Add dependencies (ffmpeg) to Dockerfile

feat(metadata): add top Apply & Add Field UI, beautify table; preserve existing tags; skip empty values; hide APIC; capture ffmpeg stderr; stable column widths; fix title capitalization; add EN/FR translations
Add native MP3 metadata writer and prefer it over ffmpeg for .mp3 files
2026-01-28 14:25:55 +01:00 · 2026-01-28 14:09:06 +01:00 · 2026-01-27 15:37:27 +01:00 · 2026-01-27 09:14:11 +01:00 · 2026-01-26 14:52:46 +01:00 · 2026-01-24 14:51:03 +01:00
279 changed files with 20089 additions and 9954 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,5 +1 @@
-# These owners will be the default owners for everything in the repo.
+* @filebrowser/maintainers
 # Unless a later match takes precedence, @o1egl will be requested for
 # review when someone opens a pull request.
 *       @o1egl @hacdias
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -1,6 +1,6 @@
 name: Bug Report
 description: Report a bug in FileBrowser.
-labels: [bug, triage]
+labels: [bug, 'waiting: triage']
 body:
  - type: checkboxes
    attributes:
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -0,0 +1,115 @@
 name: Continuous Integration
 on:
  push:
    branches:
      - "master"
    tags:
      - "v*"
  pull_request:
 jobs:
  lint-frontend:
    name: Lint Frontend
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - uses: pnpm/action-setup@v4
        with:
          package_json_file: "frontend/package.json"
      - uses: actions/setup-node@v6
        with:
          node-version: "24.x"
          cache: "pnpm"
          cache-dependency-path: "frontend/pnpm-lock.yaml"
      - working-directory: frontend
        run: |
          pnpm install --frozen-lockfile
          pnpm run lint
  lint-backend:
    name: Lint Backend
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-go@v6
        with:
          go-version: "1.25.x"
      - uses: golangci/golangci-lint-action@v9
        with:
          version: "latest"
  test:
    name: Test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-go@v6
        with:
          go-version: "1.25.x"
      - run: go test --race ./...
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - uses: actions/setup-go@v6
        with:
          go-version: '1.25'
      - uses: pnpm/action-setup@v4
        with:
          package_json_file: "frontend/package.json"
      - uses: actions/setup-node@v6
        with:
          node-version: "24.x"
          cache: "pnpm"
          cache-dependency-path: "frontend/pnpm-lock.yaml"
      - name: Install Task
        uses: go-task/setup-task@v1
      - run: task build
  release:
    name: Release
    needs: ["lint-frontend", "lint-backend", "test", "build"]
    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - uses: actions/setup-go@v6
        with:
          go-version: '1.25'
      - uses: pnpm/action-setup@v4
        with:
          package_json_file: "frontend/package.json"
      - uses: actions/setup-node@v6
        with:
          node-version: "24.x"
          cache: "pnpm"
          cache-dependency-path: "frontend/pnpm-lock.yaml"
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Install Task
        uses: go-task/setup-task@v1
      - run: task build:frontend
      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v6
        with:
          version: latest
          args: release --clean
        env:
          GITHUB_TOKEN: ${{ secrets.GH_PAT }}
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -0,0 +1,52 @@
 name: Docs
 on:
  pull_request:
    paths:
      - 'www'
      - '*.md'
  push:
    branches:
      - master
 jobs:
  build:
    name: Build Docs
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v6
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Install Task
        uses: go-task/setup-task@v1
      - name: Build site
        run: task docs
  build-and-release:
    if: github.event_name == 'push' && github.ref == 'refs/heads/master'
    name: Build and Release Docs
    permissions:
      pages: write
      id-token: write
    environment:
      name: github-pages
      url: ${{ steps.deployment.outputs.page_url }}
    runs-on: ubuntu-latest
    timeout-minutes: 5
    steps:
      - name: Checkout
        uses: actions/checkout@v6
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Install Task
        uses: go-task/setup-task@v1
      - name: Build site
        run: task docs
      - name: Upload static files as artifact
        uses: actions/upload-pages-artifact@v4
        with:
          path: www/public
      - name: Deploy to GitHub Pages
        uses: actions/deploy-pages@v4
--- a/.github/workflows/lint-pr.yaml
+++ b/.github/workflows/lint-pr.yaml
@@ -13,10 +13,10 @@ permissions:
 jobs:
  main:
-    name: Validate PR title
+    name: Validate Title
    runs-on: ubuntu-latest
    steps:
-      - uses: amannn/action-semantic-pull-request@v5
+      - uses: amannn/action-semantic-pull-request@v6
        id: lint_pr_title
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -43,4 +43,4 @@ jobs:
        uses: marocchino/sticky-pull-request-comment@v2
        with:
          header: pr-title-lint-error
-          delete: true
+          delete: true
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -1,105 +0,0 @@
 name: main
 on:
  push:
    branches:
      - "master"
    tags:
      - "v*"
  pull_request:
 jobs:
  # linters
  lint-frontend:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
        with:
          package_json_file: "frontend/package.json"
      - uses: actions/setup-node@v4
        with:
          node-version: "22.x"
          cache: "pnpm"
          cache-dependency-path: "frontend/pnpm-lock.yaml"
      - run: make lint-frontend
  lint-backend:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: 1.23.0
      - run: make lint-backend
  lint:
    runs-on: ubuntu-latest
    needs: [lint-frontend, lint-backend]
    steps:
      - run: echo "done"
  # tests
  test-frontend:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
        with:
          package_json_file: "frontend/package.json"
      - uses: actions/setup-node@v4
        with:
          node-version: "22.x"
          cache: "pnpm"
          cache-dependency-path: "frontend/pnpm-lock.yaml"
      - run: make test-frontend
  test-backend:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: 1.23.0
      - run: make test-backend
  test:
    runs-on: ubuntu-latest
    needs: [test-frontend, test-backend]
    steps:
      - run: echo "done"
  # release
  release:
    runs-on: ubuntu-latest
    needs: [lint, test]
    if: startsWith(github.event.ref, 'refs/tags/v')
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - uses: actions/setup-go@v5
        with:
          go-version: 1.23.0
      - uses: pnpm/action-setup@v4
        with:
          package_json_file: "frontend/package.json"
      - uses: actions/setup-node@v4
        with:
          node-version: "22.x"
          cache: "pnpm"
          cache-dependency-path: "frontend/pnpm-lock.yaml"
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Build frontend
        run: make build-frontend
      - name: Login to Docker Hub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v2
        with:
          version: latest
          args: release --clean
        env:
          GITHUB_TOKEN: ${{ secrets.GH_PAT }}
--- a/.github/workflows/site-pr.yml
+++ b/.github/workflows/site-pr.yml
@@ -1,20 +0,0 @@
 name: Build Site
 on:
  pull_request:
    paths:
      - 'www'
      - '*.md'
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      - name: Build site
        run: make site
--- a/.github/workflows/site-publish.yml
+++ b/.github/workflows/site-publish.yml
@@ -1,32 +0,0 @@
 name: Build and Deploy Site
 on:
  push:
    branches:
      - master
 jobs:
  deploy:
    permissions:
      contents: read
      deployments: write
      pull-requests: write
    runs-on: ubuntu-latest
    timeout-minutes: 5
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      - name: Build site
        run: make site
      - name: Deploy to Cloudflare Pages
        uses: cloudflare/wrangler-action@v3
        with:
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
          command: pages deploy www/public --project-name=${{ secrets.CLOUDFLARE_PROJECT_NAME }}
          gitHubToken: ${{ secrets.GITHUB_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@@ -35,10 +35,14 @@ build/
 /frontend/dist/*
 !/frontend/dist/.gitkeep
 # Playwright files
 /frontend/test-results/
 /frontend/playwright-report/
 /frontend/playwright/.cache/
 default.nix
 Dockerfile.dev
 filebrowser.log
 filebrowser.pid
 frontend-dev.log
 frontend.pid
 SWAG.mp3
 test/M5.flac
 test/MALIBU.flac
 test/SWAG.mp3
 test
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,132 +1,14 @@
 version: "2"
 linters:
-  # inverted configuration with `default: all` and `disable` is not scalable during updates of golangci-lint
+  default: standard
  default: none
  enable:
    - bodyclose
    - dogsled
    - dupl
    - errcheck
    - errorlint
    - exhaustive
    - funlen
    - gocheckcompilerdirectives
    - gochecknoinits
    - gocritic
    - gocyclo
    - godox
    - goprintffuncname
    - gosec
    - govet
    - ineffassign
    - lll
    - misspell
    - mnd
    - nakedret
    - nolintlint
    - prealloc
    - revive
    - rowserrcheck
    - staticcheck
    - testifylint
    - unconvert
    - unparam
    - unused
    - whitespace
  settings:
    dupl:
      threshold: 100
    exhaustive:
      default-signifies-exhaustive: false
    funlen:
      lines: 100
      statements: 50
    gocritic:
      disabled-checks:
        - dupImport # https://github.com/go-critic/go-critic/issues/845
        - ifElseChain
        - octalLiteral
        - whyNoLint
        - wrapperFunc
      enabled-tags:
        - diagnostic
        - experimental
        - opinionated
        - performance
        - style
    gocyclo:
      min-complexity: 15
    govet:
      enable:
        - nilness
        - shadow
    lll:
      line-length: 140
    misspell:
      locale: US
    mnd:
      # don't include the "operation" and "assign"
      checks:
        - argument
        - case
        - condition
        - return
      ignored-numbers:
        - "0"
        - "1"
        - "2"
        - "3"
        - "0666"
        - "0700"
        - "0700"
      ignored-functions:
        - strings.SplitN
        - make
    nolintlint:
      allow-unused: false # report any unused nolint directives
      require-explanation: false # require an explanation for nolint directives
      require-specific: true # require nolint directives to be specific about which linter is being skipped
    staticcheck:
      checks:
        - "all"
        - "-QF*"
  exclusions:
    generated: lax
    presets:
      - comments
      - common-false-positives
      - legacy
      - std-error-handling
-    rules:
+      - comments
      - linters:
          - gochecknoinits
        path: cmd/.*.go
      - linters:
          - dupl
          - funlen
          - gochecknoinits
          - gocyclo
          - lll
          - scopelint
        path: .*_test.go
      - linters:
          - misspell
        text: "[aA]uther"
      - linters:
          - mnd
        text: strconv.Parse
    paths:
      - frontend/
 formatters:
  enable:
    - goimports
  settings:
    goimports:
      local-prefixes:
        - github.com/filebrowser/filebrowser
  exclusions:
    generated: lax
    paths:
      - frontend/
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -17,6 +17,7 @@ builds:
      - linux
      - windows
      - freebsd
      - openbsd
    goarch:
      - amd64
      - "386"
@@ -30,6 +31,12 @@ builds:
    ignore:
      - goos: darwin
        goarch: "386"
      # Experimental, may not work properly
      - goos: openbsd
        goarch: riscv64
      # Broken as of Go 1.24, deprecated as of Go 1.26
      - goos: windows
        goarch: arm
      - goos: freebsd
        goarch: arm
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,516 @@
 # Changelog
-All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 ## [2.56.0](https://github.com/filebrowser/filebrowser/compare/v2.55.0...v2.56.0) (2026-01-24)
 ### Features
 * Updates for project File Browser ([#5698](https://github.com/filebrowser/filebrowser/issues/5698)) ([f0f2f1f](https://github.com/filebrowser/filebrowser/commit/f0f2f1ff069aae566d8bf25ec275da59f29a96bc))
 ### Bug Fixes
 * adjust columns of the table from the "users ls" command ([#5716](https://github.com/filebrowser/filebrowser/issues/5716)) ([3032a1f](https://github.com/filebrowser/filebrowser/commit/3032a1fade43737c51c49b5ccda34f336394c2ed))
 * avoid clearing selection when clicking elements outside the empty area ([#5715](https://github.com/filebrowser/filebrowser/issues/5715)) ([004488c](https://github.com/filebrowser/filebrowser/commit/004488c15b3c30784e1ea564b3ca9feec7bcad08))
 ## [2.55.0](https://github.com/filebrowser/filebrowser/compare/v2.54.0...v2.55.0) (2026-01-18)
 ### Features
 * added cut, copy, paste and show command palette functions in header ([#5648](https://github.com/filebrowser/filebrowser/issues/5648)) ([785b7ab](https://github.com/filebrowser/filebrowser/commit/785b7abb7ba7a86cc0deae1052c319ff714c222c))
 * update translations ([#5677](https://github.com/filebrowser/filebrowser/issues/5677)) ([e7ea1ad](https://github.com/filebrowser/filebrowser/commit/e7ea1ad27d3d17e249489d3338be40bfea15e2a1))
 ### Bug Fixes
 * prevent context menu clicks from clearing file selection ([#5681](https://github.com/filebrowser/filebrowser/issues/5681)) ([59ca0c3](https://github.com/filebrowser/filebrowser/commit/59ca0c340afc7774747c70ede9a5a5a3c9349d6b))
 * request current password when deleting users ([#5667](https://github.com/filebrowser/filebrowser/issues/5667)) ([cfa6c58](https://github.com/filebrowser/filebrowser/commit/cfa6c5864e5e7673aa9f3180e4964e0db92cc4da))
 * retain file selection when closing the editor ([#5693](https://github.com/filebrowser/filebrowser/issues/5693)) ([4094fb3](https://github.com/filebrowser/filebrowser/commit/4094fb359babac70e88d0ed4bfe3bd100744aad6))
 ## [2.54.0](https://github.com/filebrowser/filebrowser/compare/v2.53.1...v2.54.0) (2026-01-10)
 ### Features
 * add "redirect after copy/move" user setting ([#5662](https://github.com/filebrowser/filebrowser/issues/5662)) ([fda8a99](https://github.com/filebrowser/filebrowser/commit/fda8a992929b1466e75fb2813f2c4e293c12d244))
 * force file sync while uploading file ([#5668](https://github.com/filebrowser/filebrowser/issues/5668)) ([4fd18a3](https://github.com/filebrowser/filebrowser/commit/4fd18a382c31bbe7059d6733ffa371e70051865b))
 * update translations ([#5659](https://github.com/filebrowser/filebrowser/issues/5659)) ([464b581](https://github.com/filebrowser/filebrowser/commit/464b581953139c17e3276b774e381e4052827125))
 ### Bug Fixes
 * clear selection by clicking on empty area ([#5663](https://github.com/filebrowser/filebrowser/issues/5663)) ([208535a](https://github.com/filebrowser/filebrowser/commit/208535a8cc23254de0013dfab9008486707ee6c2))
 * hide "change password form" in noauth setting ([#5652](https://github.com/filebrowser/filebrowser/issues/5652)) ([219582c](https://github.com/filebrowser/filebrowser/commit/219582c0b03fd90979b1d1398dba7919d086a23f))
 ## [2.53.1](https://github.com/filebrowser/filebrowser/compare/v2.53.0...v2.53.1) (2026-01-03)
 ### Bug Fixes
 * download path encoding file paths ([#5655](https://github.com/filebrowser/filebrowser/issues/5655)) ([ffa893e](https://github.com/filebrowser/filebrowser/commit/ffa893e9ac387a49dba5917a41df7c3b7ce120fc))
 * request a password to change sensitive user data ([#5629](https://github.com/filebrowser/filebrowser/issues/5629)) ([b8151a0](https://github.com/filebrowser/filebrowser/commit/b8151a038a1ea55afae8073b439b74e364cac12f))
 ## [2.53.0](https://github.com/filebrowser/filebrowser/compare/v2.52.0...v2.53.0) (2025-12-29)
 ### Features
 * add "disable image resolution calculation" flag ([#5638](https://github.com/filebrowser/filebrowser/issues/5638)) ([a2d80c6](https://github.com/filebrowser/filebrowser/commit/a2d80c62c1c17962e566f68fb7cac6960ed3e4cb))
 * support streaming response for search results ([#5630](https://github.com/filebrowser/filebrowser/issues/5630)) ([20bfd13](https://github.com/filebrowser/filebrowser/commit/20bfd131c6a4fca48a645b52171c2d1cc3ce92b7))
 * update translations ([a12a612](https://github.com/filebrowser/filebrowser/commit/a12a612970d6cc3dfbca1b35ef3a60a887a4effb))
 * update translations ([#5626](https://github.com/filebrowser/filebrowser/issues/5626)) ([f899756](https://github.com/filebrowser/filebrowser/commit/f89975603e29b9f1fc05aec58afb42bbd56ed696))
 * update translations ([#5631](https://github.com/filebrowser/filebrowser/issues/5631)) ([032d6c7](https://github.com/filebrowser/filebrowser/commit/032d6c7520a64686c9d9b1218562256f629b4703))
 ### Bug Fixes
 * conversion of backslashes in file paths for archive creation ([#5637](https://github.com/filebrowser/filebrowser/issues/5637)) ([9595f39](https://github.com/filebrowser/filebrowser/commit/9595f3939c1c129ed875a47adcc4fbcfad9a0e65))
 * Don't crash on invalid config import ([#5640](https://github.com/filebrowser/filebrowser/issues/5640)) ([79d1aa9](https://github.com/filebrowser/filebrowser/commit/79d1aa9229b076ee8e3b71d6cf061fc90738f4da))
 * fix nil deref in config set command ([#5641](https://github.com/filebrowser/filebrowser/issues/5641)) ([60b1ee8](https://github.com/filebrowser/filebrowser/commit/60b1ee8bb9e18b21d7f2c04cb1cc90046cecd3e1))
 ## [2.52.0](https://github.com/filebrowser/filebrowser/compare/v2.51.2...v2.52.0) (2025-12-13)
 ### Features
 * sync translations with Transifex ([7fa3432](https://github.com/filebrowser/filebrowser/commit/7fa3432f25610bbb55a718bc709b9a7bf41d92f0))
 * update translations ([#5615](https://github.com/filebrowser/filebrowser/issues/5615)) ([3fdca6d](https://github.com/filebrowser/filebrowser/commit/3fdca6dfd9a18c3f4895b4ef3cbd216824dbb57a))
 ### Bug Fixes
 * display the directory name in the shared folder view ([#5617](https://github.com/filebrowser/filebrowser/issues/5617)) ([6d4c867](https://github.com/filebrowser/filebrowser/commit/6d4c86767239dad4f09f30f48678f2f3a716eb12))
 * hide the context menu when changing the route ([#5613](https://github.com/filebrowser/filebrowser/issues/5613)) ([cf96657](https://github.com/filebrowser/filebrowser/commit/cf966578d8c6beab111b74f495bac6bdec173f41))
 ## [2.51.2](https://github.com/filebrowser/filebrowser/compare/v2.51.1...v2.51.2) (2025-12-07)
 ### Bug Fixes
 * **frontend:** add missing i18n strings ([c171599](https://github.com/filebrowser/filebrowser/commit/c1715992bda46517f801c1aa496df8a3b42a4e4d))
 ## [2.51.1](https://github.com/filebrowser/filebrowser/compare/v2.51.0...v2.51.1) (2025-12-07)
 ### Bug Fixes
 * **frontend:** csv viewer i18n strings ([4cbb4b7](https://github.com/filebrowser/filebrowser/commit/4cbb4b73af816104475f15c1d996640b56203602))
 * prevent the right-click from selecting multiple items when the "single-click" option is active ([#5608](https://github.com/filebrowser/filebrowser/issues/5608)) ([152f830](https://github.com/filebrowser/filebrowser/commit/152f8302f7cda21bde37692b175c22c124233f45))
 ## [2.51.0](https://github.com/filebrowser/filebrowser/compare/v2.50.0...v2.51.0) (2025-12-06)
 ### Features
 * update translations ([2d88c06](https://github.com/filebrowser/filebrowser/commit/2d88c067611e936056dbbf04247f1c1c709b2a09))
 ### Bug Fixes
 * added column separator select (comma, semicolon and both) in CSV viewer ([#5604](https://github.com/filebrowser/filebrowser/issues/5604)) ([204a3f0](https://github.com/filebrowser/filebrowser/commit/204a3f0eeaa0c68781b60651bf27c4b27eac44e6))
 ### Refactorings
 * cleanup package names ([#5605](https://github.com/filebrowser/filebrowser/issues/5605)) ([f029c30](https://github.com/filebrowser/filebrowser/commit/f029c3005e450cfbebb074c42dbdf65db9c8d56a))
 ## [2.50.0](https://github.com/filebrowser/filebrowser/compare/v2.49.0...v2.50.0) (2025-11-30)
 ### Features
 * configurable logout page URL for proxy/hook auth ([#3884](https://github.com/filebrowser/filebrowser/issues/3884)) ([b9ac45d](https://github.com/filebrowser/filebrowser/commit/b9ac45d5dac4b4eb2ba364629090fbf306cffd2b))
 * render CSVs as table ([#5569](https://github.com/filebrowser/filebrowser/issues/5569)) ([982405e](https://github.com/filebrowser/filebrowser/commit/982405ec944f94baf43594b0ed2f06329ff4e9ed))
 * update frontend/src/i18n/hr.json ([279a5cc](https://github.com/filebrowser/filebrowser/commit/279a5ccd1e8d7bde4568b63cb3c506af48b6c618))
 * update translations ([78e0395](https://github.com/filebrowser/filebrowser/commit/78e039596070a3a9e643a693cc99960c69dcfe92))
 ### Bug Fixes
 * do not close editor if save failed ([701522a](https://github.com/filebrowser/filebrowser/commit/701522a0600cfa542469540ed764630c0ba1a732)), closes [#5591](https://github.com/filebrowser/filebrowser/issues/5591)
 ## [2.49.0](https://github.com/filebrowser/filebrowser/compare/v2.48.2...v2.49.0) (2025-11-22)
 ### Features
 * add "copy download link to clipboard" button to Share prompt ([#5173](https://github.com/filebrowser/filebrowser/issues/5173)) ([d48f566](https://github.com/filebrowser/filebrowser/commit/d48f5665d6975c4cbbdf9be20dc2e0106db02f01))
 * add Bulgarian language ([8db2411](https://github.com/filebrowser/filebrowser/commit/8db2411cd43a23ae3292a817e3524cfdb5ae9b86))
 * Updates for project File Browser ([#5566](https://github.com/filebrowser/filebrowser/issues/5566)) ([54306bd](https://github.com/filebrowser/filebrowser/commit/54306bdc8700fac489326ae81e28ac5db0580d13))
 ### Bug Fixes
 * display friendly error message for password validation on signup ([#5563](https://github.com/filebrowser/filebrowser/issues/5563)) ([6d5aa35](https://github.com/filebrowser/filebrowser/commit/6d5aa355e433d613e5a3ae137f410c63baeddf0f))
 ## [2.48.2](https://github.com/filebrowser/filebrowser/compare/v2.48.1...v2.48.2) (2025-11-18)
 ### Bug Fixes
 * add transitionary support for FB_BASEURL ([984ea7b](https://github.com/filebrowser/filebrowser/commit/984ea7b569e3bd33b6f91ebdf63684a618d51e94))
 ### Refactorings
 * rename python for clarification ([fd7b70c](https://github.com/filebrowser/filebrowser/commit/fd7b70cf38ac67c8c9ff79f2e7fde5e2ec45a1de))
 ## [2.48.1](https://github.com/filebrowser/filebrowser/compare/v2.48.0...v2.48.1) (2025-11-17)
 ### Bug Fixes
 * options should only override if set ([420adea](https://github.com/filebrowser/filebrowser/commit/420adea7e61a1c182cddd6fb2544a0752e5709f7))
 ## [2.48.0](https://github.com/filebrowser/filebrowser/compare/v2.47.0...v2.48.0) (2025-11-17)
 ### Features
 * consistent flags and environment variables ([#5549](https://github.com/filebrowser/filebrowser/issues/5549)) ([0a0cb80](https://github.com/filebrowser/filebrowser/commit/0a0cb8046fce52f1ff926171b34bcdb7cd39aab3))
 ### Bug Fixes
 * add tokenExpirationTime to `config init` and troubleshoot docs ([#5546](https://github.com/filebrowser/filebrowser/issues/5546)) ([8c5dc76](https://github.com/filebrowser/filebrowser/commit/8c5dc7641e6f8aadd9e5d5d3b25a2ad9f1ec9a1e))
 * use all available flags in quick setup ([f41585f](https://github.com/filebrowser/filebrowser/commit/f41585f0392d65c08c01ab65b62d3eeb04c03b7d))
 ### Refactorings
 * reuse logic for config init and set ([89be0b1](https://github.com/filebrowser/filebrowser/commit/89be0b1873527987dd2dddac746e93b8bc684d46))
 ## [2.47.0](https://github.com/filebrowser/filebrowser/compare/v2.46.1...v2.47.0) (2025-11-16)
 ### Features
 * add TUS settings to the command line ([#5556](https://github.com/filebrowser/filebrowser/issues/5556)) ([e24e1f1](https://github.com/filebrowser/filebrowser/commit/e24e1f1abae9e80add620c4ad65660ca1b575a49))
 * remove importer of v1 config ([#5550](https://github.com/filebrowser/filebrowser/issues/5550)) ([ceb5e72](https://github.com/filebrowser/filebrowser/commit/ceb5e723f3ee2c966bb561a804015246450280ca))
 ### Bug Fixes
 * exit 0 when gracefully shutting down ([#5555](https://github.com/filebrowser/filebrowser/issues/5555)) ([5de4099](https://github.com/filebrowser/filebrowser/commit/5de4099cba2cf012d4a213c8eb29c412fc72c151))
 ## [2.46.1](https://github.com/filebrowser/filebrowser/compare/v2.46.0...v2.46.1) (2025-11-15)
 ### Bug Fixes
 * env key replacer and remove unused function ([#5547](https://github.com/filebrowser/filebrowser/issues/5547)) ([13814e1](https://github.com/filebrowser/filebrowser/commit/13814e11197ebd9101940883e3ca85998f86d442))
 * remove duplicated 'hide-defaults' flag (is 'hideDefaults') ([#5548](https://github.com/filebrowser/filebrowser/issues/5548)) ([ffc8504](https://github.com/filebrowser/filebrowser/commit/ffc850454e4cb8f10b970511681d6c627340afc7))
 ## [2.46.0](https://github.com/filebrowser/filebrowser/compare/v2.45.3...v2.46.0) (2025-11-14)
 ### Features
 * add 'hide-dotfiles' as command line parameter ([#3802](https://github.com/filebrowser/filebrowser/issues/3802)) ([0d973d3](https://github.com/filebrowser/filebrowser/commit/0d973d3aad70ceb88950f2cd9c297fc76e7955b1))
 * add context menu ([#3343](https://github.com/filebrowser/filebrowser/issues/3343)) ([1ace579](https://github.com/filebrowser/filebrowser/commit/1ace579a553486bb15af2d11f537414156606434))
 * add option to hide the login button from public-facing pages ([#3922](https://github.com/filebrowser/filebrowser/issues/3922)) ([ac7b49c](https://github.com/filebrowser/filebrowser/commit/ac7b49c1484b4e27a1149310542ccd1e90659ee2))
 * Updates for project File Browser ([#5544](https://github.com/filebrowser/filebrowser/issues/5544)) ([fb5d099](https://github.com/filebrowser/filebrowser/commit/fb5d099f8514516216f407be012d2e3f25de2441))
 ## [2.45.3](https://github.com/filebrowser/filebrowser/compare/v2.45.2...v2.45.3) (2025-11-13)
 This is a test release to ensure the updated workflow works.
