sftpgo

mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 06:10:54 +03:00

Author	SHA1	Message	Date
Nicola Murino	32cc426cb9	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-11-20 09:00:39 +01:00
Nicola Murino	9fa18c37f7	fix lint warning Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-11-19 19:29:04 +01:00
Nicola Murino	4230da8e7d	s3: implement multipart downloads without using the S3 Manager Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-11-19 18:53:27 +01:00
Nicola Murino	22c875c0a1	sftpd: add support for OpenPubkey SSH Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-11-19 09:16:56 +01:00
Nicola Murino	74f8539247	pre-login hook: require either a full user object or no user modification The previous behavior was a leftover from an old refactor. This change aligns the pre-login hook with the behavior of other hooks, although it may break some edge cases that relied on the previous inconsistent behavior. Fixes #2107 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-11-18 20:09:22 +01:00
dependabot[bot]	3a42c70021	Bump golangci/golangci-lint-action from 8 to 9 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8 to 9. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v8...v9) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-11-18 18:54:01 +01:00
dependabot[bot]	59bd46a227	Bump actions/upload-artifact from 4 to 5 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-27 08:55:40 +01:00
dependabot[bot]	5039a0ee31	Bump actions/download-artifact from 5 to 6 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-27 08:55:02 +01:00
Nicola Murino	973b68a383	data provider: micro-optimization skip availability check when updating the node timestamp. If the update succeeds, the data provider is healthy Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-26 09:48:47 +01:00
Nicola Murino	5ce9688780	enforce group-level password strength for users and shares Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-26 09:44:32 +01:00
Nicola Murino	accb9703d0	back to development Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-26 08:14:24 +01:00
Nicola Murino	9c42ec34e8	pkgs update Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-26 08:12:32 +01:00
Nicola Murino	29c635a9a6	update version and deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com> v2.7.0	2025-10-23 18:26:44 +02:00
Nicola Murino	e82d1bbef6	sftpgo.json: remove non-existent setting Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-16 19:40:29 +02:00
Nicola Murino	2c36077178	CI: use Go 1.25 for FreeBSD Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-16 19:39:49 +02:00
dependabot[bot]	4e91326124	Bump github/codeql-action from 3 to 4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-15 08:42:08 +02:00
Nicola Murino	317f14f869	Docker: remove git and rsync Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-15 08:41:05 +02:00
Nicola Murino	a768dac29d	jwt: increase leeway and add some tests also export a constant for the Cookie name Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-11 14:14:21 +02:00
Nicola Murino	c4bc88cd2e	Docker: update to debian 13 also update nfpm to 2.43.4 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-10 21:30:33 +02:00
Nicola Murino	90685d8ef2	fix random failure in test cases Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-10 21:30:05 +02:00
Nicola Murino	f21c3d2af2	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-09 20:46:29 +02:00
Nicola Murino	278f522e30	sftpgo.json: cleanup unsupported configuration keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-09 20:44:43 +02:00
Nicola Murino	fa70ff35c4	Add debug log to investigate intermittent test failure in CI Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-08 19:22:35 +02:00
Nicola Murino	314bb5c886	update deps and nfpm Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-08 18:51:52 +02:00
Nicola Murino	0ae2354fed	JWT: replace jwtauth/jwx with lightweight wrapper around go-jose We replaced the jwtauth and jwx libraries with a minimal custom wrapper around go-jose because we don’t need the full feature set provided by jwx. Implementing our own wrapper simplifies the codebase and improves maintainability. Moreover, go-jose depends only on the standard library, resulting in a leaner dependency that still meets all our requirements. This change also reduces the SFTPGo binary size by approximately 1MB Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-08 18:10:39 +02:00
Nicola Murino	9ca35c3555	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-04 11:42:35 +02:00
Nicola Murino	69f2c70661	CI: use windows-latest and install iscc manually Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 18:41:39 +02:00
