pdf"):
+		i.Type = "pdf"
+		return nil
+	case (strings.HasPrefix(mimetype, "text") || !isBinary(buffer)) && i.Size <= 10*1024*1024: // 10 MB
 		i.Type = "text"
 
 		if !modify {
@@ -191,6 +287,28 @@ func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
 	return nil
 }
 
+func calculateImageResolution(fSys afero.Fs, filePath string) (*ImageResolution, error) {
+	file, err := fSys.Open(filePath)
+	if err != nil {
+		return nil, err
+	}
+	defer func() {
+		if cErr := file.Close(); cErr != nil {
+			log.Printf("Failed to close file: %v", cErr)
+		}
+	}()
+
+	config, _, err := image.DecodeConfig(file)
+	if err != nil {
+		return nil, err
+	}
+
+	return &ImageResolution{
+		Width:  config.Width,
+		Height: config.Height,
+	}, nil
+}
+
 func (i *FileInfo) readFirstBytes() []byte {
 	reader, err := i.Fs.Open(i.Path)
 	if err != nil {
@@ -202,7 +320,7 @@ func (i *FileInfo) readFirstBytes() []byte {
 
 	buffer := make([]byte, 512)
 	n, err := reader.Read(buffer)
-	if err != nil && err != io.EOF {
+	if err != nil && !errors.Is(err, io.EOF) {
 		log.Print(err)
 		i.Type = "blob"
 		return nil
@@ -219,12 +337,58 @@ func (i *FileInfo) detectSubtitles() {
 	i.Subtitles = []string{}
 	ext := filepath.Ext(i.Path)
 
-	// TODO: detect multiple languages. Base.Lang.vtt
-
-	fPath := strings.TrimSuffix(i.Path, ext) + ".vtt"
-	if _, err := i.Fs.Stat(fPath); err == nil {
-		i.Subtitles = append(i.Subtitles, fPath)
+	// detect multiple languages. Base*.vtt
+	parentDir := strings.TrimRight(i.Path, i.Name)
+	var dir []os.FileInfo
+	if len(i.currentDir) > 0 {
+		dir = i.currentDir
+	} else {
+		var err error
+		dir, err = afero.ReadDir(i.Fs, parentDir)
+		if err != nil {
+			return
+		}
 	}
+
+	base := strings.TrimSuffix(i.Name, ext)
+	for _, f := range dir {
+		// load all supported subtitles from subs directories
+		// should cover all instances of subtitle distributions
+		// like tv-shows with multiple episodes in single dir
+		if f.IsDir() && reSubDirs.MatchString(f.Name()) {
+			subsDir := path.Join(parentDir, f.Name())
+			i.loadSubtitles(subsDir, base, true)
+		} else if isSubtitleMatch(f, base) {
+			i.addSubtitle(path.Join(parentDir, f.Name()))
+		}
+	}
+}
+
+func (i *FileInfo) loadSubtitles(subsPath, baseName string, recursive bool) {
+	dir, err := afero.ReadDir(i.Fs, subsPath)
+	if err == nil {
+		for _, f := range dir {
+			if isSubtitleMatch(f, "") {
+				i.addSubtitle(path.Join(subsPath, f.Name()))
+			} else if f.IsDir() && recursive && strings.HasPrefix(f.Name(), baseName) {
+				subsDir := path.Join(subsPath, f.Name())
+				i.loadSubtitles(subsDir, baseName, false)
+			}
+		}
+	}
+}
+
+func IsSupportedSubtitle(fileName string) bool {
+	return reSubExts.MatchString(fileName)
+}
+
+func isSubtitleMatch(f fs.FileInfo, baseName string) bool {
+	return !f.IsDir() && strings.HasPrefix(f.Name(), baseName) &&
+		IsSupportedSubtitle(f.Name())
+}
+
+func (i *FileInfo) addSubtitle(fPath string) {
+	i.Subtitles = append(i.Subtitles, fPath)
 }
 
 func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
@@ -248,24 +412,39 @@ func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
 			continue
 		}
 
+		isSymlink, isInvalidLink := false, false
 		if IsSymlink(f.Mode()) {
+			isSymlink = true
 			// It's a symbolic link. We try to follow it. If it doesn't work,
 			// we stay with the link information instead of the target's.
 			info, err := i.Fs.Stat(fPath)
 			if err == nil {
 				f = info
+			} else {
+				isInvalidLink = true
 			}
 		}
 
 		file := &FileInfo{
-			Fs:        i.Fs,
-			Name:      name,
-			Size:      f.Size(),
-			ModTime:   f.ModTime(),
-			Mode:      f.Mode(),
-			IsDir:     f.IsDir(),
-			Extension: filepath.Ext(name),
-			Path:      fPath,
+			Fs:         i.Fs,
+			Name:       name,
+			Size:       f.Size(),
+			ModTime:    f.ModTime(),
+			Mode:       f.Mode(),
+			IsDir:      f.IsDir(),
+			IsSymlink:  isSymlink,
+			Extension:  filepath.Ext(name),
+			Path:       fPath,
+			currentDir: dir,
+		}
+
+		if !file.IsDir && strings.HasPrefix(mime.TypeByExtension(file.Extension), "image/") {
+			resolution, err := calculateImageResolution(file.Fs, file.Path)
+			if err != nil {
+				log.Printf("Error calculating resolution for image %s: %v", file.Path, err)
+			} else {
+				file.Resolution = resolution
+			}
 		}
 
 		if file.IsDir {
@@ -273,9 +452,13 @@ func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
 		} else {
 			listing.NumFiles++
 
-			err := file.detectType(true, false, readHeader)
-			if err != nil {
-				return err
+			if isInvalidLink {
+				file.Type = "invalid_link"
+			} else {
+				err := file.detectType(true, false, readHeader)
+				if err != nil {
+					return err
+				}
 			}
 		}
 

files/listing.go

@@ -16,10 +16,8 @@ type Listing struct {
 }
 
 // ApplySort applies the sort order using .Order and .Sort
-//nolint:goconst
 func (l Listing) ApplySort() {
 	// Check '.Order' to know how to sort
-	// TODO: use enum
 	if !l.Sorting.Asc {
 		switch l.Sorting.By {
 		case "name":