 ## [2.45.2](https://github.com/filebrowser/filebrowser/compare/v2.45.1...v2.45.2) (2025-11-13)
 ### Bug Fixes
 * **deps:** update module github.com/shirou/gopsutil/v3 to v4 ([#5536](https://github.com/filebrowser/filebrowser/issues/5536)) ([fdff7a3](https://github.com/filebrowser/filebrowser/commit/fdff7a38f4711f2b58dfdd60bebbb057bd3a478d))
 * **deps:** update module gopkg.in/yaml.v2 to v3 ([#5537](https://github.com/filebrowser/filebrowser/issues/5537)) ([f26a685](https://github.com/filebrowser/filebrowser/commit/f26a68587d8432b536453093f42dc255d19d10fa))
 ### [2.45.1](https://github.com/filebrowser/filebrowser/compare/v2.45.0...v2.45.1) (2025-11-11)
 ### Bug Fixes
 * share page preview items to contain baseUrl ([#5510](https://github.com/filebrowser/filebrowser/issues/5510)) ([6950c2e](https://github.com/filebrowser/filebrowser/commit/6950c2e4d2868f06235f93c0a18b303b4095ca0a))
 ## [2.45.0](https://github.com/filebrowser/filebrowser/compare/v2.44.2...v2.45.0) (2025-11-01)
 ### Features
 * update translations ([#5458](https://github.com/filebrowser/filebrowser/issues/5458)) ([b9a03fa](https://github.com/filebrowser/filebrowser/commit/b9a03fabd98119d6588882f5ba2a7d29b012d729))
 ### Bug Fixes
 * support croatian ([#5502](https://github.com/filebrowser/filebrowser/issues/5502)) ([93fe31c](https://github.com/filebrowser/filebrowser/commit/93fe31cc55c9d9d27c634993619a768fa700da1d))
 ### [2.44.2](https://github.com/filebrowser/filebrowser/compare/v2.44.1...v2.44.2) (2025-10-22)
 ### Bug Fixes
 * **http:** remove auth query parameter ([57db25d](https://github.com/filebrowser/filebrowser/commit/57db25d08a1ef2cd0b41f34e312b7b7c35c7ed38))
 ### Build
 * **deps-dev:** bump vite from 6.3.6 to 6.4.1 in /frontend ([b8f64a1](https://github.com/filebrowser/filebrowser/commit/b8f64a1c1bc235df784d7f52abd3a9e84c6db6ce))
 ### [2.44.1](https://github.com/filebrowser/filebrowser/compare/v2.44.0...v2.44.1) (2025-10-17)
 ### Bug Fixes
 * **auth:** prevent integer overflow in logout timer using safeTimeout ([#5470](https://github.com/filebrowser/filebrowser/issues/5470)) ([dd88398](https://github.com/filebrowser/filebrowser/commit/dd883985bb484af9dfea2677a40d56999fdc72f3))
 * editor discard prompt doesn't save nor discard ([a397e73](https://github.com/filebrowser/filebrowser/commit/a397e7305d1572baf67823413f97a29eea38f0cc))
 * wrong url on settings branding link ([d0039af](https://github.com/filebrowser/filebrowser/commit/d0039afbb76a9364c1e6ac9715ccc3c239dc8cb6))
 ### Refactorings
 * use slices.Contains to simplify code ([#5483](https://github.com/filebrowser/filebrowser/issues/5483)) ([97b8911](https://github.com/filebrowser/filebrowser/commit/97b8911ba8a65456091cbec0202f6b5209fcf363))
 ## [2.44.0](https://github.com/filebrowser/filebrowser/compare/v2.43.0...v2.44.0) (2025-09-25)
 ### Features
 * allow setting ace editor theme ([#3826](https://github.com/filebrowser/filebrowser/issues/3826)) ([b9787c7](https://github.com/filebrowser/filebrowser/commit/b9787c78f3889171f94db19e7655dce68c64b6fb))
 * Improved path display in the new file and directory modal ([#5451](https://github.com/filebrowser/filebrowser/issues/5451)) ([d29ad35](https://github.com/filebrowser/filebrowser/commit/d29ad356d1067c87b2821debab91286549f512a0))
 * Translate frontend/src/i18n/en.json in no ([dec7a02](https://github.com/filebrowser/filebrowser/commit/dec7a027378fbc6948d203199c44a640a141bcad))
 * Updates for project File Browser ([#5446](https://github.com/filebrowser/filebrowser/issues/5446)) ([4ff247e](https://github.com/filebrowser/filebrowser/commit/4ff247e134e4d61668ee656a258ed67f71414e18))
 * Updates for project File Browser ([#5450](https://github.com/filebrowser/filebrowser/issues/5450)) ([0eade71](https://github.com/filebrowser/filebrowser/commit/0eade717ce9d04bf48051922f11d983edbc7c2d0))
 * Updates for project File Browser ([#5457](https://github.com/filebrowser/filebrowser/issues/5457)) ([1165f00](https://github.com/filebrowser/filebrowser/commit/1165f00bd4dcb0dcfbc084f54f51902ba4b4a714))
 ### Bug Fixes
 * computation of file path ([c472542](https://github.com/filebrowser/filebrowser/commit/c4725428e07da72b855009e2c13c6ed91d32e0b7))
 * show login when session token expires ([e6c674b](https://github.com/filebrowser/filebrowser/commit/e6c674b3c616831942c4d4aacab0907d58003e23))
 * some formatting issues with i18n files ([949ddff](https://github.com/filebrowser/filebrowser/commit/949ddffef20e38169902c5fd74dca4815dcecf11))
 * **upload:** throttle upload speed calculation to 100ms to avoid Infinity MB/s ([#5456](https://github.com/filebrowser/filebrowser/issues/5456)) ([692ca5e](https://github.com/filebrowser/filebrowser/commit/692ca5eaf01e4dcf346ba03f82c5dbd50cce246b))
 ## [2.43.0](https://github.com/filebrowser/filebrowser/compare/v2.42.5...v2.43.0) (2025-09-13)
 ### Features
 * "save changes" button to discard changes dialog ([84e8632](https://github.com/filebrowser/filebrowser/commit/84e8632b98e315bfef2da77dd7d1049daec99241))
 * Translate frontend/src/i18n/en.json in es ([571ce6c](https://github.com/filebrowser/filebrowser/commit/571ce6cb0d7c8725d1cc1a3238ea506ddc72b060))
 * Translate frontend/src/i18n/en.json in fr ([6b1fa87](https://github.com/filebrowser/filebrowser/commit/6b1fa87ad38ebbb1a9c5d0e5fc88ba796c148bcf))
 * Updates for project File Browser ([#5427](https://github.com/filebrowser/filebrowser/issues/5427)) ([8950585](https://github.com/filebrowser/filebrowser/commit/89505851414bfcee6b9ff02087eb4cec51c330f6))
 ### Bug Fixes
 * optimize markdown preview height ([783503a](https://github.com/filebrowser/filebrowser/commit/783503aece7fca9e26f7e849b0e7478aba976acb))
 ### Reverts
 * build(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 ([0769265](https://github.com/filebrowser/filebrowser/commit/07692653ffe0ea5e517e6dc1fd3961172e931843))
 ### Build
 * **deps-dev:** bump vite from 6.1.6 to 6.3.6 in /frontend ([36c6cc2](https://github.com/filebrowser/filebrowser/commit/36c6cc203e10947439519a0413d5817921a1690d))
 * **deps:** bump github.com/go-viper/mapstructure/v2 in /tools ([280fa56](https://github.com/filebrowser/filebrowser/commit/280fa562a67824887ae6e2530a3b73739d6e1bb4))
 * **deps:** bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 ([950028a](https://github.com/filebrowser/filebrowser/commit/950028abebe2898bac4ecfd8715c0967246310cb))
 ### Refactorings
 * to use strings.Lines ([b482a9b](https://github.com/filebrowser/filebrowser/commit/b482a9bf0d292ec6542d2145a4408971e4c985f1))
 ## [2.43.0](https://github.com/filebrowser/filebrowser/compare/v2.42.5...v2.43.0) (2025-09-13)
 ### Features
 * "save changes" button to discard changes dialog ([84e8632](https://github.com/filebrowser/filebrowser/commit/84e8632b98e315bfef2da77dd7d1049daec99241))
 * Translate frontend/src/i18n/en.json in es ([571ce6c](https://github.com/filebrowser/filebrowser/commit/571ce6cb0d7c8725d1cc1a3238ea506ddc72b060))
 * Translate frontend/src/i18n/en.json in fr ([6b1fa87](https://github.com/filebrowser/filebrowser/commit/6b1fa87ad38ebbb1a9c5d0e5fc88ba796c148bcf))
 * Updates for project File Browser ([#5427](https://github.com/filebrowser/filebrowser/issues/5427)) ([8950585](https://github.com/filebrowser/filebrowser/commit/89505851414bfcee6b9ff02087eb4cec51c330f6))
 ### Bug Fixes
 * optimize markdown preview height ([783503a](https://github.com/filebrowser/filebrowser/commit/783503aece7fca9e26f7e849b0e7478aba976acb))
 ### Build
 * **deps-dev:** bump vite from 6.1.6 to 6.3.6 in /frontend ([36c6cc2](https://github.com/filebrowser/filebrowser/commit/36c6cc203e10947439519a0413d5817921a1690d))
 * **deps:** bump github.com/go-viper/mapstructure/v2 in /tools ([280fa56](https://github.com/filebrowser/filebrowser/commit/280fa562a67824887ae6e2530a3b73739d6e1bb4))
 * **deps:** bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 ([950028a](https://github.com/filebrowser/filebrowser/commit/950028abebe2898bac4ecfd8715c0967246310cb))
 ### Refactorings
 * to use strings.Lines ([b482a9b](https://github.com/filebrowser/filebrowser/commit/b482a9bf0d292ec6542d2145a4408971e4c985f1))
 ### [2.42.5](https://github.com/filebrowser/filebrowser/compare/v2.42.4...v2.42.5) (2025-08-16)
 ### Bug Fixes
 * "new folder" button not working in the move and copy popup ([#5368](https://github.com/filebrowser/filebrowser/issues/5368)) ([3107ae4](https://github.com/filebrowser/filebrowser/commit/3107ae41475ae9383c3af414d25a133e549f8087))
 ### [2.42.4](https://github.com/filebrowser/filebrowser/compare/v2.42.3...v2.42.4) (2025-08-16)
 ### Bug Fixes
 * add libcap to Dockerfile.s6 ([342b239](https://github.com/filebrowser/filebrowser/commit/342b239ac6f4af2453d5f7aa27f7f0093024dd72))
 ### [2.42.3](https://github.com/filebrowser/filebrowser/compare/v2.42.2...v2.42.3) (2025-08-09)
 ### Bug Fixes
 * add missing CLI flags for user management ([#5351](https://github.com/filebrowser/filebrowser/issues/5351)) ([cd51a59](https://github.com/filebrowser/filebrowser/commit/cd51a59e72c72560fce7bcc9b12aaf02646b699c))
 ### [2.42.2](https://github.com/filebrowser/filebrowser/compare/v2.42.1...v2.42.2) (2025-08-06)
 ### Bug Fixes
 * show file upload errors ([06e8713](https://github.com/filebrowser/filebrowser/commit/06e8713fa55065d38f02499d3e8d39fc86926cab))
 ### Refactorings
 * upload progress calculation ([#5350](https://github.com/filebrowser/filebrowser/issues/5350)) ([c14cf86](https://github.com/filebrowser/filebrowser/commit/c14cf86f8304e01d804e01a7eef5ea093627ef37))
 ### [2.42.1](https://github.com/filebrowser/filebrowser/compare/v2.42.0...v2.42.1) (2025-07-31)
 ### Features
 * Translate frontend/src/i18n/en.json in sk  ([14ee054](https://github.com/filebrowser/filebrowser/commit/14ee0543599f2ec73b7f5d2dbd8415f47fe592aa))
 * Translate frontend/src/i18n/en.json in vi ([75baf7c](https://github.com/filebrowser/filebrowser/commit/75baf7ce337671a1045f897ba4a19967a31b1aec))
 ### Bug Fixes
 * directory mode on config init ([4ff6347](https://github.com/filebrowser/filebrowser/commit/4ff634715543b65878943273dff70f340167900b))
 ## [2.42.0](https://github.com/filebrowser/filebrowser/compare/v2.41.0...v2.42.0) (2025-07-27)
 ### Features
 * add Norwegian support ([#5332](https://github.com/filebrowser/filebrowser/issues/5332)) ([25e47c3](https://github.com/filebrowser/filebrowser/commit/25e47c3ce8b35b820b5370a4b8bfdf682bd5ae0b))
 * select item on file list after navigating back ([#5329](https://github.com/filebrowser/filebrowser/issues/5329)) ([cbeec6d](https://github.com/filebrowser/filebrowser/commit/cbeec6d225691723c4750d7f84122ebb14d662bf))
 * Translate frontend/src/i18n/en.json in no ([5eb3bf4](https://github.com/filebrowser/filebrowser/commit/5eb3bf40586c2ffc32f4834b5dd59f0eb719c1f7))
 * Translate frontend/src/i18n/en.json in sk ([07dfdce](https://github.com/filebrowser/filebrowser/commit/07dfdce8e4c371f4ca7480f3cef0bd66ff5c9abb))
 ### Bug Fixes
 * norsk loading ([619f683](https://github.com/filebrowser/filebrowser/commit/619f6837b0d1ec6c654d30f4ecedd6696874721f))
 ### Reverts
 * Revert "chore(release): 2.42.0" ([d778c19](https://github.com/filebrowser/filebrowser/commit/d778c192ae02c5e73781f7632e3b7276c5811e17))
 ### Build
 * bump go version to 1.23.11 ([c7a5c7e](https://github.com/filebrowser/filebrowser/commit/c7a5c7efee2b2bede89ec90bafd1af61c39519ff))
 * bump to go 1.24 ([c1b0207](https://github.com/filebrowser/filebrowser/commit/c1b0207800b4bb52c8dd459c1d69ce0f785473b6))
 ## [2.41.0](https://github.com/filebrowser/filebrowser/compare/v2.40.2...v2.41.0) (2025-07-22)
 ### Features
 * Allow file and directory creation modes to be configured ([21ad653](https://github.com/filebrowser/filebrowser/commit/21ad653b7eb246c0e95ccdc131f8d59267de7818)), closes [#5316](https://github.com/filebrowser/filebrowser/issues/5316) [#5200](https://github.com/filebrowser/filebrowser/issues/5200)
 * better error handling for sys kill signals ([1582b8b](https://github.com/filebrowser/filebrowser/commit/1582b8b2cd1c62fa93e60ca9b4e740e940b02e84))
 ### [2.40.2](https://github.com/filebrowser/filebrowser/compare/v2.40.1...v2.40.2) (2025-07-17)
 ### Bug Fixes
 * Location header on TUS endpoint ([#5302](https://github.com/filebrowser/filebrowser/issues/5302)) ([607f570](https://github.com/filebrowser/filebrowser/commit/607f5708a2484428ab837781a5ef26b8cc3194f4))
 ### Build
 * **deps:** bump vue-i18n from 11.1.9 to 11.1.10 in /frontend ([d61110e](https://github.com/filebrowser/filebrowser/commit/d61110e4d7155a5849557adf3b75dc0191f17e80))
 ### [2.40.1](https://github.com/filebrowser/filebrowser/compare/v2.40.0...v2.40.1) (2025-07-15)
 ### Bug Fixes
 * print correct user on setup ([88f1442](https://github.com/filebrowser/filebrowser/commit/88f144293267260fd4d823e3259783309b1a57b3))
 ## [2.40.0](https://github.com/filebrowser/filebrowser/compare/v2.39.0...v2.40.0) (2025-07-13)
 ### Features
 * add font size botton to text editor ([#5290](https://github.com/filebrowser/filebrowser/issues/5290)) ([035084d](https://github.com/filebrowser/filebrowser/commit/035084d8e83243065fad69bfac1b69559fbad5fb))
 ### Bug Fixes
 * invalid path when uploading files ([9072cbc](https://github.com/filebrowser/filebrowser/commit/9072cbce340da55477906f5419a4cfb6d6937dc0))
 * Only left click should drag the image in extended image view ([b8454bb](https://github.com/filebrowser/filebrowser/commit/b8454bb2e41ca2848b926b66354468ba4b1c7ba5))
 ## [2.39.0](https://github.com/filebrowser/filebrowser/compare/v2.38.0...v2.39.0) (2025-07-13)
 ### Features
 * Improve Docker entrypoint and config handling ([01c814c](https://github.com/filebrowser/filebrowser/commit/01c814cf98f81f2bcd622aea75e5b1efe3484940))
 * rewrite the archiver and added support for zstd and brotli ([#5283](https://github.com/filebrowser/filebrowser/issues/5283)) ([7c71686](https://github.com/filebrowser/filebrowser/commit/7c716862c1bd3cdedd3c02d3a37207293db197ca))
 ### Bug Fixes
 * drop modify permission for uploading new file ([#5270](https://github.com/filebrowser/filebrowser/issues/5270)) ([0f27c91](https://github.com/filebrowser/filebrowser/commit/0f27c91eca581482ce4f82f6429f5dac12f8b64e))
 * Settings button in the sidebar ([5a8e717](https://github.com/filebrowser/filebrowser/commit/5a8e7171b1b41eff771fe27133c91d2c250896a8))
 ### Build
 * improve docker image and binary sizes ([35ca24a](https://github.com/filebrowser/filebrowser/commit/35ca24adb886721fc9d5e1a68cfc577e2c5f0230))
 * lightweight busybox-based container build ([#5285](https://github.com/filebrowser/filebrowser/issues/5285)) ([5c5942d](https://github.com/filebrowser/filebrowser/commit/5c5942d99514b433e09d90624bbe58992eab6be2))
 * remove upx ([1a5c83b](https://github.com/filebrowser/filebrowser/commit/1a5c83bcfe847f1e41a44cef23fd795b19b6b434))
 ## [2.38.0](https://github.com/filebrowser/filebrowser/compare/v2.37.0...v2.38.0) (2025-07-12)
 ### Features
 * Show the current users name in the sidebar ([#2821](https://github.com/filebrowser/filebrowser/issues/2821)) ([528ce92](https://github.com/filebrowser/filebrowser/commit/528ce92fad6dcc8e8b7910036bf9175146e27bf7))
 * Updates for project File Browser  ([b4eddf4](https://github.com/filebrowser/filebrowser/commit/b4eddf45e4d7e6f6ccf242e67fe20f89f5e2f9a9))
 ### Bug Fixes
 * prevent page change if there are outstanding edits ([#5260](https://github.com/filebrowser/filebrowser/issues/5260)) ([fbe169b](https://github.com/filebrowser/filebrowser/commit/fbe169b84f28cba22ea87f01b52f2420f1ea6814))
 ## [2.37.0](https://github.com/filebrowser/filebrowser/compare/v2.36.3...v2.37.0) (2025-07-08)
 ### Features
 * Translate frontend/src/i18n/en.json in zh_CN ([65bbf44](https://github.com/filebrowser/filebrowser/commit/65bbf44e3c0bff83e64193d46e9d6ad302952276))
 * Translate frontend/src/i18n/en.json in zh_TW ([b28952c](https://github.com/filebrowser/filebrowser/commit/b28952cb2582bd4eb44e91d0676e2803c458cf31))
 * Translate frontend/src/i18n/en.json in zh_TW ([1e96fd9](https://github.com/filebrowser/filebrowser/commit/1e96fd9035d5185dc80970a2826ccb573b5f000e))
 ### Bug Fixes
 * long file name overlap ([fcb248a](https://github.com/filebrowser/filebrowser/commit/fcb248a5feb7b7404ca5923aae17f6d3f8d3cc96))
 * preview PDF is correctly displayed ([bf73e4d](https://github.com/filebrowser/filebrowser/commit/bf73e4dea3b27c01c8f6e60fb2048e1a2122a70e))
 * Upload progress size calculation ([e423395](https://github.com/filebrowser/filebrowser/commit/e423395ef0bcd106ddc7d460c055b95b5208415e))
 ### [2.36.3](https://github.com/filebrowser/filebrowser/compare/v2.36.2...v2.36.3) (2025-07-06)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -15,11 +15,23 @@ We encourage you to use git to manage your fork. To clone the main repository, j
 git clone https://github.com/filebrowser/filebrowser
 ```
 We use [Taskfile](https://taskfile.dev/) to manage the different processes (building, releasing, etc) automatically.
 ## Build
 You can fully build the project in order to produce a binary by running:
 ```bash
 task build
 ```
 ## Development
 For development, there are a few things to have in mind.
 ### Frontend
-We are using [Node.js](https://nodejs.org/en/) on the frontend to manage the build process. The steps to build it are:
+We use [Node.js](https://nodejs.org/en/) on the frontend to manage the build process. Prepare the frontend environment:
 ```bash
 # From the root of the repo, go to frontend/
@@ -27,37 +39,62 @@ cd frontend
 # Install the dependencies
 pnpm install
 ```
-# Build the frontend
+If you just want to develop the backend, you can create a static build of the frontend:
 ```bash
 pnpm run build
 ```
-This will install the dependencies and build the frontend so you can then embed it into the Go app. Although, if you want to play with it, you'll get bored of building it after every change you do. So, you can run the command below to watch for changes:
+If you want to develop the frontend, start a development server which watches for changes:
 ```bash
 pnpm run dev
 ```
 Please note that you need to access File Browser's interface through the development server of the frontend.
 ### Backend
-First of all, you need to download the required dependencies. We are using the built-in `go mod` tool for dependency management. To get the modules, run:
+First prepare the backend environment by downloading all required dependencies:
 ```bash
 go mod download
 ```
-The magic of File Browser is that the static assets are bundled into the final binary. For that, we use [Go embed.FS](https://golang.org/pkg/embed/). The files from `frontend/dist` will be embedded during the build process.
+You can now build or run File Browser as any other Go project:
 To build File Browser is just like any other Go program:
 ```bash
 # Build
 go build
 # Run
 go run .
 ```
-To create a development build use the "dev" tag, this way the content inside the frontend folder will not be embedded in the binary but will be reloaded at every change:
+## Documentation
 We rely on Docker to abstract all the dependencies required for building the documentation.
 To build the documentation to `www/public`:
 ```bash
-go build -tags dev
+task docs
 ```
 To start a local server on port `8000` to view the built documentation:
 ```bash
 task docs:serve
 ```
 ## Release
 To make a release, just run:
 ```bash
 task release
 ```
 ## Translations
--- a/38
+++ b/38
@@ -1,23 +1,37 @@
-FROM alpine:3.22
+## Multistage build: First stage fetches dependencies
 FROM alpine:3.23 AS fetcher
 # install and copy ca-certificates, mailcap, and tini-static; download JSON.sh
 RUN apk update && \
-  apk --no-cache add ca-certificates mailcap curl jq tini
+    apk --no-cache add ca-certificates mailcap tini-static && \
    wget -O /JSON.sh https://raw.githubusercontent.com/dominictarr/JSON.sh/0d5e5c77365f63809bf6e77ef44a1f34b0e05840/JSON.sh
-# Make user and create necessary directories
+## Second stage: Use lightweight BusyBox image for final runtime environment
 FROM busybox:1.37.0-musl
 # Define non-root user UID and GID
 ENV UID=1000
 ENV GID=1000
 # Create user group and user
 RUN addgroup -g $GID user && \
-  adduser -D -u $UID -G user user && \
+    adduser -D -u $UID -G user user
  mkdir -p /config /database /srv && \
  chown -R user:user /config /database /srv
-# Copy files and set permissions
+# Copy binary, scripts, and configurations into image with proper ownership
-COPY filebrowser /bin/filebrowser
+COPY --chown=user:user filebrowser /bin/filebrowser
-COPY docker/common/ /
+COPY --chown=user:user docker/common/ /
-COPY docker/alpine/ /
+COPY --chown=user:user docker/alpine/ /
 COPY --chown=user:user --from=fetcher /sbin/tini-static /bin/tini
 COPY --from=fetcher /JSON.sh /JSON.sh
 COPY --from=fetcher /etc/ca-certificates.conf /etc/ca-certificates.conf
 COPY --from=fetcher /etc/ca-certificates /etc/ca-certificates
 COPY --from=fetcher /etc/mime.types /etc/mime.types
 COPY --from=fetcher /etc/ssl /etc/ssl
-RUN chown -R user:user /bin/filebrowser /defaults healthcheck.sh init.sh
+# Create data directories, set ownership, and ensure healthcheck script is executable
 RUN mkdir -p /config /database /srv && \
    chown -R user:user /config /database /srv \
    && chmod +x /healthcheck.sh
 # Define healthcheck script
 HEALTHCHECK --start-period=2s --interval=5s --timeout=3s CMD /healthcheck.sh
@@ -29,4 +43,4 @@ VOLUME /srv /config /database
 EXPOSE 80
-ENTRYPOINT [ "tini", "--", "/init.sh", "filebrowser", "--config", "/config/settings.json" ]
+ENTRYPOINT [ "tini", "--", "/init.sh" ]
--- a/Dockerfile.s6
+++ b/Dockerfile.s6
@@ -1,7 +1,7 @@
-FROM ghcr.io/linuxserver/baseimage-alpine:3.22
+FROM ghcr.io/linuxserver/baseimage-alpine:3.23
 RUN apk update && \
-  apk --no-cache add ca-certificates mailcap curl jq
+  apk --no-cache add ca-certificates mailcap jq libcap ffmpeg
 # Make user and create necessary directories
 RUN mkdir -p /config /database /srv && \
@@ -12,7 +12,8 @@ COPY filebrowser /bin/filebrowser
 COPY docker/common/ /
 COPY docker/s6/ /
-RUN chown -R abc:abc /bin/filebrowser /defaults healthcheck.sh
+RUN chown -R abc:abc /bin/filebrowser /defaults healthcheck.sh && \
  setcap 'cap_net_bind_service=+ep' /bin/filebrowser
 # Define healthcheck script
 HEALTHCHECK --start-period=2s --interval=5s --timeout=3s CMD /healthcheck.sh
--- a/88
+++ b/88
@@ -1,88 +0,0 @@
 include common.mk
 include tools.mk
 LDFLAGS += -X "$(MODULE)/version.Version=$(VERSION)" -X "$(MODULE)/version.CommitSHA=$(VERSION_HASH)"
 SITE_DOCKER_FLAGS = \
 	-v $(CURDIR)/www:/docs \
 	-v $(CURDIR)/LICENSE:/docs/docs/LICENSE \
 	-v $(CURDIR)/SECURITY.md:/docs/docs/security.md \
 	-v $(CURDIR)/CHANGELOG.md:/docs/docs/changelog.md \
 	-v $(CURDIR)/CODE-OF-CONDUCT.md:/docs/docs/code-of-conduct.md \
 	-v $(CURDIR)/CONTRIBUTING.md:/docs/docs/contributing.md
 ## Build:
 .PHONY: build
 build: | build-frontend build-backend ## Build binary
 .PHONY: build-frontend
 build-frontend: ## Build frontend
 	$Q cd frontend && pnpm install --frozen-lockfile && pnpm run build
 .PHONY: build-backend
 build-backend: ## Build backend
 	$Q $(go) build -ldflags '$(LDFLAGS)' -o .
 .PHONY: test
 test: | test-frontend test-backend ## Run all tests
 .PHONY: test-frontend
 test-frontend: ## Run frontend tests
 	$Q cd frontend && pnpm install --frozen-lockfile && pnpm run typecheck
 .PHONY: test-backend
 test-backend: ## Run backend tests
 	$Q $(go) test -v ./...
 .PHONY: lint
 lint: lint-frontend lint-backend ## Run all linters
 .PHONY: lint-frontend
 lint-frontend: ## Run frontend linters
 	$Q cd frontend && pnpm install --frozen-lockfile && pnpm run lint
 .PHONY: lint-backend
 lint-backend: | $(golangci-lint) ## Run backend linters
 	$Q $(golangci-lint) run -v
 .PHONY: lint-commits
 lint-commits: $(commitlint) ## Run commit linters
 	$Q ./scripts/commitlint.sh
 fmt: $(goimports) ## Format source files
 	$Q $(goimports) -local $(MODULE) -w $$(find . -type f -name '*.go' -not -path "./vendor/*")
 clean: clean-tools ## Clean
 ## Release:
 .PHONY: bump-version
 bump-version: $(standard-version) ## Bump app version
 	$Q ./scripts/bump_version.sh
 .PHONY: site
 site: ## Build site
 	@rm -rf www/public
 	docker build -f www/Dockerfile --progress=plain -t filebrowser.site www
 	docker run --rm $(SITE_DOCKER_FLAGS) filebrowser.site build -d "public"
 .PHONY: site-serve
 site-serve: ## Serve site for development
 	docker build -f www/Dockerfile --progress=plain -t filebrowser.site www
 	docker run --rm -it -p 8000:8000 $(SITE_DOCKER_FLAGS) filebrowser.site
 ## Help:
 help: ## Show this help
 	@echo ''
 	@echo 'Usage:'
 	@echo '  ${YELLOW}make${RESET} ${GREEN}<target> [options]${RESET}'
 	@echo ''
 	@echo 'Options:'
 	@$(call global_option, "V [0|1]", "enable verbose mode (default:0)")
 	@echo ''
 	@echo 'Targets:'
 	@awk 'BEGIN {FS = ":.*?## "} { \
 		if (/^[a-zA-Z_-]+:.*?##.*$$/) {printf "    ${YELLOW}%-20s${GREEN}%s${RESET}\n", $$1, $$2} \
 		else if (/^## .*$$/) {printf "  ${CYAN}%s${RESET}\n", substr($$1,4)} \
 		}' $(MAKEFILE_LIST)
--- a/README.md
+++ b/README.md
@@ -1,12 +1,10 @@
 <p align="center">
-  <img src="https://raw.githubusercontent.com/filebrowser/logo/master/banner.png" width="550"/>
+  <img src="https://raw.githubusercontent.com/filebrowser/filebrowser/master/branding/banner.png" width="550"/>
 </p>
-[![Build](https://github.com/filebrowser/filebrowser/actions/workflows/main.yaml/badge.svg)](https://github.com/filebrowser/filebrowser/actions/workflows/main.yaml)
+[![Build](https://github.com/filebrowser/filebrowser/actions/workflows/ci.yaml/badge.svg)](https://github.com/filebrowser/filebrowser/actions/workflows/ci.yaml)
-[![Go Report Card](https://goreportcard.com/badge/github.com/filebrowser/filebrowser)](https://goreportcard.com/report/github.com/filebrowser/filebrowser)
+[![Go Report Card](https://goreportcard.com/badge/github.com/filebrowser/filebrowser/v2)](https://goreportcard.com/report/github.com/filebrowser/filebrowser/v2)
 [![Documentation](https://img.shields.io/badge/godoc-reference-blue.svg)](http://godoc.org/github.com/filebrowser/filebrowser)
 [![Version](https://img.shields.io/github/release/filebrowser/filebrowser.svg)](https://github.com/filebrowser/filebrowser/releases/latest)
 [![Chat IRC](https://img.shields.io/badge/freenode-%23filebrowser-blue.svg)](http://webchat.freenode.net/?channels=%23filebrowser)
 File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview and edit your files. It is a **create-your-own-cloud**-kind of software where you can just install it on your server, direct it to a path and access your files through a nice web interface.
@@ -16,18 +14,12 @@ Documentation on how to install, configure, and contribute to this project is ho
 ## Project Status
-> [!WARNING]
+This project is a finished product which fulfills its goal: be a single binary web File Browser which can be run by anyone anywhere. That means that File Browser is currently on **maintenance-only** mode. Therefore, please note the following:
 >
 > This project is currently on **maintenance-only** mode, and is looking for new maintainers. For more information, please read the [discussion #4906](https://github.com/filebrowser/filebrowser/discussions/4906). Therefore, please note the following:
 >
 > - It can take a while until someone gets back to you. Please be patient.
 > - [Issues][issues] are only being used to track bugs. Any unrelated issues will be converted into a [discussion][discussions].
 > - No new features will be implemented until further notice. The priority is on triaging issues and merge bug fixes.
 > 
 > If you're interested in maintaining this project, please reach out via the discussion above.
-[issues]: https://github.com/filebrowser/filebrowser/issues
+- It can take a while until someone gets back to you. Please be patient.
-[discussions]: https://github.com/filebrowser/filebrowser/discussions
+- [Issues](https://github.com/filebrowser/filebrowser/issues) are meant to track bugs. Unrelated issues will be converted into [discussions](https://github.com/filebrowser/filebrowser/discussions).
 - No new features will be implemented by maintainers. Pull requests for new features will be reviewed on a case by case basis.
 - The priority is triaging issues, addressing security issues and reviewing pull requests meant to solve bugs.
 ## Contributing
@@ -36,3 +28,4 @@ Contributions are always welcome. To start contributing to this project, read ou
 ## License
 [Apache License 2.0](LICENSE) © File Browser Contributors
 # Work in progress: metadata modifier
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -0,0 +1,83 @@
 version: '3'
 vars:
  SITE_DOCKER_FLAGS: >-
    -v ./www:/docs
    -v ./LICENSE:/docs/docs/LICENSE
    -v ./SECURITY.md:/docs/docs/security.md
    -v ./CHANGELOG.md:/docs/docs/changelog.md
    -v ./CODE-OF-CONDUCT.md:/docs/docs/code-of-conduct.md
    -v ./CONTRIBUTING.md:/docs/docs/contributing.md
 tasks:
  build:frontend:
    desc: Build frontend assets
    dir: frontend
    cmds:
      - pnpm install --frozen-lockfile
      - pnpm run build
  build:backend:
    desc: Build backend binary
    cmds:
      - go build -ldflags='-s -w -X "github.com/filebrowser/filebrowser/v2/version.Version={{.VERSION}}" -X "github.com/filebrowser/filebrowser/v2/version.CommitSHA={{.GIT_COMMIT}}"' -o filebrowser .
    vars:
      GIT_COMMIT:
        sh: git log -n 1 --format=%h
      VERSION:
        sh: git describe --tags --abbrev=0 --match=v* | cut -c 2-
  build:
    desc: Build both frontend and backend
    cmds:
      - task: build:frontend
      - task: build:backend
  release:make:
    internal: true
    prompt: Do you wish to proceed?
    cmds:
      - pnpm dlx commit-and-tag-version -s
  release:dry-run:
    internal: true
    cmds:
      - pnpm dlx commit-and-tag-version --dry-run --skip
  release:
    desc: Create a new release
    cmds:
      - task: docs:cli:generate
      - git add www/docs/cli
      - |
        if [[ `git status www/docs/cli --porcelain` ]]; then
          git commit -m 'chore(docs): update CLI documentation'
        fi
      - task: release:dry-run
      - task: release:make
  docs:cli:generate:
    cmds:
      - rm -rf www/docs/cli
      - mkdir -p www/docs/cli
      - go run . docs
    generates:
      - www/docs/cli
  docs:docker:generate:
    internal: true
    cmds: 
      - docker build -f www/Dockerfile --progress=plain -t filebrowser.site www
  docs:
    desc: Generate documentation
    cmds:
      - rm -rf www/public
      - task: docs:docker:generate
      - docker run --rm {{.SITE_DOCKER_FLAGS}} filebrowser.site build -d "public"
  docs:serve:
    desc: Serve documentation
    cmds:
      - task: docs:docker:generate
      - docker run --rm -it -p 8000:8000 {{.SITE_DOCKER_FLAGS}} filebrowser.site
--- a/auth/hook.go
+++ b/auth/hook.go
@@ -8,9 +8,10 @@ import (
 	"net/http"
 	"os"
 	"os/exec"
 	"slices"
 	"strings"
-	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
+	fberrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/files"
 	"github.com/filebrowser/filebrowser/v2/settings"
 	"github.com/filebrowser/filebrowser/v2/users"
@@ -102,7 +103,7 @@ func (a *HookAuth) RunCommand() (string, error) {
 		command[i] = os.Expand(arg, envMapping)
 	}
-	cmd := exec.Command(command[0], command[1:]...) //nolint:gosec
+	cmd := exec.Command(command[0], command[1:]...)
 	cmd.Env = append(os.Environ(), fmt.Sprintf("USERNAME=%s", a.Cred.Username))
 	cmd.Env = append(cmd.Env, fmt.Sprintf("PASSWORD=%s", a.Cred.Password))
 	out, err := cmd.Output()
@@ -123,7 +124,7 @@ func (a *HookAuth) GetValues(s string) {
 	s = strings.ReplaceAll(s, "\r\n", "\n")
 	// iterate input lines
-	for _, val := range strings.Split(s, "\n") {
+	for val := range strings.Lines(s) {
 		v := strings.SplitN(val, "=", 2)
 		// skips non key and value format
@@ -145,7 +146,7 @@ func (a *HookAuth) GetValues(s string) {
 // SaveUser updates the existing user or creates a new one when not found
 func (a *HookAuth) SaveUser() (*users.User, error) {
 	u, err := a.Users.Get(a.Server.Root, a.Cred.Username)
-	if err != nil && !errors.Is(err, fbErrors.ErrNotExist) {
+	if err != nil && !errors.Is(err, fberrors.ErrNotExist) {
 		return nil, err
 	}
@@ -157,16 +158,17 @@ func (a *HookAuth) SaveUser() (*users.User, error) {
 		// create user with the provided credentials
 		d := &users.User{
-			Username:     a.Cred.Username,
+			Username:              a.Cred.Username,
-			Password:     pass,
+			Password:              pass,
-			Scope:        a.Settings.Defaults.Scope,
+			Scope:                 a.Settings.Defaults.Scope,
-			Locale:       a.Settings.Defaults.Locale,
+			Locale:                a.Settings.Defaults.Locale,
-			ViewMode:     a.Settings.Defaults.ViewMode,
+			ViewMode:              a.Settings.Defaults.ViewMode,
-			SingleClick:  a.Settings.Defaults.SingleClick,
+			SingleClick:           a.Settings.Defaults.SingleClick,
-			Sorting:      a.Settings.Defaults.Sorting,
+			RedirectAfterCopyMove: a.Settings.Defaults.RedirectAfterCopyMove,
-			Perm:         a.Settings.Defaults.Perm,
+			Sorting:               a.Settings.Defaults.Sorting,
-			Commands:     a.Settings.Defaults.Commands,
+			Perm:                  a.Settings.Defaults.Perm,
-			HideDotfiles: a.Settings.Defaults.HideDotfiles,
+			Commands:              a.Settings.Defaults.Commands,
 			HideDotfiles:          a.Settings.Defaults.HideDotfiles,
 		}
 		u = a.GetUser(d)
@@ -218,13 +220,14 @@ func (a *HookAuth) GetUser(d *users.User) *users.User {
 		Download: isAdmin || a.Fields.GetBoolean("user.perm.download", d.Perm.Download),
 	}
 	user := users.User{
-		ID:          d.ID,
+		ID:                    d.ID,
-		Username:    d.Username,
+		Username:              d.Username,
-		Password:    d.Password,
+		Password:              d.Password,
-		Scope:       a.Fields.GetString("user.scope", d.Scope),
+		Scope:                 a.Fields.GetString("user.scope", d.Scope),
-		Locale:      a.Fields.GetString("user.locale", d.Locale),
+		Locale:                a.Fields.GetString("user.locale", d.Locale),
-		ViewMode:    users.ViewMode(a.Fields.GetString("user.viewMode", string(d.ViewMode))),
+		ViewMode:              users.ViewMode(a.Fields.GetString("user.viewMode", string(d.ViewMode))),
-		SingleClick: a.Fields.GetBoolean("user.singleClick", d.SingleClick),
+		SingleClick:           a.Fields.GetBoolean("user.singleClick", d.SingleClick),
 		RedirectAfterCopyMove: a.Fields.GetBoolean("user.redirectAfterCopyMove", d.RedirectAfterCopyMove),
 		Sorting: files.Sorting{
 			Asc: a.Fields.GetBoolean("user.sorting.asc", d.Sorting.Asc),
 			By:  a.Fields.GetString("user.sorting.by", d.Sorting.By),
@@ -250,6 +253,7 @@ var validHookFields = []string{
 	"user.locale",
 	"user.viewMode",
 	"user.singleClick",
 	"user.redirectAfterCopyMove",
 	"user.sorting.by",
 	"user.sorting.asc",
 	"user.commands",
@@ -266,13 +270,7 @@ var validHookFields = []string{
 // IsValid checks if the provided field is on the valid fields list
 func (hf *hookFields) IsValid(field string) bool {
-	for _, val := range validHookFields {
+	return slices.Contains(validHookFields, field)
 		if field == val {
 			return true
 		}
 	}
 	return false
 }
 // GetString returns the string value or provided default
--- a/auth/json.go
+++ b/auth/json.go
@@ -14,6 +14,10 @@ import (
 // MethodJSONAuth is used to identify json auth.
 const MethodJSONAuth settings.AuthMethod = "json"
 // dummyHash is used to prevent user enumeration timing attacks.