Nicola Murino	35525e22e9	remove rsync support rsync was executed as an external command, which means we have no insight into or control over what it actually does. From a security perspective, this is far from ideal. To be clear, there's nothing inherently wrong with rsync itself. However, if we were to support it properly within SFTPGo, we would need to implement the low-level protocol internally rather than relying on launching an external process. This would ensure it works seamlessly with any storage backend, just as SFTP does, for example. We recommend using one of the many alternatives that rely on the SFTP protocol, such as rclone Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 18:15:15 +02:00
Nicola Murino	cc0ee9f43b	update nfpm to 2.43.1 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 10:03:45 +02:00
Nicola Murino	7dd5757a44	CI: use Windows-2022 for now Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 10:02:27 +02:00
Nicola Murino	3f21db14e4	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 09:36:28 +02:00
Nicola Murino	e892748ef4	system commands: recursively verify required permissions If any permission is missing at any level, return a "Permission Denied" error Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 09:36:19 +02:00
Nicola Murino	f4092b9f9e	sftpd: use VerifiedPublicKeyCallback Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-28 09:22:27 +02:00
Nicola Murino	cdaefbf04a	Fix flaky test case ensure the user filter is set on the rule so notification triggers only when expected. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-22 09:16:28 +02:00
Nicola Murino	5c3aa8278b	CI: switch to Go 1.25 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-22 09:16:23 +02:00
Nicola Murino	255ad5f6db	remove automaxprocs: no longer required with Go 1.25 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-22 09:16:14 +02:00
Nicola Murino	a469dd68a2	update theme and js deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-22 09:15:57 +02:00
Nicola Murino	29e9d95088	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-21 14:21:57 +02:00
Nicola Murino	952df50a98	remove ftpserverlib fork the correct flow is to add features to the upstream library first Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-21 14:21:53 +02:00
Nicola Murino	d2ee43585a	remove x/crypto fork Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-21 14:21:47 +02:00
dependabot[bot]	726f1fde19	Bump golang from 1.24-bookworm to 1.25-bookworm Bumps golang from 1.24-bookworm to 1.25-bookworm. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25-bookworm dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-21 14:20:25 +02:00
Nicola Murino	75a9ebcdf9	CI: remove Azure Trusted Signing action The Azure Trusted Signing certificate is expiring soon, and renewal is no longer available for individuals or organizations outside of Canada and USA. Due to this limitation, we are removing the Trusted Signing step from our CI pipeline. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-20 18:07:21 +02:00
Nicola Murino	7f03dc0fab	convert action migration: allow to import any command action EnabledCommands are initialized after the migration so allow any command, they will be denied if not allowed and this is temporary. The migration will be removed in the future Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-20 17:59:15 +02:00
Nicola Murino	52ae36f169	README: better clarify how to select the appropriate documentation Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-10 20:14:35 +02:00
Nicola Murino	7ce456edef	CI release: move Azure login closer to signing step in Windows workflow The Azure login token validity has been decreased so login just before signing Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-09 19:46:06 +02:00
Nicola Murino	b1208279b7	CI: move Azure login closer to signing step in Windows workflow Azure login tokens now appear to expire after 5 minutes. To avoid authentication issues, the login step is now performed immediately before signing the binaries. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-09 19:08:57 +02:00
Nicola Murino	0dca906351	docs: clarify sponsor/support model and how to use versioned documentation - Updated the "Sponsors" section to reflect the current open-core model - Clarified that sponsorship supports the open-source edition - Improved "Support" section to distinguish community vs. Enterprise support - Added instructions on selecting the correct documentation version Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-09 18:38:27 +02:00
dependabot[bot]	20df8ba48b	Bump actions/setup-go from 5 to 6 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-09 18:16:22 +02:00
Nicola Murino	b160090866	httpdtest: remove unused constant Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-07 18:19:45 +02:00
Nicola Murino	78d93730e0	update README and support link now that SFTPGo Enterprise is GA Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-07 18:18:55 +02:00

1 2 3 4 5 ...

2275 Commits