files/mime.go

@@ -0,0 +1,609 @@
+package files
+
+// This file contains code primarily sourced from::
+// github.com/kataras/iris
+
+import (
+	"mime"
+)
+
+const (
+	// ContentBinaryHeaderValue header value for binary data.
+	ContentBinaryHeaderValue = "application/octet-stream"
+	// ContentWebassemblyHeaderValue header value for web assembly files.
+	ContentWebassemblyHeaderValue = "application/wasm"
+	// ContentHTMLHeaderValue is the  string of text/html response header's content type value.
+	ContentHTMLHeaderValue = "text/html"
+	// ContentJSONHeaderValue header value for JSON data.
+	ContentJSONHeaderValue = "application/json"
+	// ContentJSONProblemHeaderValue header value for JSON API problem error.
+	// Read more at: https://tools.ietf.org/html/rfc7807
+	ContentJSONProblemHeaderValue = "application/problem+json"
+	// ContentXMLProblemHeaderValue header value for XML API problem error.
+	// Read more at: https://tools.ietf.org/html/rfc7807
+	ContentXMLProblemHeaderValue = "application/problem+xml"
+	// ContentJavascriptHeaderValue header value for JSONP & Javascript data.
+	ContentJavascriptHeaderValue = "text/javascript"
+	// ContentTextHeaderValue header value for Text data.
+	ContentTextHeaderValue = "text/plain"
+	// ContentXMLHeaderValue header value for XML data.
+	ContentXMLHeaderValue = "text/xml"
+	// ContentXMLUnreadableHeaderValue obsolete header value for XML.
+	ContentXMLUnreadableHeaderValue = "application/xml"
+	// ContentMarkdownHeaderValue custom key/content type, the real is the text/html.
+	ContentMarkdownHeaderValue = "text/markdown"
+	// ContentYAMLHeaderValue header value for YAML data.
+	ContentYAMLHeaderValue = "application/x-yaml"
+	// ContentYAMLTextHeaderValue header value for YAML plain text.
+	ContentYAMLTextHeaderValue = "text/yaml"
+	// ContentProtobufHeaderValue header value for Protobuf messages data.
+	ContentProtobufHeaderValue = "application/x-protobuf"
+	// ContentMsgPackHeaderValue header value for MsgPack data.
+	ContentMsgPackHeaderValue = "application/msgpack"
+	// ContentMsgPack2HeaderValue alternative header value for MsgPack data.
+	ContentMsgPack2HeaderValue = "application/x-msgpack"
+	// ContentFormHeaderValue header value for post form data.
+	ContentFormHeaderValue = "application/x-www-form-urlencoded"
+	// ContentFormMultipartHeaderValue header value for post multipart form data.
+	ContentFormMultipartHeaderValue = "multipart/form-data"
+	// ContentMultipartRelatedHeaderValue header value for multipart related data.
+	ContentMultipartRelatedHeaderValue = "multipart/related"
+	// ContentGRPCHeaderValue Content-Type header value for gRPC.
+	ContentGRPCHeaderValue = "application/grpc"
+)
+
+var types = map[string]string{
+	".3dm":       "x-world/x-3dmf",
+	".3dmf":      "x-world/x-3dmf",
+	".7z":        "application/x-7z-compressed",
+	".a":         "application/octet-stream",
+	".aab":       "application/x-authorware-bin",
+	".aam":       "application/x-authorware-map",
+	".aas":       "application/x-authorware-seg",
+	".abc":       "text/vndabc",
+	".ace":       "application/x-ace-compressed",
+	".acgi":      "text/html",
+	".afl":       "video/animaflex",
+	".ai":        "application/postscript",
+	".aif":       "audio/aiff",
+	".aifc":      "audio/aiff",
+	".aiff":      "audio/aiff",
+	".aim":       "application/x-aim",
+	".aip":       "text/x-audiosoft-intra",
+	".alz":       "application/x-alz-compressed",
+	".ani":       "application/x-navi-animation",
+	".aos":       "application/x-nokia-9000-communicator-add-on-software",
+	".aps":       "application/mime",
+	".apk":       "application/vnd.android.package-archive",
+	".arc":       "application/x-arc-compressed",
+	".arj":       "application/arj",
+	".art":       "image/x-jg",
+	".asf":       "video/x-ms-asf",
+	".asm":       "text/x-asm",
+	".asp":       "text/asp",
+	".asx":       "application/x-mplayer2",
+	".au":        "audio/basic",
+	".avi":       "video/x-msvideo",
+	".avs":       "video/avs-video",
+	".bcpio":     "application/x-bcpio",
+	".bin":       "application/mac-binary",
+	".bmp":       "image/bmp",
+	".boo":       "application/book",
+	".book":      "application/book",
+	".boz":       "application/x-bzip2",
+	".bsh":       "application/x-bsh",
+	".bz2":       "application/x-bzip2",
+	".bz":        "application/x-bzip",
+	".c++":       ContentTextHeaderValue,
+	".c":         "text/x-c",
+	".cab":       "application/vnd.ms-cab-compressed",
+	".cat":       "application/vndms-pkiseccat",
+	".cc":        "text/x-c",
+	".ccad":      "application/clariscad",
+	".cco":       "application/x-cocoa",
+	".cdf":       "application/cdf",
+	".cer":       "application/pkix-cert",
+	".cha":       "application/x-chat",
+	".chat":      "application/x-chat",
+	".chrt":      "application/vnd.kde.kchart",
+	".class":     "application/java",
+	".com":       ContentTextHeaderValue,
+	".conf":      ContentTextHeaderValue,
+	".cpio":      "application/x-cpio",
+	".cpp":       "text/x-c",
+	".cpt":       "application/mac-compactpro",
+	".crl":       "application/pkcs-crl",
+	".crt":       "application/pkix-cert",
+	".crx":       "application/x-chrome-extension",
+	".csh":       "text/x-scriptcsh",
+	".css":       "text/css",
+	".csv":       "text/csv",
+	".cxx":       ContentTextHeaderValue,
+	".dar":       "application/x-dar",
+	".dcr":       "application/x-director",
+	".deb":       "application/x-debian-package",
+	".deepv":     "application/x-deepv",
+	".def":       ContentTextHeaderValue,
+	".der":       "application/x-x509-ca-cert",
+	".dif":       "video/x-dv",
+	".dir":       "application/x-director",
+	".divx":      "video/divx",
+	".dl":        "video/dl",
+	".dmg":       "application/x-apple-diskimage",
+	".doc":       "application/msword",
+	".dot":       "application/msword",
+	".dp":        "application/commonground",
+	".drw":       "application/drafting",
+	".dump":      "application/octet-stream",
+	".dv":        "video/x-dv",
+	".dvi":       "application/x-dvi",
+	".dwf":       "drawing/x-dwf=(old)",
+	".dwg":       "application/acad",
+	".dxf":       "application/dxf",
+	".dxr":       "application/x-director",
+	".el":        "text/x-scriptelisp",
+	".elc":       "application/x-bytecodeelisp=(compiled=elisp)",
+	".eml":       "message/rfc822",
+	".env":       "application/x-envoy",
+	".eps":       "application/postscript",
+	".es":        "application/x-esrehber",
+	".etx":       "text/x-setext",
+	".evy":       "application/envoy",
+	".exe":       "application/octet-stream",
+	".f77":       "text/x-fortran",
+	".f90":       "text/x-fortran",
+	".f":         "text/x-fortran",
+	".fdf":       "application/vndfdf",
+	".fif":       "application/fractals",
+	".fli":       "video/fli",
+	".flo":       "image/florian",
+	".flv":       "video/x-flv",
+	".flx":       "text/vndfmiflexstor",
+	".fmf":       "video/x-atomic3d-feature",
+	".for":       "text/x-fortran",
+	".fpx":       "image/vndfpx",
+	".frl":       "application/freeloader",
+	".funk":      "audio/make",
+	".g3":        "image/g3fax",
+	".g":         ContentTextHeaderValue,
+	".gif":       "image/gif",
+	".gl":        "video/gl",
+	".gsd":       "audio/x-gsm",
+	".gsm":       "audio/x-gsm",
+	".gsp":       "application/x-gsp",
+	".gss":       "application/x-gss",
+	".gtar":      "application/x-gtar",
+	".gz":        "application/x-compressed",
+	".gzip":      "application/x-gzip",
+	".h":         "text/x-h",
+	".hdf":       "application/x-hdf",
+	".help":      "application/x-helpfile",
+	".hgl":       "application/vndhp-hpgl",
+	".hh":        "text/x-h",
+	".hlb":       "text/x-script",
+	".hlp":       "application/hlp",
+	".hpg":       "application/vndhp-hpgl",
+	".hpgl":      "application/vndhp-hpgl",
+	".hqx":       "application/binhex",
+	".hta":       "application/hta",
+	".htc":       "text/x-component",
+	".htm":       "text/html",
+	".html":      "text/html",
+	".htmls":     "text/html",
+	".htt":       "text/webviewhtml",
+	".htx":       "text/html",
+	".ice":       "x-conference/x-cooltalk",
+	".ico":       "image/x-icon",
+	".ics":       "text/calendar",
+	".icz":       "text/calendar",
+	".idc":       ContentTextHeaderValue,
+	".ief":       "image/ief",
+	".iefs":      "image/ief",
+	".iges":      "application/iges",
+	".igs":       "application/iges",
+	".ima":       "application/x-ima",
+	".imap":      "application/x-httpd-imap",
+	".inf":       "application/inf",
+	".ins":       "application/x-internett-signup",
+	".ip":        "application/x-ip2",
+	".isu":       "video/x-isvideo",
+	".it":        "audio/it",
+	".iv":        "application/x-inventor",
+	".ivr":       "i-world/i-vrml",
+	".ivy":       "application/x-livescreen",
+	".jam":       "audio/x-jam",
+	".jav":       "text/x-java-source",
+	".java":      "text/x-java-source",
+	".jcm":       "application/x-java-commerce",
+	".jfif-tbnl": "image/jpeg",
+	".jfif":      "image/jpeg",
+	".jnlp":      "application/x-java-jnlp-file",
+	".jpe":       "image/jpeg",
+	".jpeg":      "image/jpeg",
+	".jpg":       "image/jpeg",
+	".jps":       "image/x-jps",
+	".js":        ContentJavascriptHeaderValue,
+	".mjs":       ContentJavascriptHeaderValue,
+	".json":      ContentJSONHeaderValue,
+	".vue":       ContentJavascriptHeaderValue,
+	".jut":       "image/jutvision",
+	".kar":       "audio/midi",
+	".karbon":    "application/vnd.kde.karbon",
+	".kfo":       "application/vnd.kde.kformula",
+	".flw":       "application/vnd.kde.kivio",
+	".kml":       "application/vnd.google-earth.kml+xml",
+	".kmz":       "application/vnd.google-earth.kmz",
+	".kon":       "application/vnd.kde.kontour",
+	".kpr":       "application/vnd.kde.kpresenter",
+	".kpt":       "application/vnd.kde.kpresenter",
+	".ksp":       "application/vnd.kde.kspread",
+	".kwd":       "application/vnd.kde.kword",
+	".kwt":       "application/vnd.kde.kword",
+	".ksh":       "text/x-scriptksh",
+	".la":        "audio/nspaudio",
+	".lam":       "audio/x-liveaudio",
+	".latex":     "application/x-latex",
+	".lha":       "application/lha",
+	".lhx":       "application/octet-stream",
+	".list":      ContentTextHeaderValue,
+	".lma":       "audio/nspaudio",
+	".log":       ContentTextHeaderValue,
+	".lsp":       "text/x-scriptlisp",
+	".lst":       ContentTextHeaderValue,
+	".lsx":       "text/x-la-asf",
+	".ltx":       "application/x-latex",
+	".lzh":       "application/octet-stream",
+	".lzx":       "application/lzx",
+	".m1v":       "video/mpeg",
+	".m2a":       "audio/mpeg",
+	".m2v":       "video/mpeg",
+	".m3u":       "audio/x-mpegurl",
+	".m":         "text/x-m",
+	".man":       "application/x-troff-man",
+	".manifest":  "text/cache-manifest",
+	".map":       "application/x-navimap",
+	".mar":       ContentTextHeaderValue,
+	".mbd":       "application/mbedlet",
+	".mc$":       "application/x-magic-cap-package-10",
+	".mcd":       "application/mcad",
+	".mcf":       "text/mcf",
+	".mcp":       "application/netmc",
+	".me":        "application/x-troff-me",
+	".mht":       "message/rfc822",
+	".mhtml":     "message/rfc822",
+	".mid":       "application/x-midi",
+	".midi":      "application/x-midi",
+	".mif":       "application/x-frame",
+	".mime":      "message/rfc822",
+	".mjf":       "audio/x-vndaudioexplosionmjuicemediafile",
+	".mjpg":      "video/x-motion-jpeg",
+	".mm":        "application/base64",
+	".mme":       "application/base64",
+	".mod":       "audio/mod",
+	".moov":      "video/quicktime",
+	".mov":       "video/quicktime",
+	".movie":     "video/x-sgi-movie",
+	".mp2":       "audio/mpeg",
+	".mp3":       "audio/mpeg",
+	".mp4":       "video/mp4",
+	".mpa":       "audio/mpeg",
+	".mpc":       "application/x-project",
+	".mpe":       "video/mpeg",
+	".mpeg":      "video/mpeg",
+	".mpg":       "video/mpeg",
+	".mpga":      "audio/mpeg",
+	".mpp":       "application/vndms-project",
+	".mpt":       "application/x-project",
+	".mpv":       "application/x-project",
+	".mpx":       "application/x-project",
+	".mrc":       "application/marc",
+	".ms":        "application/x-troff-ms",
+	".mv":        "video/x-sgi-movie",
+	".my":        "audio/make",
+	".mzz":       "application/x-vndaudioexplosionmzz",
+	".nap":       "image/naplps",
+	".naplps":    "image/naplps",
+	".nc":        "application/x-netcdf",
+	".ncm":       "application/vndnokiaconfiguration-message",
+	".nif":       "image/x-niff",
+	".niff":      "image/x-niff",
+	".nix":       "application/x-mix-transfer",