 // It MUST be a valid bcrypt hash.
 const dummyHash = "$2a$10$O4mEMeOL/nit6zqe.WQXauLRbRlzb3IgLHsa26Pf0N/GiU9b.wK1m"
 type jsonCred struct {
 	Password  string `json:"password"`
 	Username  string `json:"username"`
@@ -40,7 +44,7 @@ func (a JSONAuth) Auth(r *http.Request, usr users.Store, _ *settings.Settings, s
 	// If ReCaptcha is enabled, check the code.
 	if a.ReCaptcha != nil && a.ReCaptcha.Secret != "" {
-		ok, err := a.ReCaptcha.Ok(cred.ReCaptcha) //nolint:govet
+		ok, err := a.ReCaptcha.Ok(cred.ReCaptcha)
 		if err != nil {
 			return nil, err
@@ -52,7 +56,17 @@ func (a JSONAuth) Auth(r *http.Request, usr users.Store, _ *settings.Settings, s
 	}
 	u, err := usr.Get(srv.Root, cred.Username)
-	if err != nil || !users.CheckPwd(cred.Password, u.Password) {
+
 	hash := dummyHash
 	if err == nil {
 		hash = u.Password
 	}
 	if !users.CheckPwd(cred.Password, hash) {
 		return nil, os.ErrPermission
 	}
 	if err != nil {
 		return nil, os.ErrPermission
 	}
--- a/auth/proxy.go
+++ b/auth/proxy.go
@@ -4,7 +4,7 @@ import (
 	"errors"
 	"net/http"
-	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
+	fberrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/settings"
 	"github.com/filebrowser/filebrowser/v2/users"
 )
@@ -21,7 +21,7 @@ type ProxyAuth struct {
 func (a ProxyAuth) Auth(r *http.Request, usr users.Store, setting *settings.Settings, srv *settings.Server) (*users.User, error) {
 	username := r.Header.Get(a.Header)
 	user, err := usr.Get(srv.Root, username)
-	if errors.Is(err, fbErrors.ErrNotExist) {
+	if errors.Is(err, fberrors.ErrNotExist) {
 		return a.createUser(usr, setting, srv, username)
 	}
 	return user, err
--- a/branding/banner.png
+++ b/branding/banner.png
--- a/branding/banner.svg
+++ b/branding/banner.svg
--- a/branding/icon.png
+++ b/branding/icon.png
--- a/branding/icon.svg
+++ b/branding/icon.svg
@@ -0,0 +1 @@
 <svg xmlns="http://www.w3.org/2000/svg" width="700" height="700" shape-rendering="geometricPrecision" text-rendering="geometricPrecision" image-rendering="optimizeQuality" fill-rule="evenodd" clip-rule="evenodd"><defs><style>.prefix__fil1{fill:#fefefe}.prefix__fil6{fill:#006498}.prefix__fil5{fill:#bdeaff}</style></defs><g id="prefix__Layer_x0020_1"><path d="M80 0h540c44 0 80 36 80 80v540c0 44-36 80-80 80H80c-44 0-80-36-80-80V80C0 36 36 0 80 0z" fill="#455a64"/><path class="prefix__fil1" d="M350 71c154 0 279 125 279 279S504 629 350 629 71 504 71 350 196 71 350 71z"/><path d="M475 236l118 151c3 116-149 252-292 198l-76-99 114-156s138-95 136-94z" fill="#332c2b" fill-opacity=".149"/><path d="M231 211h208l38 24v246c0 5-3 8-8 8H231c-5 0-8-3-8-8V219c0-5 3-8 8-8z" fill="#2bbcff"/><path d="M231 211h208l38 24v2l-37-23H231c-4 0-7 3-7 7v263c-1-1-1-2-1-3V219c0-5 3-8 8-8z" fill="#53c6fc"/><path class="prefix__fil5" d="M305 212h113v98H305zM255 363h189c3 0 5 2 5 4v116H250V367c0-2 2-4 5-4z"/><path class="prefix__fil6" d="M250 470h199v13H250zM380 226h10c3 0 6 2 6 5v40c0 3-3 6-6 6h-10c-3 0-6-3-6-6v-40c0-3 3-5 6-5z"/><path class="prefix__fil1" d="M254 226c10 0 17 7 17 17 0 9-7 16-17 16-9 0-17-7-17-16 0-10 8-17 17-17z"/><path class="prefix__fil6" d="M267 448h165c2 0 3 1 3 3 0 1-1 3-3 3H267c-2 0-3-2-3-3 0-2 1-3 3-3zM267 415h165c2 0 3 1 3 3 0 1-1 2-3 2H267c-2 0-3-1-3-2 0-2 1-3 3-3zM267 381h165c2 0 3 2 3 3 0 2-1 3-3 3H267c-2 0-3-1-3-3 0-1 1-3 3-3z"/><path class="prefix__fil1" d="M236 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5zM463 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5z"/><path class="prefix__fil6" d="M305 212h-21v98h21z"/><path d="M477 479v2c0 5-3 8-8 8H231c-5 0-8-3-8-8v-2c0 4 3 8 8 8h238c5 0 8-4 8-8z" fill="#0ea5eb"/><path d="M350 70c155 0 280 125 280 280S505 630 350 630 70 505 70 350 195 70 350 70zm0 46c129 0 234 105 234 234S479 584 350 584 116 479 116 350s105-234 234-234z" fill="#2979ff"/></g></svg>
--- a/branding/logo.png
+++ b/branding/logo.png
--- a/branding/logo.svg
+++ b/branding/logo.svg
@@ -0,0 +1 @@
 <svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" width="560" height="560" version="1.1" id="prefix__svg44" clip-rule="evenodd" fill-rule="evenodd" image-rendering="optimizeQuality" shape-rendering="geometricPrecision" text-rendering="geometricPrecision"><defs id="prefix__defs4"><style type="text/css" id="style2">.prefix__fil1{fill:#fefefe}.prefix__fil6{fill:#006498}.prefix__fil5{fill:#bdeaff}</style></defs><g id="prefix__g85" transform="translate(-70 -70)"><path class="prefix__fil1" d="M350 71c154 0 279 125 279 279S504 629 350 629 71 504 71 350 196 71 350 71z" id="prefix__path9" fill="#fefefe"/><path d="M475 236l118 151c3 116-149 252-292 198l-76-99 114-156s138-95 136-94z" id="prefix__path11" fill="#332c2b" fill-opacity=".149"/><path d="M231 211h208l38 24v246c0 5-3 8-8 8H231c-5 0-8-3-8-8V219c0-5 3-8 8-8z" id="prefix__path13" fill="#2bbcff"/><path d="M231 211h208l38 24v2l-37-23H231c-4 0-7 3-7 7v263c-1-1-1-2-1-3V219c0-5 3-8 8-8z" id="prefix__path15" fill="#53c6fc"/><path class="prefix__fil5" id="prefix__polygon17" fill="#bdeaff" d="M305 212h113v98H305z"/><path class="prefix__fil5" d="M255 363h189c3 0 5 2 5 4v116H250V367c0-2 2-4 5-4z" id="prefix__path19" fill="#bdeaff"/><path class="prefix__fil6" id="prefix__polygon21" fill="#006498" d="M250 470h199v13H250z"/><path class="prefix__fil6" d="M380 226h10c3 0 6 2 6 5v40c0 3-3 6-6 6h-10c-3 0-6-3-6-6v-40c0-3 3-5 6-5z" id="prefix__path23" fill="#006498"/><path class="prefix__fil1" d="M254 226c10 0 17 7 17 17 0 9-7 16-17 16-9 0-17-7-17-16 0-10 8-17 17-17z" id="prefix__path25" fill="#fefefe"/><path class="prefix__fil6" d="M267 448h165c2 0 3 1 3 3 0 1-1 3-3 3H267c-2 0-3-2-3-3 0-2 1-3 3-3z" id="prefix__path27" fill="#006498"/><path class="prefix__fil6" d="M267 415h165c2 0 3 1 3 3 0 1-1 2-3 2H267c-2 0-3-1-3-2 0-2 1-3 3-3z" id="prefix__path29" fill="#006498"/><path class="prefix__fil6" d="M267 381h165c2 0 3 2 3 3 0 2-1 3-3 3H267c-2 0-3-1-3-3 0-1 1-3 3-3z" id="prefix__path31" fill="#006498"/><path class="prefix__fil1" d="M236 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5z" id="prefix__path33" fill="#fefefe"/><path class="prefix__fil1" d="M463 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5z" id="prefix__path35" fill="#fefefe"/><path class="prefix__fil6" id="prefix__polygon37" fill="#006498" d="M305 212h-21v98h21z"/><path d="M477 479v2c0 5-3 8-8 8H231c-5 0-8-3-8-8v-2c0 4 3 8 8 8h238c5 0 8-4 8-8z" id="prefix__path39" fill="#0ea5eb"/><path d="M350 70c155 0 280 125 280 280S505 630 350 630 70 505 70 350 195 70 350 70zm0 46c129 0 234 105 234 234S479 584 350 584 116 479 116 350s105-234 234-234z" id="prefix__path41" fill="#2979ff"/></g></svg>
--- a/cmd/cmd.go
+++ b/cmd/cmd.go
@@ -1,12 +1,6 @@
 package cmd
 import (
 	"log"
 )
 // Execute executes the commands.
-func Execute() {
+func Execute() error {
-	if err := rootCmd.Execute(); err != nil {
+	return rootCmd.Execute()
 		log.Fatal(err)
 	}
 }
--- a/cmd/cmd_test.go
+++ b/cmd/cmd_test.go
@@ -0,0 +1,35 @@
 package cmd
 import (
 	"testing"
 	"github.com/samber/lo"
 	"github.com/spf13/cobra"
 )
 // TestEnvCollisions ensures that there are no collisions in the produced environment
 // variable names for all commands and their flags.
 func TestEnvCollisions(t *testing.T) {
 	testEnvCollisions(t, rootCmd)
 }
 func testEnvCollisions(t *testing.T, cmd *cobra.Command) {
 	for _, cmd := range cmd.Commands() {
 		testEnvCollisions(t, cmd)
 	}
 	replacements := generateEnvKeyReplacements(cmd)
 	envVariables := []string{}
 	for i := range replacements {
 		if i%2 != 0 {
 			envVariables = append(envVariables, replacements[i])
 		}
 	}
 	duplicates := lo.FindDuplicates(envVariables)
 	if len(duplicates) > 0 {
 		t.Errorf("Found duplicate environment variable keys for command %q: %v", cmd.Name(), duplicates)
 	}
 }
--- a/cmd/cmds_add.go
+++ b/cmd/cmds_add.go
@@ -15,13 +15,18 @@ var cmdsAddCmd = &cobra.Command{
 	Short: "Add a command to run on a specific event",
 	Long:  `Add a command to run on a specific event.`,
 	Args:  cobra.MinimumNArgs(2),
-	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, args []string, st *store) error {
-		s, err := d.store.Settings.Get()
+		s, err := st.Settings.Get()
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		command := strings.Join(args[1:], " ")
 		s.Commands[args[0]] = append(s.Commands[args[0]], command)
-		err = d.store.Settings.Save(s)
+		err = st.Settings.Save(s)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		printEvents(s.Commands)
-	}, pythonConfig{}),
+		return nil
 	}, storeOptions{}),
 }
--- a/cmd/cmds_ls.go
+++ b/cmd/cmds_ls.go
@@ -14,10 +14,16 @@ var cmdsLsCmd = &cobra.Command{
 	Short: "List all commands for each event",
 	Long:  `List all commands for each event.`,
 	Args:  cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, _ []string, st *store) error {
-		s, err := d.store.Settings.Get()
+		s, err := st.Settings.Get()
-		checkErr(err)
+		if err != nil {
-		evt := mustGetString(cmd.Flags(), "event")
+			return err
 		}
 		evt, err := cmd.Flags().GetString("event")
 		if err != nil {
 			return err
 		}
 		if evt == "" {
 			printEvents(s.Commands)
@@ -27,5 +33,7 @@ var cmdsLsCmd = &cobra.Command{
 			show["after_"+evt] = s.Commands["after_"+evt]
 			printEvents(show)
 		}
-	}, pythonConfig{}),
+
 		return nil
 	}, storeOptions{}),
 }
--- a/cmd/cmds_rm.go
+++ b/cmd/cmds_rm.go
@@ -35,22 +35,31 @@ including 'index_end'.`,
 		return nil
 	},
-	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, args []string, st *store) error {
-		s, err := d.store.Settings.Get()
+		s, err := st.Settings.Get()
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		evt := args[0]
 		i, err := strconv.Atoi(args[1])
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		f := i
 		if len(args) == 3 {
 			f, err = strconv.Atoi(args[2])
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		}
 		s.Commands[evt] = append(s.Commands[evt][:i], s.Commands[evt][f+1:]...)
-		err = d.store.Settings.Save(s)
+		err = st.Settings.Save(s)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		printEvents(s.Commands)
-	}, pythonConfig{}),
+		return nil
 	}, storeOptions{}),
 }
--- a/cmd/config.go
+++ b/cmd/config.go
@@ -2,7 +2,7 @@ package cmd
 import (
 	"encoding/json"
-	nerrors "errors"
+	"errors"
 	"fmt"
 	"os"
 	"strings"
@@ -12,7 +12,7 @@ import (
 	"github.com/spf13/pflag"
 	"github.com/filebrowser/filebrowser/v2/auth"
-	"github.com/filebrowser/filebrowser/v2/errors"
+	fberrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/settings"
 )
@@ -30,14 +30,22 @@ var configCmd = &cobra.Command{
 func addConfigFlags(flags *pflag.FlagSet) {
 	addServerFlags(flags)
 	addUserFlags(flags)
 	flags.BoolP("signup", "s", false, "allow users to signup")
-	flags.Bool("create-user-dir", false, "generate user's home directory automatically")
+	flags.Bool("hideLoginButton", false, "hide login button from public pages")
-	flags.Uint("minimum-password-length", settings.DefaultMinimumPasswordLength, "minimum password length for new users")
+	flags.Bool("createUserDir", false, "generate user's home directory automatically")
 	flags.Uint("minimumPasswordLength", settings.DefaultMinimumPasswordLength, "minimum password length for new users")
 	flags.String("shell", "", "shell command to which other commands should be appended")
 	// NB: these are string so they can be presented as octal in the help text
 	// as that's the conventional representation for modes in Unix.
 	flags.String("fileMode", fmt.Sprintf("%O", settings.DefaultFileMode), "mode bits that new files are created with")
 	flags.String("dirMode", fmt.Sprintf("%O", settings.DefaultDirMode), "mode bits that new directories are created with")
 	flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type")
 	flags.String("auth.header", "", "HTTP header for auth.method=proxy")
 	flags.String("auth.command", "", "command for auth.method=hook")
 	flags.String("auth.logoutPage", "", "url of custom logout page")
 	flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
 	flags.String("recaptcha.key", "", "ReCaptcha site key")
@@ -49,11 +57,17 @@ func addConfigFlags(flags *pflag.FlagSet) {
 	flags.String("branding.files", "", "path to directory with images and custom styles")
 	flags.Bool("branding.disableExternal", false, "disable external links such as GitHub links")
 	flags.Bool("branding.disableUsedPercentage", false, "disable used disk percentage graph")
 	flags.Uint64("tus.chunkSize", settings.DefaultTusChunkSize, "the tus chunk size")
 	flags.Uint16("tus.retryCount", settings.DefaultTusRetryCount, "the tus retry count")
 }
-//nolint:gocyclo
+func getAuthMethod(flags *pflag.FlagSet, defaults ...interface{}) (settings.AuthMethod, map[string]interface{}, error) {
-func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.AuthMethod, auth.Auther) {
+	methodStr, err := flags.GetString("auth.method")
-	method := settings.AuthMethod(mustGetString(flags, "auth.method"))
+	if err != nil {
 		return "", nil, err
 	}
 	method := settings.AuthMethod(methodStr)
 	var defaultAuther map[string]interface{}
 	if len(defaults) > 0 {
@@ -64,90 +78,135 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
 					method = def.AuthMethod
 				case auth.Auther:
 					ms, err := json.Marshal(def)
-					checkErr(err)
+					if err != nil {
 						return "", nil, err
 					}
 					err = json.Unmarshal(ms, &defaultAuther)
-					checkErr(err)
+					if err != nil {
 						return "", nil, err
 					}
 				}
 			}
 		}
 	}
-	var auther auth.Auther
+	return method, defaultAuther, nil
 	if method == auth.MethodProxyAuth {
 		header := mustGetString(flags, "auth.header")
 		if header == "" {
 			header = defaultAuther["header"].(string)
 		}
 		if header == "" {
 			checkErr(nerrors.New("you must set the flag 'auth.header' for method 'proxy'"))
 		}
 		auther = &auth.ProxyAuth{Header: header}
 	}
 	if method == auth.MethodNoAuth {
 		auther = &auth.NoAuth{}
 	}
 	if method == auth.MethodJSONAuth {
 		jsonAuth := &auth.JSONAuth{}
 		host := mustGetString(flags, "recaptcha.host")
 		key := mustGetString(flags, "recaptcha.key")
 		secret := mustGetString(flags, "recaptcha.secret")
 		if key == "" {
 			if kmap, ok := defaultAuther["recaptcha"].(map[string]interface{}); ok {
 				key = kmap["key"].(string)
 			}
 		}
 		if secret == "" {
 			if smap, ok := defaultAuther["recaptcha"].(map[string]interface{}); ok {
 				secret = smap["secret"].(string)
 			}
 		}
 		if key != "" && secret != "" {
 			jsonAuth.ReCaptcha = &auth.ReCaptcha{
 				Host:   host,
 				Key:    key,
 				Secret: secret,
 			}
 		}
 		auther = jsonAuth
 	}
 	if method == auth.MethodHookAuth {
 		command := mustGetString(flags, "auth.command")
 		if command == "" {
 			command = defaultAuther["command"].(string)
 		}
 		if command == "" {
 			checkErr(nerrors.New("you must set the flag 'auth.command' for method 'hook'"))
 		}
 		auther = &auth.HookAuth{Command: command}
 	}
 	if auther == nil {
 		panic(errors.ErrInvalidAuthMethod)
 	}
 	return method, auther
 }
-func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Auther) {
+func getProxyAuth(flags *pflag.FlagSet, defaultAuther map[string]interface{}) (auth.Auther, error) {
 	header, err := flags.GetString("auth.header")
 	if err != nil {
 		return nil, err
 	}
 	if header == "" && defaultAuther != nil {
 		header = defaultAuther["header"].(string)
 	}
 	if header == "" {
 		return nil, errors.New("you must set the flag 'auth.header' for method 'proxy'")
 	}
 	return &auth.ProxyAuth{Header: header}, nil
 }
 func getNoAuth() auth.Auther {
 	return &auth.NoAuth{}
 }
 func getJSONAuth(flags *pflag.FlagSet, defaultAuther map[string]interface{}) (auth.Auther, error) {
 	jsonAuth := &auth.JSONAuth{}
 	host, err := flags.GetString("recaptcha.host")
 	if err != nil {
 		return nil, err
 	}
 	key, err := flags.GetString("recaptcha.key")
 	if err != nil {
 		return nil, err
 	}
 	secret, err := flags.GetString("recaptcha.secret")
 	if err != nil {
 		return nil, err
 	}
 	if key == "" {
 		if kmap, ok := defaultAuther["recaptcha"].(map[string]interface{}); ok {
 			key = kmap["key"].(string)
 		}
 	}
 	if secret == "" {
 		if smap, ok := defaultAuther["recaptcha"].(map[string]interface{}); ok {
 			secret = smap["secret"].(string)
 		}
 	}
 	if key != "" && secret != "" {
 		jsonAuth.ReCaptcha = &auth.ReCaptcha{
 			Host:   host,
 			Key:    key,
 			Secret: secret,
 		}
 	}
 	return jsonAuth, nil
 }
 func getHookAuth(flags *pflag.FlagSet, defaultAuther map[string]interface{}) (auth.Auther, error) {
 	command, err := flags.GetString("auth.command")
 	if err != nil {
 		return nil, err
 	}
 	if command == "" {
 		command = defaultAuther["command"].(string)
 	}
 	if command == "" {
 		return nil, errors.New("you must set the flag 'auth.command' for method 'hook'")
 	}
 	return &auth.HookAuth{Command: command}, nil
 }
 func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.AuthMethod, auth.Auther, error) {
 	method, defaultAuther, err := getAuthMethod(flags, defaults...)
 	if err != nil {
 		return "", nil, err
 	}
 	var auther auth.Auther
 	switch method {
 	case auth.MethodProxyAuth:
 		auther, err = getProxyAuth(flags, defaultAuther)
 	case auth.MethodNoAuth:
 		auther = getNoAuth()
 	case auth.MethodJSONAuth:
 		auther, err = getJSONAuth(flags, defaultAuther)
 	case auth.MethodHookAuth:
 		auther, err = getHookAuth(flags, defaultAuther)
 	default:
 		return "", nil, fberrors.ErrInvalidAuthMethod
 	}
 	if err != nil {
 		return "", nil, err
 	}
 	return method, auther, nil
 }
 func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Auther) error {
 	w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0)
 	fmt.Fprintf(w, "Sign up:\t%t\n", set.Signup)
 	fmt.Fprintf(w, "Hide Login Button:\t%t\n", set.HideLoginButton)
 	fmt.Fprintf(w, "Create User Dir:\t%t\n", set.CreateUserDir)
 	fmt.Fprintf(w, "Logout Page:\t%s\n", set.LogoutPage)
 	fmt.Fprintf(w, "Minimum Password Length:\t%d\n", set.MinimumPasswordLength)
-	fmt.Fprintf(w, "Auth method:\t%s\n", set.AuthMethod)
+	fmt.Fprintf(w, "Auth Method:\t%s\n", set.AuthMethod)
 	fmt.Fprintf(w, "Shell:\t%s\t\n", strings.Join(set.Shell, " "))
 	fmt.Fprintln(w, "\nBranding:")
 	fmt.Fprintf(w, "\tName:\t%s\n", set.Branding.Name)
 	fmt.Fprintf(w, "\tFiles override:\t%s\n", set.Branding.Files)
@@ -155,6 +214,7 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut
 	fmt.Fprintf(w, "\tDisable used disk percentage graph:\t%t\n", set.Branding.DisableUsedPercentage)
 	fmt.Fprintf(w, "\tColor:\t%s\n", set.Branding.Color)
 	fmt.Fprintf(w, "\tTheme:\t%s\n", set.Branding.Theme)
 	fmt.Fprintln(w, "\nServer:")
 	fmt.Fprintf(w, "\tLog:\t%s\n", ser.Log)
 	fmt.Fprintf(w, "\tPort:\t%s\n", ser.Port)
@@ -164,16 +224,32 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut
 	fmt.Fprintf(w, "\tAddress:\t%s\n", ser.Address)
 	fmt.Fprintf(w, "\tTLS Cert:\t%s\n", ser.TLSCert)
 	fmt.Fprintf(w, "\tTLS Key:\t%s\n", ser.TLSKey)
 	fmt.Fprintf(w, "\tToken Expiration Time:\t%s\n", ser.TokenExpirationTime)
 	fmt.Fprintf(w, "\tExec Enabled:\t%t\n", ser.EnableExec)
 	fmt.Fprintf(w, "\tThumbnails Enabled:\t%t\n", ser.EnableThumbnails)
 	fmt.Fprintf(w, "\tResize Preview:\t%t\n", ser.ResizePreview)
 	fmt.Fprintf(w, "\tType Detection by Header:\t%t\n", ser.TypeDetectionByHeader)
 	fmt.Fprintln(w, "\nTUS:")
 	fmt.Fprintf(w, "\tChunk size:\t%d\n", set.Tus.ChunkSize)
 	fmt.Fprintf(w, "\tRetry count:\t%d\n", set.Tus.RetryCount)
 	fmt.Fprintln(w, "\nDefaults:")
 	fmt.Fprintf(w, "\tScope:\t%s\n", set.Defaults.Scope)
 	fmt.Fprintf(w, "\tHideDotfiles:\t%t\n", set.Defaults.HideDotfiles)
 	fmt.Fprintf(w, "\tLocale:\t%s\n", set.Defaults.Locale)
 	fmt.Fprintf(w, "\tView mode:\t%s\n", set.Defaults.ViewMode)
 	fmt.Fprintf(w, "\tSingle Click:\t%t\n", set.Defaults.SingleClick)
 	fmt.Fprintf(w, "\tRedirect after Copy/Move:\t%t\n", set.Defaults.RedirectAfterCopyMove)
 	fmt.Fprintf(w, "\tFile Creation Mode:\t%O\n", set.FileMode)
 	fmt.Fprintf(w, "\tDirectory Creation Mode:\t%O\n", set.DirMode)
 	fmt.Fprintf(w, "\tCommands:\t%s\n", strings.Join(set.Defaults.Commands, " "))
 	fmt.Fprintf(w, "\tAce editor syntax highlighting theme:\t%s\n", set.Defaults.AceEditorTheme)
 	fmt.Fprintf(w, "\tSorting:\n")
 	fmt.Fprintf(w, "\t\tBy:\t%s\n", set.Defaults.Sorting.By)
 	fmt.Fprintf(w, "\t\tAsc:\t%t\n", set.Defaults.Sorting.Asc)
 	fmt.Fprintf(w, "\tPermissions:\n")
 	fmt.Fprintf(w, "\t\tAdmin:\t%t\n", set.Defaults.Perm.Admin)
 	fmt.Fprintf(w, "\t\tExecute:\t%t\n", set.Defaults.Perm.Execute)
@@ -183,9 +259,133 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut
 	fmt.Fprintf(w, "\t\tDelete:\t%t\n", set.Defaults.Perm.Delete)
 	fmt.Fprintf(w, "\t\tShare:\t%t\n", set.Defaults.Perm.Share)
 	fmt.Fprintf(w, "\t\tDownload:\t%t\n", set.Defaults.Perm.Download)
 	w.Flush()
 	b, err := json.MarshalIndent(auther, "", "  ")
-	checkErr(err)
+	if err != nil {
 		return err
 	}
 	fmt.Printf("\nAuther configuration (raw):\n\n%s\n\n", string(b))
 	return nil
 }
 func getSettings(flags *pflag.FlagSet, set *settings.Settings, ser *settings.Server, auther auth.Auther, all bool) (auth.Auther, error) {
 	errs := []error{}
 	hasAuth := false
 	visit := func(flag *pflag.Flag) {
 		var err error
 		switch flag.Name {
 		// Server flags from [addServerFlags]
 		case "address":
 			ser.Address, err = flags.GetString(flag.Name)
 		case "log":
 			ser.Log, err = flags.GetString(flag.Name)
 		case "port":
 			ser.Port, err = flags.GetString(flag.Name)
 		case "cert":
 			ser.TLSCert, err = flags.GetString(flag.Name)
 		case "key":
 			ser.TLSKey, err = flags.GetString(flag.Name)
 		case "root":
 			ser.Root, err = flags.GetString(flag.Name)
 		case "socket":
 			ser.Socket, err = flags.GetString(flag.Name)
 		case "baseURL":
 			ser.BaseURL, err = flags.GetString(flag.Name)
 		case "tokenExpirationTime":
 			ser.TokenExpirationTime, err = flags.GetString(flag.Name)
 		case "disableThumbnails":
 			ser.EnableThumbnails, err = flags.GetBool(flag.Name)
 			ser.EnableThumbnails = !ser.EnableThumbnails
 		case "disablePreviewResize":
 			ser.ResizePreview, err = flags.GetBool(flag.Name)
 			ser.ResizePreview = !ser.ResizePreview
 		case "disableExec":
 			ser.EnableExec, err = flags.GetBool(flag.Name)
 			ser.EnableExec = !ser.EnableExec
 		case "disableTypeDetectionByHeader":
 			ser.TypeDetectionByHeader, err = flags.GetBool(flag.Name)
 			ser.TypeDetectionByHeader = !ser.TypeDetectionByHeader
 		case "disableImageResolutionCalc":
 			ser.ImageResolutionCal, err = flags.GetBool(flag.Name)
 			ser.ImageResolutionCal = !ser.ImageResolutionCal
 		// Settings flags from [addConfigFlags]
 		case "signup":
 			set.Signup, err = flags.GetBool(flag.Name)
 		case "hideLoginButton":
 			set.HideLoginButton, err = flags.GetBool(flag.Name)
 		case "createUserDir":
 			set.CreateUserDir, err = flags.GetBool(flag.Name)
 		case "minimumPasswordLength":
 			set.MinimumPasswordLength, err = flags.GetUint(flag.Name)
 		case "shell":
 			var shell string
 			shell, err = flags.GetString(flag.Name)
 			if err == nil {
 				set.Shell = convertCmdStrToCmdArray(shell)
 			}
 		case "fileMode":
 			set.FileMode, err = getAndParseFileMode(flags, flag.Name)
 		case "dirMode":
 			set.DirMode, err = getAndParseFileMode(flags, flag.Name)
 		case "auth.method":
 			hasAuth = true
 		case "auth.logoutPage":
 			set.LogoutPage, err = flags.GetString(flag.Name)
 		case "branding.name":
 			set.Branding.Name, err = flags.GetString(flag.Name)
 		case "branding.theme":
 			set.Branding.Theme, err = flags.GetString(flag.Name)
 		case "branding.color":
 			set.Branding.Color, err = flags.GetString(flag.Name)
 		case "branding.files":
 			set.Branding.Files, err = flags.GetString(flag.Name)
 		case "branding.disableExternal":
 			set.Branding.DisableExternal, err = flags.GetBool(flag.Name)
 		case "branding.disableUsedPercentage":
 			set.Branding.DisableUsedPercentage, err = flags.GetBool(flag.Name)
 		case "tus.chunkSize":
 			set.Tus.ChunkSize, err = flags.GetUint64(flag.Name)
 		case "tus.retryCount":
 			set.Tus.RetryCount, err = flags.GetUint16(flag.Name)
 		}
 		if err != nil {
 			errs = append(errs, err)
 		}
 	}
 	if all {
 		flags.VisitAll(visit)
 	} else {
 		flags.Visit(visit)
 	}
 	err := errors.Join(errs...)
 	if err != nil {
 		return nil, err
 	}
 	err = getUserDefaults(flags, &set.Defaults, all)
 	if err != nil {
 		return nil, err
 	}
 	if all {
 		set.AuthMethod, auther, err = getAuthentication(flags)
 		if err != nil {
 			return nil, err
 		}
 	} else {
 		set.AuthMethod, auther, err = getAuthentication(flags, hasAuth, set, auther)
 		if err != nil {
 			return nil, err
 		}
 	}
 	return auther, nil
 }
--- a/cmd/config_cat.go
+++ b/cmd/config_cat.go
@@ -13,13 +13,19 @@ var configCatCmd = &cobra.Command{
 	Short: "Prints the configuration",
 	Long:  `Prints the configuration.`,
 	Args:  cobra.NoArgs,
-	Run: python(func(_ *cobra.Command, _ []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, _ []string, st *store) error {
-		set, err := d.store.Settings.Get()
+		set, err := st.Settings.Get()
-		checkErr(err)
+		if err != nil {
-		ser, err := d.store.Settings.GetServer()
+			return err
-		checkErr(err)
+		}
-		auther, err := d.store.Auth.Get(set.AuthMethod)
+		ser, err := st.Settings.GetServer()
-		checkErr(err)
+		if err != nil {
-		printSettings(ser, set, auther)
+			return err
-	}, pythonConfig{}),
+		}
 		auther, err := st.Auth.Get(set.AuthMethod)
 		if err != nil {
 			return err
 		}
 		return printSettings(ser, set, auther)
 	}, storeOptions{}),
 }
--- a/cmd/config_export.go
+++ b/cmd/config_export.go
@@ -15,15 +15,21 @@ var configExportCmd = &cobra.Command{
 json or yaml file. This exported configuration can be changed,
 and imported again with 'config import' command.`,
 	Args: jsonYamlArg,
-	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, args []string, st *store) error {
-		settings, err := d.store.Settings.Get()
+		settings, err := st.Settings.Get()
-		checkErr(err)
+		if err != nil {
 			return err
 		}
-		server, err := d.store.Settings.GetServer()
+		server, err := st.Settings.GetServer()
-		checkErr(err)
+		if err != nil {
 			return err
 		}
-		auther, err := d.store.Auth.Get(settings.AuthMethod)
+		auther, err := st.Auth.Get(settings.AuthMethod)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		data := &settingsFile{
 			Settings: settings,
@@ -32,6 +38,9 @@ and imported again with 'config import' command.`,
 		}
 		err = marshal(args[0], data)
-		checkErr(err)
+		if err != nil {
-	}, pythonConfig{}),
+			return err
 		}
 		return nil
 	}, storeOptions{}),
 }
--- a/cmd/config_import.go
+++ b/cmd/config_import.go
@@ -34,26 +34,39 @@ database.
 The path must be for a json or yaml file.`,
 	Args: jsonYamlArg,
-	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, args []string, st *store) error {
 		var key []byte
-		if d.hadDB {
+		var err error
-			settings, err := d.store.Settings.Get()
+		if st.databaseExisted {
-			checkErr(err)
+			settings, settingErr := st.Settings.Get()
 			if settingErr != nil {
 				return settingErr
 			}
 			key = settings.Key
 		} else {
 			key = generateKey()
 		}
 		file := settingsFile{}
-		err := unmarshal(args[0], &file)
+		err = unmarshal(args[0], &file)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		if file.Settings == nil || file.Server == nil {
 			return errors.New("invalid configuration file: 'settings' or 'server' fields are missing. Please ensure you are importing a file generated by the 'config export' command")
 		}
 		file.Settings.Key = key
-		err = d.store.Settings.Save(file.Settings)
+		err = st.Settings.Save(file.Settings)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
-		err = d.store.Settings.SaveServer(file.Server)
+		err = st.Settings.SaveServer(file.Server)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		var rawAuther interface{}
 		if filepath.Ext(args[0]) != ".json" {
@@ -63,32 +76,51 @@ The path must be for a json or yaml file.`,
 		}
 		var auther auth.Auther
 		var autherErr error
 		switch file.Settings.AuthMethod {
 		case auth.MethodJSONAuth:
-			auther = getAuther(auth.JSONAuth{}, rawAuther).(*auth.JSONAuth)
+			var a interface{}
 			a, autherErr = getAuther(auth.JSONAuth{}, rawAuther)
 			auther = a.(*auth.JSONAuth)
 		case auth.MethodNoAuth:
-			auther = getAuther(auth.NoAuth{}, rawAuther).(*auth.NoAuth)
+			var a interface{}
 			a, autherErr = getAuther(auth.NoAuth{}, rawAuther)
 			auther = a.(*auth.NoAuth)
 		case auth.MethodProxyAuth:
-			auther = getAuther(auth.ProxyAuth{}, rawAuther).(*auth.ProxyAuth)
+			var a interface{}
 			a, autherErr = getAuther(auth.ProxyAuth{}, rawAuther)
 			auther = a.(*auth.ProxyAuth)
 		case auth.MethodHookAuth:
-			auther = getAuther(&auth.HookAuth{}, rawAuther).(*auth.HookAuth)
+			var a interface{}
 			a, autherErr = getAuther(&auth.HookAuth{}, rawAuther)
 			auther = a.(*auth.HookAuth)
 		default:
-			checkErr(errors.New("invalid auth method"))
+			return errors.New("invalid auth method")
 		}
-		err = d.store.Auth.Save(auther)
+		if autherErr != nil {
-		checkErr(err)
+			return autherErr
 		}
-		printSettings(file.Server, file.Settings, auther)
+		err = st.Auth.Save(auther)
-	}, pythonConfig{allowNoDB: true}),
+		if err != nil {
 			return err
 		}
 		return printSettings(file.Server, file.Settings, auther)
 	}, storeOptions{allowsNoDatabase: true}),
 }
-func getAuther(sample auth.Auther, data interface{}) interface{} {
+func getAuther(sample auth.Auther, data interface{}) (interface{}, error) {
 	authType := reflect.TypeOf(sample)
 	auther := reflect.New(authType).Interface()
 	bytes, err := json.Marshal(data)
-	checkErr(err)
+	if err != nil {
 		return nil, err
 	}
 	err = json.Unmarshal(bytes, &auther)
-	checkErr(err)
+	if err != nil {
-	return auther
+		return nil, err
 	}
 	return auther, nil
 }
--- a/cmd/config_init.go
+++ b/cmd/config_init.go
@@ -22,52 +22,40 @@ this options can be changed in the future with the command
 to the defaults when creating new users and you don't
 override the options.`,
 	Args: cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, _ []string, st *store) error {
 		defaults := settings.UserDefaults{}
 		flags := cmd.Flags()
 		getUserDefaults(flags, &defaults, true)
 		authMethod, auther := getAuthentication(flags)
-		s := &settings.Settings{
+		// Initialize config
-			Key:                   generateKey(),
+		s := &settings.Settings{Key: generateKey()}
-			Signup:                mustGetBool(flags, "signup"),
+		ser := &settings.Server{}
-			CreateUserDir:         mustGetBool(flags, "create-user-dir"),
+
-			MinimumPasswordLength: mustGetUint(flags, "minimum-password-length"),
+		// Fill config with options
-			Shell:                 convertCmdStrToCmdArray(mustGetString(flags, "shell")),
+		auther, err := getSettings(flags, s, ser, nil, true)
-			AuthMethod:            authMethod,
+		if err != nil {
-			Defaults:              defaults,
+			return err
 			Branding: settings.Branding{
 				Name:                  mustGetString(flags, "branding.name"),
 				DisableExternal:       mustGetBool(flags, "branding.disableExternal"),
 				DisableUsedPercentage: mustGetBool(flags, "branding.disableUsedPercentage"),
 				Theme:                 mustGetString(flags, "branding.theme"),
 				Files:                 mustGetString(flags, "branding.files"),
 			},
 		}
-		ser := &settings.Server{
+		// Save updated config
-			Address: mustGetString(flags, "address"),
+		err = st.Settings.Save(s)
-			Socket:  mustGetString(flags, "socket"),
+		if err != nil {
-			Root:    mustGetString(flags, "root"),
+			return err
 			BaseURL: mustGetString(flags, "baseurl"),
 			TLSKey:  mustGetString(flags, "key"),
 			TLSCert: mustGetString(flags, "cert"),
 			Port:    mustGetString(flags, "port"),
 			Log:     mustGetString(flags, "log"),
 		}
-		err := d.store.Settings.Save(s)
+		err = st.Settings.SaveServer(ser)
-		checkErr(err)
+		if err != nil {
-		err = d.store.Settings.SaveServer(ser)
+			return err
-		checkErr(err)
+		}
-		err = d.store.Auth.Save(auther)
+
-		checkErr(err)
+		err = st.Auth.Save(auther)
 		if err != nil {
 			return err
 		}
 		fmt.Printf(`
 Congratulations! You've set up your database to use with File Browser.
 Now add your first user via 'filebrowser users add' and then you just
 need to call the main command to boot up the server.
 `)
-		printSettings(ser, s, auther)
+		return printSettings(ser, s, auther)
-	}, pythonConfig{noDB: true}),
+	}, storeOptions{expectsNoDatabase: true}),
 }
--- a/cmd/config_set.go
+++ b/cmd/config_set.go
@@ -2,7 +2,6 @@ package cmd
 import (
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 )
 func init() {
@@ -16,73 +15,47 @@ var configSetCmd = &cobra.Command{
 	Long: `Updates the configuration. Set the flags for the options
 you want to change. Other options will remain unchanged.`,
 	Args: cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, _ []string, st *store) error {
 		flags := cmd.Flags()
 		set, err := d.store.Settings.Get()
 		checkErr(err)
-		ser, err := d.store.Settings.GetServer()
+		// Read existing config
-		checkErr(err)
+		set, err := st.Settings.Get()
 		if err != nil {
 			return err
 		}
-		hasAuth := false
+		ser, err := st.Settings.GetServer()
-		flags.Visit(func(flag *pflag.Flag) {
+		if err != nil {
-			switch flag.Name {
+			return err
-			case "baseurl":
+		}
 				ser.BaseURL = mustGetString(flags, flag.Name)
 			case "root":
 				ser.Root = mustGetString(flags, flag.Name)
 			case "socket":
 				ser.Socket = mustGetString(flags, flag.Name)
 			case "cert":
 				ser.TLSCert = mustGetString(flags, flag.Name)
 			case "key":
 				ser.TLSKey = mustGetString(flags, flag.Name)
 			case "address":
 				ser.Address = mustGetString(flags, flag.Name)
 			case "port":
 				ser.Port = mustGetString(flags, flag.Name)
 			case "log":
 				ser.Log = mustGetString(flags, flag.Name)
 			case "signup":
 				set.Signup = mustGetBool(flags, flag.Name)
 			case "auth.method":
 				hasAuth = true
 			case "shell":
 				set.Shell = convertCmdStrToCmdArray(mustGetString(flags, flag.Name))
 			case "create-user-dir":
 				set.CreateUserDir = mustGetBool(flags, flag.Name)
 			case "minimum-password-length":
 				set.MinimumPasswordLength = mustGetUint(flags, flag.Name)
 			case "branding.name":
 				set.Branding.Name = mustGetString(flags, flag.Name)
 			case "branding.color":
 				set.Branding.Color = mustGetString(flags, flag.Name)
 			case "branding.theme":
 				set.Branding.Theme = mustGetString(flags, flag.Name)
 			case "branding.disableExternal":
 				set.Branding.DisableExternal = mustGetBool(flags, flag.Name)
 			case "branding.disableUsedPercentage":
 				set.Branding.DisableUsedPercentage = mustGetBool(flags, flag.Name)
 			case "branding.files":
 				set.Branding.Files = mustGetString(flags, flag.Name)
 			}
 		})
-		getUserDefaults(flags, &set.Defaults, false)
+		auther, err := st.Auth.Get(set.AuthMethod)
 		if err != nil {
 			return err
 		}
-		// read the defaults
+		// Get updated config
-		auther, err := d.store.Auth.Get(set.AuthMethod)
+		auther, err = getSettings(flags, set, ser, auther, false)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
-		// check if there are new flags for existing auth method
+		// Save updated config
-		set.AuthMethod, auther = getAuthentication(flags, hasAuth, set, auther)
+		err = st.Auth.Save(auther)
 		if err != nil {
 			return err
 		}
-		err = d.store.Auth.Save(auther)
+		err = st.Settings.Save(set)
-		checkErr(err)
+		if err != nil {
-		err = d.store.Settings.Save(set)
+			return err
-		checkErr(err)
+		}
-		err = d.store.Settings.SaveServer(ser)
+
-		checkErr(err)
+		err = st.Settings.SaveServer(ser)
-		printSettings(ser, set, auther)
+		if err != nil {
-	}, pythonConfig{}),
+			return err
 		}
 		return printSettings(ser, set, auther)
 	}, storeOptions{}),
 }
--- a/cmd/docs.go
+++ b/cmd/docs.go
@@ -3,137 +3,80 @@ package cmd
 import (
 	"bytes"
 	"fmt"
 	"io"
 	"os"
-	"path/filepath"
+	"path"
-	"sort"
+	"regexp"
 	"strings"
 	"github.com/spf13/cobra"
-	"github.com/spf13/pflag"
+	"github.com/spf13/cobra/doc"
 )
 func init() {
 	rootCmd.AddCommand(docsCmd)
-	docsCmd.Flags().StringP("path", "p", "./docs", "path to save the docs")
+	docsCmd.Flags().String("out", "www/docs/cli", "directory to write the docs to")
 }
 func printToc(names []string) {
 	for i, name := range names {
 		name = strings.TrimSuffix(name, filepath.Ext(name))
 		name = strings.Replace(name, "-", " ", -1)
 		names[i] = name
 	}
 	sort.Strings(names)
 	toc := ""
 	for _, name := range names {
 		toc += "* [" + name + "](cli/" + strings.Replace(name, " ", "-", -1) + ".md)\n"
 	}
 	fmt.Println(toc)
 }
 var docsCmd = &cobra.Command{
 	Use:    "docs",
 	Hidden: true,
 	Args:   cobra.NoArgs,
-	Run: func(cmd *cobra.Command, _ []string) {
+	RunE: func(cmd *cobra.Command, _ []string) error {
-		dir := mustGetString(cmd.Flags(), "path")
+		outputDir, err := cmd.Flags().GetString("out")
-		generateDocs(rootCmd, dir)
+		if err != nil {
-		names := []string{}
+			return err
 		}
-		err := filepath.Walk(dir, func(_ string, info os.FileInfo, err error) error {
+		tempDir, err := os.MkdirTemp(os.TempDir(), "filebrowser-docs-")
-			if err != nil || info.IsDir() {
+		if err != nil {
 			return err
 		}
 		defer os.RemoveAll(tempDir)
 		rootCmd.Root().DisableAutoGenTag = true
 		err = doc.GenMarkdownTreeCustom(cmd.Root(), tempDir, func(_ string) string {
 			return ""
 		}, func(s string) string {
 			return s
 		})
 		if err != nil {
 			return err
 		}
 		entries, err := os.ReadDir(tempDir)
 		if err != nil {
 			return err
 		}
 		headerRegex := regexp.MustCompile(`(?m)^(##)(.*)$`)
 		linkRegex := regexp.MustCompile(`\(filebrowser(.*)\.md\)`)
 		fmt.Println("Generated Documents:")
 		for _, entry := range entries {
 			srcPath := path.Join(tempDir, entry.Name())
 			dstPath := path.Join(outputDir, strings.ReplaceAll(entry.Name(), "_", "-"))
 			data, err := os.ReadFile(srcPath)
 			if err != nil {
 				return err
 			}
-			if !strings.HasPrefix(info.Name(), "filebrowser") {
+			data = headerRegex.ReplaceAll(data, []byte("#$2"))
-				return nil
+			data = linkRegex.ReplaceAllFunc(data, func(b []byte) []byte {
 				return bytes.ReplaceAll(b, []byte("_"), []byte("-"))
 			})
 			data = bytes.ReplaceAll(data, []byte("## SEE ALSO"), []byte("## See Also"))
 			err = os.WriteFile(dstPath, data, 0666)
 			if err != nil {
 				return err
 			}
-			names = append(names, info.Name())
+			fmt.Println("- " + dstPath)
 			return nil
 		})
 		checkErr(err)
 		printToc(names)
 	},
 }
 func generateDocs(cmd *cobra.Command, dir string) {
 	for _, c := range cmd.Commands() {
 		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
 			continue
 		}
-		generateDocs(c, dir)
+		return nil
-	}
+	},
 	basename := strings.Replace(cmd.CommandPath(), " ", "-", -1) + ".md"
 	filename := filepath.Join(dir, basename)
 	f, err := os.Create(filename)
 	checkErr(err)
 	defer f.Close()
 	generateMarkdown(cmd, f)
 }
 func generateMarkdown(cmd *cobra.Command, w io.Writer) {
 	cmd.InitDefaultHelpCmd()
 	cmd.InitDefaultHelpFlag()
 	buf := new(bytes.Buffer)
 	name := cmd.CommandPath()
 	short := cmd.Short
 	long := cmd.Long
 	if long == "" {
 		long = short
 	}
 	buf.WriteString("---\ndescription: " + short + "\n---\n\n")
 	buf.WriteString("# " + name + "\n\n")
 	buf.WriteString("## Synopsis\n\n")
 	buf.WriteString(long + "\n\n")
 	if cmd.Runnable() {
 		_, _ = fmt.Fprintf(buf, "```\n%s\n```\n\n", cmd.UseLine())
 	}
 	if cmd.Example != "" {
 		buf.WriteString("## Examples\n\n")
 		_, _ = fmt.Fprintf(buf, "```\n%s\n```\n\n", cmd.Example)
 	}
 	printOptions(buf, cmd)
 	_, err := buf.WriteTo(w)
 	checkErr(err)
 }
 func generateFlagsTable(fs *pflag.FlagSet, buf io.StringWriter) {
 	_, _ = buf.WriteString("| Name | Shorthand | Usage |\n")
 	_, _ = buf.WriteString("|------|-----------|-------|\n")
 	fs.VisitAll(func(f *pflag.Flag) {
 		_, _ = buf.WriteString("|" + f.Name + "|" + f.Shorthand + "|" + f.Usage + "|\n")
 	})
 }
 func printOptions(buf *bytes.Buffer, cmd *cobra.Command) {
 	flags := cmd.NonInheritedFlags()
 	flags.SetOutput(buf)
 	if flags.HasAvailableFlags() {
 		buf.WriteString("## Options\n\n")
 		generateFlagsTable(flags, buf)
 		buf.WriteString("\n")
 	}
 	parentFlags := cmd.InheritedFlags()
 	parentFlags.SetOutput(buf)
 	if parentFlags.HasAvailableFlags() {
 		buf.WriteString("### Inherited\n\n")
 		generateFlagsTable(parentFlags, buf)
 		buf.WriteString("\n")
 	}
 }
--- a/cmd/hash.go
+++ b/cmd/hash.go
@@ -17,9 +17,12 @@ var hashCmd = &cobra.Command{
 	Short: "Hashes a password",
 	Long:  `Hashes a password using bcrypt algorithm.`,
 	Args:  cobra.ExactArgs(1),
-	Run: func(_ *cobra.Command, args []string) {
+	RunE: func(_ *cobra.Command, args []string) error {
 		pwd, err := users.HashPwd(args[0])
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		fmt.Println(pwd)
 		return nil
 	},
 }
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/tls"
 	"errors"
 	"fmt"
 	"io"
 	"io/fs"
 	"log"
@@ -12,15 +13,13 @@ import (
 	"os"
 	"os/signal"
 	"path/filepath"
 	"strings"
 	"syscall"
 	"time"
 	homedir "github.com/mitchellh/go-homedir"
 	"github.com/spf13/afero"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-	v "github.com/spf13/viper"
+	"github.com/spf13/viper"
 	lumberjack "gopkg.in/natefinch/lumberjack.v2"
 	"github.com/filebrowser/filebrowser/v2/auth"
@@ -34,27 +33,67 @@ import (
 )
 var (
-	cfgFile string
+	flagNamesMigrations = map[string]string{
 		"file-mode":                        "fileMode",
 		"dir-mode":                         "dirMode",
 		"hide-login-button":                "hideLoginButton",
 		"create-user-dir":                  "createUserDir",
 		"minimum-password-length":          "minimumPasswordLength",
 		"socket-perm":                      "socketPerm",
 		"disable-thumbnails":               "disableThumbnails",
 		"disable-preview-resize":           "disablePreviewResize",
 		"disable-exec":                     "disableExec",
 		"disable-type-detection-by-header": "disableTypeDetectionByHeader",
 		"img-processors":                   "imageProcessors",
 		"cache-dir":                        "cacheDir",
 		"token-expiration-time":            "tokenExpirationTime",
 		"baseurl":                          "baseURL",
 	}
 	warnedFlags = map[string]bool{}
 )
 // TODO(remove): remove after July 2026.
 func migrateFlagNames(_ *pflag.FlagSet, name string) pflag.NormalizedName {
 	if newName, ok := flagNamesMigrations[name]; ok {
 		if !warnedFlags[name] {
 			warnedFlags[name] = true
 			log.Printf("DEPRECATION NOTICE: Flag --%s has been deprecated, use --%s instead\n", name, newName)
 		}
 		name = newName
 	}
 	return pflag.NormalizedName(name)
 }
 func init() {
-	cobra.OnInitialize(initConfig)
+	rootCmd.SilenceUsage = true
 	rootCmd.SetGlobalNormalizationFunc(migrateFlagNames)
 	cobra.MousetrapHelpText = ""
 	rootCmd.SetVersionTemplate("File Browser version {{printf \"%s\" .Version}}\n")
-	flags := rootCmd.Flags()
+	// Flags available across the whole program
 	persistent := rootCmd.PersistentFlags()
-
+	persistent.StringP("config", "c", "", "config file path")
 	persistent.StringVarP(&cfgFile, "config", "c", "", "config file path")
 	persistent.StringP("database", "d", "./filebrowser.db", "database path")
 	flags.Bool("noauth", false, "use the noauth auther when using quick setup")
 	flags.String("username", "admin", "username for the first user when using quick config")
 	flags.String("password", "", "hashed password for the first user when using quick config")
 	// Runtime flags for the root command
 	flags := rootCmd.Flags()
 	flags.Bool("noauth", false, "use the noauth auther when using quick setup")
 	flags.String("username", "admin", "username for the first user when using quick setup")
 	flags.String("password", "", "hashed password for the first user when using quick setup")
 	flags.Uint32("socketPerm", 0666, "unix socket file permissions")
 	flags.String("cacheDir", "", "file cache directory (disabled if empty)")
 	flags.Int("imageProcessors", 4, "image processors count")
 	addServerFlags(flags)
 }
 // addServerFlags adds server related flags to the given FlagSet. These flags are available
 // in both the root command, config set and config init commands.
 func addServerFlags(flags *pflag.FlagSet) {
 	flags.StringP("address", "a", "127.0.0.1", "address to listen on")
 	flags.StringP("log", "l", "stdout", "log output")
@@ -63,15 +102,13 @@ func addServerFlags(flags *pflag.FlagSet) {
 	flags.StringP("key", "k", "", "tls key")
 	flags.StringP("root", "r", ".", "root to prepend to relative paths")
 	flags.String("socket", "", "socket to listen to (cannot be used with address, port, cert nor key flags)")
-	flags.Uint32("socket-perm", 0666, "unix socket file permissions")
+	flags.StringP("baseURL", "b", "", "base url")
-	flags.StringP("baseurl", "b", "", "base url")
+	flags.String("tokenExpirationTime", "2h", "user session timeout")
-	flags.String("cache-dir", "", "file cache directory (disabled if empty)")
+	flags.Bool("disableThumbnails", false, "disable image thumbnails")
-	flags.String("token-expiration-time", "2h", "user session timeout")
+	flags.Bool("disablePreviewResize", false, "disable resize of image previews")
-	flags.Int("img-processors", 4, "image processors count") //nolint:mnd
+	flags.Bool("disableExec", true, "disables Command Runner feature")
-	flags.Bool("disable-thumbnails", false, "disable image thumbnails")
+	flags.Bool("disableTypeDetectionByHeader", false, "disables type detection by reading file headers")
-	flags.Bool("disable-preview-resize", false, "disable resize of image previews")
+	flags.Bool("disableImageResolutionCalc", false, "disables image resolution calculation by reading image files")
 	flags.Bool("disable-exec", true, "disables Command Runner feature")
 	flags.Bool("disable-type-detection-by-header", false, "disables type detection by reading file headers")
 }
 var rootCmd = &cobra.Command{
@@ -86,62 +123,69 @@ it. Don't worry: you don't need to setup a separate database server.
 We're using Bolt DB which is a single file database and all managed
 by ourselves.
-For this specific command, all the flags you have available (except
+For this command, all flags are available as environmental variables,
-"config" for the configuration file), can be given either through
+except for "--config", which specifies the configuration file to use.
-environment variables or configuration files.
+The environment variables are prefixed by "FB_" followed by the flag name in
 UPPER_SNAKE_CASE. For example, the flag "--disablePreviewResize" is available
 as FB_DISABLE_PREVIEW_RESIZE.
-If you don't set "config", it will look for a configuration file called
+If "--config" is not specified, File Browser will look for a configuration
-.filebrowser.{json, toml, yaml, yml} in the following directories:
+file named .filebrowser.{json, toml, yaml, yml} in the following directories:
 - ./
 - $HOME/
 - /etc/filebrowser/
 **Note:** Only the options listed below can be set via the config file or
 environment variables. Other configuration options live exclusively in the
 database and so they must be set by the "config set" or "config
 import" commands.
 The precedence of the configuration values are as follows:
- flags
+- Flags
- environment variables
+- Environment variables
- configuration file
+- Configuration file
- database values
+- Database values
- defaults
+- Defaults
 The environment variables are prefixed by "FB_" followed by the option
 name in caps. So to set "database" via an env variable, you should
 set FB_DATABASE.
 Also, if the database path doesn't exist, File Browser will enter into
 the quick setup mode and a new database will be bootstrapped and a new
 user created with the credentials from options "username" and "password".`,
-	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
+	RunE: withViperAndStore(func(_ *cobra.Command, _ []string, v *viper.Viper, st *store) error {
-		log.Println(cfgFile)
+		if !st.databaseExisted {
-
+			err := quickSetup(v, st.Storage)
-		if !d.hadDB {
+			if err != nil {
-			quickSetup(cmd.Flags(), d)
+				return err
 			}
 		}
 		// build img service
-		workersCount, err := cmd.Flags().GetInt("img-processors")
+		imgWorkersCount := v.GetInt("imageProcessors")
-		checkErr(err)
+		if imgWorkersCount < 1 {
-		if workersCount < 1 {
+			return errors.New("image resize workers count could not be < 1")
 			log.Fatal("Image resize workers count could not be < 1")
 		}
-		imgSvc := img.New(workersCount)
+		imageService := img.New(imgWorkersCount)
 		var fileCache diskcache.Interface = diskcache.NewNoOp()
-		cacheDir, err := cmd.Flags().GetString("cache-dir")
+		cacheDir := v.GetString("cacheDir")
 		checkErr(err)
 		if cacheDir != "" {
-			if err := os.MkdirAll(cacheDir, 0700); err != nil { //nolint:govet
+			if err := os.MkdirAll(cacheDir, 0700); err != nil {
-				log.Fatalf("can't make directory %s: %s", cacheDir, err)
+				return fmt.Errorf("can't make directory %s: %w", cacheDir, err)
 			}
 			fileCache = diskcache.New(afero.NewOsFs(), cacheDir)
 		}
-		server := getRunParams(cmd.Flags(), d.store)
+		server, err := getServerSettings(v, st.Storage)
 		if err != nil {
 			return err
 		}
 		setupLog(server.Log)
 		root, err := filepath.Abs(server.Root)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		server.Root = root
 		adr := server.Address + ":" + server.Port
@@ -151,22 +195,31 @@ user created with the credentials from options "username" and "password".`,
 		switch {
 		case server.Socket != "":
 			listener, err = net.Listen("unix", server.Socket)
-			checkErr(err)
+			if err != nil {
-			socketPerm, err := cmd.Flags().GetUint32("socket-perm") //nolint:govet
+				return err
-			checkErr(err)
+			}
 			socketPerm := v.GetUint32("socketPerm")
 			err = os.Chmod(server.Socket, os.FileMode(socketPerm))
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		case server.TLSKey != "" && server.TLSCert != "":
-			cer, err := tls.LoadX509KeyPair(server.TLSCert, server.TLSKey) //nolint:govet
+			cer, err := tls.LoadX509KeyPair(server.TLSCert, server.TLSKey)
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 			listener, err = tls.Listen("tcp", adr, &tls.Config{
 				MinVersion:   tls.VersionTLS12,
 				Certificates: []tls.Certificate{cer}},
 			)
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		default:
 			listener, err = net.Listen("tcp", adr)
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		}
 		assetsFs, err := fs.Sub(frontend.Assets(), "dist")
@@ -174,8 +227,10 @@ user created with the credentials from options "username" and "password".`,
 			panic(err)
 		}
-		handler, err := fbhttp.NewHandler(imgSvc, fileCache, d.store, server, assetsFs)
+		handler, err := fbhttp.NewHandler(imageService, fileCache, st.Storage, server, assetsFs)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		defer listener.Close()
@@ -194,66 +249,104 @@ user created with the credentials from options "username" and "password".`,
 		}()
 		sigc := make(chan os.Signal, 1)
-		signal.Notify(sigc, os.Interrupt, syscall.SIGTERM)
+		signal.Notify(sigc,
-		<-sigc
+			os.Interrupt,
 			syscall.SIGHUP,
 			syscall.SIGINT,
 			syscall.SIGTERM,
 			syscall.SIGQUIT,
 		)
 		sig := <-sigc
 		log.Println("Got signal:", sig)
-		shutdownCtx, shutdownRelease := context.WithTimeout(context.Background(), 10*time.Second) //nolint:mnd
+		shutdownCtx, shutdownRelease := context.WithTimeout(context.Background(), 10*time.Second)
 		defer shutdownRelease()
 		if err := srv.Shutdown(shutdownCtx); err != nil {
 			log.Fatalf("HTTP shutdown error: %v", err)
 		}
 		log.Println("Graceful shutdown complete.")
-	}, pythonConfig{allowNoDB: true}),
+
 		return nil
 	}, storeOptions{allowsNoDatabase: true}),
 }
-//nolint:gocyclo
+func getServerSettings(v *viper.Viper, st *storage.Storage) (*settings.Server, error) {
 func getRunParams(flags *pflag.FlagSet, st *storage.Storage) *settings.Server {
 	server, err := st.Settings.GetServer()
-	checkErr(err)
+	if err != nil {
-
+		return nil, err
 	if val, set := getStringParamB(flags, "root"); set {
 		server.Root = val
 	}
 	if val, set := getStringParamB(flags, "baseurl"); set {
 		server.BaseURL = val
 	}
 	if val, set := getStringParamB(flags, "log"); set {
 		server.Log = val
 	}
 	isSocketSet := false
 	isAddrSet := false
-	if val, set := getStringParamB(flags, "address"); set {
+	if v.IsSet("address") {
-		server.Address = val
+		server.Address = v.GetString("address")
-		isAddrSet = isAddrSet || set
+		isAddrSet = true
 	}
-	if val, set := getStringParamB(flags, "port"); set {
+	if v.IsSet("log") {
-		server.Port = val
+		server.Log = v.GetString("log")
 		isAddrSet = isAddrSet || set
 	}
-	if val, set := getStringParamB(flags, "key"); set {
+	if v.IsSet("port") {
-		server.TLSKey = val
+		server.Port = v.GetString("port")
-		isAddrSet = isAddrSet || set
+		isAddrSet = true
 	}
-	if val, set := getStringParamB(flags, "cert"); set {
+	if v.IsSet("cert") {
-		server.TLSCert = val
+		server.TLSCert = v.GetString("cert")
-		isAddrSet = isAddrSet || set
+		isAddrSet = true
 	}
-	if val, set := getStringParamB(flags, "socket"); set {
+	if v.IsSet("key") {
-		server.Socket = val
+		server.TLSKey = v.GetString("key")
-		isSocketSet = isSocketSet || set
+		isAddrSet = true
 	}
 	if v.IsSet("root") {
 		server.Root = v.GetString("root")
 	}
 	if v.IsSet("socket") {
 		server.Socket = v.GetString("socket")
 		isSocketSet = true
 	}
 	if v.IsSet("baseURL") {
 		server.BaseURL = v.GetString("baseURL")
 		// TODO(remove): remove after July 2026.
 	} else if v := os.Getenv("FB_BASEURL"); v != "" {
 		log.Println("DEPRECATION NOTICE: Environment variable FB_BASEURL has been deprecated, use FB_BASE_URL instead")
 		server.BaseURL = v
 	}
 	if v.IsSet("tokenExpirationTime") {
 		server.TokenExpirationTime = v.GetString("tokenExpirationTime")
 	}
 	if v.IsSet("disableThumbnails") {
 		server.EnableThumbnails = !v.GetBool("disableThumbnails")
 	}
 	if v.IsSet("disablePreviewResize") {
 		server.ResizePreview = !v.GetBool("disablePreviewResize")
 	}
 	if v.IsSet("disableTypeDetectionByHeader") {
 		server.TypeDetectionByHeader = !v.GetBool("disableTypeDetectionByHeader")
 	}
 	if v.IsSet("disableImageResolutionCalc") {
 		server.ImageResolutionCal = !v.GetBool("disableImageResolutionCalc")
 	}
 	if v.IsSet("disableExec") {
 		server.EnableExec = !v.GetBool("disableExec")
 	}
 	if isAddrSet && isSocketSet {
-		checkErr(errors.New("--socket flag cannot be used with --address, --port, --key nor --cert"))
+		return nil, errors.New("--socket flag cannot be used with --address, --port, --key nor --cert")
 	}
 	// Do not use saved Socket if address was manually set.
@@ -261,18 +354,6 @@ func getRunParams(flags *pflag.FlagSet, st *storage.Storage) *settings.Server {
 		server.Socket = ""
 	}
 	disableThumbnails := getBoolParam(flags, "disable-thumbnails")
 	server.EnableThumbnails = !disableThumbnails
 	disablePreviewResize := getBoolParam(flags, "disable-preview-resize")
 	server.ResizePreview = !disablePreviewResize
 	disableTypeDetectionByHeader := getBoolParam(flags, "disable-type-detection-by-header")
 	server.TypeDetectionByHeader = !disableTypeDetectionByHeader
 	disableExec := getBoolParam(flags, "disable-exec")
 	server.EnableExec = !disableExec
 	if server.EnableExec {
 		log.Println("WARNING: Command Runner feature enabled!")
 		log.Println("WARNING: This feature has known security vulnerabilities and should not")
@@ -280,69 +361,7 @@ func getRunParams(flags *pflag.FlagSet, st *storage.Storage) *settings.Server {
 		log.Println("WARNING: read https://github.com/filebrowser/filebrowser/issues/5199")
 	}
-	if val, set := getStringParamB(flags, "token-expiration-time"); set {
+	return server, nil
 		server.TokenExpirationTime = val
 	}
 	return server
 }
 // getBoolParamB returns a parameter as a string and a boolean to tell if it is different from the default
 //
 // NOTE: we could simply bind the flags to viper and use IsSet.
 // Although there is a bug on Viper that always returns true on IsSet
 // if a flag is binded. Our alternative way is to manually check
 // the flag and then the value from env/config/gotten by viper.
 // https://github.com/spf13/viper/pull/331
 func getBoolParamB(flags *pflag.FlagSet, key string) (value, ok bool) {
 	value, _ = flags.GetBool(key)
 	// If set on Flags, use it.
 	if flags.Changed(key) {
 		return value, true
 	}
 	// If set through viper (env, config), return it.
 	if v.IsSet(key) {
 		return v.GetBool(key), true
 	}
 	// Otherwise use default value on flags.
 	return value, false
 }
 func getBoolParam(flags *pflag.FlagSet, key string) bool {
 	val, _ := getBoolParamB(flags, key)
 	return val
 }
 // getStringParamB returns a parameter as a string and a boolean to tell if it is different from the default
 //
 // NOTE: we could simply bind the flags to viper and use IsSet.
 // Although there is a bug on Viper that always returns true on IsSet
 // if a flag is binded. Our alternative way is to manually check
 // the flag and then the value from env/config/gotten by viper.
 // https://github.com/spf13/viper/pull/331
 func getStringParamB(flags *pflag.FlagSet, key string) (string, bool) {
 	value, _ := flags.GetString(key)
 	// If set on Flags, use it.
 	if flags.Changed(key) {
 		return value, true
 	}
 	// If set through viper (env, config), return it.
 	if v.IsSet(key) {
 		return v.GetString(key), true
 	}
 	// Otherwise use default value on flags.
 	return value, false
 }
 func getStringParam(flags *pflag.FlagSet, key string) string {
 	val, _ := getStringParamB(flags, key)
 	return val
 }
 func setupLog(logMethod string) {
@@ -363,17 +382,22 @@ func setupLog(logMethod string) {
 	}
 }
-func quickSetup(flags *pflag.FlagSet, d pythonData) {
+func quickSetup(v *viper.Viper, s *storage.Storage) error {
 	log.Println("Performing quick setup")
 	set := &settings.Settings{
 		Key:                   generateKey(),
 		Signup:                false,
 		HideLoginButton:       true,
 		CreateUserDir:         false,
 		MinimumPasswordLength: settings.DefaultMinimumPasswordLength,
 		UserHomeBasePath:      settings.DefaultUsersHomeBasePath,
 		Defaults: settings.UserDefaults{
-			Scope:       ".",
+			Scope:                 ".",
-			Locale:      "en",
+			Locale:                "en",
-			SingleClick: false,
+			SingleClick:           false,
 			RedirectAfterCopyMove: true,
 			AceEditorTheme:        v.GetString("defaults.aceEditorTheme"),
 			Perm: users.Permissions{
 				Admin:    false,
 				Execute:  true,
@@ -397,43 +421,60 @@ func quickSetup(flags *pflag.FlagSet, d pythonData) {
 	}
 	var err error
-	if _, noauth := getStringParamB(flags, "noauth"); noauth {
+	if v.GetBool("noauth") {
 		set.AuthMethod = auth.MethodNoAuth
-		err = d.store.Auth.Save(&auth.NoAuth{})
+		err = s.Auth.Save(&auth.NoAuth{})
 	} else {
 		set.AuthMethod = auth.MethodJSONAuth
-		err = d.store.Auth.Save(&auth.JSONAuth{})
+		err = s.Auth.Save(&auth.JSONAuth{})
 	}
 	if err != nil {
 		return err
 	}
-	checkErr(err)
+	err = s.Settings.Save(set)
-	err = d.store.Settings.Save(set)
+	if err != nil {
-	checkErr(err)
+		return err
 	}
 	ser := &settings.Server{
-		BaseURL: getStringParam(flags, "baseurl"),
+		BaseURL:               v.GetString("baseURL"),
-		Port:    getStringParam(flags, "port"),
+		Port:                  v.GetString("port"),
-		Log:     getStringParam(flags, "log"),
+		Log:                   v.GetString("log"),
-		TLSKey:  getStringParam(flags, "key"),
+		TLSKey:                v.GetString("key"),
-		TLSCert: getStringParam(flags, "cert"),
+		TLSCert:               v.GetString("cert"),
-		Address: getStringParam(flags, "address"),
+		Address:               v.GetString("address"),
-		Root:    getStringParam(flags, "root"),
+		Root:                  v.GetString("root"),
 		TokenExpirationTime:   v.GetString("tokenExpirationTime"),
 		EnableThumbnails:      !v.GetBool("disableThumbnails"),
 		ResizePreview:         !v.GetBool("disablePreviewResize"),
 		EnableExec:            !v.GetBool("disableExec"),
 		TypeDetectionByHeader: !v.GetBool("disableTypeDetectionByHeader"),
 		ImageResolutionCal:    !v.GetBool("disableImageResolutionCalc"),
 	}
-	err = d.store.Settings.SaveServer(ser)
+	err = s.Settings.SaveServer(ser)
-	checkErr(err)
+	if err != nil {
 		return err
 	}
-	username := getStringParam(flags, "username")
+	username := v.GetString("username")
-	password := getStringParam(flags, "password")
+	password := v.GetString("password")
 	if password == "" {
 		var pwd string
 		pwd, err = users.RandomPwd(set.MinimumPasswordLength)
-		checkErr(err)
+		if err != nil {
-
+			return err
-		log.Println("Randomly generated password for user 'admin':", pwd)
+		}
 		log.Printf("User '%s' initialized with randomly generated password: %s\n", username, pwd)
 		password, err = users.ValidateAndHashPwd(pwd, set.MinimumPasswordLength)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 	} else {
 		log.Printf("User '%s' initialize wth user-provided password\n", username)
 	}
 	if username == "" || password == "" {
@@ -449,34 +490,5 @@ func quickSetup(flags *pflag.FlagSet, d pythonData) {
 	set.Defaults.Apply(user)
 	user.Perm.Admin = true
-	err = d.store.Users.Save(user)
+	return s.Users.Save(user)
 	checkErr(err)
 }
 func initConfig() {
 	if cfgFile == "" {
 		home, err := homedir.Dir()
 		checkErr(err)
 		v.AddConfigPath(".")
 		v.AddConfigPath(home)
 		v.AddConfigPath("/etc/filebrowser/")
 		v.SetConfigName(".filebrowser")
 	} else {
 		v.SetConfigFile(cfgFile)
 	}
 	v.SetEnvPrefix("FB")
 	v.AutomaticEnv()
 	v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
 	v.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
 	if err := v.ReadInConfig(); err != nil {
 		var configParseError v.ConfigParseError
 		if errors.As(err, &configParseError) {
 			panic(err)
 		}
 		cfgFile = "No config file used"
 	} else {
 		cfgFile = "Using config file: " + v.ConfigFileUsed()
 	}
 }
--- a/cmd/rule_rm.go
+++ b/cmd/rule_rm.go
@@ -40,27 +40,29 @@ including 'index_end'.`,
 		return nil
 	},
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, args []string, st *store) error {
 		i, err := strconv.Atoi(args[0])
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		f := i
 		if len(args) == 2 {
 			f, err = strconv.Atoi(args[1])
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		}
-		user := func(u *users.User) {
+		user := func(u *users.User) error {
 			u.Rules = append(u.Rules[:i], u.Rules[f+1:]...)