+	".nsc":       "application/x-conference",
+	".nvd":       "application/x-navidoc",
+	".o":         "application/octet-stream",
+	".oda":       "application/oda",
+	".odb":       "application/vnd.oasis.opendocument.database",
+	".odc":       "application/vnd.oasis.opendocument.chart",
+	".odf":       "application/vnd.oasis.opendocument.formula",
+	".odg":       "application/vnd.oasis.opendocument.graphics",
+	".odi":       "application/vnd.oasis.opendocument.image",
+	".odm":       "application/vnd.oasis.opendocument.text-master",
+	".odp":       "application/vnd.oasis.opendocument.presentation",
+	".ods":       "application/vnd.oasis.opendocument.spreadsheet",
+	".odt":       "application/vnd.oasis.opendocument.text",
+	".oga":       "audio/ogg",
+	".ogg":       "audio/ogg",
+	".ogv":       "video/ogg",
+	".omc":       "application/x-omc",
+	".omcd":      "application/x-omcdatamaker",
+	".omcr":      "application/x-omcregerator",
+	".otc":       "application/vnd.oasis.opendocument.chart-template",
+	".otf":       "application/vnd.oasis.opendocument.formula-template",
+	".otg":       "application/vnd.oasis.opendocument.graphics-template",
+	".oth":       "application/vnd.oasis.opendocument.text-web",
+	".oti":       "application/vnd.oasis.opendocument.image-template",
+	".otm":       "application/vnd.oasis.opendocument.text-master",
+	".otp":       "application/vnd.oasis.opendocument.presentation-template",
+	".ots":       "application/vnd.oasis.opendocument.spreadsheet-template",
+	".ott":       "application/vnd.oasis.opendocument.text-template",
+	".p10":       "application/pkcs10",
+	".p12":       "application/pkcs-12",
+	".p7a":       "application/x-pkcs7-signature",
+	".p7c":       "application/pkcs7-mime",
+	".p7m":       "application/pkcs7-mime",
+	".p7r":       "application/x-pkcs7-certreqresp",
+	".p7s":       "application/pkcs7-signature",
+	".p":         "text/x-pascal",
+	".part":      "application/pro_eng",
+	".pas":       "text/pascal",
+	".pbm":       "image/x-portable-bitmap",
+	".pcl":       "application/vndhp-pcl",
+	".pct":       "image/x-pict",
+	".pcx":       "image/x-pcx",
+	".pdb":       "chemical/x-pdb",
+	".pdf":       "application/pdf",
+	".pfunk":     "audio/make",
+	".pgm":       "image/x-portable-graymap",
+	".pic":       "image/pict",
+	".pict":      "image/pict",
+	".pkg":       "application/x-newton-compatible-pkg",
+	".pko":       "application/vndms-pkipko",
+	".pl":        "text/x-scriptperl",
+	".plx":       "application/x-pixclscript",
+	".pm4":       "application/x-pagemaker",
+	".pm5":       "application/x-pagemaker",
+	".pm":        "text/x-scriptperl-module",
+	".png":       "image/png",
+	".pnm":       "application/x-portable-anymap",
+	".pot":       "application/mspowerpoint",
+	".pov":       "model/x-pov",
+	".ppa":       "application/vndms-powerpoint",
+	".ppm":       "image/x-portable-pixmap",
+	".pps":       "application/mspowerpoint",
+	".ppt":       "application/mspowerpoint",
+	".ppz":       "application/mspowerpoint",
+	".pre":       "application/x-freelance",
+	".prt":       "application/pro_eng",
+	".ps":        "application/postscript",
+	".psd":       "application/octet-stream",
+	".pvu":       "paleovu/x-pv",
+	".pwz":       "application/vndms-powerpoint",
+	".py":        "text/x-scriptphyton",
+	".pyc":       "application/x-bytecodepython",
+	".qcp":       "audio/vndqcelp",
+	".qd3":       "x-world/x-3dmf",
+	".qd3d":      "x-world/x-3dmf",
+	".qif":       "image/x-quicktime",
+	".qt":        "video/quicktime",
+	".qtc":       "video/x-qtc",
+	".qti":       "image/x-quicktime",
+	".qtif":      "image/x-quicktime",
+	".ra":        "audio/x-pn-realaudio",
+	".ram":       "audio/x-pn-realaudio",
+	".rar":       "application/x-rar-compressed",
+	".ras":       "application/x-cmu-raster",
+	".rast":      "image/cmu-raster",
+	".rexx":      "text/x-scriptrexx",
+	".rf":        "image/vndrn-realflash",
+	".rgb":       "image/x-rgb",
+	".rm":        "application/vndrn-realmedia",
+	".rmi":       "audio/mid",
+	".rmm":       "audio/x-pn-realaudio",
+	".rmp":       "audio/x-pn-realaudio",
+	".rng":       "application/ringing-tones",
+	".rnx":       "application/vndrn-realplayer",
+	".roff":      "application/x-troff",
+	".rp":        "image/vndrn-realpix",
+	".rpm":       "audio/x-pn-realaudio-plugin",
+	".rt":        "text/vndrn-realtext",
+	".rtf":       "text/richtext",
+	".rtx":       "text/richtext",
+	".rv":        "video/vndrn-realvideo",
+	".s":         "text/x-asm",
+	".s3m":       "audio/s3m",
+	".s7z":       "application/x-7z-compressed",
+	".saveme":    "application/octet-stream",
+	".sbk":       "application/x-tbook",
+	".scm":       "text/x-scriptscheme",
+	".sdml":      ContentTextHeaderValue,
+	".sdp":       "application/sdp",
+	".sdr":       "application/sounder",
+	".sea":       "application/sea",
+	".set":       "application/set",
+	".sgm":       "text/x-sgml",
+	".sgml":      "text/x-sgml",
+	".sh":        "text/x-scriptsh",
+	".shar":      "application/x-bsh",
+	".shtml":     "text/x-server-parsed-html",
+	".sid":       "audio/x-psid",
+	".skd":       "application/x-koan",
+	".skm":       "application/x-koan",
+	".skp":       "application/x-koan",
+	".skt":       "application/x-koan",
+	".sit":       "application/x-stuffit",
+	".sitx":      "application/x-stuffitx",
+	".sl":        "application/x-seelogo",
+	".smi":       "application/smil",
+	".smil":      "application/smil",
+	".snd":       "audio/basic",
+	".sol":       "application/solids",
+	".spc":       "text/x-speech",
+	".spl":       "application/futuresplash",
+	".spr":       "application/x-sprite",
+	".sprite":    "application/x-sprite",
+	".spx":       "audio/ogg",
+	".src":       "application/x-wais-source",
+	".ssi":       "text/x-server-parsed-html",
+	".ssm":       "application/streamingmedia",
+	".sst":       "application/vndms-pkicertstore",
+	".step":      "application/step",
+	".stl":       "application/sla",
+	".stp":       "application/step",
+	".sv4cpio":   "application/x-sv4cpio",
+	".sv4crc":    "application/x-sv4crc",
+	".svf":       "image/vnddwg",
+	".svg":       "image/svg+xml",
+	".svr":       "application/x-world",
+	".swf":       "application/x-shockwave-flash",
+	".t":         "application/x-troff",
+	".talk":      "text/x-speech",
+	".tar":       "application/x-tar",
+	".tbk":       "application/toolbook",
+	".tcl":       "text/x-scripttcl",
+	".tcsh":      "text/x-scripttcsh",
+	".tex":       "application/x-tex",
+	".texi":      "application/x-texinfo",
+	".texinfo":   "application/x-texinfo",
+	".text":      ContentTextHeaderValue,
+	".tgz":       "application/gnutar",
+	".tif":       "image/tiff",
+	".tiff":      "image/tiff",
+	".tr":        "application/x-troff",
+	".tsi":       "audio/tsp-audio",
+	".tsp":       "application/dsptype",
+	".tsv":       "text/tab-separated-values",
+	".turbot":    "image/florian",
+	".txt":       ContentTextHeaderValue,
+	".uil":       "text/x-uil",
+	".uni":       "text/uri-list",
+	".unis":      "text/uri-list",
+	".unv":       "application/i-deas",
+	".uri":       "text/uri-list",
+	".uris":      "text/uri-list",
+	".ustar":     "application/x-ustar",
+	".uu":        "text/x-uuencode",
+	".uue":       "text/x-uuencode",
+	".vcd":       "application/x-cdlink",
+	".vcf":       "text/x-vcard",
+	".vcard":     "text/x-vcard",
+	".vcs":       "text/x-vcalendar",
+	".vda":       "application/vda",
+	".vdo":       "video/vdo",
+	".vew":       "application/groupwise",
+	".viv":       "video/vivo",
+	".vivo":      "video/vivo",
+	".vmd":       "application/vocaltec-media-desc",
+	".vmf":       "application/vocaltec-media-file",
+	".voc":       "audio/voc",
+	".vos":       "video/vosaic",
+	".vox":       "audio/voxware",
+	".vqe":       "audio/x-twinvq-plugin",
+	".vqf":       "audio/x-twinvq",
+	".vql":       "audio/x-twinvq-plugin",
+	".vrml":      "application/x-vrml",
+	".vrt":       "x-world/x-vrt",
+	".vsd":       "application/x-visio",
+	".vst":       "application/x-visio",
+	".vsw":       "application/x-visio",
+	".w60":       "application/wordperfect60",
+	".w61":       "application/wordperfect61",
+	".w6w":       "application/msword",
+	".wav":       "audio/wav",
+	".wb1":       "application/x-qpro",
+	".wbmp":      "image/vnd.wap.wbmp",
+	".web":       "application/vndxara",
+	".wiz":       "application/msword",
+	".wk1":       "application/x-123",
+	".wmf":       "windows/metafile",
+	".wml":       "text/vnd.wap.wml",
+	".wmlc":      "application/vnd.wap.wmlc",
+	".wmls":      "text/vnd.wap.wmlscript",
+	".wmlsc":     "application/vnd.wap.wmlscriptc",
+	".word":      "application/msword",
+	".wp5":       "application/wordperfect",
+	".wp6":       "application/wordperfect",
+	".wp":        "application/wordperfect",
+	".wpd":       "application/wordperfect",
+	".wq1":       "application/x-lotus",
+	".wri":       "application/mswrite",
+	".wrl":       "application/x-world",
+	".wrz":       "model/vrml",
+	".wsc":       "text/scriplet",
+	".wsrc":      "application/x-wais-source",
+	".wtk":       "application/x-wintalk",
+	".x-png":     "image/png",
+	".xbm":       "image/x-xbitmap",
+	".xdr":       "video/x-amt-demorun",
+	".xgz":       "xgl/drawing",
+	".xif":       "image/vndxiff",
+	".xl":        "application/excel",
+	".xla":       "application/excel",
+	".xlb":       "application/excel",
+	".xlc":       "application/excel",
+	".xld":       "application/excel",
+	".xlk":       "application/excel",
+	".xll":       "application/excel",
+	".xlm":       "application/excel",
+	".xls":       "application/excel",
+	".xlt":       "application/excel",
+	".xlv":       "application/excel",
+	".xlw":       "application/excel",
+	".xm":        "audio/xm",
+	".xml":       ContentXMLHeaderValue,
+	".xmz":       "xgl/movie",
+	".xpix":      "application/x-vndls-xpix",
+	".xpm":       "image/x-xpixmap",
+	".xsr":       "video/x-amt-showrun",
+	".xwd":       "image/x-xwd",
+	".xyz":       "chemical/x-pdb",
+	".z":         "application/x-compress",
+	".zip":       "application/zip",
+	".zoo":       "application/octet-stream",
+	".zsh":       "text/x-scriptzsh",
+	".docx":      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+	".docm":      "application/vnd.ms-word.document.macroEnabled.12",
+	".dotx":      "application/vnd.openxmlformats-officedocument.wordprocessingml.template",
+	".dotm":      "application/vnd.ms-word.template.macroEnabled.12",
+	".xlsx":      "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+	".xlsm":      "application/vnd.ms-excel.sheet.macroEnabled.12",
+	".xltx":      "application/vnd.openxmlformats-officedocument.spreadsheetml.template",
+	".xltm":      "application/vnd.ms-excel.template.macroEnabled.12",
+	".xlsb":      "application/vnd.ms-excel.sheet.binary.macroEnabled.12",
+	".xlam":      "application/vnd.ms-excel.addin.macroEnabled.12",
+	".pptx":      "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+	".pptm":      "application/vnd.ms-powerpoint.presentation.macroEnabled.12",
+	".ppsx":      "application/vnd.openxmlformats-officedocument.presentationml.slideshow",
+	".ppsm":      "application/vnd.ms-powerpoint.slideshow.macroEnabled.12",
+	".potx":      "application/vnd.openxmlformats-officedocument.presentationml.template",
+	".potm":      "application/vnd.ms-powerpoint.template.macroEnabled.12",
+	".ppam":      "application/vnd.ms-powerpoint.addin.macroEnabled.12",
+	".sldx":      "application/vnd.openxmlformats-officedocument.presentationml.slide",
+	".sldm":      "application/vnd.ms-powerpoint.slide.macroEnabled.12",
+	".thmx":      "application/vnd.ms-officetheme",
+	".onetoc":    "application/onenote",
+	".onetoc2":   "application/onenote",
+	".onetmp":    "application/onenote",
+	".onepkg":    "application/onenote",
+	".xpi":       "application/x-xpinstall",
+	".wasm":      "application/wasm",
+	".m4a":       "audio/mp4",
+	".flac":      "audio/x-flac",
+	".amr":       "audio/amr",
+	".aac":       "audio/aac",
+	".opus":      "video/ogg",
+	".m4v":       "video/mp4",
+	".mkv":       "video/x-matroska",
+	".caf":       "audio/x-caf",
+	".m3u8":      "application/x-mpegURL",
+	".mpd":       "application/dash+xml",
+	".webp":      "image/webp",
+	".epub":      "application/epub+zip",
+}
+
+//nolint:gochecknoinits
+func init() {
+	for ext, typ := range types {
+		// skip errors
+		_ = mime.AddExtensionType(ext, typ)
+	}
+}