-			err := d.store.Users.Save(u)
+			return st.Users.Save(u)
 			checkErr(err)
 		}
-		global := func(s *settings.Settings) {
+		global := func(s *settings.Settings) error {
 			s.Rules = append(s.Rules[:i], s.Rules[f+1:]...)
-			err := d.store.Settings.Save(s)
+			return st.Settings.Save(s)
 			checkErr(err)
 		}
-		runRules(d.store, cmd, user, global)
+		return runRules(st.Storage, cmd, user, global)
-	}, pythonConfig{}),
+	}, storeOptions{}),
 }
--- a/cmd/rules.go
+++ b/cmd/rules.go
@@ -29,41 +29,63 @@ rules.`,
 	Args: cobra.NoArgs,
 }
-func runRules(st *storage.Storage, cmd *cobra.Command, usersFn func(*users.User), globalFn func(*settings.Settings)) {
+func runRules(st *storage.Storage, cmd *cobra.Command, usersFn func(*users.User) error, globalFn func(*settings.Settings) error) error {
-	id := getUserIdentifier(cmd.Flags())
+	id, err := getUserIdentifier(cmd.Flags())
 	if err != nil {
 		return err
 	}
 	if id != nil {
-		user, err := st.Users.Get("", id)
+		var user *users.User
-		checkErr(err)
+		user, err = st.Users.Get("", id)
 		if err != nil {
 			return err
 		}
 		if usersFn != nil {
-			usersFn(user)
+			err = usersFn(user)
 			if err != nil {
 				return err
 			}
 		}
 		printRules(user.Rules, id)
-		return
+		return nil
 	}
 	s, err := st.Settings.Get()
-	checkErr(err)
+	if err != nil {
 		return err
 	}
 	if globalFn != nil {
-		globalFn(s)
+		err = globalFn(s)
 		if err != nil {
 			return err
 		}
 	}
 	printRules(s.Rules, id)
 	return nil
 }
-func getUserIdentifier(flags *pflag.FlagSet) interface{} {
+func getUserIdentifier(flags *pflag.FlagSet) (interface{}, error) {
-	id := mustGetUint(flags, "id")
+	id, err := flags.GetUint("id")
-	username := mustGetString(flags, "username")
+	if err != nil {
-
+		return nil, err
 	if id != 0 {
 		return id
 	} else if username != "" {
 		return username
 	}
-	return nil
+	username, err := flags.GetString("username")
 	if err != nil {
 		return nil, err
 	}
 	if id != 0 {
 		return id, nil
 	} else if username != "" {
 		return username, nil
 	}
 	return nil, nil
 }
 func printRules(rulez []rules.Rule, id interface{}) {
--- a/cmd/rules_add.go
+++ b/cmd/rules_add.go
@@ -21,9 +21,19 @@ var rulesAddCmd = &cobra.Command{
 	Short: "Add a global rule or user rule",
 	Long:  `Add a global rule or user rule.`,
 	Args:  cobra.ExactArgs(1),
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, args []string, st *store) error {
-		allow := mustGetBool(cmd.Flags(), "allow")
+		flags := cmd.Flags()
-		regex := mustGetBool(cmd.Flags(), "regex")
+
 		allow, err := flags.GetBool("allow")
 		if err != nil {
 			return err
 		}
 		regex, err := flags.GetBool("regex")
 		if err != nil {
 			return err
 		}
 		exp := args[0]
 		if regex {
@@ -41,18 +51,16 @@ var rulesAddCmd = &cobra.Command{
 			rule.Path = exp
 		}
-		user := func(u *users.User) {
+		user := func(u *users.User) error {
 			u.Rules = append(u.Rules, rule)
-			err := d.store.Users.Save(u)
+			return st.Users.Save(u)
 			checkErr(err)
 		}
-		global := func(s *settings.Settings) {
+		global := func(s *settings.Settings) error {
 			s.Rules = append(s.Rules, rule)
-			err := d.store.Settings.Save(s)
+			return st.Settings.Save(s)
 			checkErr(err)
 		}
-		runRules(d.store, cmd, user, global)
+		return runRules(st.Storage, cmd, user, global)
-	}, pythonConfig{}),
+	}, storeOptions{}),
 }
--- a/cmd/rules_ls.go
+++ b/cmd/rules_ls.go
@@ -13,7 +13,7 @@ var rulesLsCommand = &cobra.Command{
 	Short: "List global rules or user specific rules",
 	Long:  `List global rules or user specific rules.`,
 	Args:  cobra.NoArgs,
-	Run: python(func(cmd *cobra.Command, _ []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, _ []string, st *store) error {
-		runRules(d.store, cmd, nil, nil)
+		return runRules(st.Storage, cmd, nil, nil)
-	}, pythonConfig{}),
+	}, storeOptions{}),
 }
--- a/cmd/upgrade.go
+++ b/cmd/upgrade.go
@@ -1,31 +0,0 @@
 package cmd
 import (
 	"github.com/spf13/cobra"
 	"github.com/filebrowser/filebrowser/v2/storage/bolt/importer"
 )
 func init() {
 	rootCmd.AddCommand(upgradeCmd)
 	upgradeCmd.Flags().String("old.database", "", "")
 	upgradeCmd.Flags().String("old.config", "", "")
 	_ = upgradeCmd.MarkFlagRequired("old.database")
 }
 var upgradeCmd = &cobra.Command{
 	Use:   "upgrade",
 	Short: "Upgrades an old configuration",
 	Long: `Upgrades an old configuration. This command DOES NOT
 import share links because they are incompatible with
 this version.`,
 	Args: cobra.NoArgs,
 	Run: func(cmd *cobra.Command, _ []string) {
 		flags := cmd.Flags()
 		oldDB := mustGetString(flags, "old.database")
 		oldConf := mustGetString(flags, "old.config")
 		err := importer.Import(oldDB, oldConf, getStringParam(flags, "database"))
 		checkErr(err)
 	},
 }
--- a/cmd/users.go
+++ b/cmd/users.go
@@ -27,16 +27,17 @@ var usersCmd = &cobra.Command{
 func printUsers(usrs []*users.User) {
 	w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0)
-	fmt.Fprintln(w, "ID\tUsername\tScope\tLocale\tV. Mode\tS.Click\tAdmin\tExecute\tCreate\tRename\tModify\tDelete\tShare\tDownload\tPwd Lock")
+	fmt.Fprintln(w, "ID\tUsername\tScope\tLocale\tV. Mode\tS.Click\tRed. After C/M\tAdmin\tExecute\tCreate\tRename\tModify\tDelete\tShare\tDownload\tPwd Lock")
 	for _, u := range usrs {
-		fmt.Fprintf(w, "%d\t%s\t%s\t%s\t%s\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t\n",
+		fmt.Fprintf(w, "%d\t%s\t%s\t%s\t%s\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t\n",
 			u.ID,
 			u.Username,
 			u.Scope,
 			u.Locale,
 			u.ViewMode,
 			u.SingleClick,
 			u.RedirectAfterCopyMove,
 			u.Perm.Admin,
 			u.Perm.Execute,
 			u.Perm.Create,
@@ -77,52 +78,72 @@ func addUserFlags(flags *pflag.FlagSet) {
 	flags.String("locale", "en", "locale for users")
 	flags.String("viewMode", string(users.ListViewMode), "view mode for users")
 	flags.Bool("singleClick", false, "use single clicks only")
 	flags.Bool("redirectAfterCopyMove", false, "redirect to destination after copy/move")
 	flags.Bool("dateFormat", false, "use date format (true for absolute time, false for relative)")
 	flags.Bool("hideDotfiles", false, "hide dotfiles")
 	flags.String("aceEditorTheme", "", "ace editor's syntax highlighting theme for users")
 }
-func getViewMode(flags *pflag.FlagSet) users.ViewMode {
+func getAndParseViewMode(flags *pflag.FlagSet) (users.ViewMode, error) {
-	viewMode := users.ViewMode(mustGetString(flags, "viewMode"))
+	viewModeStr, err := flags.GetString("viewMode")
-	if viewMode != users.ListViewMode && viewMode != users.MosaicViewMode {
+	if err != nil {
-		checkErr(errors.New("view mode must be \"" + string(users.ListViewMode) + "\" or \"" + string(users.MosaicViewMode) + "\""))
+		return "", err
 	}
-	return viewMode
+
 	viewMode := users.ViewMode(viewModeStr)
 	if viewMode != users.ListViewMode && viewMode != users.MosaicViewMode {
 		return "", errors.New("view mode must be \"" + string(users.ListViewMode) + "\" or \"" + string(users.MosaicViewMode) + "\"")
 	}
 	return viewMode, nil
 }
-//nolint:gocyclo
+func getUserDefaults(flags *pflag.FlagSet, defaults *settings.UserDefaults, all bool) error {
-func getUserDefaults(flags *pflag.FlagSet, defaults *settings.UserDefaults, all bool) {
+	errs := []error{}
 	visit := func(flag *pflag.Flag) {
 		var err error
 		switch flag.Name {
 		case "scope":
-			defaults.Scope = mustGetString(flags, flag.Name)
+			defaults.Scope, err = flags.GetString(flag.Name)
 		case "locale":
-			defaults.Locale = mustGetString(flags, flag.Name)
+			defaults.Locale, err = flags.GetString(flag.Name)
 		case "viewMode":
-			defaults.ViewMode = getViewMode(flags)
+			defaults.ViewMode, err = getAndParseViewMode(flags)
 		case "singleClick":
-			defaults.SingleClick = mustGetBool(flags, flag.Name)
+			defaults.SingleClick, err = flags.GetBool(flag.Name)
 		case "redirectAfterCopyMove":
 			defaults.RedirectAfterCopyMove, err = flags.GetBool(flag.Name)
 		case "aceEditorTheme":
 			defaults.AceEditorTheme, err = flags.GetString(flag.Name)
 		case "perm.admin":
-			defaults.Perm.Admin = mustGetBool(flags, flag.Name)
+			defaults.Perm.Admin, err = flags.GetBool(flag.Name)
 		case "perm.execute":
-			defaults.Perm.Execute = mustGetBool(flags, flag.Name)
+			defaults.Perm.Execute, err = flags.GetBool(flag.Name)
 		case "perm.create":
-			defaults.Perm.Create = mustGetBool(flags, flag.Name)
+			defaults.Perm.Create, err = flags.GetBool(flag.Name)
 		case "perm.rename":
-			defaults.Perm.Rename = mustGetBool(flags, flag.Name)
+			defaults.Perm.Rename, err = flags.GetBool(flag.Name)
 		case "perm.modify":
-			defaults.Perm.Modify = mustGetBool(flags, flag.Name)
+			defaults.Perm.Modify, err = flags.GetBool(flag.Name)
 		case "perm.delete":
-			defaults.Perm.Delete = mustGetBool(flags, flag.Name)
+			defaults.Perm.Delete, err = flags.GetBool(flag.Name)
 		case "perm.share":
-			defaults.Perm.Share = mustGetBool(flags, flag.Name)
+			defaults.Perm.Share, err = flags.GetBool(flag.Name)
 		case "perm.download":
-			defaults.Perm.Download = mustGetBool(flags, flag.Name)
+			defaults.Perm.Download, err = flags.GetBool(flag.Name)
 		case "commands":
-			commands, err := flags.GetStringSlice(flag.Name)
+			defaults.Commands, err = flags.GetStringSlice(flag.Name)
 			checkErr(err)
 			defaults.Commands = commands
 		case "sorting.by":
-			defaults.Sorting.By = mustGetString(flags, flag.Name)
+			defaults.Sorting.By, err = flags.GetString(flag.Name)
 		case "sorting.asc":
-			defaults.Sorting.Asc = mustGetBool(flags, flag.Name)
+			defaults.Sorting.Asc, err = flags.GetBool(flag.Name)
 		case "hideDotfiles":
 			defaults.HideDotfiles, err = flags.GetBool(flag.Name)
 		}
 		if err != nil {
 			errs = append(errs, err)
 		}
 	}
@@ -131,4 +152,6 @@ func getUserDefaults(flags *pflag.FlagSet, defaults *settings.UserDefaults, all
 	} else {
 		flags.Visit(visit)
 	}
 	return errors.Join(errs...)
 }
--- a/cmd/users_add.go
+++ b/cmd/users_add.go
@@ -16,36 +16,67 @@ var usersAddCmd = &cobra.Command{
 	Short: "Create a new user",
 	Long:  `Create a new user and add it to the database.`,
 	Args:  cobra.ExactArgs(2),
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, args []string, st *store) error {
-		s, err := d.store.Settings.Get()
+		flags := cmd.Flags()
-		checkErr(err)
+		s, err := st.Settings.Get()
-		getUserDefaults(cmd.Flags(), &s.Defaults, false)
+		if err != nil {
 			return err
 		}
 		err = getUserDefaults(flags, &s.Defaults, false)
 		if err != nil {
 			return err
 		}
 		password, err := users.ValidateAndHashPwd(args[1], s.MinimumPasswordLength)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		user := &users.User{
-			Username:     args[0],
+			Username: args[0],
-			Password:     password,
+			Password: password,
-			LockPassword: mustGetBool(cmd.Flags(), "lockPassword"),
+		}
 		user.LockPassword, err = flags.GetBool("lockPassword")
 		if err != nil {
 			return err
 		}
 		user.DateFormat, err = flags.GetBool("dateFormat")
 		if err != nil {
 			return err
 		}
 		user.HideDotfiles, err = flags.GetBool("hideDotfiles")
 		if err != nil {
 			return err
 		}
 		s.Defaults.Apply(user)
-		servSettings, err := d.store.Settings.GetServer()
+		servSettings, err := st.Settings.GetServer()
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		// since getUserDefaults() polluted s.Defaults.Scope
 		// which makes the Scope not the one saved in the db
 		// we need the right s.Defaults.Scope here
-		s2, err := d.store.Settings.Get()
+		s2, err := st.Settings.Get()
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		userHome, err := s2.MakeUserDir(user.Username, user.Scope, servSettings.Root)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		user.Scope = userHome
-		err = d.store.Users.Save(user)
+		err = st.Users.Save(user)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		printUsers([]*users.User{user})
-	}, pythonConfig{}),
+		return nil
 	}, storeOptions{}),
 }
--- a/cmd/users_export.go
+++ b/cmd/users_export.go
@@ -14,11 +14,16 @@ var usersExportCmd = &cobra.Command{
 	Long: `Export all users to a json or yaml file. Please indicate the
 path to the file where you want to write the users.`,
 	Args: jsonYamlArg,
-	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, args []string, st *store) error {
-		list, err := d.store.Users.Gets("")
+		list, err := st.Users.Gets("")
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		err = marshal(args[0], list)
-		checkErr(err)
+		if err != nil {
-	}, pythonConfig{}),
+			return err
 		}
 		return nil
 	}, storeOptions{}),
 }
--- a/cmd/users_find.go
+++ b/cmd/users_find.go
@@ -16,17 +16,17 @@ var usersFindCmd = &cobra.Command{
 	Short: "Find a user by username or id",
 	Long:  `Find a user by username or id. If no flag is set, all users will be printed.`,
 	Args:  cobra.ExactArgs(1),
-	Run:   findUsers,
+	RunE:  findUsers,
 }
 var usersLsCmd = &cobra.Command{
 	Use:   "ls",
 	Short: "List all users.",
 	Args:  cobra.NoArgs,
-	Run:   findUsers,
+	RunE:  findUsers,
 }
-var findUsers = python(func(_ *cobra.Command, args []string, d pythonData) {
+var findUsers = withStore(func(_ *cobra.Command, args []string, st *store) error {
 	var (
 		list []*users.User
 		user *users.User
@@ -36,16 +36,19 @@ var findUsers = python(func(_ *cobra.Command, args []string, d pythonData) {
 	if len(args) == 1 {
 		username, id := parseUsernameOrID(args[0])
 		if username != "" {
-			user, err = d.store.Users.Get("", username)
+			user, err = st.Users.Get("", username)
 		} else {
-			user, err = d.store.Users.Get("", id)
+			user, err = st.Users.Get("", id)
 		}
 		list = []*users.User{user}
 	} else {
-		list, err = d.store.Users.Gets("")
+		list, err = st.Users.Gets("")
 	}
-	checkErr(err)
+	if err != nil {
 		return err
 	}
 	printUsers(list)
-}, pythonConfig{})
+	return nil
 }, storeOptions{})
--- a/cmd/users_import.go
+++ b/cmd/users_import.go
@@ -25,50 +25,71 @@ file. You can use this command to import new users to your
 installation. For that, just don't place their ID on the files
 list or set it to 0.`,
 	Args: jsonYamlArg,
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, args []string, st *store) error {
 		flags := cmd.Flags()
 		fd, err := os.Open(args[0])
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		defer fd.Close()
 		list := []*users.User{}
 		err = unmarshal(args[0], &list)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		for _, user := range list {
 			err = user.Clean("")
-			checkErr(err)
+			if err != nil {
-		}
+				return err
 		if mustGetBool(cmd.Flags(), "replace") {
 			oldUsers, err := d.store.Users.Gets("")
 			checkErr(err)
 			err = marshal("users.backup.json", list)
 			checkErr(err)
 			for _, user := range oldUsers {
 				err = d.store.Users.Delete(user.ID)
 				checkErr(err)
 			}
 		}
-		overwrite := mustGetBool(cmd.Flags(), "overwrite")
+		replace, err := flags.GetBool("replace")
 		if err != nil {
 			return err
 		}
 		if replace {
 			oldUsers, userImportErr := st.Users.Gets("")
 			if userImportErr != nil {
 				return userImportErr
 			}
 			err = marshal("users.backup.json", list)
 			if err != nil {
 				return err
 			}
 			for _, user := range oldUsers {
 				err = st.Users.Delete(user.ID)
 				if err != nil {
 					return err
 				}
 			}
 		}
 		overwrite, err := flags.GetBool("overwrite")
 		if err != nil {
 			return err
 		}
 		for _, user := range list {
-			onDB, err := d.store.Users.Get("", user.ID)
+			onDB, err := st.Users.Get("", user.ID)
 			// User exists in DB.
 			if err == nil {
 				if !overwrite {
-					checkErr(errors.New("user " + strconv.Itoa(int(user.ID)) + " is already registered"))
+					return errors.New("user " + strconv.Itoa(int(user.ID)) + " is already registered")
 				}
 				// If the usernames mismatch, check if there is another one in the DB
 				// with the new username. If there is, print an error and cancel the
 				// operation
 				if user.Username != onDB.Username {
-					if conflictuous, err := d.store.Users.Get("", user.Username); err == nil { //nolint:govet
+					if conflictuous, err := st.Users.Get("", user.Username); err == nil {
-						checkErr(usernameConflictError(user.Username, conflictuous.ID, user.ID))
+						return usernameConflictError(user.Username, conflictuous.ID, user.ID)
 					}
 				}
 			} else {
@@ -77,10 +98,13 @@ list or set it to 0.`,
 				user.ID = 0
 			}
-			err = d.store.Users.Save(user)
+			err = st.Users.Save(user)
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		}
-	}, pythonConfig{}),
+		return nil
 	}, storeOptions{}),
 }
 func usernameConflictError(username string, originalID, newID uint) error {
--- a/cmd/users_rm.go
+++ b/cmd/users_rm.go
@@ -15,17 +15,20 @@ var usersRmCmd = &cobra.Command{
 	Short: "Delete a user by username or id",
 	Long:  `Delete a user by username or id`,
 	Args:  cobra.ExactArgs(1),
-	Run: python(func(_ *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(_ *cobra.Command, args []string, st *store) error {
 		username, id := parseUsernameOrID(args[0])
 		var err error
 		if username != "" {
-			err = d.store.Users.Delete(username)
+			err = st.Users.Delete(username)
 		} else {
-			err = d.store.Users.Delete(id)
+			err = st.Users.Delete(id)
 		}
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		fmt.Println("user deleted successfully")
-	}, pythonConfig{}),
+		return nil
 	}, storeOptions{}),
 }
--- a/cmd/users_update.go
+++ b/cmd/users_update.go
@@ -21,45 +21,74 @@ var usersUpdateCmd = &cobra.Command{
 	Long: `Updates an existing user. Set the flags for the
 options you want to change.`,
 	Args: cobra.ExactArgs(1),
-	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+	RunE: withStore(func(cmd *cobra.Command, args []string, st *store) error {
 		username, id := parseUsernameOrID(args[0])
 		flags := cmd.Flags()
-		password := mustGetString(flags, "password")
+		username, id := parseUsernameOrID(args[0])
-		newUsername := mustGetString(flags, "username")
+		password, err := flags.GetString("password")
 		if err != nil {
 			return err
 		}
-		s, err := d.store.Settings.Get()
+		newUsername, err := flags.GetString("username")
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		s, err := st.Settings.Get()
 		if err != nil {
 			return err
 		}
 		var (
 			user *users.User
 		)
 		if id != 0 {
-			user, err = d.store.Users.Get("", id)
+			user, err = st.Users.Get("", id)
 		} else {
-			user, err = d.store.Users.Get("", username)
+			user, err = st.Users.Get("", username)
 		}
 		if err != nil {
 			return err
 		}
 		checkErr(err)
 		defaults := settings.UserDefaults{
-			Scope:       user.Scope,
+			Scope:                 user.Scope,
-			Locale:      user.Locale,
+			Locale:                user.Locale,
-			ViewMode:    user.ViewMode,
+			ViewMode:              user.ViewMode,
-			SingleClick: user.SingleClick,
+			SingleClick:           user.SingleClick,
-			Perm:        user.Perm,
+			RedirectAfterCopyMove: user.RedirectAfterCopyMove,
-			Sorting:     user.Sorting,
+			Perm:                  user.Perm,
-			Commands:    user.Commands,
+			Sorting:               user.Sorting,
 			Commands:              user.Commands,
 		}
-		getUserDefaults(flags, &defaults, false)
+
 		err = getUserDefaults(flags, &defaults, false)
 		if err != nil {
 			return err
 		}
 		user.Scope = defaults.Scope
 		user.Locale = defaults.Locale
 		user.ViewMode = defaults.ViewMode
 		user.SingleClick = defaults.SingleClick
 		user.RedirectAfterCopyMove = defaults.RedirectAfterCopyMove
 		user.Perm = defaults.Perm
 		user.Commands = defaults.Commands
 		user.Sorting = defaults.Sorting
-		user.LockPassword = mustGetBool(flags, "lockPassword")
+		user.LockPassword, err = flags.GetBool("lockPassword")
 		if err != nil {
 			return err
 		}
 		user.DateFormat, err = flags.GetBool("dateFormat")
 		if err != nil {
 			return err
 		}
 		user.HideDotfiles, err = flags.GetBool("hideDotfiles")
 		if err != nil {
 			return err
 		}
 		if newUsername != "" {
 			user.Username = newUsername
@@ -67,11 +96,16 @@ options you want to change.`,
 		if password != "" {
 			user.Password, err = users.ValidateAndHashPwd(password, s.MinimumPasswordLength)
-			checkErr(err)
+			if err != nil {
 				return err
 			}
 		}
-		err = d.store.Users.Update(user)
+		err = st.Users.Update(user)
-		checkErr(err)
+		if err != nil {
 			return err
 		}
 		printUsers([]*users.User{user})
-	}, pythonConfig{}),
+		return nil
 	}, storeOptions{}),
 }
--- a/cmd/utils.go
+++ b/cmd/utils.go
@@ -4,65 +4,50 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
 	"io/fs"
 	"log"
 	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"github.com/asdine/storm/v3"
 	homedir "github.com/mitchellh/go-homedir"
 	"github.com/samber/lo"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-	yaml "gopkg.in/yaml.v2"
+	"github.com/spf13/viper"
 	yaml "gopkg.in/yaml.v3"
 	"github.com/filebrowser/filebrowser/v2/files"
 	"github.com/filebrowser/filebrowser/v2/settings"
 	"github.com/filebrowser/filebrowser/v2/storage"
 	"github.com/filebrowser/filebrowser/v2/storage/bolt"
 )
-func checkErr(err error) {
+const databasePermissions = 0640
 func getAndParseFileMode(flags *pflag.FlagSet, name string) (fs.FileMode, error) {
 	mode, err := flags.GetString(name)
 	if err != nil {
-		log.Fatal(err)
+		return 0, err
 	}
 }
-func mustGetString(flags *pflag.FlagSet, flag string) string {
+	b, err := strconv.ParseUint(mode, 0, 32)
-	s, err := flags.GetString(flag)
+	if err != nil {
-	checkErr(err)
+		return 0, err
-	return s
+	}
 }
-func mustGetBool(flags *pflag.FlagSet, flag string) bool {
+	return fs.FileMode(b), nil
 	b, err := flags.GetBool(flag)
 	checkErr(err)
 	return b
 }
 func mustGetUint(flags *pflag.FlagSet, flag string) uint {
 	b, err := flags.GetUint(flag)
 	checkErr(err)
 	return b
 }
 func generateKey() []byte {
 	k, err := settings.GenerateKey()
-	checkErr(err)
+	if err != nil {
 		panic(err)
 	}
 	return k
 }
 type cobraFunc func(cmd *cobra.Command, args []string)
 type pythonFunc func(cmd *cobra.Command, args []string, data pythonData)
 type pythonConfig struct {
 	noDB      bool
 	allowNoDB bool
 }
 type pythonData struct {
 	hadDB bool
 	store *storage.Storage
 }
 func dbExists(path string) (bool, error) {
 	stat, err := os.Stat(path)
 	if err == nil {
@@ -73,7 +58,7 @@ func dbExists(path string) (bool, error) {
 		d := filepath.Dir(path)
 		_, err = os.Stat(d)
 		if os.IsNotExist(err) {
-			if err := os.MkdirAll(d, 0700); err != nil { //nolint:govet
+			if err := os.MkdirAll(d, 0700); err != nil {
 				return false, err
 			}
 			return false, nil
@@ -83,41 +68,142 @@ func dbExists(path string) (bool, error) {
 	return false, err
 }
-func python(fn pythonFunc, cfg pythonConfig) cobraFunc {
+// Generate the replacements for all environment variables. This allows to
-	return func(cmd *cobra.Command, args []string) {
+// use FB_BRANDING_DISABLE_EXTERNAL environment variables, even when the
-		data := pythonData{hadDB: true}
+// option name is branding.disableExternal.
 func generateEnvKeyReplacements(cmd *cobra.Command) []string {
 	replacements := []string{}
-		path := getStringParam(cmd.Flags(), "database")
+	cmd.Flags().VisitAll(func(f *pflag.Flag) {
-		absPath, err := filepath.Abs(path)
+		oldName := strings.ToUpper(f.Name)
-		if err != nil {
+		newName := strings.ToUpper(lo.SnakeCase(f.Name))
-			panic(err)
+		replacements = append(replacements, oldName, newName)
-		}
+	})
 		exists, err := dbExists(path)
-		if err != nil {
+	return replacements
-			panic(err)
+}
 		} else if exists && cfg.noDB {
 			log.Fatal(absPath + " already exists")
 		} else if !exists && !cfg.noDB && !cfg.allowNoDB {
 			log.Fatal(absPath + " does not exist. Please run 'filebrowser config init' first.")
 		} else if !exists && !cfg.noDB {
 			log.Println("Warning: filebrowser.db can't be found. Initialing in " + strings.TrimSuffix(absPath, "filebrowser.db"))
 		}
-		log.Println("Using database: " + absPath)
+func initViper(cmd *cobra.Command) (*viper.Viper, error) {
-		data.hadDB = exists
+	v := viper.New()
-		db, err := storm.Open(path, storm.BoltOptions(files.PermFile, nil))
+
-		checkErr(err)
+	// Get config file from flag
-		defer db.Close()
+	cfgFile, err := cmd.Flags().GetString("config")
-		data.store, err = bolt.NewStorage(db)
+	if err != nil {
-		checkErr(err)
+		return nil, err
 		fn(cmd, args, data)
 	}
 	// Configuration file
 	if cfgFile == "" {
 		home, err := homedir.Dir()
 		if err != nil {
 			return nil, err
 		}
 		v.AddConfigPath(".")
 		v.AddConfigPath(home)
 		v.AddConfigPath("/etc/filebrowser/")
 		v.SetConfigName(".filebrowser")
 	} else {
 		v.SetConfigFile(cfgFile)
 	}
 	// Environment variables
 	v.SetEnvPrefix("FB")
 	v.AutomaticEnv()
 	v.SetEnvKeyReplacer(strings.NewReplacer(generateEnvKeyReplacements(cmd)...))
 	// Bind the flags
 	err = v.BindPFlags(cmd.Flags())
 	if err != nil {
 		return nil, err
 	}
 	// Read in configuration
 	if err := v.ReadInConfig(); err != nil {
 		if errors.Is(err, viper.ConfigParseError{}) {
 			return nil, err
 		}
 		log.Println("No config file used")
 	} else {
 		log.Printf("Using config file: %s", v.ConfigFileUsed())
 	}
 	// Return Viper
 	return v, nil
 }
 type store struct {
 	*storage.Storage
 	databaseExisted bool
 }
 type storeOptions struct {
 	expectsNoDatabase bool
 	allowsNoDatabase  bool
 }
 type cobraFunc func(cmd *cobra.Command, args []string) error
 // withViperAndStore initializes Viper and the storage.Store and passes them to the callback function.
 // This function should only be used by [withStore] and the root command. No other command should call
 // this function directly.
 func withViperAndStore(fn func(cmd *cobra.Command, args []string, v *viper.Viper, store *store) error, options storeOptions) cobraFunc {
 	return func(cmd *cobra.Command, args []string) error {
 		v, err := initViper(cmd)
 		if err != nil {
 			return err
 		}
 		path, err := filepath.Abs(v.GetString("database"))
 		if err != nil {
 			return err
 		}
 		exists, err := dbExists(path)
 		switch {
 		case err != nil:
 			return err
 		case exists && options.expectsNoDatabase:
 			log.Fatal(path + " already exists")
 		case !exists && !options.expectsNoDatabase && !options.allowsNoDatabase:
 			log.Fatal(path + " does not exist. Please run 'filebrowser config init' first.")
 		case !exists && !options.expectsNoDatabase:
 			log.Println("WARNING: filebrowser.db can't be found. Initialing in " + strings.TrimSuffix(path, "filebrowser.db"))
 		}
 		log.Println("Using database: " + path)
 		db, err := storm.Open(path, storm.BoltOptions(databasePermissions, nil))
 		if err != nil {
 			return err
 		}
 		defer db.Close()
 		storage, err := bolt.NewStorage(db)
 		if err != nil {
 			return err
 		}
 		store := &store{
 			Storage:         storage,
 			databaseExisted: exists,
 		}
 		return fn(cmd, args, v, store)
 	}
 }
 func withStore(fn func(cmd *cobra.Command, args []string, store *store) error, options storeOptions) cobraFunc {
 	return withViperAndStore(func(cmd *cobra.Command, args []string, _ *viper.Viper, store *store) error {
 		return fn(cmd, args, store)
 	}, options)
 }
 func marshal(filename string, data interface{}) error {
 	fd, err := os.Create(filename)
-	checkErr(err)
+	if err != nil {
 		return err
 	}
 	defer fd.Close()
 	switch ext := filepath.Ext(filename); ext {
@@ -135,7 +221,9 @@ func marshal(filename string, data interface{}) error {
 func unmarshal(filename string, data interface{}) error {
 	fd, err := os.Open(filename)
-	checkErr(err)
+	if err != nil {
 		return err
 	}
 	defer fd.Close()
 	switch ext := filepath.Ext(filename); ext {
--- a/commitlint.config.js
+++ b/commitlint.config.js
@@ -1,34 +0,0 @@
 module.exports = {
    rules: {
        'body-leading-blank': [1, 'always'],
        'body-max-line-length': [2, 'always', 100],
        'footer-leading-blank': [1, 'always'],
        'footer-max-line-length': [2, 'always', 100],
        'header-max-length': [2, 'always', 100],
        'scope-case': [2, 'always', 'lower-case'],
        'subject-case': [
            2,
            'never',
            ['sentence-case', 'start-case', 'pascal-case', 'upper-case'],
        ],
        'subject-full-stop': [2, 'never', '.'],
        'type-case': [2, 'always', 'lower-case'],
        'type-empty': [2, 'never'],
        'type-enum': [
            2,
            'always',
            [
                'feat',
                'fix',
                'perf',
                'revert',
                'refactor',
                'build',
                'ci',
                'test',
                'chore',
                'docs',
            ],
        ],
    },
 };
--- a/common.mk
+++ b/common.mk
@@ -1,28 +0,0 @@
 SHELL := /usr/bin/env bash
 DATE ?= $(shell date +%FT%T%z)
 BASE_PATH := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
 VERSION ?= $(shell git describe --tags --always --match=v* 2> /dev/null || \
           			cat $(CURDIR)/.version 2> /dev/null || echo v0)
 VERSION_HASH = $(shell git rev-parse HEAD)
 BRANCH = $(shell git rev-parse --abbrev-ref HEAD)
 go = GOGC=off go
 MODULE = $(shell env GO111MODULE=on go list -m)
 # printing
 # $Q (quiet) is used in the targets as a replacer for @.
 # This macro helps to print the command for debugging by setting V to 1. Example `make test-unit V=1`
 V = 0
 Q = $(if $(filter 1,$V),,@)
 # $M is a macro to print a colored ▶ character. Example `$(info $(M) running coverage tests…)` will print "▶ running coverage tests…"
 M = $(shell printf "\033[34;1m▶\033[0m")
 GREEN  := $(shell tput -Txterm setaf 2)
 YELLOW := $(shell tput -Txterm setaf 3)
 WHITE  := $(shell tput -Txterm setaf 7)
 CYAN   := $(shell tput -Txterm setaf 6)
 RESET  := $(shell tput -Txterm sgr0)
 define global_option
    printf "  ${YELLOW}%-20s${GREEN}%s${RESET}\n" $(1) $(2)
 endef
--- a/diskcache/file_cache.go
+++ b/diskcache/file_cache.go
@@ -2,7 +2,7 @@ package diskcache
 import (
 	"context"
-	"crypto/sha1" //nolint:gosec
+	"crypto/sha1"
 	"encoding/hex"
 	"errors"
 	"fmt"
@@ -103,7 +103,7 @@ func (f *FileCache) getScopedLocks(key string) (lock sync.Locker) {
 }
 func (f *FileCache) getFileName(key string) string {
-	hasher := sha1.New() //nolint:gosec
+	hasher := sha1.New()
 	_, _ = hasher.Write([]byte(key))
 	hash := hex.EncodeToString(hasher.Sum(nil))
 	return fmt.Sprintf("%s/%s/%s", hash[:1], hash[1:3], hash)
--- a/diskcache/file_cache_test.go
+++ b/diskcache/file_cache_test.go
@@ -25,12 +25,12 @@ func TestFileCache(t *testing.T) {
 	// store new key
 	err := cache.Store(ctx, key, []byte(value))
 	require.NoError(t, err)
-	checkValue(t, ctx, fs, filepath.Join(cacheRoot, cachedFilePath), cache, key, value)
+	checkValue(ctx, t, fs, filepath.Join(cacheRoot, cachedFilePath), cache, key, value)
 	// update existing key
 	err = cache.Store(ctx, key, []byte(newValue))
 	require.NoError(t, err)
-	checkValue(t, ctx, fs, filepath.Join(cacheRoot, cachedFilePath), cache, key, newValue)
+	checkValue(ctx, t, fs, filepath.Join(cacheRoot, cachedFilePath), cache, key, newValue)
 	// delete key
 	err = cache.Delete(ctx, key)
@@ -40,7 +40,7 @@ func TestFileCache(t *testing.T) {
 	require.False(t, exists)
 }
-func checkValue(t *testing.T, ctx context.Context, fs afero.Fs, fileFullPath string, cache *FileCache, key, wantValue string) { //nolint:revive
+func checkValue(ctx context.Context, t *testing.T, fs afero.Fs, fileFullPath string, cache *FileCache, key, wantValue string) {
 	t.Helper()
 	// check actual file content
 	b, err := afero.ReadFile(fs, fileFullPath)
--- a/docker/alpine/healthcheck.sh
+++ b/docker/alpine/healthcheck.sh
@@ -0,0 +1,9 @@
 #!/bin/sh
 set -e
 PORT=${FB_PORT:-$(cat /config/settings.json | sh /JSON.sh | grep '\["port"\]' | awk '{print $2}')}
 ADDRESS=${FB_ADDRESS:-$(cat /config/settings.json | sh /JSON.sh | grep '\["address"\]' | awk '{print $2}' | sed 's/"//g')}
 ADDRESS=${ADDRESS:-localhost}
 wget -q --spider http://$ADDRESS:$PORT/health || exit 1
--- a/docker/alpine/init.sh
+++ b/docker/alpine/init.sh
@@ -7,4 +7,29 @@ if [ ! -f "/config/settings.json" ]; then
  cp -a /defaults/settings.json /config/settings.json
 fi
-exec "$@"
+# Extract config file path from arguments
 config_file=""
 next_is_config=0
 for arg in "$@"; do
  if [ "$next_is_config" -eq 1 ]; then
    config_file="$arg"
    break
  fi
  case "$arg" in
    -c|--config)
      next_is_config=1
      ;;
    -c=*|--config=*)
      config_file="${arg#*=}"
      break
      ;;
  esac
 done
 # If no config argument is provided, set the default and add it to the args                                                                 
 if [ -z "$config_file" ]; then 
  config_file="/config/settings.json"                                                                                                                                                                                                 
  set -- --config=/config/settings.json "$@"                                                                                                       
 fi                                                                                                                                                                                                                                                                                                                                                             
 exec filebrowser "$@"
--- a/docker/common/defaults/settings.json
+++ b/docker/common/defaults/settings.json
@@ -5,4 +5,4 @@
  "log": "stdout",
  "database": "/database/filebrowser.db",
  "root": "/srv"
-}
+}
--- a/docker/common/healthcheck.sh
+++ b/docker/common/healthcheck.sh
@@ -6,4 +6,4 @@ PORT=${FB_PORT:-$(jq -r .port /config/settings.json)}
 ADDRESS=${FB_ADDRESS:-$(jq -r .address /config/settings.json)}
 ADDRESS=${ADDRESS:-localhost}
-curl -f http://$ADDRESS:$PORT/health || exit 1
+wget -q --spider http://$ADDRESS:$PORT/health || exit 1
--- a/errors/errors.go
+++ b/errors/errors.go
@@ -1,4 +1,4 @@
-package errors
+package fberrors
 import (
 	"errors"
@@ -6,22 +6,23 @@ import (
 )
 var (
-	ErrEmptyKey             = errors.New("empty key")
+	ErrEmptyKey                 = errors.New("empty key")
-	ErrExist                = errors.New("the resource already exists")
+	ErrExist                    = errors.New("the resource already exists")
-	ErrNotExist             = errors.New("the resource does not exist")
+	ErrNotExist                 = errors.New("the resource does not exist")
-	ErrEmptyPassword        = errors.New("password is empty")
+	ErrEmptyPassword            = errors.New("password is empty")
-	ErrEasyPassword         = errors.New("password is too easy")
+	ErrEasyPassword             = errors.New("password is too easy")
-	ErrEmptyUsername        = errors.New("username is empty")
+	ErrEmptyUsername            = errors.New("username is empty")
-	ErrEmptyRequest         = errors.New("empty request")
+	ErrEmptyRequest             = errors.New("empty request")
-	ErrScopeIsRelative      = errors.New("scope is a relative path")
+	ErrScopeIsRelative          = errors.New("scope is a relative path")
-	ErrInvalidDataType      = errors.New("invalid data type")
+	ErrInvalidDataType          = errors.New("invalid data type")
-	ErrIsDirectory          = errors.New("file is directory")
+	ErrIsDirectory              = errors.New("file is directory")
-	ErrInvalidOption        = errors.New("invalid option")
+	ErrInvalidOption            = errors.New("invalid option")
-	ErrInvalidAuthMethod    = errors.New("invalid auth method")
+	ErrInvalidAuthMethod        = errors.New("invalid auth method")
-	ErrPermissionDenied     = errors.New("permission denied")
+	ErrPermissionDenied         = errors.New("permission denied")
-	ErrInvalidRequestParams = errors.New("invalid request params")
+	ErrInvalidRequestParams     = errors.New("invalid request params")
-	ErrSourceIsParent       = errors.New("source is parent")
+	ErrSourceIsParent           = errors.New("source is parent")
-	ErrRootUserDeletion     = errors.New("user with id 1 can't be deleted")
+	ErrRootUserDeletion         = errors.New("user with id 1 can't be deleted")
 	ErrCurrentPasswordIncorrect = errors.New("the current password is incorrect")
 )
 type ErrShortPassword struct {
--- a/files/file.go
+++ b/files/file.go
@@ -1,8 +1,8 @@
 package files
 import (
-	"crypto/md5"  //nolint:gosec
+	"crypto/md5"
-	"crypto/sha1" //nolint:gosec
+	"crypto/sha1"
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/hex"
@@ -23,13 +23,10 @@ import (
 	"github.com/spf13/afero"
-	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
+	fberrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/rules"
 )
 const PermFile = 0640
 const PermDir = 0750
 var (
 	reSubDirs = regexp.MustCompile("(?i)^sub(s|titles)$")
 	reSubExts = regexp.MustCompile("(?i)(.vtt|.srt|.ass|.ssa)$")
@@ -38,22 +35,24 @@ var (
 // FileInfo describes a file.
 type FileInfo struct {
 	*Listing
-	Fs         afero.Fs          `json:"-"`
+	Fs        afero.Fs          `json:"-"`
-	Path       string            `json:"path"`
+	Path      string            `json:"path"`
-	Name       string            `json:"name"`
+	Name      string            `json:"name"`
-	Size       int64             `json:"size"`
+	Size      int64             `json:"size"`
-	Extension  string            `json:"extension"`
+	Extension string            `json:"extension"`
-	ModTime    time.Time         `json:"modified"`
+	ModTime   time.Time         `json:"modified"`
-	Mode       os.FileMode       `json:"mode"`
+	Mode      os.FileMode       `json:"mode"`
-	IsDir      bool              `json:"isDir"`
+	IsDir     bool              `json:"isDir"`
-	IsSymlink  bool              `json:"isSymlink"`
+	IsSymlink bool              `json:"isSymlink"`
-	Type       string            `json:"type"`
+	Type      string            `json:"type"`
-	Subtitles  []string          `json:"subtitles,omitempty"`
+	Subtitles []string          `json:"subtitles,omitempty"`
-	Content    string            `json:"content,omitempty"`
+	Content   string            `json:"content,omitempty"`
-	Checksums  map[string]string `json:"checksums,omitempty"`
+	Checksums map[string]string `json:"checksums,omitempty"`
-	Token      string            `json:"token,omitempty"`
+	// Tags holds audio metadata (ID3, VorbisComment, MP4 tags, ...)
-	currentDir []os.FileInfo     `json:"-"`
+	Tags       map[string]interface{} `json:"tags,omitempty"`
-	Resolution *ImageResolution  `json:"resolution,omitempty"`
+	Token      string                 `json:"token,omitempty"`
 	currentDir []os.FileInfo          `json:"-"`
 	Resolution *ImageResolution       `json:"resolution,omitempty"`
 }
 // FileOptions are the options when getting a file info.
@@ -63,6 +62,7 @@ type FileOptions struct {
 	Modify     bool
 	Expand     bool
 	ReadHeader bool
 	CalcImgRes bool
 	Token      string
 	Checker    rules.Checker
 	Content    bool
@@ -93,13 +93,13 @@ func NewFileInfo(opts *FileOptions) (*FileInfo, error) {
 	if opts.Expand {
 		if file.IsDir {
-			if err := file.readListing(opts.Checker, opts.ReadHeader); err != nil { //nolint:govet
+			if err := file.readListing(opts.Checker, opts.ReadHeader, opts.CalcImgRes); err != nil {
 				return nil, err
 			}
 			return file, nil
 		}
-		err = file.detectType(opts.Modify, opts.Content, true)
+		err = file.detectType(opts.Modify, opts.Content, true, opts.CalcImgRes)
 		if err != nil {
 			return nil, err
 		}
@@ -171,7 +171,7 @@ func stat(opts *FileOptions) (*FileInfo, error) {
 // algorithm. The checksums data is saved on File object.
 func (i *FileInfo) Checksum(algo string) error {
 	if i.IsDir {
-		return fbErrors.ErrIsDirectory
+		return fberrors.ErrIsDirectory
 	}
 	if i.Checksums == nil {
@@ -186,7 +186,6 @@ func (i *FileInfo) Checksum(algo string) error {
 	var h hash.Hash
 	//nolint:gosec
 	switch algo {
 	case "md5":
 		h = md5.New()
@@ -197,7 +196,7 @@ func (i *FileInfo) Checksum(algo string) error {
 	case "sha512":
 		h = sha512.New()
 	default:
-		return fbErrors.ErrInvalidOption
+		return fberrors.ErrInvalidOption
 	}
 	_, err = io.Copy(h, reader)
@@ -222,7 +221,7 @@ func (i *FileInfo) RealPath() string {
 	return i.Path
 }
-func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
+func (i *FileInfo) detectType(modify, saveContent, readHeader bool, calcImgRes bool) error {
 	if IsNamedPipe(i.Mode) {
 		i.Type = "blob"
 		return nil
@@ -253,11 +252,13 @@ func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
 		return nil
 	case strings.HasPrefix(mimetype, "image"):
 		i.Type = "image"
-		resolution, err := calculateImageResolution(i.Fs, i.Path)
+		if calcImgRes {
-		if err != nil {
+			resolution, err := calculateImageResolution(i.Fs, i.Path)
-			log.Printf("Error calculating image resolution: %v", err)
+			if err != nil {
-		} else {
+				log.Printf("Error calculating image resolution: %v", err)
-			i.Resolution = resolution
+			} else {
 				i.Resolution = resolution
 			}
 		}
 		return nil
 	case strings.HasSuffix(mimetype, "pdf"):
@@ -391,7 +392,7 @@ func (i *FileInfo) addSubtitle(fPath string) {
 	i.Subtitles = append(i.Subtitles, fPath)
 }
-func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
+func (i *FileInfo) readListing(checker rules.Checker, readHeader bool, calcImgRes bool) error {
 	afs := &afero.Afero{Fs: i.Fs}
 	dir, err := afs.ReadDir(i.Path)
 	if err != nil {
@@ -438,7 +439,7 @@ func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
 			currentDir: dir,
 		}
-		if !file.IsDir && strings.HasPrefix(mime.TypeByExtension(file.Extension), "image/") {
+		if !file.IsDir && strings.HasPrefix(mime.TypeByExtension(file.Extension), "image/") && calcImgRes {
 			resolution, err := calculateImageResolution(file.Fs, file.Path)
 			if err != nil {
 				log.Printf("Error calculating resolution for image %s: %v", file.Path, err)
@@ -455,7 +456,7 @@ func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
 			if isInvalidLink {
 				file.Type = "invalid_link"
 			} else {
-				err := file.detectType(true, false, readHeader)
+				err := file.detectType(true, false, readHeader, calcImgRes)
 				if err != nil {
 					return err
 				}
--- a/files/mime.go
+++ b/files/mime.go
@@ -600,7 +600,6 @@ var types = map[string]string{
 	".epub":      "application/epub+zip",
 }
 //nolint:gochecknoinits
 func init() {
 	for ext, typ := range types {
 		// skip errors
--- a/files/tags.go
+++ b/files/tags.go
@@ -0,0 +1,100 @@
 package files
 import (
 	"bytes"
 	"encoding/base64"
 	"io"
 	"log"
 	"strings"
 	"github.com/dhowden/tag"
 )
 // ReadAudioTags extracts common audio metadata from the file and stores it in
 // the FileInfo.Tags map. It attempts to extract common fields and includes
 // embedded picture(s) as base64 where present.
 func (i *FileInfo) ReadAudioTags() error {
 	if i.IsDir {
 		return nil
 	}
 	f, err := i.Fs.Open(i.Path)
 	if err != nil {
 		return err
 	}
 	defer f.Close()
 	m, err := tag.ReadFrom(f)
 	if err != nil {
 		// don't fail hard; log and return nil so callers still get file info
 		log.Printf("ReadAudioTags: failed to read tags for %s: %v", i.Path, err)
 		return nil
 	}
 	tags := map[string]interface{}{}
 	if v := m.Title(); v != "" {
 		tags["title"] = v
 	}
 	if v := m.Album(); v != "" {
 		tags["album"] = v
 	}
 	if v := m.Artist(); v != "" {
 		tags["artist"] = v
 	}
 	if v := m.AlbumArtist(); v != "" {
 		tags["albumartist"] = v
 	}
 	if v := m.Composer(); v != "" {
 		tags["composer"] = v
 	}
 	if v := m.Year(); v != 0 {
 		tags["year"] = v
 	}
 	if t, _ := m.Track(); t > 0 {
 		tags["track"] = t
 	}
 	if dnum, _ := m.Disc(); dnum > 0 {
 		tags["disc"] = dnum
 	}
 	if v := m.Genre(); v != "" {
 		tags["genre"] = v
 	}
 	// Pictures: encode as data URI (base64) so frontend can preview if needed.
 	if pic := m.Picture(); pic != nil {
 		// safe encode image bytes as base64
 		var buf bytes.Buffer
 		if _, err := io.Copy(&buf, bytes.NewReader(pic.Data)); err == nil {
 			b64 := base64.StdEncoding.EncodeToString(buf.Bytes())
 			dataURI := "data:" + pic.MIMEType + ";base64," + b64
 			tags["picture"] = map[string]interface{}{
 				"mime": pic.MIMEType,
 				"data": dataURI,
 			}
 		}
 	}
 	// Keep raw metadata map if available (some formats expose additional fields)
 	if raw := m.Raw(); raw != nil {
 		for k, v := range raw {
 			// Skip raw APIC entries (attached picture frame) to avoid
 			// exposing large binary blobs. We already expose a friendly
 			// `picture` key above when a picture exists.
 			if strings.EqualFold(k, "APIC") {
 				continue
 			}
 			// avoid overwriting already set common fields
 			if _, ok := tags[k]; !ok {
 				tags[k] = v
 			}
 		}
 	}
 	// Attach tags map
 	if len(tags) > 0 {
 		i.Tags = tags
 	}
 	return nil
 }
--- a/files/write_mp3.go
+++ b/files/write_mp3.go
@@ -0,0 +1,7 @@
 package files
 // This file is a placeholder to avoid accidental module resolution for
 // non-implemented MP3 metadata writers. The actual implementation is not
 // required at runtime, and we should not import external packages here.
 // Intentionally left blank.
--- a/fileutils/copy.go
+++ b/fileutils/copy.go
@@ -1,6 +1,7 @@
 package fileutils
 import (
 	"io/fs"
 	"os"
 	"path"
@@ -8,7 +9,7 @@ import (
 )
 // Copy copies a file or folder from one place to another.
-func Copy(fs afero.Fs, src, dst string) error {
+func Copy(afs afero.Fs, src, dst string, fileMode, dirMode fs.FileMode) error {
 	if src = path.Clean("/" + src); src == "" {
 		return os.ErrNotExist
 	}
@@ -26,14 +27,14 @@ func Copy(fs afero.Fs, src, dst string) error {
 		return os.ErrInvalid
 	}
-	info, err := fs.Stat(src)
+	info, err := afs.Stat(src)
 	if err != nil {
 		return err
 	}
 	if info.IsDir() {
-		return CopyDir(fs, src, dst)
+		return CopyDir(afs, src, dst, fileMode, dirMode)
 	}
-	return CopyFile(fs, src, dst)
+	return CopyFile(afs, src, dst, fileMode, dirMode)
 }
--- a/fileutils/dir.go
+++ b/fileutils/dir.go
@@ -2,6 +2,7 @@ package fileutils
 import (
 	"errors"
 	"io/fs"
 	"github.com/spf13/afero"
 )
@@ -9,20 +10,20 @@ import (
 // CopyDir copies a directory from source to dest and all
 // of its sub-directories. It doesn't stop if it finds an error
 // during the copy. Returns an error if any.
-func CopyDir(fs afero.Fs, source, dest string) error {
+func CopyDir(afs afero.Fs, source, dest string, fileMode, dirMode fs.FileMode) error {
 	// Get properties of source.
-	srcinfo, err := fs.Stat(source)
+	srcinfo, err := afs.Stat(source)
 	if err != nil {
 		return err
 	}
 	// Create the destination directory.
-	err = fs.MkdirAll(dest, srcinfo.Mode())
+	err = afs.MkdirAll(dest, srcinfo.Mode())
 	if err != nil {
 		return err
 	}
-	dir, _ := fs.Open(source)
+	dir, _ := afs.Open(source)
 	obs, err := dir.Readdir(-1)
 	if err != nil {
 		return err
@@ -36,13 +37,13 @@ func CopyDir(fs afero.Fs, source, dest string) error {
 		if obj.IsDir() {
 			// Create sub-directories, recursively.
-			err = CopyDir(fs, fsource, fdest)
+			err = CopyDir(afs, fsource, fdest, fileMode, dirMode)
 			if err != nil {
 				errs = append(errs, err)
 			}
 		} else {
 			// Perform the file copy.
-			err = CopyFile(fs, fsource, fdest)
+			err = CopyFile(afs, fsource, fdest, fileMode, dirMode)
 			if err != nil {
 				errs = append(errs, err)
 			}
--- a/fileutils/file.go
+++ b/fileutils/file.go
@@ -2,29 +2,28 @@ package fileutils
 import (
 	"io"
 	"io/fs"
 	"os"
 	"path"
 	"path/filepath"
 	"github.com/spf13/afero"
 	"github.com/filebrowser/filebrowser/v2/files"
 )
 // MoveFile moves file from src to dst.
 // By default the rename filesystem system call is used. If src and dst point to different volumes
 // the file copy is used as a fallback
-func MoveFile(fs afero.Fs, src, dst string) error {
+func MoveFile(afs afero.Fs, src, dst string, fileMode, dirMode fs.FileMode) error {
-	if fs.Rename(src, dst) == nil {
+	if afs.Rename(src, dst) == nil {
 		return nil
 	}
 	// fallback
-	err := Copy(fs, src, dst)
+	err := Copy(afs, src, dst, fileMode, dirMode)
 	if err != nil {
-		_ = fs.Remove(dst)
+		_ = afs.Remove(dst)
 		return err
 	}
-	if err := fs.RemoveAll(src); err != nil {
+	if err := afs.RemoveAll(src); err != nil {
 		return err
 	}
 	return nil
@@ -32,9 +31,9 @@ func MoveFile(fs afero.Fs, src, dst string) error {
 // CopyFile copies a file from source to dest and returns
 // an error if any.
-func CopyFile(fs afero.Fs, source, dest string) error {
+func CopyFile(afs afero.Fs, source, dest string, fileMode, dirMode fs.FileMode) error {
 	// Open the source file.
-	src, err := fs.Open(source)
+	src, err := afs.Open(source)
 	if err != nil {
 		return err
 	}
@@ -42,13 +41,13 @@ func CopyFile(fs afero.Fs, source, dest string) error {
 	// Makes the directory needed to create the dst
 	// file.
-	err = fs.MkdirAll(filepath.Dir(dest), files.PermDir)
+	err = afs.MkdirAll(filepath.Dir(dest), dirMode)
 	if err != nil {
 		return err
 	}
 	// Create the destination file.
-	dst, err := fs.OpenFile(dest, os.O_RDWR|os.O_CREATE|os.O_TRUNC, files.PermFile)
+	dst, err := afs.OpenFile(dest, os.O_RDWR|os.O_CREATE|os.O_TRUNC, fileMode)
 	if err != nil {
 		return err
 	}
@@ -61,11 +60,11 @@ func CopyFile(fs afero.Fs, source, dest string) error {
 	}
 	// Copy the mode
-	info, err := fs.Stat(source)
+	info, err := afs.Stat(source)
 	if err != nil {
 		return err
 	}
-	err = fs.Chmod(dest, info.Mode())
+	err = afs.Chmod(dest, info.Mode())
 	if err != nil {
 		return err
 	}
--- a/frontend/assets.go
+++ b/frontend/assets.go
@@ -1,5 +1,4 @@
 //go:build !dev
 // +build !dev
 package frontend
--- a/frontend/assets_dev.go
+++ b/frontend/assets_dev.go
@@ -1,15 +0,0 @@
 //go:build dev
 // +build dev
 package frontend
 import (
 	"io/fs"
 	"os"
 )
 var assets fs.FS = os.DirFS("frontend")
 func Assets() fs.FS {
 	return assets
 }
--- a/frontend/eslint.config.js
+++ b/frontend/eslint.config.js
@@ -1,26 +1,25 @@
 import pluginVue from "eslint-plugin-vue";
-import vueTsEslintConfig from "@vue/eslint-config-typescript";
+import {
  defineConfigWithVueTs,
  vueTsConfigs,
 } from "@vue/eslint-config-typescript";
 import prettierConfig from "@vue/eslint-config-prettier";
-export default [
+export default defineConfigWithVueTs(
  {
    name: "app/files-to-lint",
    files: ["**/*.{ts,mts,tsx,vue}"],
  },
  {
    name: "app/files-to-ignore",
    ignores: ["**/dist/**", "**/dist-ssr/**", "**/coverage/**"],
  },
-
+  pluginVue.configs["flat/essential"],
-  ...pluginVue.configs["flat/essential"],
+  vueTsConfigs.recommended,
  ...vueTsEslintConfig(),
  prettierConfig,
  {
    rules: {
      // Note: you must disable the base rule as it can report incorrect errors
      "no-unused-expressions": "off",
      "@typescript-eslint/no-unused-expressions": "off",
      // TODO: theres too many of these from before ts
      "@typescript-eslint/no-explicit-any": "off",
@@ -34,5 +33,5 @@ export default [
        },
      ],
    },
-  },
+  }
-];
+);
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -12,7 +12,11 @@
    <link rel="icon" type="image/svg+xml" href="/img/icons/favicon.svg" />
    <link rel="shortcut icon" href="/img/icons/favicon.ico" />
-    <link rel="apple-touch-icon" sizes="180x180" href="/img/icons/apple-touch-icon.png" />
+    <link
      rel="apple-touch-icon"
      sizes="180x180"
      href="/img/icons/apple-touch-icon.png"
    />
    <meta name="apple-mobile-web-app-title" content="File Browser" />
    <!-- Add to home screen for Android and modern mobile browsers -->
@@ -35,6 +39,7 @@
        DisableUsedPercentage: false,
        EnableExec: true,
        EnableThumbs: true,
        LogoutPage: "",
        LoginPage: true,
        Name: "",
        NoAuth: false,
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -4,75 +4,72 @@
  "private": true,
  "type": "module",
  "engines": {
-    "node": ">=22.0.0",
+    "node": ">=24.0.0",
-    "pnpm": ">=9.0.0"
+    "pnpm": ">=10.0.0"
  },
  "scripts": {
    "dev": "vite dev",
    "build": "pnpm run typecheck && vite build",
    "clean": "find ./dist -maxdepth 1 -mindepth 1 ! -name '.gitkeep' -exec rm -r {} +",
-    "typecheck": "vue-tsc -p ./tsconfig.tsc.json --noEmit",
+    "typecheck": "vue-tsc -p ./tsconfig.app.json --noEmit",
    "lint": "eslint src/",
    "lint:fix": "eslint --fix src/",
-    "format": "prettier --write .",
+    "format": "prettier --write ."
    "test": "playwright test"
  },
  "dependencies": {
    "@chenfengyuan/vue-number-input": "^2.0.1",
-    "@vueuse/core": "^12.5.0",
+    "@vueuse/core": "^14.0.0",
-    "@vueuse/integrations": "^12.5.0",
+    "@vueuse/integrations": "^14.0.0",
-    "ace-builds": "^1.37.5",
+    "ace-builds": "^1.43.2",
-    "core-js": "^3.40.0",
+    "dayjs": "^1.11.13",
    "dayjs": "^1.11.10",
    "dompurify": "^3.2.6",
    "epubjs": "^0.3.93",
-    "filesize": "^10.1.1",
+    "filesize": "^11.0.13",
    "js-base64": "^3.7.7",
    "jwt-decode": "^4.0.0",
    "lodash-es": "^4.17.21",
-    "marked": "^15.0.6",
+    "marked": "^17.0.0",
-    "material-icons": "^1.13.13",
+    "material-icons": "^1.13.14",
    "normalize.css": "^8.0.1",
-    "pinia": "^2.3.1",
+    "pinia": "^3.0.4",
-    "pretty-bytes": "^6.1.1",
+    "pretty-bytes": "^7.1.0",
-    "qrcode.vue": "^3.4.1",
+    "qrcode.vue": "^3.6.0",
    "tus-js-client": "^4.3.1",
    "utif": "^3.1.0",
-    "video.js": "^8.21.0",
+    "video.js": "^8.23.3",
    "videojs-hotkeys": "^0.2.28",
    "videojs-mobile-ui": "^1.1.1",
-    "vue": "^3.4.21",
+    "vue": "^3.5.17",
-    "vue-final-modal": "^4.5.4",
+    "vue-final-modal": "^4.5.5",
-    "vue-i18n": "^11.1.2",
+    "vue-i18n": "^11.1.10",
    "vue-lazyload": "^3.0.0",
    "vue-reader": "^1.2.17",
-    "vue-router": "^4.3.0",
+    "vue-router": "^4.5.1",
    "vue-toastification": "^2.0.0-rc.5"
  },
  "devDependencies": {
-    "@intlify/unplugin-vue-i18n": "^6.0.3",
+    "@intlify/unplugin-vue-i18n": "^11.0.1",
-    "@playwright/test": "^1.50.0",
+    "@tsconfig/node24": "^24.0.2",
    "@tsconfig/node22": "^22.0.0",
    "@types/lodash-es": "^4.17.12",
-    "@types/node": "^22.10.10",
+    "@types/node": "^24.10.1",
-    "@typescript-eslint/eslint-plugin": "^8.21.0",
+    "@typescript-eslint/eslint-plugin": "^8.37.0",
-    "@vitejs/plugin-legacy": "^6.0.0",
+    "@vitejs/plugin-legacy": "^7.2.1",
-    "@vitejs/plugin-vue": "^5.0.4",
+    "@vitejs/plugin-vue": "^6.0.1",
    "@vue/eslint-config-prettier": "^10.2.0",
-    "@vue/eslint-config-typescript": "^14.3.0",
+    "@vue/eslint-config-typescript": "^14.6.0",
-    "@vue/tsconfig": "^0.7.0",
+    "@vue/tsconfig": "^0.8.1",
-    "autoprefixer": "^10.4.19",
+    "autoprefixer": "^10.4.21",
-    "concurrently": "^9.1.2",
+    "eslint": "^9.31.0",
-    "eslint": "^9.19.0",
+    "eslint-config-prettier": "^10.1.5",
-    "eslint-plugin-prettier": "^5.2.3",
+    "eslint-plugin-prettier": "^5.5.1",
-    "eslint-plugin-vue": "^9.24.0",
+    "eslint-plugin-vue": "^10.5.1",
-    "jsdom": "^26.0.0",
+    "postcss": "^8.5.6",
-    "postcss": "^8.5.1",
+    "prettier": "^3.6.2",
-    "prettier": "^3.4.2",
+    "terser": "^5.43.1",
-    "terser": "^5.37.0",
+    "typescript": "^5.9.3",
-    "vite": "^6.1.6",
+    "vite": "^7.2.2",
-    "vite-plugin-compression2": "^1.0.0",
+    "vite-plugin-compression2": "^2.3.1",
-    "vue-tsc": "^2.2.0"
+    "vue-tsc": "^3.1.3"
  },
-  "packageManager": "pnpm@9.15.4+sha512.b2dc20e2fc72b3e18848459b37359a32064663e5627a51e4c74b2c29dd8e8e0491483c3abb40789cfd578bf362fb6ba8261b05f0387d76792ed6e23ea3b1b6a0"
+  "packageManager": "pnpm@10.28.1+sha512.7d7dbbca9e99447b7c3bf7a73286afaaf6be99251eb9498baefa7d406892f67b879adb3a1d7e687fc4ccc1a388c7175fbaae567a26ab44d1067b54fcb0d6a316"
 }
--- a/frontend/playwright.config.ts
+++ b/frontend/playwright.config.ts
@@ -1,80 +0,0 @@
 import { defineConfig, devices } from "@playwright/test";
 /**
 * Read environment variables from file.
 * https://github.com/motdotla/dotenv
 */
 // require('dotenv').config();
 /**
 * See https://playwright.dev/docs/test-configuration.