fileutils/file.go

@@ -7,6 +7,8 @@ import (
 	"path/filepath"
 
 	"github.com/spf13/afero"
+
+	"github.com/filebrowser/filebrowser/v2/files"
 )
 
 // MoveFile moves file from src to dst.
@@ -17,12 +19,12 @@ func MoveFile(fs afero.Fs, src, dst string) error {
 		return nil
 	}
 	// fallback
-	err := CopyFile(fs, src, dst)
+	err := Copy(fs, src, dst)
 	if err != nil {
 		_ = fs.Remove(dst)
 		return err
 	}
-	if err := fs.Remove(src); err != nil {
+	if err := fs.RemoveAll(src); err != nil {
 		return err
 	}
 	return nil
@@ -40,13 +42,13 @@ func CopyFile(fs afero.Fs, source, dest string) error {
 
 	// Makes the directory needed to create the dst
 	// file.
-	err = fs.MkdirAll(filepath.Dir(dest), 0666)
+	err = fs.MkdirAll(filepath.Dir(dest), files.PermDir)
 	if err != nil {
 		return err
 	}
 
 	// Create the destination file.
-	dst, err := fs.OpenFile(dest, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0775)
+	dst, err := fs.OpenFile(dest, os.O_RDWR|os.O_CREATE|os.O_TRUNC, files.PermFile)
 	if err != nil {
 		return err
 	}
@@ -96,7 +98,7 @@ func CommonPrefix(sep byte, paths ...string) string {
 	// (e.g. /home/user1, /home/user1/foo, /home/user1/bar).
 	// path.Clean will have cleaned off trailing / separators with
 	// the exception of the root directory, "/" (in which case we
-	// make it "//", but this will get fixed up to "/" bellow).
+	// make it "//", but this will get fixed up to "/" below).
 	c = append(c, sep)
 
 	// Ignore the first path since it's already in c

frontend/.prettierignore

@@ -0,0 +1,3 @@
+# Ignore artifacts:
+dist
+pnpm-lock.yaml

frontend/.prettierrc.json

@@ -0,0 +1,3 @@
+{
+  "trailingComma": "es5"
+}

frontend/assets.go

@@ -0,0 +1,13 @@
+//go:build !dev
+// +build !dev
+
+package frontend
+
+import "embed"
+
+//go:embed dist/*
+var assets embed.FS
+
+func Assets() embed.FS {
+	return assets
+}

frontend/assets_dev.go

@@ -0,0 +1,15 @@
+//go:build dev
+// +build dev
+
+package frontend
+
+import (
+	"io/fs"
+	"os"
+)
+
+var assets fs.FS = os.DirFS("frontend")
+
+func Assets() fs.FS {
+	return assets
+}

frontend/babel.config.js

@@ -1,5 +0,0 @@
-module.exports = {
-  presets: [
-    '@vue/app'
-  ]
-}

frontend/env.d.ts

@@ -0,0 +1 @@
+/// <reference types="vite/client" />

frontend/eslint.config.js

@@ -0,0 +1,38 @@
+import pluginVue from "eslint-plugin-vue";
+import vueTsEslintConfig from "@vue/eslint-config-typescript";
+import prettierConfig from "@vue/eslint-config-prettier";
+
+export default [
+  {
+    name: "app/files-to-lint",
+    files: ["**/*.{ts,mts,tsx,vue}"],
+  },
+
+  {
+    name: "app/files-to-ignore",
+    ignores: ["**/dist/**", "**/dist-ssr/**", "**/coverage/**"],
+  },
+
+  ...pluginVue.configs["flat/essential"],
+  ...vueTsEslintConfig(),
+  prettierConfig,
+
+  {
+    rules: {
+      // Note: you must disable the base rule as it can report incorrect errors
+      "no-unused-expressions": "off",
+      "@typescript-eslint/no-unused-expressions": "off",
+      // TODO: theres too many of these from before ts
+      "@typescript-eslint/no-explicit-any": "off",
+      // TODO: finish the ts conversion
+      "vue/block-lang": "off",
+      "vue/multi-word-component-names": "off",
+      "vue/no-mutating-props": [
+        "error",
+        {
+          shallowOnly: true,
+        },
+      ],
+    },
+  },
+];

frontend/index.html

@@ -0,0 +1,192 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta
+      name="viewport"
+      content="width=device-width, initial-scale=1, user-scalable=no"
+    />
+
+    <title>File Browser</title>
+
+    <link
+      rel="icon"
+      type="image/png"
+      sizes="32x32"
+      href="/img/icons/favicon-32x32.png"
+    />
+    <link
+      rel="icon"
+      type="image/png"
+      sizes="16x16"
+      href="/img/icons/favicon-16x16.png"
+    />
+
+    <!-- Add to home screen for Android and modern mobile browsers -->
+    <link
+      rel="manifest"
+      id="manifestPlaceholder"
+      crossorigin="use-credentials"
+    />
+    <meta name="theme-color" content="#2979ff" />
+
+    <!-- Add to home screen for Safari on iOS/iPadOS -->
+    <meta name="apple-mobile-web-app-capable" content="yes" />
+    <meta name="apple-mobile-web-app-status-bar-style" content="black" />
+    <meta name="apple-mobile-web-app-title" content="assets" />
+    <link rel="apple-touch-icon" href="/img/icons/apple-touch-icon.png" />
+
+    <!-- Add to home screen for Windows -->
+    <meta
+      name="msapplication-TileImage"
+      content="/img/icons/mstile-144x144.png"
+    />
+    <meta name="msapplication-TileColor" content="#2979ff" />
+
+    <!-- Inject Some Variables and generate the manifest json -->
+    <script>
+      // We can assign JSON directly
+      window.FileBrowser = {
+        AuthMethod: "json",
+        BaseURL: "",
+        CSS: false,
+        Color: "",
+        DisableExternal: false,
+        DisableUsedPercentage: false,
+        EnableExec: true,
+        EnableThumbs: true,
+        LoginPage: true,
+        Name: "",
+        NoAuth: false,
+        ReCaptcha: false,
+        ResizePreview: true,
+        Signup: false,
+        StaticURL: "",
+        Theme: "",
+        TusSettings: { chunkSize: 10485760, retryCount: 5 },
+        Version: "(untracked)",
+      };
+      // Global function to prepend static url
+      window.__prependStaticUrl = (url) => {
+        return `${window.FileBrowser.StaticURL}/${url.replace(/^\/+/, "")}`;
+      };
+      var dynamicManifest = {
+        name: window.FileBrowser.Name || "File Browser",
+        short_name: window.FileBrowser.Name || "File Browser",
+        icons: [
+          {
+            src: window.__prependStaticUrl(
+              "/img/icons/android-chrome-192x192.png"
+            ),
+            sizes: "192x192",
+            type: "image/png",
+          },
+          {
+            src: window.__prependStaticUrl(
+              "/img/icons/android-chrome-512x512.png"
+            ),
+            sizes: "512x512",
+            type: "image/png",
+          },
+        ],
+        start_url: window.location.origin + window.FileBrowser.BaseURL,
+        display: "standalone",
+        background_color: "#ffffff",
+        theme_color: window.FileBrowser.Color || "#455a64",
+      };
+
+      const stringManifest = JSON.stringify(dynamicManifest);
+      const blob = new Blob([stringManifest], { type: "application/json" });
+      const manifestURL = URL.createObjectURL(blob);
+      document
+        .querySelector("#manifestPlaceholder")
+        .setAttribute("href", manifestURL);
+    </script>
+
+    <style>
+      #loading {
+        position: fixed;
+        top: 0;
+        left: 0;
+        width: 100%;
+        height: 100%;
+        background: #fff;
+        z-index: 9999;
+        transition: 0.1s ease opacity;
+        -webkit-transition: 0.1s ease opacity;
+      }
+
+      #loading.done {
+        opacity: 0;
+      }
+
+      #loading .spinner {
+        width: 70px;
+        text-align: center;
+        position: fixed;
+        top: 50%;
+        left: 50%;
+        -webkit-transform: translate(-50%, -50%);
+        transform: translate(-50%, -50%);
+      }
+
+      #loading .spinner > div {
+        width: 18px;
+        height: 18px;
+        background-color: #333;
+        border-radius: 100%;
+        display: inline-block;
+        -webkit-animation: sk-bouncedelay 1.4s infinite ease-in-out both;
+        animation: sk-bouncedelay 1.4s infinite ease-in-out both;
+      }
+
+      #loading .spinner .bounce1 {
+        -webkit-animation-delay: -0.32s;
+        animation-delay: -0.32s;
+      }
+
+      #loading .spinner .bounce2 {
+        -webkit-animation-delay: -0.16s;
+        animation-delay: -0.16s;
+      }
+
+      @-webkit-keyframes sk-bouncedelay {
+        0%,
+        80%,
+        100% {
+          -webkit-transform: scale(0);
+        }
+        40% {
+          -webkit-transform: scale(1);
+        }
+      }
+
+      @keyframes sk-bouncedelay {
+        0%,
+        80%,
+        100% {
+          -webkit-transform: scale(0);
+          transform: scale(0);
+        }
+        40% {
+          -webkit-transform: scale(1);
+          transform: scale(1);
+        }
+      }
+    </style>
+  </head>
+  <body>
+    <div id="app"></div>
+
+    <div id="loading">
+      <div class="spinner">
+        <div class="bounce1"></div>
+        <div class="bounce2"></div>
+        <div class="bounce3"></div>
+      </div>
+    </div>
+
+    <script type="module" src="/src/main.ts"></script>
+  </body>
+</html>

frontend/package.json

@@ -1,63 +1,78 @@
 {
   "name": "filebrowser-frontend",
-  "version": "2.0.0",
+  "version": "3.0.0",
   "private": true,
+  "type": "module",
+  "engines": {
+    "node": ">=22.0.0",
+    "pnpm": ">=9.0.0"
+  },
   "scripts": {
-    "serve": "vue-cli-service serve",
-    "build": "vue-cli-service build",
-    "watch": "vue-cli-service build --watch",
-    "lint": "vue-cli-service lint --fix"
+    "dev": "vite dev",
+    "build": "pnpm run typecheck && vite build",
+    "clean": "find ./dist -maxdepth 1 -mindepth 1 ! -name '.gitkeep' -exec rm -r {} +",
+    "typecheck": "vue-tsc -p ./tsconfig.tsc.json --noEmit",
+    "lint": "eslint src/",
+    "lint:fix": "eslint --fix src/",
+    "format": "prettier --write .",
+    "test": "playwright test"
   },
   "dependencies": {
-    "ace-builds": "^1.4.7",
-    "clipboard": "^2.0.4",
-    "js-base64": "^2.5.1",
-    "lodash.clonedeep": "^4.5.0",
-    "lodash.throttle": "^4.1.1",
-    "material-design-icons": "^3.0.1",
-    "moment": "^2.24.0",
+    "@chenfengyuan/vue-number-input": "^2.0.1",
+    "@vueuse/core": "^12.5.0",
+    "@vueuse/integrations": "^12.5.0",
+    "ace-builds": "^1.37.5",
+    "core-js": "^3.40.0",
+    "dayjs": "^1.11.10",
+    "dompurify": "^3.2.6",
+    "epubjs": "^0.3.93",
+    "filesize": "^10.1.1",
+    "js-base64": "^3.7.7",
+    "jwt-decode": "^4.0.0",
+    "lodash-es": "^4.17.21",
+    "marked": "^15.0.6",
+    "material-icons": "^1.13.13",
     "normalize.css": "^8.0.1",
-    "noty": "^3.2.0-beta",
-    "qrcode.vue": "^1.7.0",
+    "pinia": "^2.3.1",
+    "pretty-bytes": "^6.1.1",
+    "qrcode.vue": "^3.4.1",
+    "tus-js-client": "^4.3.1",
     "utif": "^3.1.0",
-    "vue": "^2.6.10",
-    "vue-i18n": "^8.15.3",
-    "vue-lazyload": "^1.3.3",
-    "vue-router": "^3.1.3",
-    "vuex": "^3.1.2",
-    "vuex-router-sync": "^5.0.0"
+    "video.js": "^8.21.0",
+    "videojs-hotkeys": "^0.2.28",
+    "videojs-mobile-ui": "^1.1.1",
+    "vue": "^3.4.21",
+    "vue-final-modal": "^4.5.4",
+    "vue-i18n": "^11.1.2",
+    "vue-lazyload": "^3.0.0",
+    "vue-reader": "^1.2.17",
+    "vue-router": "^4.3.0",
+    "vue-toastification": "^2.0.0-rc.5"
   },
   "devDependencies": {
-    "@vue/cli-plugin-babel": "^4.1.2",
-    "@vue/cli-plugin-eslint": "^4.1.1",
-    "@vue/cli-service": "^4.1.2",
-    "babel-eslint": "^10.0.3",
-    "eslint": "^6.7.2",
-    "eslint-plugin-vue": "^6.1.2",
-    "vue-template-compiler": "^2.6.10"
+    "@intlify/unplugin-vue-i18n": "^6.0.3",
+    "@playwright/test": "^1.50.0",
+    "@tsconfig/node22": "^22.0.0",
+    "@types/lodash-es": "^4.17.12",
+    "@types/node": "^22.10.10",
+    "@typescript-eslint/eslint-plugin": "^8.21.0",
+    "@vitejs/plugin-legacy": "^6.0.0",
+    "@vitejs/plugin-vue": "^5.0.4",
+    "@vue/eslint-config-prettier": "^10.2.0",
+    "@vue/eslint-config-typescript": "^14.3.0",
+    "@vue/tsconfig": "^0.7.0",
+    "autoprefixer": "^10.4.19",
+    "concurrently": "^9.1.2",
+    "eslint": "^9.19.0",
+    "eslint-plugin-prettier": "^5.2.3",
+    "eslint-plugin-vue": "^9.24.0",
+    "jsdom": "^26.0.0",
+    "postcss": "^8.5.1",
+    "prettier": "^3.4.2",
+    "terser": "^5.37.0",
+    "vite": "^6.1.6",
+    "vite-plugin-compression2": "^1.0.0",
+    "vue-tsc": "^2.2.0"
   },
-  "eslintConfig": {
-    "root": true,
-    "env": {
-      "node": true
-    },
-    "extends": [
-      "plugin:vue/essential",
-      "eslint:recommended"
-    ],
-    "rules": {},
-    "parserOptions": {
-      "parser": "babel-eslint"
-    }
-  },
-  "postcss": {
-    "plugins": {
-      "autoprefixer": {}
-    }
-  },
-  "browserslist": [
-    "> 1%",
-    "last 2 versions",
-    "not ie <= 8"
-  ]
+  "packageManager": "pnpm@9.15.4+sha512.b2dc20e2fc72b3e18848459b37359a32064663e5627a51e4c74b2c29dd8e8e0491483c3abb40789cfd578bf362fb6ba8261b05f0387d76792ed6e23ea3b1b6a0"
 }