 */
 export default defineConfig({
  testDir: "./tests",
  /* Run tests in files in parallel */
  fullyParallel: true,
  /* Fail the build on CI if you accidentally left test.only in the source code. */
  forbidOnly: !!process.env.CI,
  /* Retry on CI only */
  retries: process.env.CI ? 2 : 0,
  /* Opt out of parallel tests on CI. */
  workers: process.env.CI ? 1 : undefined,
  /* Reporter to use. See https://playwright.dev/docs/test-reporters */
  reporter: "html",
  /* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
  use: {
    /* Base URL to use in actions like `await page.goto('/')`. */
    baseURL: "http://127.0.0.1:5173",
    /* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
    trace: "on-first-retry",
    /* Set default locale to English (US) */
    locale: "en-US",
  },
  /* Configure projects for major browsers */
  projects: [
    {
      name: "chromium",
      use: { ...devices["Desktop Chrome"] },
    },
    {
      name: "firefox",
      use: { ...devices["Desktop Firefox"] },
    },
    // {
    //   name: "webkit",
    //   use: { ...devices["Desktop Safari"] },
    // },
    /* Test against mobile viewports. */
    // {
    //   name: 'Mobile Chrome',
    //   use: { ...devices['Pixel 5'] },
    // },
    // {
    //   name: 'Mobile Safari',
    //   use: { ...devices['iPhone 12'] },
    // },
    /* Test against branded browsers. */
    // {
    //   name: 'Microsoft Edge',
    //   use: { ...devices['Desktop Edge'], channel: 'msedge' },
    // },
    // {
    //   name: 'Google Chrome',
    //   use: { ...devices['Desktop Chrome'], channel: 'chrome' },
    // },
  ],
  /* Run your local dev server before starting the tests */
  webServer: {
    command: "npm run dev",
    url: "http://127.0.0.1:5173",
    reuseExistingServer: !process.env.CI,
  },
 });
--- a/frontend/pnpm-lock.yaml
+++ b/frontend/pnpm-lock.yaml
--- a/frontend/public/img/logo.svg
+++ b/frontend/public/img/logo.svg
@@ -1,147 +1 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" width="560" height="560" version="1.1" id="prefix__svg44" clip-rule="evenodd" fill-rule="evenodd" image-rendering="optimizeQuality" shape-rendering="geometricPrecision" text-rendering="geometricPrecision"><defs id="prefix__defs4"><style type="text/css" id="style2">.prefix__fil1{fill:#fefefe}.prefix__fil6{fill:#006498}.prefix__fil5{fill:#bdeaff}</style></defs><g id="prefix__g85" transform="translate(-70 -70)"><path class="prefix__fil1" d="M350 71c154 0 279 125 279 279S504 629 350 629 71 504 71 350 196 71 350 71z" id="prefix__path9" fill="#fefefe"/><path d="M475 236l118 151c3 116-149 252-292 198l-76-99 114-156s138-95 136-94z" id="prefix__path11" fill="#332c2b" fill-opacity=".149"/><path d="M231 211h208l38 24v246c0 5-3 8-8 8H231c-5 0-8-3-8-8V219c0-5 3-8 8-8z" id="prefix__path13" fill="#2bbcff"/><path d="M231 211h208l38 24v2l-37-23H231c-4 0-7 3-7 7v263c-1-1-1-2-1-3V219c0-5 3-8 8-8z" id="prefix__path15" fill="#53c6fc"/><path class="prefix__fil5" id="prefix__polygon17" fill="#bdeaff" d="M305 212h113v98H305z"/><path class="prefix__fil5" d="M255 363h189c3 0 5 2 5 4v116H250V367c0-2 2-4 5-4z" id="prefix__path19" fill="#bdeaff"/><path class="prefix__fil6" id="prefix__polygon21" fill="#006498" d="M250 470h199v13H250z"/><path class="prefix__fil6" d="M380 226h10c3 0 6 2 6 5v40c0 3-3 6-6 6h-10c-3 0-6-3-6-6v-40c0-3 3-5 6-5z" id="prefix__path23" fill="#006498"/><path class="prefix__fil1" d="M254 226c10 0 17 7 17 17 0 9-7 16-17 16-9 0-17-7-17-16 0-10 8-17 17-17z" id="prefix__path25" fill="#fefefe"/><path class="prefix__fil6" d="M267 448h165c2 0 3 1 3 3 0 1-1 3-3 3H267c-2 0-3-2-3-3 0-2 1-3 3-3z" id="prefix__path27" fill="#006498"/><path class="prefix__fil6" d="M267 415h165c2 0 3 1 3 3 0 1-1 2-3 2H267c-2 0-3-1-3-2 0-2 1-3 3-3z" id="prefix__path29" fill="#006498"/><path class="prefix__fil6" d="M267 381h165c2 0 3 2 3 3 0 2-1 3-3 3H267c-2 0-3-1-3-3 0-1 1-3 3-3z" id="prefix__path31" fill="#006498"/><path class="prefix__fil1" d="M236 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5z" id="prefix__path33" fill="#fefefe"/><path class="prefix__fil1" d="M463 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5z" id="prefix__path35" fill="#fefefe"/><path class="prefix__fil6" id="prefix__polygon37" fill="#006498" d="M305 212h-21v98h21z"/><path d="M477 479v2c0 5-3 8-8 8H231c-5 0-8-3-8-8v-2c0 4 3 8 8 8h238c5 0 8-4 8-8z" id="prefix__path39" fill="#0ea5eb"/><path d="M350 70c155 0 280 125 280 280S505 630 350 630 70 505 70 350 195 70 350 70zm0 46c129 0 234 105 234 234S479 584 350 584 116 479 116 350s105-234 234-234z" id="prefix__path41" fill="#2979ff"/></g></svg>
 <svg
   xmlns:dc="http://purl.org/dc/elements/1.1/"
   xmlns:cc="http://creativecommons.org/ns#"
   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
   xmlns:svg="http://www.w3.org/2000/svg"
   xmlns="http://www.w3.org/2000/svg"
   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
   xml:space="preserve"
   width="560"
   height="560"
   version="1.1"
   style="clip-rule:evenodd;fill-rule:evenodd;image-rendering:optimizeQuality;shape-rendering:geometricPrecision;text-rendering:geometricPrecision"
   viewBox="0 0 560 560"
   id="svg44"
   sodipodi:docname="icon_raw.svg"
   inkscape:version="0.92.3 (2405546, 2018-03-11)"
   inkscape:export-filename="/home/umarcor/filebrowser/logo/icon_raw.svg.png"
   inkscape:export-xdpi="96"
   inkscape:export-ydpi="96"><metadata
   id="metadata48"><rdf:RDF><cc:Work
       rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
         rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><sodipodi:namedview
   pagecolor="#ffffff"
   bordercolor="#666666"
   borderopacity="1"
   objecttolerance="10"
   gridtolerance="10"
   guidetolerance="10"
   inkscape:pageopacity="0"
   inkscape:pageshadow="2"
   inkscape:window-width="1366"
   inkscape:window-height="711"
   id="namedview46"
   showgrid="false"
   inkscape:zoom="0.33714286"
   inkscape:cx="-172.33051"
   inkscape:cy="280"
   inkscape:window-x="0"
   inkscape:window-y="20"
   inkscape:window-maximized="1"
   inkscape:current-layer="svg44" />
  <defs
   id="defs4">
    <style
   type="text/css"
   id="style2">
      <![CDATA[
       .fil1 {fill:#FEFEFE}
       .fil6 {fill:#006498}
       .fil7 {fill:#0EA5EB}
       .fil8 {fill:#2979FF}
       .fil3 {fill:#2BBCFF}
       .fil0 {fill:#455A64}
       .fil4 {fill:#53C6FC}
       .fil5 {fill:#BDEAFF}
       .fil2 {fill:#332C2B;fill-opacity:0.149020}
      ]]>
    </style>
  </defs>
  <g
   id="g85"
   transform="translate(-70,-70)"><path
     class="fil1"
     d="M 350,71 C 504,71 629,196 629,350 629,504 504,629 350,629 196,629 71,504 71,350 71,196 196,71 350,71 Z"
     id="path9"
     inkscape:connector-curvature="0"
     style="fill:#fefefe" /><path
     class="fil2"
     d="M 475,236 593,387 C 596,503 444,639 301,585 L 225,486 339,330 c 0,0 138,-95 136,-94 z"
     id="path11"
     inkscape:connector-curvature="0"
     style="fill:#332c2b;fill-opacity:0.14902003" /><path
     class="fil3"
     d="m 231,211 h 208 l 38,24 v 246 c 0,5 -3,8 -8,8 H 231 c -5,0 -8,-3 -8,-8 V 219 c 0,-5 3,-8 8,-8 z"
     id="path13"
     inkscape:connector-curvature="0"
     style="fill:#2bbcff" /><path
     class="fil4"
     d="m 231,211 h 208 l 38,24 v 2 L 440,214 H 231 c -4,0 -7,3 -7,7 v 263 c -1,-1 -1,-2 -1,-3 V 219 c 0,-5 3,-8 8,-8 z"
     id="path15"
     inkscape:connector-curvature="0"
     style="fill:#53c6fc" /><polygon
     class="fil5"
     points="305,212 418,212 418,310 305,310 "
     id="polygon17"
     style="fill:#bdeaff" /><path
     class="fil5"
     d="m 255,363 h 189 c 3,0 5,2 5,4 V 483 H 250 V 367 c 0,-2 2,-4 5,-4 z"
     id="path19"
     inkscape:connector-curvature="0"
     style="fill:#bdeaff" /><polygon
     class="fil6"
     points="250,470 449,470 449,483 250,483 "
     id="polygon21"
     style="fill:#006498" /><path
     class="fil6"
     d="m 380,226 h 10 c 3,0 6,2 6,5 v 40 c 0,3 -3,6 -6,6 h -10 c -3,0 -6,-3 -6,-6 v -40 c 0,-3 3,-5 6,-5 z"
     id="path23"
     inkscape:connector-curvature="0"
     style="fill:#006498" /><path
     class="fil1"
     d="m 254,226 c 10,0 17,7 17,17 0,9 -7,16 -17,16 -9,0 -17,-7 -17,-16 0,-10 8,-17 17,-17 z"
     id="path25"
     inkscape:connector-curvature="0"
     style="fill:#fefefe" /><path
     class="fil6"
     d="m 267,448 h 165 c 2,0 3,1 3,3 v 0 c 0,1 -1,3 -3,3 H 267 c -2,0 -3,-2 -3,-3 v 0 c 0,-2 1,-3 3,-3 z"
     id="path27"
     inkscape:connector-curvature="0"
     style="fill:#006498" /><path
     class="fil6"
     d="m 267,415 h 165 c 2,0 3,1 3,3 v 0 c 0,1 -1,2 -3,2 H 267 c -2,0 -3,-1 -3,-2 v 0 c 0,-2 1,-3 3,-3 z"
     id="path29"
     inkscape:connector-curvature="0"
     style="fill:#006498" /><path
     class="fil6"
     d="m 267,381 h 165 c 2,0 3,2 3,3 v 0 c 0,2 -1,3 -3,3 H 267 c -2,0 -3,-1 -3,-3 v 0 c 0,-1 1,-3 3,-3 z"
     id="path31"
     inkscape:connector-curvature="0"
     style="fill:#006498" /><path
     class="fil1"
     d="m 236,472 c 3,0 5,2 5,5 0,2 -2,4 -5,4 -3,0 -5,-2 -5,-4 0,-3 2,-5 5,-5 z"
     id="path33"
     inkscape:connector-curvature="0"
     style="fill:#fefefe" /><path
     class="fil1"
     d="m 463,472 c 3,0 5,2 5,5 0,2 -2,4 -5,4 -3,0 -5,-2 -5,-4 0,-3 2,-5 5,-5 z"
     id="path35"
     inkscape:connector-curvature="0"
     style="fill:#fefefe" /><polygon
     class="fil6"
     points="305,212 284,212 284,310 305,310 "
     id="polygon37"
     style="fill:#006498" /><path
     class="fil7"
     d="m 477,479 v 2 c 0,5 -3,8 -8,8 H 231 c -5,0 -8,-3 -8,-8 v -2 c 0,4 3,8 8,8 h 238 c 5,0 8,-4 8,-8 z"
     id="path39"
     inkscape:connector-curvature="0"
     style="fill:#0ea5eb" /><path
     class="fil8"
     d="M 350,70 C 505,70 630,195 630,350 630,505 505,630 350,630 195,630 70,505 70,350 70,195 195,70 350,70 Z m 0,46 C 479,116 584,221 584,350 584,479 479,584 350,584 221,584 116,479 116,350 116,221 221,116 350,116 Z"
     id="path41"
     inkscape:connector-curvature="0"
     style="fill:#2979ff" /></g>
 </svg>
--- a/frontend/public/index.html
+++ b/frontend/public/index.html
@@ -18,9 +18,17 @@
    <meta name="robots" content="noindex,nofollow" />
-    <link rel="icon" type="image/svg+xml" href="[{[ .StaticURL ]}]/img/icons/favicon.svg" />
+    <link
      rel="icon"
      type="image/svg+xml"
      href="[{[ .StaticURL ]}]/img/icons/favicon.svg"
    />
    <link rel="shortcut icon" href="[{[ .StaticURL ]}]/img/icons/favicon.ico" />
-    <link rel="apple-touch-icon" sizes="180x180" href="[{[ .StaticURL ]}]/img/icons/apple-touch-icon.png" />
+    <link
      rel="apple-touch-icon"
      sizes="180x180"
      href="[{[ .StaticURL ]}]/img/icons/apple-touch-icon.png"
    />
    <meta name="apple-mobile-web-app-title" content="File Browser" />
    <!-- Add to home screen for Android and modern mobile browsers -->
--- a/frontend/src/api/files.ts
+++ b/frontend/src/api/files.ts
@@ -188,6 +188,27 @@ export async function checksum(url: string, algo: ChecksumAlg) {
  return (await data.json()).checksums[algo];
 }
 export async function metadata(url: string) {
  // Fetch metadata for a resource. Backend support is required for this to work.
  const res = await resourceAction(`${url}?metadata=1`, "GET");
  try {
    const data = await res.json();
    // backend returns a FileInfo object; prefer returning the audio tags map when present
    if (data && typeof data === "object" && data.tags) {
      return data.tags;
    }
    // fallback: if server returned just the tags map or other structure
    return data;
  } catch (e) {
    return null;
  }
 }
 export async function updateMetadata(url: string, content: any) {
  // Update metadata for a resource. Backend must support PATCH with action=metadata.
  return resourceAction(`${url}?action=metadata`, "PATCH", JSON.stringify(content));
 }
 export function getDownloadURL(file: ResourceItem, inline: any) {
  const params = {
    ...(inline && { inline: "true" }),
--- a/frontend/src/api/pub.ts
+++ b/frontend/src/api/pub.ts
@@ -41,12 +41,12 @@ export function download(
  let url = `${baseURL}/api/public/dl/${hash}`;
  if (files.length === 1) {
-    url += encodeURIComponent(files[0]) + "?";
+    url += files[0] + "?";
  } else {
    let arg = "";
    for (const file of files) {
-      arg += encodeURIComponent(file) + ",";
+      arg += file + ",";
    }
    arg = arg.substring(0, arg.length - 1);
--- a/frontend/src/api/search.ts
+++ b/frontend/src/api/search.ts
@@ -1,7 +1,12 @@
-import { fetchURL, removePrefix } from "./utils";
+import { fetchURL, removePrefix, StatusError } from "./utils";
 import url from "../utils/url";
-export default async function search(base: string, query: string) {
+export default async function search(
  base: string,
  query: string,
  signal: AbortSignal,
  callback: (item: ResourceItem) => void
 ) {
  base = removePrefix(base);
  query = encodeURIComponent(query);
@@ -9,19 +14,60 @@ export default async function search(base: string, query: string) {
    base += "/";
  }
-  const res = await fetchURL(`/api/search${base}?query=${query}`, {});
+  const res = await fetchURL(`/api/search${base}?query=${query}`, { signal });
  if (!res.body) {
    throw new StatusError("000 No connection", 0);
  }
  try {
    // Try streaming approach first (modern browsers)
    if (res.body && typeof res.body.pipeThrough === "function") {
      const reader = res.body.pipeThrough(new TextDecoderStream()).getReader();
      let buffer = "";
      while (true) {
        const { done, value } = await reader.read();
        if (value) {
          buffer += value;
        }
        const lines = buffer.split(/\n/);
        let lastLine = lines.pop();
        // Save incomplete last line
        if (!lastLine) {
          lastLine = "";
        }
        buffer = lastLine;
-  let data = await res.json();
+        for (const line of lines) {
-
+          if (line) {
-  data = data.map((item: UploadItem) => {
+            const item = JSON.parse(line) as ResourceItem;
-    item.url = `/files${base}` + url.encodePath(item.path);
+            item.url = `/files${base}` + url.encodePath(item.path);
-
+            if (item.isDir) {
-    if (item.dir) {
+              item.url += "/";
-      item.url += "/";
+            }
            callback(item);
          }
        }
        if (done) break;
      }
    } else {
      // Fallback for browsers without streaming support (e.g., Safari)
      const text = await res.text();
      const lines = text.split(/\n/);
      for (const line of lines) {
        if (line) {
          const item = JSON.parse(line) as ResourceItem;
          item.url = `/files${base}` + url.encodePath(item.path);
          if (item.isDir) {
            item.url += "/";
          }
          callback(item);
        }
      }
    }
-
+  } catch (e) {
-    return item;
+    // Check if the error is an intentional cancellation
-  });
+    if (e instanceof Error && e.name === "AbortError") {
-
+      throw new StatusError("000 No connection", 0, true);
-  return data;
+    }
    throw e;
  }
 }
--- a/frontend/src/api/tus.ts
+++ b/frontend/src/api/tus.ts
@@ -1,18 +1,11 @@
 import * as tus from "tus-js-client";
-import { baseURL, tusEndpoint, tusSettings } from "@/utils/constants";
+import { baseURL, tusEndpoint, tusSettings, origin } from "@/utils/constants";
 import { useAuthStore } from "@/stores/auth";
 import { useUploadStore } from "@/stores/upload";
 import { removePrefix } from "@/api/utils";
 import { fetchURL } from "./utils";
 const RETRY_BASE_DELAY = 1000;
 const RETRY_MAX_DELAY = 20000;
-const SPEED_UPDATE_INTERVAL = 1000;
+const CURRENT_UPLOAD_LIST: { [key: string]: tus.Upload } = {};
 const ALPHA = 0.2;
 const ONE_MINUS_ALPHA = 1 - ALPHA;
 const RECENT_SPEEDS_LIMIT = 5;
 const MB_DIVISOR = 1024 * 1024;
 const CURRENT_UPLOAD_LIST: CurrentUploadList = {};
 export async function upload(
  filePath: string,
@@ -28,8 +21,6 @@ export async function upload(
  filePath = removePrefix(filePath);
  const resourcePath = `${tusEndpoint}${filePath}?override=${overwrite}`;
  await createUpload(resourcePath);
  const authStore = useAuthStore();
  // Exit early because of typescript, tus content can't be a string
@@ -38,7 +29,7 @@ export async function upload(
  }
  return new Promise<void | string>((resolve, reject) => {
    const upload = new tus.Upload(content, {
-      uploadUrl: `${baseURL}${resourcePath}`,
+      endpoint: `${origin}${baseURL}${resourcePath}`,
      chunkSize: tusSettings.chunkSize,
      retryDelays: computeRetryDelays(tusSettings),
      parallelUploads: 1,
@@ -46,63 +37,51 @@ export async function upload(
      headers: {
        "X-Auth": authStore.jwt,
      },
-      onError: function (error) {
+      onShouldRetry: function (err) {
-        if (CURRENT_UPLOAD_LIST[filePath].interval) {
+        const status = err.originalResponse
-          clearInterval(CURRENT_UPLOAD_LIST[filePath].interval);
+          ? err.originalResponse.getStatus()
          : 0;
        // Do not retry for file conflict.
        if (status === 409) {
          return false;
        }
        return true;
      },
      onError: function (error: Error | tus.DetailedError) {
        delete CURRENT_UPLOAD_LIST[filePath];
-        reject(new Error(`Upload failed: ${error.message}`));
+
        if (error.message === "Upload aborted") {
          return reject(error);
        }
        const message =
          error instanceof tus.DetailedError
            ? error.originalResponse === null
              ? "000 No connection"
              : error.originalResponse.getBody()
            : "Upload failed";
        console.error(error);
        reject(new Error(message));
      },
      onProgress: function (bytesUploaded) {
        const fileData = CURRENT_UPLOAD_LIST[filePath];
        fileData.currentBytesUploaded = bytesUploaded;
        if (!fileData.hasStarted) {
          fileData.hasStarted = true;
          fileData.lastProgressTimestamp = Date.now();
          fileData.interval = window.setInterval(() => {
            calcProgress(filePath);
          }, SPEED_UPDATE_INTERVAL);
        }
        if (typeof onupload === "function") {
          onupload({ loaded: bytesUploaded });
        }
      },
      onSuccess: function () {
        if (CURRENT_UPLOAD_LIST[filePath].interval) {
          clearInterval(CURRENT_UPLOAD_LIST[filePath].interval);
        }
        delete CURRENT_UPLOAD_LIST[filePath];
        resolve();
      },
    });
-    CURRENT_UPLOAD_LIST[filePath] = {
+    CURRENT_UPLOAD_LIST[filePath] = upload;
      upload: upload,
      recentSpeeds: [],
      initialBytesUploaded: 0,
      currentBytesUploaded: 0,
      currentAverageSpeed: 0,
      lastProgressTimestamp: null,
      sumOfRecentSpeeds: 0,
      hasStarted: false,
      interval: undefined,
    };
    upload.start();
  });
 }
 async function createUpload(resourcePath: string) {
  const headResp = await fetchURL(resourcePath, {
    method: "POST",
  });
  if (headResp.status !== 201) {
    throw new Error(
      `Failed to create an upload: ${headResp.status} ${headResp.statusText}`
    );
  }
 }
 function computeRetryDelays(tusSettings: TusSettings): number[] | undefined {
  if (!tusSettings.retryCount || tusSettings.retryCount < 1) {
    // Disable retries altogether
@@ -130,83 +109,13 @@ function isTusSupported() {
  return tus.isSupported === true;
 }
 function computeETA(state: ETAState, speed?: number) {
  if (state.speedMbyte === 0) {
    return Infinity;
  }
  const totalSize = state.sizes.reduce(
    (acc: number, size: number) => acc + size,
    0
  );
  const uploadedSize = state.progress.reduce(
    (acc: number, progress: Progress) => {
      if (typeof progress === "number") {
        return acc + progress;
      }
      return acc;
    },
    0
  );
  const remainingSize = totalSize - uploadedSize;
  const speedBytesPerSecond = (speed ?? state.speedMbyte) * 1024 * 1024;
  return remainingSize / speedBytesPerSecond;
 }
 function computeGlobalSpeedAndETA() {
  const uploadStore = useUploadStore();
  let totalSpeed = 0;
  let totalCount = 0;
  for (const filePath in CURRENT_UPLOAD_LIST) {
    totalSpeed += CURRENT_UPLOAD_LIST[filePath].currentAverageSpeed;
    totalCount++;
  }
  if (totalCount === 0) return { speed: 0, eta: Infinity };
  const averageSpeed = totalSpeed / totalCount;
  const averageETA = computeETA(uploadStore, averageSpeed);
  return { speed: averageSpeed, eta: averageETA };
 }
 function calcProgress(filePath: string) {
  const uploadStore = useUploadStore();
  const fileData = CURRENT_UPLOAD_LIST[filePath];
  const elapsedTime =
    (Date.now() - (fileData.lastProgressTimestamp ?? 0)) / 1000;
  const bytesSinceLastUpdate =
    fileData.currentBytesUploaded - fileData.initialBytesUploaded;
  const currentSpeed = bytesSinceLastUpdate / MB_DIVISOR / elapsedTime;
  if (fileData.recentSpeeds.length >= RECENT_SPEEDS_LIMIT) {
    fileData.sumOfRecentSpeeds -= fileData.recentSpeeds.shift() ?? 0;
  }
  fileData.recentSpeeds.push(currentSpeed);
  fileData.sumOfRecentSpeeds += currentSpeed;
  const avgRecentSpeed =
    fileData.sumOfRecentSpeeds / fileData.recentSpeeds.length;
  fileData.currentAverageSpeed =
    ALPHA * avgRecentSpeed + ONE_MINUS_ALPHA * fileData.currentAverageSpeed;
  const { speed, eta } = computeGlobalSpeedAndETA();
  uploadStore.setUploadSpeed(speed);
  uploadStore.setETA(eta);
  fileData.initialBytesUploaded = fileData.currentBytesUploaded;
  fileData.lastProgressTimestamp = Date.now();
 }
 export function abortAllUploads() {
  for (const filePath in CURRENT_UPLOAD_LIST) {
-    if (CURRENT_UPLOAD_LIST[filePath].interval) {
+    if (CURRENT_UPLOAD_LIST[filePath]) {
-      clearInterval(CURRENT_UPLOAD_LIST[filePath].interval);
+      CURRENT_UPLOAD_LIST[filePath].abort(true);
-    }
+      CURRENT_UPLOAD_LIST[filePath].options!.onError!(
-    if (CURRENT_UPLOAD_LIST[filePath].upload) {
+        new Error("Upload aborted")
-      CURRENT_UPLOAD_LIST[filePath].upload.abort(true);
+      );
    }
    delete CURRENT_UPLOAD_LIST[filePath];
  }
--- a/frontend/src/api/users.ts
+++ b/frontend/src/api/users.ts
@@ -8,12 +8,13 @@ export async function get(id: number) {
  return fetchJSON<IUser>(`/api/users/${id}`, {});
 }
-export async function create(user: IUser) {
+export async function create(user: IUser, currentPassword: string) {
  const res = await fetchURL(`/api/users`, {
    method: "POST",
    body: JSON.stringify({
      what: "user",
      which: [],
      current_password: currentPassword,
      data: user,
    }),
  });
@@ -25,19 +26,30 @@ export async function create(user: IUser) {
  throw new StatusError(await res.text(), res.status);
 }
-export async function update(user: Partial<IUser>, which = ["all"]) {
+export async function update(
  user: Partial<IUser>,
  which = ["all"],
  currentPassword: string | null = null
 ) {
  await fetchURL(`/api/users/${user.id}`, {
    method: "PUT",
    body: JSON.stringify({
      what: "user",
      which: which,
      ...(currentPassword != null ? { current_password: currentPassword } : {}),
      data: user,
    }),
  });
 }
-export async function remove(id: number) {
+export async function remove(
  id: number,
  currentPassword: string | null = null
 ) {
  await fetchURL(`/api/users/${id}`, {
    method: "DELETE",
    body: JSON.stringify({
      ...(currentPassword != null ? { current_password: currentPassword } : {}),
    }),
  });
 }
--- a/frontend/src/api/utils.ts
+++ b/frontend/src/api/utils.ts
@@ -91,3 +91,21 @@ export function createURL(endpoint: string, searchParams = {}): string {
  return url.toString();
 }
 export function setSafeTimeout(callback: () => void, delay: number): number {
  const MAX_DELAY = 86_400_000;
  let remaining = delay;
  function scheduleNext(): number {
    if (remaining <= MAX_DELAY) {
      return window.setTimeout(callback, remaining);
    } else {
      return window.setTimeout(() => {
        remaining -= MAX_DELAY;
        scheduleNext();
      }, MAX_DELAY);
    }
  }
  return scheduleNext();
 }
--- a/frontend/src/components/ContextMenu.vue
+++ b/frontend/src/components/ContextMenu.vue
@@ -0,0 +1,47 @@
 <template>
  <div
    class="context-menu"
    ref="contextMenu"
    v-show="show"
    :style="{
      top: `${props.pos.y}px`,
      left: `${left}px`,
    }"
  >
    <slot />
  </div>
 </template>
 <script setup lang="ts">
 import { ref, watch, computed, onUnmounted } from "vue";
 const emit = defineEmits(["hide"]);
 const props = defineProps<{ show: boolean; pos: { x: number; y: number } }>();
 const contextMenu = ref<HTMLElement | null>(null);
 const left = computed(() => {
  return Math.min(
    props.pos.x,
    window.innerWidth - (contextMenu.value?.clientWidth ?? 0)
  );
 });
 const hideContextMenu = () => {
  emit("hide");
 };
 watch(
  () => props.show,
  (val) => {
    if (val) {
      document.addEventListener("click", hideContextMenu);
    } else {
      document.removeEventListener("click", hideContextMenu);
    }
  }
 );
 onUnmounted(() => {
  document.removeEventListener("click", hideContextMenu);
 });
 </script>
--- a/frontend/src/components/ProgressBar.vue
+++ b/frontend/src/components/ProgressBar.vue
@@ -192,7 +192,8 @@ export default {
        style["position"] = "absolute";
        style["top"] = "0";
        style["height"] = "100%";
-        (style["min-height"] = this.size_px + "px"), (style["z-index"] = "-1");
+        ((style["min-height"] = this.size_px + "px"),
          (style["z-index"] = "-1"));
      }
      return style;
--- a/frontend/src/components/Search.vue
+++ b/frontend/src/components/Search.vue
@@ -5,10 +5,11 @@
        v-if="active"
        class="action"
        @click="close"
-        :aria-label="$t('buttons.close')"
+        :aria-label="closeButtonTitle"
-        :title="$t('buttons.close')"
+        :title="closeButtonTitle"
      >
-        <i class="material-icons">arrow_back</i>
+        <i v-if="ongoing" class="material-icons">stop_circle</i>
        <i v-else class="material-icons">arrow_back</i>
      </button>
      <i v-else class="material-icons">search</i>
      <input
@@ -21,6 +22,15 @@
        :aria-label="$t('search.search')"
        :placeholder="$t('search.search')"
      />
      <i
        v-show="ongoing"
        class="material-icons spin"
        style="display: inline-block"
        >autorenew
      </i>
      <span style="margin-top: 5px" v-show="results.length > 0">
        {{ results.length }}
      </span>
    </div>
    <div id="result" ref="result">
@@ -57,9 +67,6 @@
          </li>
        </ul>
      </div>
      <p id="renew">
        <i class="material-icons spin">autorenew</i>
      </p>
    </div>
  </div>
 </template>
@@ -70,10 +77,11 @@ import { useLayoutStore } from "@/stores/layout";
 import url from "@/utils/url";
 import { search } from "@/api";
-import { computed, inject, onMounted, ref, watch } from "vue";
+import { computed, inject, onMounted, ref, watch, onUnmounted } from "vue";
 import { useI18n } from "vue-i18n";
 import { useRoute } from "vue-router";
 import { storeToRefs } from "pinia";
 import { StatusError } from "@/api/utils";
 const boxes = {
  image: { label: "images", icon: "insert_photo" },
@@ -84,6 +92,7 @@ const boxes = {
 const layoutStore = useLayoutStore();
 const fileStore = useFileStore();
 let searchAbortController = new AbortController();
 const { currentPromptName } = storeToRefs(layoutStore);
@@ -124,9 +133,7 @@ watch(currentPromptName, (newVal, oldVal) => {
 });
 watch(prompt, () => {
-  if (results.value.length) {
+  reset();
    reset();
  }
 });
 // ...mapState(useFileStore, ["isListing"]),
@@ -149,6 +156,10 @@ const filteredResults = computed(() => {
  return results.value.slice(0, resultsCount.value);
 });
 const closeButtonTitle = computed(() => {
  return ongoing.value ? t("buttons.stopSearch") : t("buttons.close");
 });
 onMounted(() => {
  if (result.value === null) {
    return;
@@ -164,14 +175,23 @@ onMounted(() => {
  });
 });
 onUnmounted(() => {
  abortLastSearch();
 });
 const open = () => {
  !active.value && layoutStore.showHover("search");
 };
 const close = (event: Event) => {
-  event.stopPropagation();
+  if (ongoing.value) {
-  event.preventDefault();
+    abortLastSearch();
-  layoutStore.closeHovers();
+    ongoing.value = false;
  } else {
    event.stopPropagation();
    event.preventDefault();
    layoutStore.closeHovers();
  }
 };
 const keyup = (event: KeyboardEvent) => {
@@ -188,11 +208,16 @@ const init = (string: string) => {
 };
 const reset = () => {
  abortLastSearch();
  ongoing.value = false;
  resultsCount.value = 50;
  results.value = [];
 };
 const abortLastSearch = () => {
  searchAbortController.abort();
 };
 const submit = async (event: Event) => {
  event.preventDefault();
@@ -208,8 +233,16 @@ const submit = async (event: Event) => {
  ongoing.value = true;
  try {
-    results.value = await search(path, prompt.value);
+    abortLastSearch();
    searchAbortController = new AbortController();
    results.value = [];
    await search(path, prompt.value, searchAbortController.signal, (item) =>
      results.value.push(item)
    );
  } catch (error: any) {
    if (error instanceof StatusError && error.is_canceled) {
      return;
    }
    $showError(error);
  }
--- a/frontend/src/components/Sidebar.vue
+++ b/frontend/src/components/Sidebar.vue
@@ -2,6 +2,10 @@
  <div v-show="active" @click="closeHovers" class="overlay"></div>
  <nav :class="{ active }">
    <template v-if="isLoggedIn">
      <button @click="toAccountSettings" class="action">
        <i class="material-icons">person</i>
        <span>{{ user.username }}</span>
      </button>
      <button
        class="action"
        @click="toRoot"
@@ -34,32 +38,32 @@
        </button>
      </div>
-      <div>
+      <div v-if="user.perm.admin">
        <button
          class="action"
-          @click="toSettings"
+          @click="toGlobalSettings"
          :aria-label="$t('sidebar.settings')"
          :title="$t('sidebar.settings')"
        >
          <i class="material-icons">settings_applications</i>
          <span>{{ $t("sidebar.settings") }}</span>
        </button>
        <button
          v-if="canLogout"
          @click="logout"
          class="action"
          id="logout"
          :aria-label="$t('sidebar.logout')"
          :title="$t('sidebar.logout')"
        >
          <i class="material-icons">exit_to_app</i>
          <span>{{ $t("sidebar.logout") }}</span>
        </button>
      </div>
      <button
        v-if="canLogout"
        @click="logout"
        class="action"
        id="logout"
        :aria-label="$t('sidebar.logout')"
        :title="$t('sidebar.logout')"
      >
        <i class="material-icons">exit_to_app</i>
        <span>{{ $t("sidebar.logout") }}</span>
      </button>
    </template>
    <template v-else>
      <router-link
        v-if="!hideLoginButton"
        class="action"
        to="/login"
        :aria-label="$t('sidebar.login')"
@@ -121,15 +125,16 @@ import * as auth from "@/utils/auth";
 import {
  version,
  signup,
  hideLoginButton,
  disableExternal,
  disableUsedPercentage,
  noAuth,
  logoutPage,
  loginPage,
 } from "@/utils/constants";
 import { files as api } from "@/api";
 import ProgressBar from "@/components/ProgressBar.vue";
 import prettyBytes from "pretty-bytes";
 import { StatusError } from "@/api/utils.js";
 const USAGE_DEFAULT = { used: "0 B", total: "0 B", usedPercentage: 0 };
@@ -151,10 +156,11 @@ export default {
      return this.currentPromptName === "sidebar";
    },
    signup: () => signup,
    hideLoginButton: () => hideLoginButton,
    version: () => version,
    disableExternal: () => disableExternal,
    disableUsedPercentage: () => disableUsedPercentage,
-    canLogout: () => !noAuth && loginPage,
+    canLogout: () => !noAuth && (loginPage || logoutPage !== "/login"),
  },
  methods: {
    ...mapActions(useLayoutStore, ["closeHovers", "showHover"]),
@@ -178,20 +184,20 @@ export default {
          total: prettyBytes(usage.total, { binary: true }),
          usedPercentage: Math.round((usage.used / usage.total) * 100),
        };
-      } catch (error) {
+      } finally {
-        if (error instanceof StatusError && error.is_canceled) {
+        return Object.assign(this.usage, usageStats);
          return;
        }
        this.$showError(error);
      }
      return Object.assign(this.usage, usageStats);
    },
    toRoot() {
      this.$router.push({ path: "/files" });
      this.closeHovers();
    },
-    toSettings() {
+    toAccountSettings() {
-      this.$router.push({ path: "/settings" });
+      this.$router.push({ path: "/settings/profile" });
      this.closeHovers();
    },
    toGlobalSettings() {
      this.$router.push({ path: "/settings/global" });
      this.closeHovers();
    },
    help() {
--- a/frontend/src/components/files/CsvViewer.vue
+++ b/frontend/src/components/files/CsvViewer.vue
@@ -0,0 +1,252 @@
 <template>
  <div class="csv-viewer">
    <div v-if="displayError" class="csv-error">