frontend/playwright.config.ts

@@ -0,0 +1,80 @@
+import { defineConfig, devices } from "@playwright/test";
+
+/**
+ * Read environment variables from file.
+ * https://github.com/motdotla/dotenv
+ */
+// require('dotenv').config();
+
+/**
+ * See https://playwright.dev/docs/test-configuration.
+ */
+export default defineConfig({
+  testDir: "./tests",
+  /* Run tests in files in parallel */
+  fullyParallel: true,
+  /* Fail the build on CI if you accidentally left test.only in the source code. */
+  forbidOnly: !!process.env.CI,
+  /* Retry on CI only */
+  retries: process.env.CI ? 2 : 0,
+  /* Opt out of parallel tests on CI. */
+  workers: process.env.CI ? 1 : undefined,
+  /* Reporter to use. See https://playwright.dev/docs/test-reporters */
+  reporter: "html",
+  /* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
+  use: {
+    /* Base URL to use in actions like `await page.goto('/')`. */
+    baseURL: "http://127.0.0.1:5173",
+
+    /* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
+    trace: "on-first-retry",
+
+    /* Set default locale to English (US) */
+    locale: "en-US",
+  },
+
+  /* Configure projects for major browsers */
+  projects: [
+    {
+      name: "chromium",
+      use: { ...devices["Desktop Chrome"] },
+    },
+
+    {
+      name: "firefox",
+      use: { ...devices["Desktop Firefox"] },
+    },
+
+    // {
+    //   name: "webkit",
+    //   use: { ...devices["Desktop Safari"] },
+    // },
+
+    /* Test against mobile viewports. */
+    // {
+    //   name: 'Mobile Chrome',
+    //   use: { ...devices['Pixel 5'] },
+    // },
+    // {
+    //   name: 'Mobile Safari',
+    //   use: { ...devices['iPhone 12'] },
+    // },
+
+    /* Test against branded browsers. */
+    // {
+    //   name: 'Microsoft Edge',
+    //   use: { ...devices['Desktop Edge'], channel: 'msedge' },
+    // },
+    // {
+    //   name: 'Google Chrome',
+    //   use: { ...devices['Desktop Chrome'], channel: 'chrome' },
+    // },
+  ],
+
+  /* Run your local dev server before starting the tests */
+  webServer: {
+    command: "npm run dev",
+    url: "http://127.0.0.1:5173",
+    reuseExistingServer: !process.env.CI,
+  },
+});

frontend/postcss.config.cjs

@@ -0,0 +1,5 @@
+module.exports = {
+  plugins: {
+    autoprefixer: {},
+  },
+};

frontend/public/index.html

@@ -1,144 +1,190 @@
-<!DOCTYPE html>
+<!doctype html>
 <html lang="en">
-<head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
+  <head>
+    <meta charset="utf-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta
+      name="viewport"
+      content="width=device-width, initial-scale=1, user-scalable=no"
+    />
 
-  [{[ if .ReCaptcha -]}]
+    [{[ if .ReCaptcha -]}]
     <script src="[{[ .ReCaptchaHost ]}]/recaptcha/api.js?render=explicit"></script>
-  [{[ end ]}]
+    [{[ end ]}]
 
-  <title>[{[ if .Name -]}][{[ .Name ]}][{[ else ]}]File Browser[{[ end ]}]</title>
+    <title>
+      [{[ if .Name -]}][{[ .Name ]}][{[ else ]}]File Browser[{[ end ]}]
+    </title>
 
-  <link rel="icon" type="image/png" sizes="32x32" href="[{[ .StaticURL ]}]/img/icons/favicon-32x32.png">
-  <link rel="icon" type="image/png" sizes="16x16" href="[{[ .StaticURL ]}]/img/icons/favicon-16x16.png">
+    <meta name="robots" content="noindex,nofollow" />
 
-  <!-- Add to home screen for Android and modern mobile browsers -->
-  <link rel="manifest" id="manifestPlaceholder" crossorigin="use-credentials">
-  <meta name="theme-color" content="#2979ff">
+    <link
+      rel="icon"
+      type="image/png"
+      sizes="32x32"
+      href="[{[ .StaticURL ]}]/img/icons/favicon-32x32.png"
+    />
+    <link
+      rel="icon"
+      type="image/png"
+      sizes="16x16"
+      href="[{[ .StaticURL ]}]/img/icons/favicon-16x16.png"
+    />
 
-  <!-- Add to home screen for Safari on iOS/iPadOS -->
-  <meta name="apple-mobile-web-app-capable" content="yes">
-  <meta name="apple-mobile-web-app-status-bar-style" content="black">
-  <meta name="apple-mobile-web-app-title" content="assets">
-  <link rel="apple-touch-icon" href="[{[ .StaticURL ]}]/img/icons/apple-touch-icon.png">
+    <!-- Add to home screen for Android and modern mobile browsers -->
+    <link
+      rel="manifest"
+      id="manifestPlaceholder"
+      crossorigin="use-credentials"
+    />
+    <meta
+      name="theme-color"
+      content="[{[ if .Color -]}][{[ .Color ]}][{[ else ]}]#2979ff[{[ end ]}]"
+    />
 
-  <!-- Add to home screen for Windows -->
-  <meta name="msapplication-TileImage" content="[{[ .StaticURL ]}]/img/icons/mstile-144x144.png">
-  <meta name="msapplication-TileColor" content="#2979ff">
+    <!-- Add to home screen for Safari on iOS/iPadOS -->
+    <meta name="apple-mobile-web-app-capable" content="yes" />
+    <meta name="apple-mobile-web-app-status-bar-style" content="black" />
+    <meta name="apple-mobile-web-app-title" content="assets" />
+    <link
+      rel="apple-touch-icon"
+      href="[{[ .StaticURL ]}]/img/icons/apple-touch-icon.png"
+    />
 
-  <!-- Inject Some Variables and generate the manifest json -->
-  <script>
-    window.FileBrowser = JSON.parse(`[{[ .Json ]}]`);
+    <!-- Add to home screen for Windows -->
+    <meta
+      name="msapplication-TileImage"
+      content="[{[ .StaticURL ]}]/img/icons/mstile-144x144.png"
+    />
+    <meta
+      name="msapplication-TileColor"
+      content="[{[ if .Color -]}][{[ .Color ]}][{[ else ]}]#2979ff[{[ end ]}]"
+    />
 
-    var fullStaticURL = window.location.origin + window.FileBrowser.StaticURL;
-    var dynamicManifest = {
-      "name": window.FileBrowser.Name || 'File Browser',
-      "short_name": window.FileBrowser.Name || 'File Browser',
-      "icons": [
-        {
-          "src": fullStaticURL + "/img/icons/android-chrome-192x192.png",
-          "sizes": "192x192",
-          "type": "image/png"
-        },
-        {
-          "src": fullStaticURL + "/img/icons/android-chrome-512x512.png",
-          "sizes": "512x512",
-          "type": "image/png"
+    <!-- Inject Some Variables and generate the manifest json -->
+    <script>
+      // We can assign JSON directly
+      window.FileBrowser = [{[ .Json ]}];
+      // Global function to prepend static url
+      window.__prependStaticUrl = (url) => {
+        return `${window.FileBrowser.StaticURL}/${url.replace(/^\/+/, "")}`;
+      };
+      var dynamicManifest = {
+        name: window.FileBrowser.Name || "File Browser",
+        short_name: window.FileBrowser.Name || "File Browser",
+        icons: [
+          {
+            src: window.__prependStaticUrl("/img/icons/android-chrome-192x192.png"),
+            sizes: "192x192",
+            type: "image/png",
+          },
+          {
+            src: window.__prependStaticUrl("/img/icons/android-chrome-512x512.png"),
+            sizes: "512x512",
+            type: "image/png",
+          },
+        ],
+        start_url: window.location.origin + window.FileBrowser.BaseURL,
+        display: "standalone",
+        background_color: "#ffffff",
+        theme_color: window.FileBrowser.Color || "#455a64",
+      };
+
+      const stringManifest = JSON.stringify(dynamicManifest);
+      const blob = new Blob([stringManifest], { type: "application/json" });
+      const manifestURL = URL.createObjectURL(blob);
+      document
+        .querySelector("#manifestPlaceholder")
+        .setAttribute("href", manifestURL);
+    </script>
+
+    <style>
+      #loading {
+        position: fixed;
+        top: 0;
+        left: 0;
+        width: 100%;
+        height: 100%;
+        background: #fff;
+        z-index: 9999;
+        transition: 0.1s ease opacity;
+        -webkit-transition: 0.1s ease opacity;
+      }
+
+      #loading.done {
+        opacity: 0;
+      }
+
+      #loading .spinner {
+        width: 70px;
+        text-align: center;
+        position: fixed;
+        top: 50%;
+        left: 50%;
+        -webkit-transform: translate(-50%, -50%);
+        transform: translate(-50%, -50%);
+      }
+
+      #loading .spinner > div {
+        width: 18px;
+        height: 18px;
+        background-color: #333;
+        border-radius: 100%;
+        display: inline-block;
+        -webkit-animation: sk-bouncedelay 1.4s infinite ease-in-out both;
+        animation: sk-bouncedelay 1.4s infinite ease-in-out both;
+      }
+
+      #loading .spinner .bounce1 {
+        -webkit-animation-delay: -0.32s;
+        animation-delay: -0.32s;
+      }
+
+      #loading .spinner .bounce2 {
+        -webkit-animation-delay: -0.16s;
+        animation-delay: -0.16s;
+      }
+
+      @-webkit-keyframes sk-bouncedelay {
+        0%,
+        80%,
+        100% {
+          -webkit-transform: scale(0);
         }
-      ],
-      "start_url": window.location.origin + window.FileBrowser.BaseURL,
-      "display": "standalone",
-      "background_color": "#ffffff",
-      "theme_color": "#455a64"
-    }
+        40% {
+          -webkit-transform: scale(1);
+        }
+      }
 
-    const stringManifest = JSON.stringify(dynamicManifest);
-    const blob = new Blob([stringManifest], {type: 'application/json'});
-    const manifestURL = URL.createObjectURL(blob);
-    document.querySelector('#manifestPlaceholder').setAttribute('href', manifestURL);
-  </script>
+      @keyframes sk-bouncedelay {
+        0%,
+        80%,
+        100% {
+          -webkit-transform: scale(0);
+          transform: scale(0);
+        }
+        40% {
+          -webkit-transform: scale(1);
+          transform: scale(1);
+        }
+      }
+    </style>
+  </head>
+  <body>
+    <div id="app"></div>
 
-  <style>
-  #loading {
-    position: fixed;
-    top: 0;
-    left: 0;
-    width: 100%;
-    height: 100%;
-    background: #fff;
-    z-index: 9999;
-    transition: .1s ease opacity;
-    -webkit-transition: .1s ease opacity;
-  }
-
-  #loading.done {
-    opacity: 0;
-  }
-
-  .spinner {
-    width: 70px;
-    text-align: center;
-    position: fixed;
-    top: 50%;
-    left: 50%;
-    -webkit-transform: translate(-50%, -50%);
-            transform: translate(-50%, -50%);
-  }
-
-  .spinner > div {
-    width: 18px;
-    height: 18px;
-    background-color: #333;
-    border-radius: 100%;
-    display: inline-block;
-    -webkit-animation: sk-bouncedelay 1.4s infinite ease-in-out both;
-    animation: sk-bouncedelay 1.4s infinite ease-in-out both;
-  }
-
-  .spinner .bounce1 {
-    -webkit-animation-delay: -0.32s;
-    animation-delay: -0.32s;
-  }
-
-  .spinner .bounce2 {
-    -webkit-animation-delay: -0.16s;
-    animation-delay: -0.16s;
-  }
-
-  @-webkit-keyframes sk-bouncedelay {
-    0%, 80%, 100% { -webkit-transform: scale(0) }
-    40% { -webkit-transform: scale(1.0) }
-  }
-
-  @keyframes sk-bouncedelay {
-    0%, 80%, 100% {
-      -webkit-transform: scale(0);
-      transform: scale(0);
-    } 40% {
-      -webkit-transform: scale(1.0);
-      transform: scale(1.0);
-    }
-  }
-  </style>
-</head>
-<body>
-  <div id="app"></div>
-
-  <div id="loading">
-    <div class="spinner">
-      <div class="bounce1"></div>
-      <div class="bounce2"></div>
-      <div class="bounce3"></div>
+    <div id="loading">
+      <div class="spinner">
+        <div class="bounce1"></div>
+        <div class="bounce2"></div>
+        <div class="bounce3"></div>
+      </div>
     </div>
-  </div>
 
-  [{[ if .Theme -]}]
-    <link rel="stylesheet" href="[{[ .StaticURL ]}]/themes/[{[ .Theme ]}].css" />
-  [{[ end ]}]
-  [{[ if .CSS -]}]
+    <script type="module" src="/src/main.ts"></script>
+
+    [{[ if .CSS -]}]
     <link rel="stylesheet" href="[{[ .StaticURL ]}]/custom.css" />
-  [{[ end ]}]
-</body>
+    [{[ end ]}]
+  </body>
 </html>

frontend/public/themes/dark.css

@@ -1,201 +0,0 @@
-:root {
-  --background: #141D24;
-  --surfacePrimary: #20292F;
-  --surfaceSecondary: #3A4147;
-  --divider: rgba(255, 255, 255, 0.12);
-  --icon: #ffffff;
-  --textPrimary: rgba(255, 255, 255, 0.87);
-  --textSecondary: rgba(255, 255, 255, 0.6);
-}
-
-body {
-  background: var(--background);
-  color: var(--textPrimary);
-}
-
-#loading {
-  background: var(--background);
-}
-#loading .spinner div, #previewer .loading .spinner div {
-  background: var(--icon);
-}
-
-#login {
-  background: var(--background);
-}
-
-header {
-  background: var(--surfacePrimary);
-}
-
-#search #input {
-  background: var(--surfaceSecondary);
-  border-color: var(--surfacePrimary);
-}
-#search #input input::placeholder {
-  color: var(--textSecondary);
-}
-#search.active #input {
-  background: var(--surfacePrimary);
-}
-#search.active input {
-  color: var(--textPrimary);
-}
-#search #result {
-  background: var(--background);
-  color: var(--textPrimary);
-}
-#search .boxes {
-  background: var(--surfaceSecondary);
-}
-#search .boxes h3 {
-  color: var(--textPrimary);
-}
-
-.action {
-  color: var(--textPrimary) !important;
-}
-.action:hover {
-  background-color: rgba(255, 255, 255, .1);
-}
-.action i {
-  color: var(--icon) !important;
-}
-.action .counter {
-  border-color: var(--surfacePrimary);
-}
-
-nav > div {
-  border-color: var(--divider);
-}
-
-#breadcrumbs {
-  border-color: var(--divider);
-  color: var(--textPrimary) !important;
-}
-#breadcrumbs span {
-  color: var(--textPrimary) !important;
-}
-
-#listing .item {
-  background: var(--surfacePrimary);
-  color: var(--textPrimary);
-  border-color: var(--divider) !important;
-}
-#listing .item i {
-  color: var(--icon);
-}
-#listing .item .modified {
-  color: var(--textSecondary);
-}
-#listing h2,
-#listing.list .header span {
-  color: var(--textPrimary) !important;
-}
-#listing.list .header span {
-  color: var(--textPrimary);
-}
-#listing.list .header i {
-  color: var(--icon);
-}
-#listing.list .item.header {
-  background: var(--background);
-}
-
-.message {
-  color: var(--textPrimary);
-}
-
-.card {
-  background: var(--surfacePrimary);
-  color: var(--textPrimary);
-}
-.button--flat:hover {
-  background: var(--surfaceSecondary);
-}
-
-.card h3,
-.dashboard #nav,
-.dashboard p label {
-  color: var(--textPrimary);
-}
-.card#share ul li input,
-.card#share ul li select,
-.input {
-  background: var(--surfaceSecondary);
-  color: var(--textPrimary);
-  border: 1px solid rgba(255, 255, 255, 0.05);
-}
-.input:hover,
-.input:focus {
-  border-color: rgba(255, 255, 255, 0.15);
-}
-.input--red {
-  background: #73302D;
-}
-
-.input--green {
-  background: #147A41;
-}
-
-.dashboard #nav li,
-.collapsible {
-  border-color: var(--divider);
-}
-.collapsible > label * {
-  color: var(--textPrimary);
-}
-
-table th {
-  color: var(--textSecondary);
-}
-
-.file-list li:hover {
-  background: var(--surfaceSecondary);
-}
-.file-list li:before {
-  color: var(--textSecondary);
-}
-.file-list li[aria-selected=true]:before {
-  color: var(--icon);
-}
-
-.shell {
-  background: var(--surfacePrimary);
-  color: var(--textPrimary);
-}
-.shell__result {
-  border-top: 1px solid var(--divider);
-}
-
-#editor-container {
-  background: var(--background);
-}
-
-#editor-container .bar {
-  background: var(--surfacePrimary);
-}
-
-@media (max-width: 736px) {
-  #file-selection {
-    background: var(--surfaceSecondary) !important;
-  }
-  #file-selection span {
-    color: var(--textPrimary) !important;
-  }
-  nav {
-    background: var(--surfaceSecondary) !important;
-  }
-  #dropdown {
-    background: var(--surfaceSecondary) !important;
-  }
-}
-
-.share__box {
-  background: var(--surfacePrimary) !important;
-  color: var(--textPrimary);
-}
-
-.share__box__element {
-  border-top-color: var(--divider);
-}

frontend/src/App.vue

@@ -4,20 +4,30 @@
   </div>
 </template>
 
-<script>
-export default {
-  name: 'app',
-  mounted () {
-    const loading = document.getElementById('loading')
-    loading.classList.add('done')
+<script setup lang="ts">
+import { ref, onMounted, watch } from "vue";
+import { useI18n } from "vue-i18n";
+import { setHtmlLocale } from "./i18n";
+import { getMediaPreference, getTheme, setTheme } from "./utils/theme";
 
-    setTimeout(function () {
-      loading.parentNode.removeChild(loading)
-    }, 200)
-  }
-}
+const { locale } = useI18n();
+
+const userTheme = ref<UserTheme>(getTheme() || getMediaPreference());
+
+onMounted(() => {
+  setTheme(userTheme.value);
+  setHtmlLocale(locale.value);
+  // this might be null during HMR
+  const loading = document.getElementById("loading");
+  loading?.classList.add("done");
+
+  setTimeout(function () {
+    loading?.parentNode?.removeChild(loading);
+  }, 200);
+});
+
+// handles ltr/rtl changes
+watch(locale, (newValue) => {
+  newValue && setHtmlLocale(newValue);
+});
 </script>
-
-<style>
-@import './css/styles.css';
-</style>

frontend/src/api/commands.js

@@ -1,16 +0,0 @@
-import { removePrefix } from './utils'
-import { baseURL } from '@/utils/constants'
-import store from '@/store'
-
-const ssl = (window.location.protocol === 'https:')
-const protocol = (ssl ? 'wss:' : 'ws:')
-
-export default function command(url, command, onmessage, onclose) {
-  url = removePrefix(url)
-  url = `${protocol}//${window.location.host}${baseURL}/api/command${url}?auth=${store.state.jwt}`
-
-  let conn = new window.WebSocket(url)
-  conn.onopen = () => conn.send(command)
-  conn.onmessage = onmessage
-  conn.onclose = onclose
-}

frontend/src/api/commands.ts

@@ -0,0 +1,20 @@
+import { baseURL } from "@/utils/constants";
+import { removePrefix } from "./utils";
+
+const ssl = window.location.protocol === "https:";
+const protocol = ssl ? "wss:" : "ws:";
+
+export default function command(
+  url: string,
+  command: string,
+  onmessage: WebSocket["onmessage"],
+  onclose: WebSocket["onclose"]
+) {
+  url = removePrefix(url);
+  url = `${protocol}//${window.location.host}${baseURL}/api/command${url}`;
+
+  const conn = new window.WebSocket(url);
+  conn.onopen = () => conn.send(command);
+  conn.onmessage = onmessage;
+  conn.onclose = onclose;
+}