      <i class="material-icons">error</i>
      <p>{{ displayError }}</p>
    </div>
    <div v-else-if="data.headers.length === 0" class="csv-empty">
      <i class="material-icons">description</i>
      <p>{{ $t("files.lonely") }}</p>
    </div>
    <div v-else class="csv-table-container" @wheel.stop @touchmove.stop>
      <table class="csv-table">
        <thead>
          <tr>
            <th v-for="(header, index) in data.headers" :key="index">
              {{ header || `Column ${index + 1}` }}
            </th>
          </tr>
        </thead>
        <tbody>
          <tr v-for="(row, rowIndex) in data.rows" :key="rowIndex">
            <td v-for="(cell, cellIndex) in row" :key="cellIndex">
              {{ cell }}
            </td>
          </tr>
        </tbody>
      </table>
      <div class="csv-footer">
        <div class="csv-info" v-if="data.rows.length > 100">
          <i class="material-icons">info</i>
          <span>
            {{ $t("files.showingRows", { count: data.rows.length }) }}</span
          >
        </div>
        <div class="column-separator">
          <label for="columnSeparator">{{ $t("files.columnSeparator") }}</label>
          <select
            id="columnSeparator"
            class="input input--block"
            v-model="columnSeparator"
          >
            <option :value="[',']">
              {{ $t("files.csvSeparators.comma") }}
            </option>
            <option :value="[';']">
              {{ $t("files.csvSeparators.semicolon") }}
            </option>
            <option :value="[',', ';']">
              {{ $t("files.csvSeparators.both") }}
            </option>
          </select>
        </div>
      </div>
    </div>
  </div>
 </template>
 <script setup lang="ts">
 import { parseCSV, type CsvData } from "@/utils/csv";
 import { computed, ref } from "vue";
 interface Props {
  content: string;
  error?: string;
 }
 const props = withDefaults(defineProps<Props>(), {
  error: "",
 });
 const columnSeparator = ref([","]);
 const data = computed<CsvData>(() => {
  try {
    return parseCSV(props.content, columnSeparator.value);
  } catch (e) {
    console.error("Failed to parse CSV:", e);
    return { headers: [], rows: [] };
  }
 });
 const displayError = computed(() => {
  // External error takes priority (e.g., file too large)
  if (props.error) {
    return props.error;
  }
  // Check for parse errors
  if (
    props.content &&
    props.content.trim().length > 0 &&
    data.value.headers.length === 0
  ) {
    return "Failed to parse CSV file";
  }
  return null;
 });
 </script>
 <style scoped>
 .csv-viewer {
  width: 100%;
  height: 100%;
  display: flex;
  flex-direction: column;
  background-color: var(--surfacePrimary);
  color: var(--textSecondary);
  padding: 1rem;
  padding-top: 4em;
  box-sizing: border-box;
 }
 .csv-error,
 .csv-empty {
  display: flex;
  flex-direction: column;
  align-items: center;
  justify-content: center;
  height: 100%;
  gap: 1rem;
  color: var(--textPrimary);
 }
 .csv-error i,
 .csv-empty i {
  font-size: 4rem;
  opacity: 0.5;
 }
 .csv-error p,
 .csv-empty p {
  font-size: 1.1rem;
  margin: 0;
 }
 .csv-table-container {
  flex: 1;
  overflow: auto;
  background-color: var(--surfacePrimary);
  border-radius: 4px;
  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
 }
 /* Scrollbar styling for better visibility */
 .csv-table-container::-webkit-scrollbar {
  width: 12px;
  height: 12px;
 }
 .csv-table-container::-webkit-scrollbar-track {
  background: var(--background);
  border-radius: 4px;
 }
 .csv-table-container::-webkit-scrollbar-thumb {
  background: var(--borderSecondary);
  border-radius: 4px;
 }
 .csv-table-container::-webkit-scrollbar-thumb:hover {
  background: var(--textPrimary);
 }
 .csv-table {
  width: 100%;
  border-collapse: collapse;
  font-size: 0.875rem;
  background-color: var(--surfacePrimary);
 }
 .csv-table thead {
  position: sticky;
  top: 0;
  z-index: 10;
  background-color: var(--surfaceSecondary);
 }
 .csv-table th {
  padding: 0.875rem 1rem;
  text-align: left;
  font-weight: 600;
  border-bottom: 2px solid var(--borderSecondary);
  background-color: var(--surfaceSecondary);
  white-space: nowrap;
  color: var(--textSecondary);
  font-size: 0.875rem;
 }
 .csv-table td {
  padding: 0.75rem 1rem;
  text-align: left;
  border-bottom: 1px solid var(--borderPrimary);
  white-space: nowrap;
  max-width: 400px;
  overflow: hidden;
  text-overflow: ellipsis;
  color: var(--textSecondary);
 }
 .csv-table tbody tr:nth-child(even) {
  background-color: var(--background);
 }
 .csv-table tbody tr:hover {
  background-color: var(--hover);
  transition: background-color 0.15s ease;
 }
 .csv-footer {
  display: flex;
  justify-content: space-between;
  align-items: center;
  gap: 1rem;
  padding: 0.5rem;
 }
 .csv-footer > :only-child {
  margin-left: auto;
 }
 .csv-info {
  display: flex;
  align-items: center;
  gap: 0.5rem;
  padding: 0.75rem 1rem;
  margin-top: 0.5rem;
  background-color: var(--surfaceSecondary);
  border-radius: 4px;
  border-left: 3px solid var(--blue);
  color: var(--textSecondary);
  font-size: 0.875rem;
 }
 .column-separator {
  display: flex;
  align-items: center;
  gap: 0.5rem;
 }
 .column-separator > label {
  font-size: small;
  text-align: end;
 }
 .column-separator > select {
  margin-bottom: 0;
 }
 .csv-info i {
  font-size: 1.2rem;
  color: var(--blue);
 }
 </style>
--- a/frontend/src/components/files/ExtendedImage.vue
+++ b/frontend/src/components/files/ExtendedImage.vue
@@ -172,7 +172,8 @@ const setCenter = () => {
  imgex.value.style.top = position.value.center.y + "px";
 };
-const mousedownStart = (event: Event) => {
+const mousedownStart = (event: MouseEvent) => {
  if (event.button !== 0) return;
  lastX.value = null;
  lastY.value = null;
  inDrag.value = true;
@@ -184,8 +185,10 @@ const mouseMove = (event: MouseEvent) => {
  event.preventDefault();
 };
 const mouseUp = (event: Event) => {
  if (inDrag.value) {
    event.preventDefault();
  }
  inDrag.value = false;
  event.preventDefault();
 };
 const touchStart = (event: TouchEvent) => {
  lastX.value = null;
--- a/frontend/src/components/files/ListingItem.vue
+++ b/frontend/src/components/files/ListingItem.vue
@@ -20,6 +20,7 @@
    :aria-label="name"
    :aria-selected="isSelected"
    :data-ext="getExtension(name).toLowerCase()"
    @contextmenu="contextMenu"
  >
    <div>
      <img
@@ -239,6 +240,17 @@ const itemClick = (event: Event | KeyboardEvent) => {
  else click(event);
 };
 const contextMenu = (event: MouseEvent) => {
  event.preventDefault();
  if (
    fileStore.selected.length === 0 ||
    event.ctrlKey ||
    fileStore.selected.indexOf(props.index) === -1
  ) {
    click(event);
  }
 };
 const click = (event: Event | KeyboardEvent) => {
  if (!singleClick.value && fileStore.selectedCount !== 0)
    event.preventDefault();
@@ -253,7 +265,15 @@ const click = (event: Event | KeyboardEvent) => {
  }
  if (fileStore.selected.indexOf(props.index) !== -1) {
-    fileStore.removeSelected(props.index);
+    if (
      (event as KeyboardEvent).ctrlKey ||
      (event as KeyboardEvent).metaKey ||
      fileStore.multiple
    ) {
      fileStore.removeSelected(props.index);
    } else {
      fileStore.selected = [props.index];
    }
    return;
  }
@@ -279,7 +299,6 @@ const click = (event: Event | KeyboardEvent) => {
  }
  if (
    !singleClick.value &&
    !(event as KeyboardEvent).ctrlKey &&
    !(event as KeyboardEvent).metaKey &&
    !fileStore.multiple
--- a/frontend/src/components/prompts/Copy.vue
+++ b/frontend/src/components/prompts/Copy.vue
@@ -62,6 +62,7 @@ import FileList from "./FileList.vue";
 import { files as api } from "@/api";
 import buttons from "@/utils/buttons";
 import * as upload from "@/utils/upload";
 import { removePrefix } from "@/api/utils";
 export default {
  name: "copy",
@@ -76,7 +77,7 @@ export default {
  computed: {
    ...mapState(useFileStore, ["req", "selected"]),
    ...mapState(useAuthStore, ["user"]),
-    ...mapWritableState(useFileStore, ["reload"]),
+    ...mapWritableState(useFileStore, ["reload", "preselect"]),
  },
  methods: {
    ...mapActions(useLayoutStore, ["showHover", "closeHovers"]),
@@ -100,6 +101,7 @@ export default {
          .copy(items, overwrite, rename)
          .then(() => {
            buttons.success("copy");
            this.preselect = removePrefix(items[0].to);
            if (this.$route.path === this.dest) {
              this.reload = true;
@@ -107,7 +109,8 @@ export default {
              return;
            }
-            this.$router.push({ path: this.dest });
+            if (this.user.redirectAfterCopyMove)
              this.$router.push({ path: this.dest });
          })
          .catch((e) => {
            buttons.done("copy");
--- a/frontend/src/components/prompts/CreateFilePath.vue
+++ b/frontend/src/components/prompts/CreateFilePath.vue
@@ -0,0 +1,86 @@
 <template>
  <div>
    <div class="path-container" ref="container">
      <template v-for="(item, index) in path" :key="index">
        /
        <span class="path-item">
          <span
            v-if="isDir === true || index < path.length - 1"
            class="material-icons"
            >folder
          </span>
          <span v-else class="material-icons">insert_drive_file</span>
          {{ item }}
        </span>
      </template>
    </div>
  </div>
 </template>
 <script setup lang="ts">
 import { ref, computed, watch, nextTick } from "vue";
 import { useRoute } from "vue-router";
 import { useFileStore } from "@/stores/file";
 import url from "@/utils/url";
 const fileStore = useFileStore();
 const route = useRoute();
 const props = defineProps({
  name: {
    type: String,
    required: true,
  },
  isDir: {
    type: Boolean,
    default: false,
  },
 });
 const container = ref<HTMLElement | null>(null);
 const path = computed(() => {
  let basePath = fileStore.isFiles ? route.path : url.removeLastDir(route.path);
  if (!basePath.endsWith("/")) {
    basePath += "/";
  }
  basePath += props.name;
  return basePath.split("/").filter(Boolean).splice(1);
 });
 watch(path, () => {
  nextTick(() => {
    const lastItem = container.value?.lastElementChild;
    lastItem?.scrollIntoView({ behavior: "auto", inline: "end" });
  });
 });
 </script>
 <style scoped>
 .path-container {
  display: flex;
  align-items: center;
  margin: 0.2em 0;
  gap: 0.25em;
  overflow-x: auto;
  max-width: 100%;
  scrollbar-width: none;
  opacity: 0.5;
 }
 .path-container::-webkit-scrollbar {
  display: none;
 }
 .path-item {
  display: flex;
  align-items: center;
  margin: 0.2em 0;
  gap: 0.25em;
  white-space: nowrap;
 }
 .path-item > span {
  font-size: 0.9em;
 }
 </style>
--- a/frontend/src/components/prompts/Delete.vue
+++ b/frontend/src/components/prompts/Delete.vue
@@ -48,16 +48,15 @@ export default {
      "selectedCount",
      "req",
      "selected",
      "currentPrompt",
    ]),
-    ...mapWritableState(useFileStore, ["reload"]),
+    ...mapState(useLayoutStore, ["currentPrompt"]),
    ...mapWritableState(useFileStore, ["reload", "preselect"]),
  },
  methods: {
    ...mapActions(useLayoutStore, ["closeHovers"]),
    submit: async function () {
      buttons.loading("delete");
      window.sessionStorage.setItem("modified", "true");
      try {
        if (!this.isListing) {
          await api.remove(this.$route.path);
@@ -81,6 +80,12 @@ export default {
        await Promise.all(promises);
        buttons.success("delete");
        const nearbyItem =
          this.req.items[Math.max(0, Math.min(this.selected) - 1)];
        this.preselect = nearbyItem?.path;
        this.reload = true;
      } catch (e) {
        buttons.done("delete");
--- a/frontend/src/components/prompts/DiscardEditorChanges.vue
+++ b/frontend/src/components/prompts/DiscardEditorChanges.vue
@@ -11,17 +11,26 @@
        @click="closeHovers"
        :aria-label="$t('buttons.cancel')"
        :title="$t('buttons.cancel')"
-        tabindex="2"
+        tabindex="3"
      >
        {{ $t("buttons.cancel") }}
      </button>
      <button
        class="button button--flat button--blue"
        @click="currentPrompt.saveAction"
        :aria-label="$t('buttons.saveChanges')"
        :title="$t('buttons.saveChanges')"
        tabindex="1"
      >
        {{ $t("buttons.saveChanges") }}
      </button>
      <button
        id="focus-prompt"
-        @click="submit"
+        @click="currentPrompt.confirm"
        class="button button--flat button--red"
        :aria-label="$t('buttons.discardChanges')"
        :title="$t('buttons.discardChanges')"
-        tabindex="1"
+        tabindex="2"
      >
        {{ $t("buttons.discardChanges") }}
      </button>
@@ -30,22 +39,16 @@
 </template>
 <script>
 import { mapActions } from "pinia";
 import url from "@/utils/url";
 import { useLayoutStore } from "@/stores/layout";
-import { useFileStore } from "@/stores/file";
+import { mapActions, mapState } from "pinia";
 export default {
  name: "discardEditorChanges",
  computed: {
    ...mapState(useLayoutStore, ["currentPrompt"]),
  },
  methods: {
    ...mapActions(useLayoutStore, ["closeHovers"]),
    ...mapActions(useFileStore, ["updateRequest"]),
    submit: async function () {
      this.updateRequest(null);
      const uri = url.removeLastDir(this.$route.path) + "/";
      this.$router.push({ path: uri });
    },
  },
 };
 </script>
--- a/frontend/src/components/prompts/Download.vue
+++ b/frontend/src/components/prompts/Download.vue
@@ -36,5 +36,7 @@ const formats = {
  tarxz: "tar.xz",
  tarlz4: "tar.lz4",
  tarsz: "tar.sz",
  tarbr: "tar.br",
  tarzst: "tar.zst",
 };
 </script>
--- a/frontend/src/components/prompts/FileList.vue
+++ b/frontend/src/components/prompts/FileList.vue
@@ -25,9 +25,10 @@
 </template>
 <script>
-import { mapState } from "pinia";
+import { mapState, mapActions } from "pinia";
 import { useAuthStore } from "@/stores/auth";
 import { useFileStore } from "@/stores/file";
 import { useLayoutStore } from "@/stores/layout";
 import url from "@/utils/url";
 import { files } from "@/api";
@@ -68,6 +69,7 @@ export default {
    this.abortOngoingNext();
  },
  methods: {
    ...mapActions(useLayoutStore, ["showHover"]),
    abortOngoingNext() {
      this.nextAbortController.abort();
    },
@@ -163,7 +165,7 @@ export default {
      this.$emit("update:selected", this.selected);
    },
    createDir: async function () {
-      this.$store.commit("showHover", {
+      this.showHover({
        prompt: "newDir",
        action: null,
        confirm: null,
--- a/frontend/src/components/prompts/ModifyMetadata.vue
+++ b/frontend/src/components/prompts/ModifyMetadata.vue
@@ -0,0 +1,552 @@
 <template>
  <div class="card floating metadata-card">
    <div class="card-title title-with-actions">
      <h2>{{ trans('files.metadata','Metadata') }}</h2>
      <div class="title-actions">
        <button
          type="button"
          class="button button--flat"
          @click="toggleAddField"
          :aria-label="trans('buttons.addField','Add field')"
          :title="trans('buttons.addField','Add field')"
        >
          {{ trans('buttons.addField','Add field') }}
        </button>
        <button
          type="button"
          class="button button--primary"
          @click.prevent="applyAll"
          :aria-label="trans('buttons.apply','Apply')"
          :title="trans('buttons.apply','Apply')"
        >
          {{ trans('buttons.apply','Apply') }}
        </button>
      </div>
    </div>
    <div class="card-content">
      <p v-if="selectedCount > 1">
        {{ $t('prompts.filesSelected', { count: selectedCount }) }}
      </p>
      <template v-if="selectedCount === 0">
        <p>{{ $t('prompts.noFileSelected') }}</p>
      </template>
      <template v-else>
        <div v-if="addFieldVisible" class="add-field-row">
          <div class="add-field-controls">
            <input
              v-model="addFieldKey"
              type="text"
              :placeholder="trans('prompts.newFieldName','Field name')"
            />
            <input
              v-model="addFieldValue"
              type="text"
              :placeholder="trans('prompts.newFieldValue','Value')"
            />
            <button
              type="button"
              class="button button--primary"
              @click="confirmAddField"
              :aria-label="trans('buttons.add','Add')"
              :title="trans('buttons.add','Add')"
            >
              {{ trans('buttons.add','Add') }}
            </button>
            <button
              type="button"
              class="button button--flat"
              @click="cancelAddField"
            >
              {{ trans('buttons.cancel','Cancel') }}
            </button>
          </div>
        </div>
        <div class="metadata-table-wrapper">
          <table class="metadata-table">
            <colgroup>
              <col class="col-label" />
              <col class="col-current" />
              <col class="col-new" />
            </colgroup>
            <thead>
              <tr>
                <th class="hdr-field">{{ trans('prompts.field','Field') }}</th>
                <th class="hdr-current">{{ trans('prompts.current','Current') }}</th>
                <th class="hdr-new">{{ trans('prompts.new','New') }}</th>
              </tr>
            </thead>
            <tbody>
              <tr v-for="field in fields" :key="field" class="metadata-row">
                <td class="metadata-title"><strong>{{ fieldLabels[field] || humanize(field) }}</strong></td>
                <td class="metadata-current">
                  <template v-if="isPicture(field)">
                    <img :src="pictureSrc(field)" alt="cover" class="cover-preview" v-if="pictureSrc(field)" />
                    <span v-else class="metadata-muted">{{ trans('prompts.noCover','No cover') }}</span>
                  </template>
                  <template v-else>
                    {{ displayCurrent(field) }}
                  </template>
                </td>
                <td class="metadata-edit-cell">
                  <input
                    v-model="newValues[field]"
                    :placeholder="placeholders[field] || ''"
                    type="text"
                  />
                </td>
              </tr>
            </tbody>
          </table>
        </div>
      </template>
    </div>
    <div class="card-action">
      <button
        id="focus-prompt"
        type="button"
        @click="closeHovers"
        class="button button--flat"
        :aria-label="trans('buttons.ok','OK')"
        :title="trans('buttons.ok','OK')"
      >
        {{ trans('buttons.ok','OK') }}
      </button>
      <button
        id="apply-metadata"
        type="button"
        @click.prevent="applyAll"
        class="button button--primary"
        :aria-label="trans('buttons.apply','Apply')"
        :title="trans('buttons.apply','Apply')"
      >
        {{ trans('buttons.apply','Apply') }}
      </button>
    </div>
  </div>
 </template>
 <script>
 import { mapActions, mapState } from "pinia";
 import { useFileStore } from "@/stores/file";
 import { useLayoutStore } from "@/stores/layout";
 import { metadata as apiMetadata, updateMetadata } from "@/api/files";
 export default {
  name: "modifyMetadata",
  inject: ["$showError"],
    data() {
      return {
        // fields will be derived dynamically from metadata across selected files
        fields: [],
        fieldLabels: {},
        placeholders: {},
        metadataList: [],
        newValues: {},
        // add field UI state
        addFieldVisible: false,
        addFieldKey: "",
        addFieldValue: "",
      };
    },
  computed: {
    ...mapState(useFileStore, ["req", "selected", "selectedCount"]),
  },
  methods: {
    ...mapActions(useLayoutStore, ["closeHovers"]),
    async mountedFetch() {
      if (!this.req) return;
      const files = this.selected.map((i) => this.req.items[i].url);
      // Fetch metadata for each selected file if possible
      try {
        const promises = files.map((u) => apiMetadata(u));
        this.metadataList = (await Promise.all(promises)).map((m) => m || {});
      } catch (e) {
        this.metadataList = [];
      }
      // Build union of fields
      const keys = new Set();
      this.metadataList.forEach((m) => {
        Object.keys(m).forEach((k) => keys.add(k));
      });
      // Ensure stable ordering: put common fields first
      const preferred = ["title", "artist", "album", "track", "genre", "date", "comment", "disc", "composer", "year", "albumartist", "picture", "cover"];
      const rest = Array.from(keys).filter((k) => !preferred.includes(k)).sort();
      this.fields = preferred.filter((k) => keys.has(k)).concat(rest);
      // Setup field labels (use translation when available, otherwise humanize)
      this.fields.forEach((f) => {
        this.fieldLabels[f] = this.trans(`prompts.${f}`, this.humanize(f));
        this.newValues[f] = "";
      });
    },
    toggleAddField() {
      this.addFieldVisible = !this.addFieldVisible;
      if (this.addFieldVisible) {
        this.addFieldKey = "";
        this.addFieldValue = "";
      }
    },
    cancelAddField() {
      this.addFieldVisible = false;
      this.addFieldKey = "";
      this.addFieldValue = "";
    },
    confirmAddField() {
      const key = String(this.addFieldKey || "").trim();
      const val = String(this.addFieldValue || "").trim();
      if (!key) return;
      // If field doesn't exist yet, add it to the top for visibility
      if (!this.fields.includes(key)) {
        this.fields.unshift(key);
        this.fieldLabels[key] = this.trans(`prompts.${key}`, this.humanize(key));
      }
      // Initialize newValues entry and set initial value if provided
      if (!(key in this.newValues)) this.newValues[key] = "";
      if (val !== "") this.newValues[key] = val;
      this.cancelAddField();
    },
    displayCurrent(field) {
      if (!this.metadataList || this.metadataList.length === 0) return "";
      const vals = this.metadataList.map((m) => {
        const v = m[field];
        if (v === undefined || v === null) return "";
        if (typeof v === "object") return JSON.stringify(v);
        return String(v);
      });
  const nonEmpty = vals.filter((v) => v !== "");
      if (nonEmpty.length === 0) return "";
      const allEqual = nonEmpty.every((v) => v === nonEmpty[0]);
      if (allEqual) return nonEmpty[0];
      // Count how many distinct values
      const distinct = new Set(nonEmpty);
      // If fields are objects (e.g., picture) avoid returning huge JSON blobs.
      // Prefer a short summary.
      const sample = nonEmpty[0];
      if (typeof sample === 'string') {
        return this.trans('prompts.multipleValuesCount', `(different on ${distinct.size} files)`).replace('{count}', String(distinct.size));
      }
      try {
        const s = JSON.stringify(sample);
        return s.length > 200 ? s.slice(0, 200) + '…' : s;
      } catch (e) {
        return this.trans('prompts.multipleValuesCount', `(different on ${distinct.size} files)`).replace('{count}', String(distinct.size));
      }
    },
    isPicture(field) {
      if (!this.metadataList || this.metadataList.length === 0) return false;
      for (const m of this.metadataList) {
        const v = m[field];
        if (v && typeof v === 'object') {
          if (v.data && typeof v.data === 'string') return true;
          if (v.picture && v.picture.data) return true;
        }
      }
      return false;
    },
    pictureSrc(field) {
      if (!this.metadataList) return null;
      for (const m of this.metadataList) {
        const v = m[field];
        if (v && typeof v === 'object') {
          if (v.data && typeof v.data === 'string') return v.data;
          if (v.picture && v.picture.data) return v.picture.data;
          // sometimes library stores a raw buffer as base64 directly in 'data'
        }
      }
      return null;
    },
    trans(key, fallback) {
      // Fallback to a human readable string if translation key is missing
      try {
        if (this.$te && this.$te(key)) return this.$t(key);
      } catch (e) {
        // ignore
      }
      return fallback;
    },
    humanize(str) {
      if (!str) return str;
      // replace camelCase / snake_case / dots with spaces and capitalize
      const s = String(str)
        .replace(/([a-z0-9])([A-Z])/g, "$1 $2")
        .replace(/[_\.\-]+/g, " ");
      return s.charAt(0).toUpperCase() + s.slice(1);
    },
    async applyAll() {
      if (!this.req) return;
      // collect changed fields
      const changes = {};
      Object.keys(this.newValues).forEach((k) => {
        const v = this.newValues[k];
        if (v !== undefined && v !== null && String(v).trim() !== "") {
          changes[k] = v;
        }
      });
      if (Object.keys(changes).length === 0) {
        // nothing to do
        return;
      }
      const files = this.selected.map((i) => this.req.items[i].url);
      try {
        // apply changes to each file
        await Promise.all(
          files.map((u) => updateMetadata(u, changes))
        );
        // refresh listing
        const fileStore = useFileStore();
        fileStore.reload = true;
        this.closeHovers();
      } catch (e) {
        this.$showError(e);
      }
    },
    // per-field apply removed in favor of global applyAll
  },
  mounted() {
    this.mountedFetch();
  },
 };
 </script>
 <style scoped>
 .metadata-card {
  max-height: calc(100vh - 120px);
  display: flex;
  flex-direction: column;
  box-sizing: border-box;
  /* prefer a wider layout on large screens but stay responsive */
  /* increase target width to give more horizontal space */
  width: min(1400px, 98vw);
  max-width: 98vw;
  min-width: 680px;
  border-radius: 12px;
  box-shadow: 0 8px 24px rgba(0,0,0,0.08);
 }
 .title-with-actions {
  display: flex;
  align-items: center;
  justify-content: space-between;
  gap: 0.5rem;
 }
 .title-actions {
  display: flex;
  align-items: center;
  gap: 0.5rem;
 }
 .add-field-row {
  padding: 0 1rem 0.5rem 1rem;
 }
 .add-field-controls {
  display: flex;
  gap: 0.5rem;
 }
 .add-field-controls input {
  flex: 1 1 auto;
 }
 /* Override global small max-width for floating cards for this metadata modal */
 .card.floating.metadata-card {
  /* remove the global max-width:25em constraint */
  max-width: none !important;
  width: min(1400px, 98vw) !important;
  left: 50% !important;
  transform: translate(-50%, -50%) !important;
 }
 .metadata-field {
  margin-bottom: 1rem;
 }
 .metadata-title {
  margin: 0.25rem 0;
 }
 .metadata-current {
  color: var(--color-muted, #666);
  margin: 0.25rem 0 0.5rem 0;
 }
 .metadata-edit {
  display: flex;
  gap: 0.5rem;
 }
 .metadata-edit input {
  flex: 1 1 auto;
 }
 .metadata-table-wrapper {
  overflow-x: auto;
  width: 100%;
  padding: 0 1rem; /* add horizontal padding so left column isn't flush to modal edge */
 }
 .metadata-table {
  border-collapse: separate;
  width: auto; /* allow table to size to content */
  /* allow a comfortable minimum width for readable columns on very large screens
     but let it shrink responsively in smaller viewports */
  min-width: 0;
  max-width: 100%;
  table-layout: auto;
  border-spacing: 0;
  border: 1px solid rgba(0,0,0,0.08);
  border-radius: 10px;
  overflow: hidden;
 }
 .metadata-table td, .metadata-table th { word-break: break-word; }
 .metadata-table th,
 .metadata-table td {
  border: none;
  padding: 0.75rem;
  text-align: left;
  vertical-align: top;
 }
 /* Header styling: subtle background and divider */
 .metadata-table thead {
  background: rgba(0,0,0,0.04);
 }
 .metadata-table thead th {
  border-bottom: 1px solid rgba(0,0,0,0.08);
 }
 /* extra left padding for the first column so labels don't touch the modal edge */
 .metadata-table td:first-child,
 .metadata-table th:first-child,
 .metadata-title {
  padding-left: 1rem;
 }
 /* Use CSS Grid per row so columns adapt to content without one taking all space */
 .metadata-table thead tr,
 .metadata-table tbody tr {
  display: grid;
  /* Fix column widths to prevent jitter when a cell contains very long content.
     First column (labels) is fixed; current/new columns are flexible with a comfortable minimum. */
  grid-template-columns: 220px minmax(280px, 1fr) minmax(280px, 1fr);
  gap: 1rem;
  align-items: start;
 }
 .metadata-table thead tr {
  border-bottom: none;
 }
 .metadata-table thead th,
 .metadata-table tbody td {
  display: block; /* make cells behave as grid items */
 }
 .metadata-table thead th { font-weight: 600; }
 /* column sizing helpers */
 .metadata-table .col-label { width: 1%; }
 .metadata-table .col-current { width: auto; }
 .metadata-table .col-new { width: auto; }
 .metadata-edit-cell input {
  width: 100%;
  box-sizing: border-box;
  border-radius: 8px;
  border: 1px solid rgba(0,0,0,0.12);
  padding: 0.5rem 0.6rem;
 }
 /* Ensure long labels wrap inside the first column without expanding it */
 .metadata-title strong {
  display: block;
  word-break: break-word;
  overflow-wrap: anywhere;
 }
 /* Row aesthetics: zebra striping and hover */
 .metadata-table tbody tr {
  border-top: 1px solid rgba(0,0,0,0.06);
  border-bottom: 1px solid rgba(0,0,0,0.06);
 }
 .metadata-table tbody tr:nth-child(odd) {
  background: rgba(0,0,0,0.02);
 }
 .metadata-table tbody tr:hover {
  background: rgba(0,0,0,0.04);
 }
 /* Subtle vertical separators between columns */
 .metadata-table tbody td:not(:last-child) {
  border-right: 1px solid rgba(0,0,0,0.06);
 }
 /* On small screens, stack rows to improve readability */
@media (max-width: 640px) {
  .metadata-table {
    min-width: 0;
  }
  .metadata-table thead {
    display: none;
  }
  .metadata-table tr {
    display: block;
    margin-bottom: 0.75rem;
    border: 1px solid rgba(0,0,0,0.08);
    padding: 0.75rem;
    border-radius: 10px;
    box-shadow: 0 2px 8px rgba(0,0,0,0.06);
  }
  .metadata-table td {
    display: block;
    width: 100%;
    padding: 0.25rem 0;
  }
  .metadata-title {
    font-weight: 600;
  }
 }
 /* On medium screens allow a comfortable min width; on very large screens keep roomy layout */
@media (min-width: 1200px) {
  .metadata-table {
    min-width: 100ch;
  }
 }
 /* Make sure table cells wrap content and images don't overflow */
 .metadata-table td, .metadata-table th {
  overflow-wrap: anywhere;
  word-break: break-word;
  hyphens: auto;
 }
 .metadata-table img {
  max-width: 100%;
  height: auto;
  display: block;
 }
 .cover-preview {
  max-width: 160px;
  max-height: 160px;
  object-fit: contain;
  border-radius: 8px;
  box-shadow: 0 2px 10px rgba(0,0,0,0.12);
 }
 .metadata-muted { color: var(--color-muted, #666); font-size: 0.9em; }
 .metadata-current-row td {
  color: var(--color-muted, #666);
 }
 .metadata-edit-row td {
  background: rgba(0,0,0,0.02);
 }
 </style>
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1 @@`
							<svg xmlns="http://www.w3.org/2000/svg" width="700" height="700" shape-rendering="geometricPrecision" text-rendering="geometricPrecision" image-rendering="optimizeQuality" fill-rule="evenodd" clip-rule="evenodd"><defs><style>.prefix__fil1{fill:#fefefe}.prefix__fil6{fill:#006498}.prefix__fil5{fill:#bdeaff}</style></defs><g id="prefix__Layer_x0020_1"><path d="M80 0h540c44 0 80 36 80 80v540c0 44-36 80-80 80H80c-44 0-80-36-80-80V80C0 36 36 0 80 0z" fill="#455a64"/><path class="prefix__fil1" d="M350 71c154 0 279 125 279 279S504 629 350 629 71 504 71 350 196 71 350 71z"/><path d="M475 236l118 151c3 116-149 252-292 198l-76-99 114-156s138-95 136-94z" fill="#332c2b" fill-opacity=".149"/><path d="M231 211h208l38 24v246c0 5-3 8-8 8H231c-5 0-8-3-8-8V219c0-5 3-8 8-8z" fill="#2bbcff"/><path d="M231 211h208l38 24v2l-37-23H231c-4 0-7 3-7 7v263c-1-1-1-2-1-3V219c0-5 3-8 8-8z" fill="#53c6fc"/><path class="prefix__fil5" d="M305 212h113v98H305zM255 363h189c3 0 5 2 5 4v116H250V367c0-2 2-4 5-4z"/><path class="prefix__fil6" d="M250 470h199v13H250zM380 226h10c3 0 6 2 6 5v40c0 3-3 6-6 6h-10c-3 0-6-3-6-6v-40c0-3 3-5 6-5z"/><path class="prefix__fil1" d="M254 226c10 0 17 7 17 17 0 9-7 16-17 16-9 0-17-7-17-16 0-10 8-17 17-17z"/><path class="prefix__fil6" d="M267 448h165c2 0 3 1 3 3 0 1-1 3-3 3H267c-2 0-3-2-3-3 0-2 1-3 3-3zM267 415h165c2 0 3 1 3 3 0 1-1 2-3 2H267c-2 0-3-1-3-2 0-2 1-3 3-3zM267 381h165c2 0 3 2 3 3 0 2-1 3-3 3H267c-2 0-3-1-3-3 0-1 1-3 3-3z"/><path class="prefix__fil1" d="M236 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5zM463 472c3 0 5 2 5 5 0 2-2 4-5 4s-5-2-5-4c0-3 2-5 5-5z"/><path class="prefix__fil6" d="M305 212h-21v98h21z"/><path d="M477 479v2c0 5-3 8-8 8H231c-5 0-8-3-8-8v-2c0 4 3 8 8 8h238c5 0 8-4 8-8z" fill="#0ea5eb"/><path d="M350 70c155 0 280 125 280 280S505 630 350 630 70 505 70 350 195 70 350 70zm0 46c129 0 234 105 234 234S479 584 350 584 116 479 116 350s105-234 234-234z" fill="#2979ff"/></g></svg>