frontend/src/api/files.js

@@ -1,149 +0,0 @@
-import { fetchURL, removePrefix } from './utils'
-import { baseURL } from '@/utils/constants'
-import store from '@/store'
-
-export async function fetch (url) {
-  url = removePrefix(url)
-
-  const res = await fetchURL(`/api/resources${url}`, {})
-
-  if (res.status === 200) {
-    let data = await res.json()
-    data.url = `/files${url}`
-
-    if (data.isDir) {
-      if (!data.url.endsWith('/')) data.url += '/'
-      data.items = data.items.map((item, index) => {
-        item.index = index
-        item.url = `${data.url}${encodeURIComponent(item.name)}`
-
-        if (item.isDir) {
-          item.url += '/'
-        }
-
-        return item
-      })
-    }
-
-    return data
-  } else {
-    throw new Error(res.status)
-  }
-}
-
-async function resourceAction (url, method, content) {
-  url = removePrefix(url)
-
-  let opts = { method }
-
-  if (content) {
-    opts.body = content
-  }
-
-  const res = await fetchURL(`/api/resources${url}`, opts)
-
-  if (res.status !== 200) {
-    throw new Error(await res.text())
-  } else {
-    return res
-  }
-}
-
-export async function remove (url) {
-  return resourceAction(url, 'DELETE')
-}
-
-export async function put (url, content = '') {
-  return resourceAction(url, 'PUT', content)
-}
-
-export function download (format, ...files) {
-  let url = store.getters['isSharing'] ? `${baseURL}/api/public/dl/${store.state.hash}` : `${baseURL}/api/raw`
-
-  if (files.length === 1) {
-    url += removePrefix(files[0]) + '?'
-  } else {
-    let arg = ''
-
-    for (let file of files) {
-      arg += removePrefix(file) + ','
-    }
-
-    arg = arg.substring(0, arg.length - 1)
-    arg = encodeURIComponent(arg)
-    url += `/?files=${arg}&`
-  }
-
-  if (format !== null) {
-    url += `algo=${format}&`
-  }
-  if (store.state.jwt !== ''){
-    url += `auth=${store.state.jwt}&`
-  }
-  if (store.state.token !== ''){
-    url += `token=${store.state.token}`
-  }
-
-  window.open(url)
-}
-
-export async function post (url, content = '', overwrite = false, onupload) {
-  url = removePrefix(url)
-
-  let bufferContent
-  if (content instanceof Blob && !['http:', 'https:'].includes(window.location.protocol)) {
-    bufferContent = await new Response(content).arrayBuffer()
-  }
-
-  return new Promise((resolve, reject) => {
-    let request = new XMLHttpRequest()
-    request.open('POST', `${baseURL}/api/resources${url}?override=${overwrite}`, true)
-    request.setRequestHeader('X-Auth', store.state.jwt)
-
-    if (typeof onupload === 'function') {
-      request.upload.onprogress = onupload
-    }
-
-    request.onload = () => {
-      if (request.status === 200) {
-        resolve(request.responseText)
-      } else if (request.status === 409) {
-        reject(request.status)
-      } else {
-        reject(request.responseText)
-      }
-    }
-
-    request.onerror = (error) => {
-      reject(error)
-    }
-
-    request.send(bufferContent || content)
-  })
-}
-
-function moveCopy (items, copy = false, overwrite = false, rename = false) {
-  let promises = []
-
-  for (let item of items) {
-    const from = item.from
-    const to = encodeURIComponent(removePrefix(item.to))
-    const url = `${from}?action=${copy ? 'copy' : 'rename'}&destination=${to}&override=${overwrite}&rename=${rename}`
-    promises.push(resourceAction(url, 'PATCH'))
-  }
-
-  return Promise.all(promises)
-}
-
-export function move (items, overwrite = false, rename = false) {
-  return moveCopy(items, false, overwrite, rename)
-}
-
-export function copy (items, overwrite = false, rename = false) {
-  return moveCopy(items, true, overwrite, rename)
-}
-
-export async function checksum (url, algo) {
-  const data = await resourceAction(`${url}?checksum=${algo}`, 'GET')
-  return (await data.json()).checksums[algo]
-}

frontend/src/api/files.ts

@@ -0,0 +1,230 @@
+import { useAuthStore } from "@/stores/auth";
+import { useLayoutStore } from "@/stores/layout";
+import { baseURL } from "@/utils/constants";
+import { upload as postTus, useTus } from "./tus";
+import { createURL, fetchURL, removePrefix, StatusError } from "./utils";
+
+export async function fetch(url: string, signal?: AbortSignal) {
+  url = removePrefix(url);
+  const res = await fetchURL(`/api/resources${url}`, { signal });
+
+  let data: Resource;
+  try {
+    data = (await res.json()) as Resource;
+  } catch (e) {
+    // Check if the error is an intentional cancellation
+    if (e instanceof Error && e.name === "AbortError") {
+      throw new StatusError("000 No connection", 0, true);
+    }
+    throw e;
+  }
+  data.url = `/files${url}`;
+
+  if (data.isDir) {
+    if (!data.url.endsWith("/")) data.url += "/";
+    // Perhaps change the any
+    data.items = data.items.map((item: any, index: any) => {
+      item.index = index;
+      item.url = `${data.url}${encodeURIComponent(item.name)}`;
+
+      if (item.isDir) {
+        item.url += "/";
+      }
+
+      return item;
+    });
+  }
+
+  return data;
+}
+
+async function resourceAction(url: string, method: ApiMethod, content?: any) {
+  url = removePrefix(url);
+
+  const opts: ApiOpts = {
+    method,
+  };
+
+  if (content) {
+    opts.body = content;
+  }
+
+  const res = await fetchURL(`/api/resources${url}`, opts);
+
+  return res;
+}
+
+export async function remove(url: string) {
+  return resourceAction(url, "DELETE");
+}
+
+export async function put(url: string, content = "") {
+  return resourceAction(url, "PUT", content);
+}
+
+export function download(format: any, ...files: string[]) {
+  let url = `${baseURL}/api/raw`;
+
+  if (files.length === 1) {
+    url += removePrefix(files[0]) + "?";
+  } else {
+    let arg = "";
+
+    for (const file of files) {
+      arg += removePrefix(file) + ",";
+    }
+
+    arg = arg.substring(0, arg.length - 1);
+    arg = encodeURIComponent(arg);
+    url += `/?files=${arg}&`;
+  }
+
+  if (format) {
+    url += `algo=${format}&`;
+  }
+
+  window.open(url);
+}
+
+export async function post(
+  url: string,
+  content: ApiContent = "",
+  overwrite = false,
+  onupload: any = () => {}
+) {
+  // Use the pre-existing API if:
+  const useResourcesApi =
+    // a folder is being created
+    url.endsWith("/") ||
+    // We're not using http(s)
+    (content instanceof Blob &&
+      !["http:", "https:"].includes(window.location.protocol)) ||
+    // Tus is disabled / not applicable
+    !(await useTus(content));
+  return useResourcesApi
+    ? postResources(url, content, overwrite, onupload)
+    : postTus(url, content, overwrite, onupload);
+}
+
+async function postResources(
+  url: string,
+  content: ApiContent = "",
+  overwrite = false,
+  onupload: any
+) {
+  url = removePrefix(url);
+
+  let bufferContent: ArrayBuffer;
+  if (
+    content instanceof Blob &&
+    !["http:", "https:"].includes(window.location.protocol)
+  ) {
+    bufferContent = await new Response(content).arrayBuffer();
+  }
+
+  const authStore = useAuthStore();
+  return new Promise((resolve, reject) => {
+    const request = new XMLHttpRequest();
+    request.open(
+      "POST",
+      `${baseURL}/api/resources${url}?override=${overwrite}`,
+      true
+    );
+    request.setRequestHeader("X-Auth", authStore.jwt);
+
+    if (typeof onupload === "function") {
+      request.upload.onprogress = onupload;
+    }
+
+    request.onload = () => {
+      if (request.status === 200) {
+        resolve(request.responseText);
+      } else if (request.status === 409) {
+        reject(request.status);
+      } else {
+        reject(request.responseText);
+      }
+    };
+
+    request.onerror = () => {
+      reject(new Error("001 Connection aborted"));
+    };
+
+    request.send(bufferContent || content);
+  });
+}
+
+function moveCopy(
+  items: any[],
+  copy = false,
+  overwrite = false,
+  rename = false
+) {
+  const layoutStore = useLayoutStore();
+  const promises = [];
+
+  for (const item of items) {
+    const from = item.from;
+    const to = encodeURIComponent(removePrefix(item.to ?? ""));
+    const url = `${from}?action=${
+      copy ? "copy" : "rename"
+    }&destination=${to}&override=${overwrite}&rename=${rename}`;
+    promises.push(resourceAction(url, "PATCH"));
+  }
+  layoutStore.closeHovers();
+  return Promise.all(promises);
+}
+
+export function move(items: any[], overwrite = false, rename = false) {
+  return moveCopy(items, false, overwrite, rename);
+}
+
+export function copy(items: any[], overwrite = false, rename = false) {
+  return moveCopy(items, true, overwrite, rename);
+}
+
+export async function checksum(url: string, algo: ChecksumAlg) {
+  const data = await resourceAction(`${url}?checksum=${algo}`, "GET");
+  return (await data.json()).checksums[algo];
+}
+
+export function getDownloadURL(file: ResourceItem, inline: any) {
+  const params = {
+    ...(inline && { inline: "true" }),
+  };
+
+  return createURL("api/raw" + file.path, params);
+}
+
+export function getPreviewURL(file: ResourceItem, size: string) {
+  const params = {
+    inline: "true",
+    key: Date.parse(file.modified),
+  };
+
+  return createURL("api/preview/" + size + file.path, params);
+}
+
+export function getSubtitlesURL(file: ResourceItem) {
+  const params = {
+    inline: "true",
+  };
+
+  return file.subtitles?.map((d) => createURL("api/subtitle" + d, params));
+}
+
+export async function usage(url: string, signal: AbortSignal) {
+  url = removePrefix(url);
+
+  const res = await fetchURL(`/api/usage${url}`, { signal });
+
+  try {
+    return await res.json();
+  } catch (e) {
+    // Check if the error is an intentional cancellation
+    if (e instanceof Error && e.name == "AbortError") {
+      throw new StatusError("000 No connection", 0, true);
+    }
+    throw e;
+  }
+}

frontend/src/api/index.js

@@ -1,15 +0,0 @@
-import * as files from './files'
-import * as share from './share'
-import * as users from './users'
-import * as settings from './settings'
-import search from './search'
-import commands from './commands'
-
-export {
-  files,
-  share,
-  users,
-  settings,
-  commands,
-  search
-}

frontend/src/api/index.ts

@@ -0,0 +1,9 @@
+import * as files from "./files";
+import * as share from "./share";
+import * as users from "./users";
+import * as settings from "./settings";
+import * as pub from "./pub";
+import search from "./search";
+import commands from "./commands";
+
+export { files, share, users, settings, pub, commands, search };

frontend/src/api/pub.ts

@@ -0,0 +1,75 @@
+import { fetchURL, removePrefix, createURL } from "./utils";
+import { baseURL } from "@/utils/constants";
+
+export async function fetch(url: string, password: string = "") {
+  url = removePrefix(url);
+
+  const res = await fetchURL(
+    `/api/public/share${url}`,
+    {
+      headers: { "X-SHARE-PASSWORD": encodeURIComponent(password) },
+    },
+    false
+  );
+
+  const data = (await res.json()) as Resource;
+  data.url = `/share${url}`;
+
+  if (data.isDir) {
+    if (!data.url.endsWith("/")) data.url += "/";
+    data.items = data.items.map((item: any, index: any) => {
+      item.index = index;
+      item.url = `${data.url}${encodeURIComponent(item.name)}`;
+
+      if (item.isDir) {
+        item.url += "/";
+      }
+
+      return item;
+    });
+  }
+
+  return data;
+}
+
+export function download(
+  format: DownloadFormat,
+  hash: string,
+  token: string,
+  ...files: string[]
+) {
+  let url = `${baseURL}/api/public/dl/${hash}`;
+
+  if (files.length === 1) {
+    url += encodeURIComponent(files[0]) + "?";
+  } else {
+    let arg = "";
+
+    for (const file of files) {
+      arg += encodeURIComponent(file) + ",";
+    }
+
+    arg = arg.substring(0, arg.length - 1);
+    arg = encodeURIComponent(arg);
+    url += `/?files=${arg}&`;
+  }
+
+  if (format) {
+    url += `algo=${format}&`;
+  }
+
+  if (token) {
+    url += `token=${token}&`;
+  }
+
+  window.open(url);
+}
+
+export function getDownloadURL(res: Resource, inline = false) {
+  const params = {
+    ...(inline && { inline: "true" }),
+    ...(res.token && { token: res.token }),
+  };
+
+  return createURL("api/public/dl/" + res.hash + res.path, params);
+}

frontend/src/api/search.js

@@ -1,31 +0,0 @@
-import { fetchURL, removePrefix } from './utils'
-import url from '../utils/url'
-
-export default async function search (base, query) {
-  base = removePrefix(base)
-  query = encodeURIComponent(query)
-
-  if (!base.endsWith('/')) {
-    base += '/'
-  }
-
-  let res = await fetchURL(`/api/search${base}?query=${query}`, {})
-
-  if (res.status === 200) {
-    let data = await res.json()
-
-    data = data.map((item) => {
-      item.url = `/files${base}` + url.encodePath(item.path)
-
-      if (item.dir) {
-        item.url += '/'
-      }
-
-      return item
-    })
-
-    return data
-  } else {
-    throw Error(res.status)
-  }
-}

frontend/src/api/search.ts

@@ -0,0 +1,27 @@
+import { fetchURL, removePrefix } from "./utils";
+import url from "../utils/url";
+
+export default async function search(base: string, query: string) {
+  base = removePrefix(base);
+  query = encodeURIComponent(query);
+
+  if (!base.endsWith("/")) {
+    base += "/";
+  }
+
+  const res = await fetchURL(`/api/search${base}?query=${query}`, {});
+
+  let data = await res.json();
+
+  data = data.map((item: UploadItem) => {
+    item.url = `/files${base}` + url.encodePath(item.path);
+
+    if (item.dir) {
+      item.url += "/";
+    }
+
+    return item;
+  });
+
+  return data;
+}

frontend/src/api/settings.js

@@ -1,16 +0,0 @@
-import { fetchURL, fetchJSON } from './utils'
-
-export function get () {
-  return fetchJSON(`/api/settings`, {})
-}
-
-export async function update (settings) {
-  const res = await fetchURL(`/api/settings`, {
-    method: 'PUT',
-    body: JSON.stringify(settings)
-  })
-
-  if (res.status !== 200) {
-    throw new Error(res.status)
-  }
-}

frontend/src/api/settings.ts

@@ -0,0 +1,12 @@
+import { fetchURL, fetchJSON } from "./utils";
+
+export function get() {
+  return fetchJSON<ISettings>(`/api/settings`, {});
+}
+
+export async function update(settings: ISettings) {
+  await fetchURL(`/api/settings`, {
+    method: "PUT",
+    body: JSON.stringify(settings),
+  });
+}

frontend/src/api/share.js

@@ -1,42 +0,0 @@
-import { fetchURL, fetchJSON, removePrefix } from './utils'
-
-export async function list() {
-  return fetchJSON('/api/shares')
-}
-
-export async function getHash(hash, password = "") {
-  return fetchJSON(`/api/public/share/${hash}`, {
-    headers: {'X-SHARE-PASSWORD': password},
-  })
-}
-
-export async function get(url) {
-  url = removePrefix(url)
-  return fetchJSON(`/api/share${url}`)
-}
-
-export async function remove(hash) {
-  const res = await fetchURL(`/api/share/${hash}`, {
-    method: 'DELETE'
-  })
-
-  if (res.status !== 200) {
-    throw new Error(res.status)
-  }
-}
-
-export async function create(url, password = '', expires = '', unit = 'hours') {
-  url = removePrefix(url)
-  url = `/api/share${url}`
-  if (expires !== '') {
-    url += `?expires=${expires}&unit=${unit}`
-  }
-  let body = '{}';
-  if (password != '' || expires !== '' || unit !== 'hours') {
-    body = JSON.stringify({password: password, expires: expires, unit: unit})
-  }
-  return fetchJSON(url, {
-    method: 'POST',
-    body: body,
-  })
-}

frontend/src/api/share.ts

@@ -0,0 +1,45 @@
+import { fetchURL, fetchJSON, removePrefix, createURL } from "./utils";
+
+export async function list() {
+  return fetchJSON<Share[]>("/api/shares");
+}
+
+export async function get(url: string) {
+  url = removePrefix(url);
+  return fetchJSON<Share>(`/api/share${url}`);
+}
+
+export async function remove(hash: string) {
+  await fetchURL(`/api/share/${hash}`, {
+    method: "DELETE",
+  });
+}
+
+export async function create(
+  url: string,
+  password = "",
+  expires = "",
+  unit = "hours"
+) {
+  url = removePrefix(url);
+  url = `/api/share${url}`;
+  if (expires !== "") {
+    url += `?expires=${expires}&unit=${unit}`;
+  }
+  let body = "{}";
+  if (password != "" || expires !== "" || unit !== "hours") {
+    body = JSON.stringify({
+      password: password,
+      expires: expires.toString(), // backend expects string not number
+      unit: unit,
+    });
+  }
+  return fetchJSON(url, {
+    method: "POST",
+    body: body,
+  });
+}
+
+export function getShareURL(share: Share) {
+  return createURL("share/" + share.hash, {});
+}

frontend/src/api/tus.ts

@@ -0,0 +1,213 @@
+import * as tus from "tus-js-client";
+import { baseURL, tusEndpoint, tusSettings } from "@/utils/constants";
+import { useAuthStore } from "@/stores/auth";
+import { useUploadStore } from "@/stores/upload";
+import { removePrefix } from "@/api/utils";
+import { fetchURL } from "./utils";
+
+const RETRY_BASE_DELAY = 1000;
+const RETRY_MAX_DELAY = 20000;
+const SPEED_UPDATE_INTERVAL = 1000;
+const ALPHA = 0.2;
+const ONE_MINUS_ALPHA = 1 - ALPHA;
+const RECENT_SPEEDS_LIMIT = 5;
+const MB_DIVISOR = 1024 * 1024;
+const CURRENT_UPLOAD_LIST: CurrentUploadList = {};
+
+export async function upload(
+  filePath: string,
+  content: ApiContent = "",
+  overwrite = false,
+  onupload: any
+) {
+  if (!tusSettings) {
+    // Shouldn't happen as we check for tus support before calling this function
+    throw new Error("Tus.io settings are not defined");
+  }
+
+  filePath = removePrefix(filePath);
+  const resourcePath = `${tusEndpoint}${filePath}?override=${overwrite}`;
+
+  await createUpload(resourcePath);
+
+  const authStore = useAuthStore();
+
+  // Exit early because of typescript, tus content can't be a string
+  if (content === "") {
+    return false;
+  }
+  return new Promise<void | string>((resolve, reject) => {
+    const upload = new tus.Upload(content, {
+      uploadUrl: `${baseURL}${resourcePath}`,
+      chunkSize: tusSettings.chunkSize,
+      retryDelays: computeRetryDelays(tusSettings),
+      parallelUploads: 1,
+      storeFingerprintForResuming: false,
+      headers: {
+        "X-Auth": authStore.jwt,
+      },
+      onError: function (error) {
+        if (CURRENT_UPLOAD_LIST[filePath].interval) {
+          clearInterval(CURRENT_UPLOAD_LIST[filePath].interval);
+        }
+        delete CURRENT_UPLOAD_LIST[filePath];
+        reject(new Error(`Upload failed: ${error.message}`));
+      },
+      onProgress: function (bytesUploaded) {
+        const fileData = CURRENT_UPLOAD_LIST[filePath];
+        fileData.currentBytesUploaded = bytesUploaded;
+
+        if (!fileData.hasStarted) {
+          fileData.hasStarted = true;
+          fileData.lastProgressTimestamp = Date.now();
+
+          fileData.interval = window.setInterval(() => {
+            calcProgress(filePath);
+          }, SPEED_UPDATE_INTERVAL);
+        }
+        if (typeof onupload === "function") {
+          onupload({ loaded: bytesUploaded });
+        }
+      },
+      onSuccess: function () {
+        if (CURRENT_UPLOAD_LIST[filePath].interval) {
+          clearInterval(CURRENT_UPLOAD_LIST[filePath].interval);
+        }
+        delete CURRENT_UPLOAD_LIST[filePath];
+        resolve();
+      },
+    });
+    CURRENT_UPLOAD_LIST[filePath] = {
+      upload: upload,
+      recentSpeeds: [],
+      initialBytesUploaded: 0,
+      currentBytesUploaded: 0,
+      currentAverageSpeed: 0,
+      lastProgressTimestamp: null,
+      sumOfRecentSpeeds: 0,
+      hasStarted: false,
+      interval: undefined,
+    };
+    upload.start();
+  });
+}
+
+async function createUpload(resourcePath: string) {
+  const headResp = await fetchURL(resourcePath, {
+    method: "POST",
+  });
+  if (headResp.status !== 201) {
+    throw new Error(
+      `Failed to create an upload: ${headResp.status} ${headResp.statusText}`
+    );
+  }
+}
+
+function computeRetryDelays(tusSettings: TusSettings): number[] | undefined {
+  if (!tusSettings.retryCount || tusSettings.retryCount < 1) {
+    // Disable retries altogether
+    return undefined;
+  }
+  // The tus client expects our retries as an array with computed backoffs
+  // E.g.: [0, 3000, 5000, 10000, 20000]
+  const retryDelays = [];
+  let delay = 0;
+
+  for (let i = 0; i < tusSettings.retryCount; i++) {
+    retryDelays.push(Math.min(delay, RETRY_MAX_DELAY));
+    delay =
+      delay === 0 ? RETRY_BASE_DELAY : Math.min(delay * 2, RETRY_MAX_DELAY);
+  }
+
+  return retryDelays;
+}
+
+export async function useTus(content: ApiContent) {
+  return isTusSupported() && content instanceof Blob;
+}
+
+function isTusSupported() {
+  return tus.isSupported === true;
+}
+
+function computeETA(state: ETAState, speed?: number) {
+  if (state.speedMbyte === 0) {
+    return Infinity;
+  }
+  const totalSize = state.sizes.reduce(
+    (acc: number, size: number) => acc + size,
+    0
+  );
+  const uploadedSize = state.progress.reduce(
+    (acc: number, progress: Progress) => {
+      if (typeof progress === "number") {
+        return acc + progress;
+      }
+      return acc;
+    },
+    0
+  );
+  const remainingSize = totalSize - uploadedSize;
+  const speedBytesPerSecond = (speed ?? state.speedMbyte) * 1024 * 1024;
+  return remainingSize / speedBytesPerSecond;
+}
+
+function computeGlobalSpeedAndETA() {
+  const uploadStore = useUploadStore();
+  let totalSpeed = 0;
+  let totalCount = 0;
+
+  for (const filePath in CURRENT_UPLOAD_LIST) {
+    totalSpeed += CURRENT_UPLOAD_LIST[filePath].currentAverageSpeed;
+    totalCount++;
+  }
+
+  if (totalCount === 0) return { speed: 0, eta: Infinity };
+
+  const averageSpeed = totalSpeed / totalCount;
+  const averageETA = computeETA(uploadStore, averageSpeed);
+
+  return { speed: averageSpeed, eta: averageETA };
+}
+
+function calcProgress(filePath: string) {
+  const uploadStore = useUploadStore();
+  const fileData = CURRENT_UPLOAD_LIST[filePath];
+
+  const elapsedTime =
+    (Date.now() - (fileData.lastProgressTimestamp ?? 0)) / 1000;
+  const bytesSinceLastUpdate =
+    fileData.currentBytesUploaded - fileData.initialBytesUploaded;
+  const currentSpeed = bytesSinceLastUpdate / MB_DIVISOR / elapsedTime;
+
+  if (fileData.recentSpeeds.length >= RECENT_SPEEDS_LIMIT) {
+    fileData.sumOfRecentSpeeds -= fileData.recentSpeeds.shift() ?? 0;
+  }
+
+  fileData.recentSpeeds.push(currentSpeed);
+  fileData.sumOfRecentSpeeds += currentSpeed;
+
+  const avgRecentSpeed =
+    fileData.sumOfRecentSpeeds / fileData.recentSpeeds.length;
+  fileData.currentAverageSpeed =
+    ALPHA * avgRecentSpeed + ONE_MINUS_ALPHA * fileData.currentAverageSpeed;
+
+  const { speed, eta } = computeGlobalSpeedAndETA();
+  uploadStore.setUploadSpeed(speed);
+  uploadStore.setETA(eta);
+
+  fileData.initialBytesUploaded = fileData.currentBytesUploaded;
+  fileData.lastProgressTimestamp = Date.now();
+}
+
+export function abortAllUploads() {
+  for (const filePath in CURRENT_UPLOAD_LIST) {
+    if (CURRENT_UPLOAD_LIST[filePath].interval) {
+      clearInterval(CURRENT_UPLOAD_LIST[filePath].interval);
+    }
+    if (CURRENT_UPLOAD_LIST[filePath].upload) {
+      CURRENT_UPLOAD_LIST[filePath].upload.abort(true);
+    }
+    delete CURRENT_UPLOAD_LIST[filePath];
+  }
+}